Move winprocess_sys into a new low-level hardening module

This code was in our process module, but it doesn't belong there:
process is for launching and monitoring subprocesses, not for
hardening the current process.

This change lets us have our subsystem init order more closely match
our dependency order.

.gitignore

@@ -186,6 +186,8 @@ uptime-*.json
 /src/lib/libtor-geoip-testing.a
 /src/lib/libtor-intmath.a
 /src/lib/libtor-intmath-testing.a
+/src/lib/libtor-llharden.a
+/src/lib/libtor-llharden-testing.a
 /src/lib/libtor-lock.a
 /src/lib/libtor-lock-testing.a
 /src/lib/libtor-log.a

Makefile.am

@@ -70,6 +70,7 @@ TOR_UTIL_LIBS = \
 	src/lib/libtor-wallclock.a \
 	src/lib/libtor-err.a \
 	src/lib/libtor-version.a \
+	src/lib/libtor-llharden.a \
 	src/lib/libtor-intmath.a \
 	src/lib/libtor-ctime.a
 
@@ -104,6 +105,7 @@ TOR_UTIL_TESTING_LIBS = \
 	src/lib/libtor-wallclock-testing.a \
 	src/lib/libtor-err-testing.a \
 	src/lib/libtor-version-testing.a \
+	src/lib/libtor-llharden-testing.a \
 	src/lib/libtor-intmath.a \
 	src/lib/libtor-ctime-testing.a
 endif

src/app/main/subsystem_list.c

@@ -24,7 +24,7 @@
 #include "lib/log/log_sys.h"
 #include "lib/net/network_sys.h"
 #include "lib/process/process_sys.h"
-#include "lib/process/winprocess_sys.h"
+#include "lib/llharden/winprocess_sys.h"
 #include "lib/thread/thread_sys.h"
 #include "lib/time/time_sys.h"
 #include "lib/tls/tortls_sys.h"

src/include.am

@@ -19,6 +19,7 @@ include src/lib/fs/include.am
 include src/lib/geoip/include.am
 include src/lib/include.libdonna.am
 include src/lib/intmath/include.am
+include src/lib/llharden/include.am
 include src/lib/lock/include.am
 include src/lib/log/include.am
 include src/lib/math/include.am

src/lib/llharden/.may_include

+lib/llharden/*.h
+lib/subsys/*.h
+orconfig.h

src/lib/llharden/include.am

+
+noinst_LIBRARIES += src/lib/libtor-llharden.a
+
+if UNITTESTS_ENABLED
+noinst_LIBRARIES += src/lib/libtor-llharden-testing.a
+endif
+
+# ADD_C_FILE: INSERT SOURCES HERE.
+src_lib_libtor_llharden_a_SOURCES =		\
+	src/lib/llharden/winprocess_sys.c
+
+src_lib_libtor_llharden_testing_a_SOURCES = \
+	$(src_lib_libtor_llharden_a_SOURCES)
+src_lib_libtor_llharden_testing_a_CPPFLAGS = $(AM_CPPFLAGS) $(TEST_CPPFLAGS)
+src_lib_libtor_llharden_testing_a_CFLAGS = $(AM_CFLAGS) $(TEST_CFLAGS)
+
+# ADD_C_FILE: INSERT HEADERS HERE.
+noinst_HEADERS +=				\
+	src/lib/llharden/winprocess_sys.h

src/lib/llharden/lib_llharden.md

+@dir /lib/llharden
+@brief lib/llharden: low-level unconditional process hardening
+
+This module contains process hardening code that we want to run before any
+other code, including configuration.  It needs to be self-contained, since
+nothing else will be initialized at this point.

src/lib/process/winprocess_sys.c → src/lib/llharden/winprocess_sys.c

@@ -8,7 +8,7 @@
 
 #include "orconfig.h"
 #include "lib/subsys/subsys.h"
-#include "lib/process/winprocess_sys.h"
+#include "lib/llharden/winprocess_sys.h"
 
 #include <stdbool.h>
 #include <stddef.h>

src/lib/process/include.am

@@ -16,8 +16,7 @@ src_lib_libtor_process_a_SOURCES =		\
 	src/lib/process/process_win32.c		\
 	src/lib/process/restrict.c		\
 	src/lib/process/setuid.c		\
-	src/lib/process/waitpid.c		\
-	src/lib/process/winprocess_sys.c
+	src/lib/process/waitpid.c
 
 src_lib_libtor_process_testing_a_SOURCES = \
 	$(src_lib_libtor_process_a_SOURCES)
@@ -35,5 +34,4 @@ noinst_HEADERS +=				\
 	src/lib/process/process_win32.h		\
 	src/lib/process/restrict.h		\
 	src/lib/process/setuid.h		\
-	src/lib/process/waitpid.h		\
-	src/lib/process/winprocess_sys.h
+	src/lib/process/waitpid.h