this patch adds the manifest proxy server to sel_ldr and the manifest

src/trusted/reverse_service/reverse_service.cc

Index: src/trusted/reverse_service/reverse_service.cc
===================================================================
--- src/trusted/reverse_service/reverse_service.cc	(revision 5616)
+++ src/trusted/reverse_service/reverse_service.cc	(working copy)
@@ -4,17 +4,21 @@
  * found in the LICENSE file.
  */
 
+#include <string.h>
+
 #include "native_client/src/trusted/reverse_service/reverse_service.h"
 
 #include "native_client/src/include/nacl_compiler_annotations.h"
 #include "native_client/src/include/nacl_scoped_ptr.h"
-
+#include "native_client/src/include/portability_io.h"
 #include "native_client/src/shared/platform/nacl_log.h"
 #include "native_client/src/shared/platform/nacl_sync.h"
 #include "native_client/src/shared/platform/nacl_sync_checked.h"
 #include "native_client/src/shared/platform/nacl_threads.h"
 #include "native_client/src/shared/srpc/nacl_srpc.h"
 
+#include "native_client/src/trusted/desc/nacl_desc_invalid.h"
+
 namespace {
 
 void Test(NaClSrpcRpc* rpc,
@@ -37,10 +41,12 @@
                 NaClSrpcClosure* done) {
   nacl::ReverseService* service = reinterpret_cast<nacl::ReverseService*>(
       rpc->channel->server_instance_data);
+
   UNREFERENCED_PARAMETER(in_args);
-  UNREFERENCED_PARAMETER(out_args);
+
   NaClLog(4, "Entered AddChannel\n");
-  out_args[0]->u.bval = service->Start();
+  service->Start();
+  out_args[0]->u.bval = 1;

[polina, 2011/06/15 00:40:29]

Start now always succeeds?

[bsy, 2011/06/15 20:03:35]

weird.  reverted.

   NaClLog(4, "Leaving AddChannel\n");
   rpc->result = NACL_SRPC_RESULT_OK;
   done->Run(done);
@@ -63,6 +69,73 @@
   done->Run(done);
 }
 
+// Manifest name service, internal APIs.
+//
+// Manifest file lookups result in read-only file descriptors with a
+// handle.  When the descriptor is closed, the service runtime must
+// inform the plugin of this using the handle, so that the File object
+// reference can be closed (thereby allowing the browser to delete or
+// otherwise garbage collect the file).  Files, being from the
+// manifest, cannot be deleted.  The manifest is also a read-only
+// object, so no new entries can be made to it.
+//
+// Read-only proxies do not require quota support per se, since we do
+// not limit read bandwidth.  Quota support is needed for storage
+// limits, though could also be used to limit write bandwidth (prevent
+// disk output saturation, limit malicious code's ability to cause
+// disk failures, especially with flash disks with limited write
+// cycles).
+
+// NACL_NAME_SERVICE_LIST list::C -- enumerate all names in the manifest

[polina, 2011/06/15 00:40:29]

NACL_MANIFEST_LIST?

[bsy, 2011/06/15 20:03:35]

Done.

+void ManifestListRpc(NaClSrpcRpc* rpc,
+                     NaClSrpcArg** in_args,
+                     NaClSrpcArg** out_args,
+                     NaClSrpcClosure* done) {
+  size_t nbytes = out_args[0]->u.count;
+  char* dest = out_args[0]->arrays.carr;

[polina, 2011/06/15 00:40:29]

It would be more readable if you used out_args directly below: my first reaction
was that you were reading from out args instead of in args by mistake.

[bsy, 2011/06/15 20:03:35]

Done.  Also eliminated nbytes.

+
+  UNREFERENCED_PARAMETER(in_args);
+  // temporary test return value. TODO(bsy) hook up to real manifest info
+  out_args[0]->u.count = SNPRINTF(dest, nbytes,
+                                  "This is a reply from the manifest reverse"
+                                  " service in the plugin.");
+  rpc->result = NACL_SRPC_RESULT_OK;
+  done->Run(done);
+}
+
+// NACL_NAME_SERVICE_LOOKUP lookup:si:ihC -- look up by string name,

[polina, 2011/06/15 00:40:29]

NACL_MANIFEST_LOOKUP?

[bsy, 2011/06/15 20:03:35]

Done.

+// resulting in a handle (if name is in the preimage), a object proxy
+// handle, and an error code.
+void ManifestLookupRpc(NaClSrpcRpc* rpc,
+                       NaClSrpcArg** in_args,
+                       NaClSrpcArg** out_args,
+                       NaClSrpcClosure* done) {
+  char* fname = in_args[0]->arrays.str;
+  int flags = in_args[0]->u.ival;
+
+  NaClLog(0, "ManifestLookupRpc: %s, %d\n", fname, flags);
+  out_args[0]->u.ival = 0;  // ok
+  out_args[1]->u.hval = (struct NaClDesc*) NaClDescInvalidMake();

[polina, 2011/06/15 00:40:29]

is this a dummy place holder for now?

[polina, 2011/06/15 00:51:05]

It would be helpful to note this here, not just the CL description.

[bsy, 2011/06/15 20:03:35]

yes

[bsy, 2011/06/15 20:03:35]

Done.

+  out_args[2]->u.count = 10;
+  strncpy(out_args[2]->arrays.carr, "123456789", 10);
+  rpc->result = NACL_SRPC_RESULT_OK;
+  done->Run(done);
+}
+
+// unref:C:i -- dereferences the file by object proxy handle.  The

[polina, 2011/06/15 00:40:29]

NACL_MANIFEST_UNREF?

[bsy, 2011/06/15 20:03:35]

Done.

+// file descriptor should have been closed.
+void ManifestUnrefRpc(NaClSrpcRpc* rpc,
+                      NaClSrpcArg** in_args,
+                      NaClSrpcArg** out_args,
+                      NaClSrpcClosure* done) {
+  char* proxy_handle = in_args[0]->arrays.carr;
+
+  NaClLog(0, "ManifestUnrefRpc: %s\n", proxy_handle);
+  out_args[0]->u.ival = 0;  // ok
+  rpc->result = NACL_SRPC_RESULT_OK;
+  done->Run(done);
+}
+
 }  // namespace
 
 namespace nacl {
@@ -187,6 +260,9 @@
   { "test:s:", Test, },
   { "revlog:s:", RevLog, },
   { "add_channel::b", AddChannel, },
+  { NACL_MANIFEST_LIST, ManifestListRpc, },

[polina, 2011/06/15 00:40:29]

why do these require constants and not others?

[bsy, 2011/06/15 20:03:35]

these are RPCs that are used by the manifest proxy code.  the others are used by
a different sub-module.  i'll make these into preproccessor symbols too and make
the corresponding changes in the relying code.

+  { NACL_MANIFEST_LOOKUP, ManifestLookupRpc, },
+  { NACL_MANIFEST_UNREF, ManifestUnrefRpc, },
   { NULL, NULL, },
 };
 
@@ -220,6 +296,7 @@
 
 
 bool ReverseService::Start() {
+  NaClLog(4, "Entered ReverseService::Start\n");
   return service_socket_->StartService(reinterpret_cast<void*>(this));
 }