maemachinebroke/hakurei
1
0
Fork 0
forked from rosa/hakurei
Code Pull Requests Activity
2,456 Commits 7 Branches 12 Tags
282462c2f0d4e057e0714013f3f370af41a3d3f6
Commit Graph

1523 Commits

Author SHA1 Message Date
cat 24618ab9a1 sandbox: move out of internal 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 02:55:36 +09:00
cat 9ce4706a07 sandbox: move params setup functions 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 02:48:32 +09:00
cat 9a1f8e129f sandbox: wrap fmsg interface 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 02:44:07 +09:00
cat ee10860357 seccomp: install output atomically 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 01:10:27 +09:00
cat 48feca800f sandbox: check command function pointer 
Setting default CommandContext on initialisation is somewhat of a footgun.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-16 23:29:14 +09:00
cat 273d97af85 ldd: lib paths resolve function 
This is what always happens right after a ldd call, so implement it here.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-16 01:20:09 +09:00
cat 9f5dad1998 sandbox: return on zero length ops 
This dodges potentially confusing behaviour where init fails due to Ops being clobbered during transfer.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-16 00:32:36 +09:00
cat bac4e67867 sandbox/init: early params nil check 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 04:03:10 +09:00
cat 4230281194 sandbox: return error on doubled start 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 03:30:14 +09:00
cat e64e7608ca sandbox: expose cancel behaviour 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 03:04:27 +09:00
cat 10a21ce3ef helper: expose extra files to direct 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 02:27:40 +09:00
cat f9bf20a3c7 helper: rearrange initialisation args 
This improves consistency across two different helper implementations.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 01:06:31 +09:00
cat f443d315ad helper: clean up interface 
The helper interface was messy due to odd context acquisition order. That has changed, so this cleans it up.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 00:27:44 +09:00
cat 9e18d1de77 helper/proc: pass extra files and start 
For integration with native container tooling.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 23:23:57 +09:00
cat 2647a71be1 seccomp: move out of helper 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 22:42:40 +09:00
cat 7c60a4d8e8 helper: embed context on creation 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 18:30:22 +09:00
cat 4bb5d9780f ldd: run in native sandbox 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 17:55:55 +09:00
cat f41fd94628 sandbox: write uid/gid map as init 
This avoids PR_SET_DUMPABLE in the parent process.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 17:42:22 +09:00
cat 94895bbacb sandbox: invert seccomp ruleset defaults 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 02:38:32 +09:00
cat f332200ca4 sandbox: mount container /dev 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 02:18:44 +09:00
cat 2eff470091 sandbox/mount: pass custom tmpfs name 
The tmpfs driver allows arbitrary fsname.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 02:12:35 +09:00
cat a092b042ab sandbox: pass params to setup ops 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 02:11:38 +09:00
cat e94b09d337 sandbox/mount: fix source flag path 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 02:10:48 +09:00
cat 5d9e669d97 sandbox: separate tmpfs function from op 
This is useful in the implementation of various other ops.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 00:21:20 +09:00
cat f1002157a5 sandbox: separate bind mount function from op 
This is useful in the implementation of various other ops.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 00:16:41 +09:00
cat 4133b555ba internal/app: rename init to init0 
This makes way for the new container init.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-13 21:57:54 +09:00
cat 9b1a60b5c9 sandbox: native container tooling 
This should eventually replace bwrap.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-13 21:36:26 +09:00
cat e048f31baa internal: pull EINTR loop from stdlib 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-13 00:42:38 +09:00
cat 6af8b8859f sandbox: read overflow ids 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-13 00:41:37 +09:00
cat 61e58aa14d helper/proc: expose setup file 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-09 17:22:31 +09:00
cat 9e15898c8f internal/prctl: rename prctl wrappers 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-07 22:56:35 +09:00
cat 80f9b62d25 app: print comp values early 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-26 22:27:55 +09:00
cat 673b648bd3 cmd/fpkg: call app in-process 
Wrapping fortify is slow, painful and error-prone. Start apps in-process instead.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-26 19:51:44 +09:00
cat 840ceb615a app: handle RunState errors 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-26 17:36:14 +09:00
cat d050b3de25 app: define errors in a separate file 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-26 17:12:02 +09:00
cat 6d4ac3d9fd internal: store fortify path in internal 
This now makes more sense due to the changes in build system.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-26 12:03:25 +09:00
cat 39dc8e7bd8 dbus: set process group id 
This stops signals sent by the TTY driver from propagating to the xdg-dbus-proxy process.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-25 18:12:41 +09:00
cat f0a082ec84 fortify: improve handling of RevertErr 
All this error wrapping is getting a bit ridiculous and I might want to do something about that somewhere down the line.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-25 00:45:00 +09:00
cat c64b8163e7 app: separate instance from process state 
This works better for the implementation.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-21 16:06:24 +09:00
cat 3c80fd2b0f app: defer system.I revert 
Just returning an error after a successful call of commit will leave garbage behind with no way for the caller to clean them. This change ensures revert is always called after successful commit with at least per-process state enabled.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-19 21:12:11 +09:00
cat ef81828e0c app: remove share method 
This is yet another implementation detail from before system.I, getting rid of this vastly cuts down on redundant seal state.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-19 16:20:25 +09:00
cat 2978a6f046 app: separate appSeal finalise method 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-19 12:33:51 +09:00
cat dfd9467523 app: merge seal with sys 
The existence of the appSealSys struct was an implementation detail obsolete since system.I was integrated in 084cd84f36.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-19 01:36:29 +09:00
cat 53571f030e app: embed appSeal in app struct 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-19 01:10:37 +09:00
cat aa164081e1 app/seal: improve documentation 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-19 01:04:14 +09:00
cat 9a10eeab90 app/seal: embed enablements 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-19 00:41:51 +09:00
cat a748d40745 app: store values with string representation 
Improves code readability without changing memory layout.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-19 00:25:00 +09:00
cat 648e1d641a app: separate interface from implementation 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-18 23:07:28 +09:00
cat ffaa12b9d8 sys: wrap log methods 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-18 22:52:09 +09:00
cat e0f321b2c4 sys: rename from linux 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-18 18:47:48 +09:00