hakurei

Author	SHA1	Message	Date
Ophestra	fe7d208cf7	helper: use generic extra files interface This replaces the pipes object and integrates context into helper process lifecycle. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-13 23:34:15 +09:00
Ophestra	d1d20c06fb	helper/seccomp: use sync.Once for closeWrite This makes the code much cleaner, and eliminates the intermittent ErrInvalid errors. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-13 22:49:16 +09:00
Ophestra	1e6a059668	helper/seccomp: benchmark exporter Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-13 22:37:51 +09:00
Ophestra	099da78af5	helper/seccomp: eliminate data race on pfd Turns out the doc comment on os.File was lying about its methods being safe for concurrent use. The race detector picked up a data race from concurrent use of Fd and Close. This change eliminates that by calling Fd in the prepare routine. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-13 10:40:51 +09:00
Ophestra	568d7758d5	helper/seccomp: panic on invalid closeWrite use Returning an error here puts exporter in an invalid state. The caller should guard against this condition instead. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-07 12:58:20 +09:00
Ophestra	5b7b3fa9a4	helper/seccomp: implement reader interface via pipe This also does not require the libc tmpfile call. BPF programs emitted by libseccomp seems to be deterministic. The tests would catch regressions as it verifies the program against known good output backed by manual testing. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-03 19:43:03 +09:00
Ophestra	7b96cd6ded	helper/seccomp: do not call F_println if not verbose This (slightly) improves performance. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-25 13:19:38 +09:00
Ophestra	163f15e93f	helper/seccomp: separate seccomp package Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-25 12:59:11 +09:00

8 Commits