feat(xs-vat-worker): bootstrap SES shim on xsnap

 - add ses dependency
 - noop console, since xsnap no longer provides `print`
 - re-package XS ArrayBuffer.fromString() extension as
   TextEncoder.prototype.encode
 - use `xsStringBuffer()` C API rather than `String.fromArrayBuffer`
   JS API so that xsnap eval continues to work after `lockdown()`.

packages/xs-vat-worker/package.json

@@ -52,8 +52,10 @@
     "@agoric/marshal": "^0.3.0",
     "@agoric/promise-kit": "^0.2.0",
     "@agoric/swingset-vat": "^0.11.0",
+    "@agoric/xsnap": "^0.0.0",
     "anylogger": "^0.21.0",
-    "esm": "^3.2.5"
+    "esm": "^3.2.5",
+    "ses": "^0.11.0"
   },
   "keywords": [],
   "files": [

packages/xs-vat-worker/src/bootstrap.js

@@ -0,0 +1,5 @@
+import './console-shim';
+import './text-shim';
+import './lockdown-shim';
+
+harden(console);

packages/xs-vat-worker/src/console-shim.js

@@ -0,0 +1,9 @@
+const noop = _ => undefined;
+
+globalThis.console = {
+  debug: noop,
+  log: noop,
+  info: noop,
+  warn: noop,
+  error: noop,
+};

packages/xs-vat-worker/src/lockdown-shim.js

@@ -0,0 +1,5 @@
+/* global lockdown */
+
+import 'ses/lockdown';
+
+lockdown();

packages/xs-vat-worker/src/text-shim.js

@@ -0,0 +1,12 @@
+/* eslint-disable class-methods-use-this */
+
+// Save this XS extension before SES shim deletes it.
+const { fromString } = ArrayBuffer;
+
+class TextEncoder {
+  encode(s) {
+    return new Uint8Array(fromString(s));
+  }
+}
+
+globalThis.TextEncoder = TextEncoder;

packages/xs-vat-worker/test/test-boot-lockdown.js

@@ -0,0 +1,36 @@
+import test from 'ava';
+import * as childProcess from 'child_process';
+import * as os from 'os';
+import * as fs from 'fs';
+import * as path from 'path';
+import { xsnap } from '@agoric/xsnap';
+
+const dist = async name =>
+  fs.promises.readFile(path.join(__filename, '..', '..', 'dist', name));
+
+const decoder = new TextDecoder();
+
+const xsnapOptions = {
+  spawn: childProcess.spawn,
+  os: os.type(),
+};
+
+test('bootstrap to SES lockdown', async t => {
+  const bootScript = await dist('bootstrap.umd.js');
+  const messages = [];
+  async function handleCommand(message) {
+    messages.push(decoder.decode(message));
+    return new Uint8Array();
+  }
+  const name = 'SES lockdown worker';
+  const vat = xsnap({ ...xsnapOptions, handleCommand, name });
+  await vat.evaluate(bootScript);
+  t.deepEqual([], messages);
+
+  const SESinfo = '[typeof harden, typeof Compartment]';
+  const toBytes = expr =>
+    `new TextEncoder().encode(JSON.stringify(${expr})).buffer`;
+  await vat.evaluate(`issueCommand(${toBytes(SESinfo)});`);
+  await vat.close();
+  t.deepEqual(['["function","function"]'], messages);
+});

packages/xsnap/src/xsnap.c

@@ -322,19 +322,18 @@ int main(int argc, char* argv[])
 				xsBeginHost(machine);
 				{
 					xsVars(3);
-					xsVar(1) = xsArrayBuffer(nsbuf + 1, nslen - 1);
 					xsTry {
 						if (command == '?') {
+							xsVar(1) = xsArrayBuffer(nsbuf + 1, nslen - 1);
 							xsVar(2) = xsCall1(xsGlobal, xsID("handleCommand"), xsVar(1));
 							if (xsTypeOf(xsVar(2)) != xsUndefinedType) {
 								responseLength = fxGetArrayBufferLength(machine, &xsVar(2));
 								response = malloc(responseLength);
 								fxGetArrayBufferData(machine, &xsVar(2), 0, response, responseLength);
 							}
 						} else {
-							xsVar(0) = xsGet(xsGlobal, xsID("String"));
-							xsVar(2) = xsCall1(xsVar(0), xsID("fromArrayBuffer"), xsVar(1));
-							xsCall1(xsGlobal, xsID("eval"), xsVar(2));
+							xsVar(1) = xsStringBuffer(nsbuf + 1, nslen - 1);
+							xsCall1_noResult(xsGlobal, xsID("eval"), xsVar(1));
 						}
 					}
 					xsCatch {