this patch adds the manifest proxy server to sel_ldr and the manifest

src/trusted/service_runtime/sel_ldr.c

 /*
  * Copyright (c) 2011 The Native Client Authors. All rights reserved.
  * Use of this source code is governed by a BSD-style license that can be
  * found in the LICENSE file.
  */
 
 #include <string.h>
 
 /*
  * NaCl Simple/secure ELF loader (NaCl SEL).
@@ skipping 12 matching lines @@
 
 
 #include "native_client/src/trusted/desc/nacl_desc_base.h"
 #include "native_client/src/trusted/desc/nacl_desc_conn_cap.h"
 #include "native_client/src/trusted/desc/nacl_desc_imc.h"
 #include "native_client/src/trusted/desc/nacl_desc_io.h"
 #include "native_client/src/trusted/desc/nrd_xfer.h"
 
 #include "native_client/src/trusted/handle_pass/ldr_handle.h"
 
-#include "native_client/src/trusted/service_runtime/arch/sel_ldr_arch.h"
+#include "native_client/src/trusted/reverse_service/reverse_control_rpc.h"
+
 #include "native_client/src/trusted/gio/gio_nacl_desc.h"
 #include "native_client/src/trusted/gio/gio_shm.h"
+#include "native_client/src/trusted/service_runtime/arch/sel_ldr_arch.h"
 #include "native_client/src/trusted/service_runtime/include/sys/fcntl.h"
 #include "native_client/src/trusted/service_runtime/nacl_app.h"
 #include "native_client/src/trusted/service_runtime/nacl_app_thread.h"
 #include "native_client/src/trusted/service_runtime/nacl_desc_effector_ldr.h"
 #include "native_client/src/trusted/service_runtime/nacl_globals.h"
 #include "native_client/src/trusted/service_runtime/nacl_syscall_common.h"
 #include "native_client/src/trusted/service_runtime/nacl_valgrind_hooks.h"
 #include "native_client/src/trusted/service_runtime/sel_addrspace.h"
 #include "native_client/src/trusted/service_runtime/sel_ldr.h"
 #include "native_client/src/trusted/service_runtime/sel_memory.h"
@@ skipping 71 matching lines @@
   nap->dynamic_regions_allocated = 0;
   nap->dynamic_delete_generation = 0;
 
   nap->dynamic_mapcache_offset = 0;
   nap->dynamic_mapcache_size = 0;
   nap->dynamic_mapcache_ret = 0;
 
   nap->service_port = NULL;
   nap->service_address = NULL;
   nap->secure_service = NULL;
+  nap->manifest_proxy = NULL;
   nap->reverse_client = NULL;
   nap->reverse_channel_initialized = 0;
 
   if (!NaClMutexCtor(&nap->mu)) {
     goto cleanup_dynamic_load_mutex;
   }
   if (!NaClCondVarCtor(&nap->cv)) {
     goto cleanup_mu;
   }
 
   nap->vm_hole_may_exist = 0;
   nap->threads_launching = 0;
 
   nap->module_load_status = LOAD_STATUS_UNKNOWN;
   nap->module_may_start = 0;  /* only when secure_service != NULL */
 
   nap->name_service = (struct NaClNameService *) malloc(
       sizeof *nap->name_service);
   if (NULL == nap->name_service) {
     goto cleanup_cv;
   }
   if (!NaClNameServiceCtor(nap->name_service,
                            NaClAddrSpSquattingThreadIfFactoryFunction,
-                           nap)) {
+                           (void *) nap)) {
     free(nap->name_service);
     goto cleanup_cv;
   }
   nap->name_service_conn_cap = NaClDescRef(nap->name_service->
                                            base.base.bound_and_cap[1]);
   if (!NaClDefaultNameServiceInit(nap->name_service)) {
     goto cleanup_name_service;
   }
 
   nap->ignore_validator_result = 0;
@@ skipping 954 matching lines @@
   struct NaClConnectionHandler      *queue_head;
   struct NaClConnectionHandler      **queue_insert;
 };
 
 struct NaClSimpleRevClientVtbl const kNaClSecureReverseClientVtbl;
 
 
 int NaClSecureServiceCtor(struct NaClSecureService          *self,
                           struct NaClSrpcHandlerDesc const  *srpc_handlers,
                           struct NaClApp                    *nap) {
+  NaClLog(4,
+          "Entered NaClSecureServiceCtor: self 0x%"NACL_PRIxPTR"\n",
+          (uintptr_t) self);
   if (!NaClSimpleServiceWithSocketCtor(&self->base,
                                        srpc_handlers,
                                        NaClThreadInterfaceThreadFactory,
                                        (void *) NULL,
                                        nap->service_port,
                                        nap->service_address)) {
     goto failure_simple_ctor;
   }
   self->nap = nap;
 
   NACL_VTBL(NaClRefCount, self) =
       (struct NaClRefCountVtbl *) &kNaClSecureServiceVtbl;
   return 1;
  failure_simple_ctor:
   return 0;
 }
 
 void NaClSecureServiceDtor(struct NaClRefCount *vself) {
   struct NaClSecureService *self = (struct NaClSecureService *) vself;
 
   NACL_VTBL(NaClRefCount, self) = (struct NaClRefCountVtbl const *)
       &kNaClSimpleServiceVtbl;
   (*NACL_VTBL(NaClRefCount, self)->Dtor)(vself);
 }
 
-/* fwd */
-int NaClSecureReverseClientCtor(
-    struct NaClSecureReverseClient *self,
-    void                            (*client_callback)(
-        void *, struct NaClThreadInterface *, struct NaClDesc *),
-    void                            *state,
-    struct NaClApp                  *nap);
-
 /*
  * The first connection is performed by this callback handler.  This
  * spawns a client thread that will bootstrap the other connections by
  * stashing the connection represented by |conn| to make reverse RPCs
  * to ask the peer to connect to us.  No thread is spawned; we just
  * wrap access to the connection with a lock.
  *
  * Subsequent connection callbacks will pass the connection to the
  * actual thread that made the connection request using |conn|
  * received in the first connection.
  */
 static void NaClSecureReverseClientCallback(
     void                        *state,
     struct NaClThreadInterface  *tif,
-    struct NaClDesc             *conn) {
+    struct NaClDesc             *new_conn) {
   struct NaClSecureReverseClient *self =
       (struct NaClSecureReverseClient *) state;
   struct NaClApp *nap = self->nap;
 
   UNREFERENCED_PARAMETER(tif);
 
   NaClLog(4, "Entered NaClSecureReverseClientCallback\n");
 
   NaClLog(4, " self=0x%"NACL_PRIxPTR"\n", (uintptr_t) self);
   NaClLog(4, " nap=0x%"NACL_PRIxPTR"\n", (uintptr_t) nap);
   NaClXMutexLock(&nap->mu);
 
   if (nap->reverse_channel_initialized) {
     NaClLog(LOG_FATAL, "Reverse channel already initialized\n");
   }
-  if (!NaClSrpcClientCtor(&nap->reverse_channel, conn)) {
+  if (!NaClSrpcClientCtor(&nap->reverse_channel, new_conn)) {
     NaClLog(LOG_FATAL, "Reverse channel SRPC Client Ctor failed\n");
   }
   nap->reverse_channel_initialized = 1;
 
   NaClXCondVarBroadcast(&nap->cv);
   NaClXMutexUnlock(&nap->mu);
 
   NaClLog(4, "Leaving NaClSecureReverseClientCallback\n");
 }
 
+/* fwd */
+int NaClSecureReverseClientCtor(
+    struct NaClSecureReverseClient *self,
+    void                            (*client_callback)(
+        void *, struct NaClThreadInterface *, struct NaClDesc *),
+    void                            *state,
+    struct NaClApp                  *nap);
+
 static void NaClSecureReverseClientSetup(struct NaClSrpcRpc     *rpc,
                                          struct NaClSrpcArg     **in_args,
                                          struct NaClSrpcArg     **out_args,
                                          struct NaClSrpcClosure *done) {
   struct NaClApp                  *nap =
       (struct NaClApp *) rpc->channel->server_instance_data;
   struct NaClSecureReverseClient  *rev;
 
   UNREFERENCED_PARAMETER(in_args);
   NaClLog(4, "Entered NaClSecureReverseClientSetup\n");
   if (NULL != nap->reverse_client) {
     NaClLog(LOG_FATAL, "Double reverse setup RPC\n");
   }
   rev = (struct NaClSecureReverseClient *) malloc(sizeof *rev);
   if (NULL == rev) {
     rpc->result = NACL_SRPC_RESULT_APP_ERROR;
     goto done;
   }
   NaClLog(4,
           "NaClSecureReverseClientSetup: invoking"
           " NaClSecureReverseClientCtor\n");
   if (!NaClSecureReverseClientCtor(rev,
                                    NaClSecureReverseClientCallback,
                                    (void *) rev,
                                    nap)) {
     free(rev);
     rpc->result = NACL_SRPC_RESULT_APP_ERROR;
     goto done;
   }
-  nap->reverse_client = rev;
+  nap->reverse_client = (struct NaClSecureReverseClient *) NaClRefCountRef(
+      (struct NaClRefCount *) rev);
   out_args[0]->u.hval = NaClDescRef(rev->base.bound_and_cap[1]);
   rpc->result = NACL_SRPC_RESULT_OK;
 
+  /*
+   * Service thread takes the reference rev.
+   */
   if (!NaClSimpleRevClientStartServiceThread(&rev->base)) {
     NaClLog(LOG_FATAL, "Could not start reverse service thread\n");
   }
 
 done:
   (*done->Run)(done);
   NaClLog(4, "Leaving NaClSecureReverseClientSetup\n");
 }
 
 /*
@@ skipping 34 matching lines @@
  * doesn't wait for a handler, we don't need a condvar.
  *
  * We do not need to serialize on the handlers, since the
  * RPC-server/IMC-client implementation should not distinguish one
  * connection from another: it is okay for two handlers to be
  * inserted, and two connection request RPCs to be preformed
  * (sequentially, since they are over a single channel), and have the
  * server side spawn threads that asynchronously connect twice, in the
  * "incorrect" order, etc.
  */
-static
 int NaClSecureReverseClientInsertHandler(
     struct NaClSecureReverseClient *self,
-    void                            (*h)(void *,
-                                         struct NaClThreadInterface *,
-                                         struct NaClDesc *),
-    void                            *d) {
+    void                            (*handler)(
+        void                        *handlr_state,
+        struct NaClThreadInterface  *thread_if,
+        struct NaClDesc             *new_conn),
+    void                            *handler_state) {
   int retval;
 
   NaClXMutexLock(&self->mu);
-  retval = NaClSecureReverseClientInsertHandler_mu(self, h, d);
+  retval = NaClSecureReverseClientInsertHandler_mu(self,
+                                                   handler, handler_state);
   NaClXMutexUnlock(&self->mu);
   return retval;
 }
 
 static
 struct NaClConnectionHandler *NaClSecureReverseClientPopHandler(
     struct NaClSecureReverseClient *self) {
   struct NaClConnectionHandler *head;
 
   NaClLog(4, "Entered NaClSecureReverseClientPopHandler, acquiring lock\n");
@@ skipping 124 matching lines @@
 
 int NaClSecureServiceConnectionFactory(
     struct NaClSimpleService            *vself,
     struct NaClDesc                     *conn,
     struct NaClSimpleServiceConnection  **out) {
   struct NaClSecureService *self =
       (struct NaClSecureService *) vself;
 
   /* our instance_data is not connection specific */
   return NaClSimpleServiceConnectionFactoryWithInstanceData(
-      vself, conn, (void*) self->nap, out);
+      vself, conn, (void *) self->nap, out);
 }
 
 int NaClSecureServiceAcceptAndSpawnHandler(struct NaClSimpleService *vself) {
   int rv;
 
   NaClLog(4,
           "NaClSecureServiceAcceptAndSpawnHandler: invoking base class vfn\n");
   rv = (*kNaClSimpleServiceVtbl.AcceptAndSpawnHandler)(vself);
   if (0 != rv) {
     NaClLog(LOG_FATAL,
@@ skipping 27 matching lines @@
   NaClSecureServiceRpcHandler,
 };
 
 struct NaClSimpleRevClientVtbl const kNaClSecureReverseClientVtbl = {
   {
     NaClSecureReverseClientDtor,
   },
 };
 
 
-static void WINAPI ReverseTestThread(void *thread_state) {
+static void WINAPI ReverseSetupThread(void *thread_state) {
   struct NaClApp *nap = (struct NaClApp *) thread_state;
   NaClSrpcError rpc_result;
 
   /* wait for reverse connection */
-  NaClLog(1, "ReverseTestThread\n");
+  NaClLog(1, "ReverseSetupThread\n");
   NaClXMutexLock(&nap->mu);
   while (!nap->reverse_channel_initialized) {
-    NaClLog(1, "ReverseTestThread waiting\n");
+    NaClLog(1, "ReverseSetupThread waiting\n");
     NaClXCondVarWait(&nap->cv, &nap->mu);
   }
-  NaClLog(1, "ReverseTestThread initialized, making rpc\n");
+  NaClLog(1, "ReverseSetupThread initialized, making rpc\n");
   rpc_result = NaClSrpcInvokeBySignature(&nap->reverse_channel,
-                                         "test:s:", "Hello world");
+                                         NACL_REVERSE_CONTROL_TEST,
+                                         "Hello world");
   if (NACL_SRPC_RESULT_OK != rpc_result) {
     NaClLog(LOG_ERROR,
-            "ReverseTestThread, test:s: rpc_result %d\n",
+            "ReverseSetupThread, test:s: rpc_result %d\n",
             rpc_result);
   }
   NaClLog(4,
           "Hello world should be logged browser side, rpc_result %d.\n",
           rpc_result);
   rpc_result = NaClSrpcInvokeBySignature(&nap->reverse_channel,
-                                         "revlog:s:",
+                                         NACL_REVERSE_CONTROL_LOG,
                                          ("Log message that should show up"
                                           " on the JavaScript console"));
   NaClLog(4, "revlog returned %d.\n", rpc_result);
   if (NACL_SRPC_RESULT_OK != rpc_result) {
     NaClLog(LOG_ERROR,
-            "ReverseTestThread, revlog:s: rpc_result %d\n",
+            "ReverseSetupThread, revlog:s: rpc_result %d\n",
             rpc_result);
   }
   NaClXMutexUnlock(&nap->mu);
+
+  NaClThreadDtor(&nap->reverse_setup_thread);
 }
 
 
 void NaClSecureCommandChannel(struct NaClApp *nap) {
   struct NaClSecureService *secure_command_server;
 
   static struct NaClSrpcHandlerDesc const secure_handlers[] = {
     { "hard_shutdown::", NaClSecureChannelShutdownRpc, },
     { "start_module::i", NaClSecureChannelStartModuleRpc, },
     { "log:is:", NaClSecureChannelLog, },
@@ skipping 18 matching lines @@
   }
   nap->secure_service = secure_command_server;
 
   NaClLog(4, "NaClSecureCommandChannel: starting service thread\n");
   if (!NaClSimpleServiceStartServiceThread((struct NaClSimpleService *)
                                            secure_command_server)) {
     NaClLog(LOG_FATAL,
             "Could not start secure command channel service thread\n");
   }
 
-  if (1) {
-    struct NaClThread thr;
-
-    NaClThreadCtor(&thr, ReverseTestThread, nap, NACL_KERN_STACK_SIZE);
-  }
+  NaClThreadCtor(&nap->reverse_setup_thread, ReverseSetupThread, nap,
+                 NACL_KERN_STACK_SIZE);
 
   NaClLog(4, "Leaving NaClSecureCommandChannel\n");
 }
 
 
 void NaClVmHoleWaitToStartThread(struct NaClApp *nap) {
   NaClXMutexLock(&nap->mu);
 
   /* ensure no virtual memory hole may appear */
   while (nap->vm_hole_may_exist) {
@@ skipping 49 matching lines @@
   NaClSandboxMemoryStartForValgrind(mem_start);
 
 #ifdef __GNUC__
   _ovly_debug_event ();
 #endif
 }
 
 void NaClGdbHook(struct NaClApp const *nap) {
   StopForDebuggerInit(nap->mem_start);
 }