What's the exactly execution flow in detail when I call a system function ?

[0x71...@gmail.com]

hi all,

 we know nacl is a sandbox, it won't allow syscall in untrusted nacl code.

for example, function 'open' in linux for creating a new file is processed by the 

service runtime. but after read some source files and view some assembly code, i still can't

see the exactly execution flow when i use 'open' in a nacl module. 

Now, in my mind, if i use 'open' in nacl module, 

1. code will try to call trampline ? 

2. the trampline code will reset ds,cs and es etc. ?

3. service_runtime will send 'open' arguments by SRPC to the hoster-process(Chrome) ?

4. hoster-process will process the 'open' request by self-defined function ?

Am i wrong on descripting the execution flow ?

Second question, what's the difference between 'sel_ldr' and 'sel_ldr_universal' ?

after compiling the src project, I got these two files but still don't know the difference.

Third question, actually i wanna one standalone sandbox based on nacl while I can do my

own wrapper on syscalls(system apis), so which interface source files should I focus on ? 

Need help, thanks !

[haly...@chromium.org]

On Wednesday, April 1, 2015 at 9:29:06 AM UTC+3, 0x71...@gmail.com wrote:

hi all,

 we know nacl is a sandbox, it won't allow syscall in untrusted nacl code.

for example, function 'open' in linux for creating a new file is processed by the 

service runtime. but after read some source files and view some assembly code, i still can't

see the exactly execution flow when i use 'open' in a nacl module. 

Now, in my mind, if i use 'open' in nacl module, 

1. code will try to call trampline ? 

2. the trampline code will reset ds,cs and es etc. ?

3. service_runtime will send 'open' arguments by SRPC to the hoster-process(Chrome) ?

4. hoster-process will process the 'open' request by self-defined function ?

Am i wrong on descripting the execution flow ?

You are close. There are two modes of execution in NaCl - sel_ldr and inside the browser.

If you are executing in sel_ldr, there are no host process, so service_runtime executes open

directly at the step 3.

If you are executing in the browser, your open call first is translated to Pepper API by

NaCl IO library (and if you don't use it, open will fail because it is not allowed). 

Then Pepper API call is serialized and passed to the renderer process using

several different syscalls which pass through sandbox boundary the same way as

open() did in sel_ldr.

-- Andrey Khalyavin

[0x71...@gmail.com]

hi Andrey, thanks for you reply. Glad to see I nearly correct on the execution flow. 

But how about the other questions ?

how can I use my own hoster to communicate with sel_ldr ?

在 2015年4月1日星期三 UTC+8下午4:04:35，haly...@chromium.org写道：