Refactored Non-SFI and SFI NaCl into separate directories.

mojo/nacl/sfi/README.md

Index: mojo/nacl/sfi/README.md
diff --git a/mojo/nacl/sfi/README.md b/mojo/nacl/sfi/README.md
new file mode 100644
index 0000000000000000000000000000000000000000..7c108c935ea1c99ea280543ca6d458e965820b15
--- /dev/null
+++ b/mojo/nacl/sfi/README.md
@@ -0,0 +1,41 @@
+About
+=====
+
+This is a prototype for plumbing Mojo into the NaCl sandbox.  It is currently
+insecure (see below), and does not support Mojo functions that return pointers
+(for example, `MojoMapBuffer`).
+
+Currently, SFI NaCl support is not being actively developed, in favor of
+non-SFI NaCl support.
+
+Using
+=====
+
+The SFI NaCl and accompanying tests should be built by default for Linux.
+The boolean indicating if they are built is "mojo_use_nacl", defined inside
+the BUILD files.
+
+This should create a "monacl_shell" executable, capable of running standalone
+SFI nexes.
+
+Additionally, it will create a content handler for SFI nexes -- any Nexe
+with the line "#!mojo mojo:nacl_content_handler" prepended to it will be
+redirected to the SFI content handler when run with the "mojo_shell".
+
+
+Notes
+=====
+
+`nacl_bindings_generator/interface.py` contains a programmatic description of
+the stable Mojo interface.  This will need to be updated as the interface
+changes.  Run `nacl_bindings_generator/generate_nacl_bindings.py` to generate
+the bindings that plumb this interface into the NaCl sandbox.
+
+Security TODO
+=============
+
+* Validate and copy option structures.
+* Protect untrusted buffers passed into Mojo:
+  * `NaClVmIoWillStart/HasEnded`.
+  * volatile accesses to untrusted memory (untrusted code could race).
+* Overflow checking in array bounds validation.