• Home
Name Date Size #Lines LOC

..--

generator/03-May-2024-724514

DEPSD03-May-2024136 65

READMED03-May-20241.1 KiB2420

mojo_syscall.hD03-May-2024310 114

mojo_syscall_internal.hD03-May-20243.6 KiB151131

monacl_sel_main.ccD03-May-20241.4 KiB5335

monacl_sel_main.hD03-May-2024430 167

monacl_shell.ccD03-May-2024775 2917

README

1This is a prototype for plumbing Mojo into the NaCl sandbox.  It is
2currently insecure (see below), does not provide a stable ABI (IRT
3support must be added), and does not support Mojo functions that
4return pointers (for example, MojoMapBuffer).
5
6generator/interface.py contains a programmatic description of the
7stable Mojo interface.  This will need to be updated as the interface
8changes.  Run generator/generate_nacl_bindings.py to generate the
9bindings that plumb this interface into the NaCl sandbox.
10
11To test: Build "monacl_shell" and "monacl_test".  Run monacl_shell
12with the IRT as the first argument and the monacl_test as the second
13argument.  For example, to run a Debug 32-bit Intel build:
14
15  cd out/Debug
16  ./monacl_shell irt_core_newlib_x32.nexe monacl_test_newlib_x32.nexe
17
18Security TODO list:
19  Separate trusted and untrusted Mojo handles.
20  Validate and copy option structures.
21  Protect untrusted buffers passed into Mojo:
22    NaClVmIoWillStart/HasEnded.
23    volatile accesses to untrusted memory (untrusted code could race).
24  Overflow checking in array bounds validation.