hakurei

Author	SHA1	Message	Date
cat	fe7d208cf7	helper: use generic extra files interface This replaces the pipes object and integrates context into helper process lifecycle. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-13 23:34:15 +09:00
cat	d1d20c06fb	helper/seccomp: use sync.Once for closeWrite This makes the code much cleaner, and eliminates the intermittent ErrInvalid errors. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-13 22:49:16 +09:00
cat	1e6a059668	helper/seccomp: benchmark exporter Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-13 22:37:51 +09:00
cat	099da78af5	helper/seccomp: eliminate data race on pfd Turns out the doc comment on os.File was lying about its methods being safe for concurrent use. The race detector picked up a data race from concurrent use of Fd and Close. This change eliminates that by calling Fd in the prepare routine. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-13 10:40:51 +09:00
cat	568d7758d5	helper/seccomp: panic on invalid closeWrite use Returning an error here puts exporter in an invalid state. The caller should guard against this condition instead. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-07 12:58:20 +09:00
cat	5b7b3fa9a4	helper/seccomp: implement reader interface via pipe This also does not require the libc tmpfile call. BPF programs emitted by libseccomp seems to be deterministic. The tests would catch regressions as it verifies the program against known good output backed by manual testing. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-03 19:43:03 +09:00
cat	7b96cd6ded	helper/seccomp: do not call F_println if not verbose This (slightly) improves performance. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-25 13:19:38 +09:00
cat	163f15e93f	helper/seccomp: separate seccomp package Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-25 12:59:11 +09:00

8 Commits