maemachinebroke/hakurei
1
0
Fork 0
forked from security/hakurei
Code Pull Requests Activity
1,208 Commits 1 Branch 12 Tags
38b5ff0cec266c7c5e423b68e8626f4a4a63d3ee
Commit Graph

1208 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ophestra
7638a44fa6 treewide: parallel tests 
Most tests already had no global state, however parallel was never enabled. This change enables it for all applicable tests.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-13 04:38:48 +09:00
Ophestra
a14b6535a6 helper/stub: write ready byte late 
Hopefully eliminates spurious failures.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-13 01:55:44 +09:00
Ophestra
763ab27e09 system: remove tmpfiles 
This is no longer used.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-13 01:12:44 +09:00
Ophestra
bff2a1e748 container/initplace: remove indirect method 
This is no longer useful and is highly error-prone.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-13 01:06:45 +09:00
Ophestra
8a91234cb4 hst: reword and improve doc comments 
This corrects minor mistakes in doc comments and adds them for undocumented constants.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-12 05:03:14 +09:00
Ophestra
db7051a368 internal/app/spcontainer: check fs init behaviour 
This covers every statement. Some of them are unreachable unless the kernel returns garbage.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-12 03:58:53 +09:00
Ophestra
36f312b3ba internal/app/spcontainer: resolve path through dispatcher 
This prevents state from os tainting the test data.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-11 20:20:41 +09:00
Ophestra
037144b06e system/dbus: use well-known address in spec 
The session bus still performs non-standard formatting since it makes no sense for hakurei to start the session bus.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-11 18:52:06 +09:00
Ophestra
f5a597c406 hst: rename /.hakurei constant 
This provides disambiguation from fhs.AbsTmp.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-11 14:32:35 +09:00
Ophestra
8874aaf81b hst: remove template bind nix store 
This does not add anything meaningful to the template, since there are already prior examples showing src-only bind ops. Remove this since it causes confusion by covering the previous mount point targeting /nix/store.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-11 13:59:10 +09:00
Ophestra
04a27c8e47 hst: use plausible overlay template 
The current value is copied from a test case, and does not resemble its intended use case.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-11 13:51:08 +09:00
Ophestra
9e3df0905b internal/app/spcontainer: check params init behaviour 
This change also significantly reduces duplicate information in test case.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-11 02:44:02 +09:00
Ophestra
9290748761 internal/app/spaccount: check behaviour 
This begins the effort of fully covering internal/app.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-11 00:54:04 +09:00
Ophestra
23084888a0 internal/app/spaccount: apply default in shim 
The original code clobbers hst.Config, and was not changed when being ported over.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-11 00:38:06 +09:00
Ophestra
50f6fcb326 container/stub: mark test overrides as helper 
This fixes line information in test reporting messages.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-10 22:15:20 +09:00
Ophestra
070e346587 internal/app: relocate params state initialisation 
This is useful for testing.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-10 22:00:49 +09:00
Ophestra
24de7c50a0 internal/app: relocate state initialisation 
This is useful for testing.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-10 20:15:58 +09:00
Ophestra
f6dd9dab6a internal/app: hold path hiding in op 
This makes no sense to be part of the global state.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-10 19:56:30 +09:00
Ophestra
776650af01 hst/config: negative WaitDelay bypasses default 
This behaviour might be useful, so do not lock it out. This change also fixes an oversight where the unchecked value is used to determine ForwardCancel.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-10 05:11:32 +09:00
Ophestra
109aaee659 internal/app: copy parts of config to state 
This is less error-prone than passing the address to the entire hst.Config struct, and reduces the likelihood of accidentally clobbering hst.Config. This also improves ease of testing.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-10 03:19:09 +09:00
Ophestra
22ee5ae151 internal/app: filter ops in implementation 
This is cleaner and less error-prone, and should also result in negligibly less memory allocation.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-10 02:23:34 +09:00
Ophestra
4246256d78 internal/app: hold config address in state 
This can be removed eventually as it is barely used.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-10 01:21:01 +09:00
Ophestra
a941ac025f container/init: unwrap descriptive fatal error 
These errors are printed with a descriptive message prefixed to them, so it is more readable to expose the underlying errno.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-09 22:04:35 +09:00
Ophestra
87b5c30ef6 message: relocate from container 
This package is quite useful. This change allows it to be imported without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-09 05:18:19 +09:00
Ophestra
df9b77b077 internal/app: do not encode config early 
Finalise no longer clobbers hst.Config.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-09 04:38:54 +09:00
Ophestra
a40d182706 internal/app: build container state in shim 
This significantly decreases ipc overhead.

Closes #3.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-08 22:30:40 +09:00
Ophestra
e5baaf416f internal/app: check transmitted ops 
This simulates params to shim and this is the last step before params to shim is merged.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-08 20:02:09 +09:00
Ophestra
ee6c471fe6 internal/app: relocate ops condition 
This allows reuse and finer grained testing of fromConfig.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-08 19:39:00 +09:00
Ophestra
16bf3178d3 internal/app: relocate dynamic exported state 
This allows reuse of the populateEarly method in test instrumentation.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-08 18:34:17 +09:00
Ophestra
034c59a26a internal/app: relocate late sys/params outcome 
This will end up merged with another op after reordering. For now relocate it into its dedicated op for test instrumentation.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-08 18:26:50 +09:00
Ophestra
5bf28901a4 cmd/hsu: check against setgid bit 
The getgroups behaviour is already checked for, but it never hurts to be more careful in a setuid program.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-08 18:22:24 +09:00
Ophestra
9b507715d4 hst/dbus: validate interface strings 
This is relocated to hst to validate early.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-08 04:57:22 +09:00
Ophestra
12ab7ea3b4 hst/fs: access ops through interface 
This removes the final hakurei.app/container import from hst.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 23:59:48 +09:00
Ophestra
1f0226f7e0 container/check: relocate overlay escape 
This is used in hst to format strings.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 23:56:19 +09:00
Ophestra
584ce3da68 container/bits: move bind bits 
This allows referring to the bits without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 21:38:31 +09:00
Ophestra
5d18af0007 container/fhs: move pathname constants 
This allows referencing FHS pathnames without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 21:29:16 +09:00
Ophestra
0e6c1a5026 container/check: move absolute pathname 
This allows use of absolute pathname values without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 20:57:58 +09:00
Ophestra
d23b4dc9e6 hst/dbus: move dbus config struct 
This allows holding a xdg-dbus-proxy configuration without importing system/dbus.

It also makes more sense in the project structure since the config struct is part of the hst API however the rest of the implementation is not.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 19:03:51 +09:00
Ophestra
3ce63e95d7 container: move seccomp preset bits 
This allows holding the bits without cgo.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 18:28:20 +09:00
Ophestra
2489766efe hst/config: identity bounds check early 
This makes sense to do here instead of in internal/app.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 17:58:28 +09:00
Ophestra
9e48d7f562 hst/config: move container fields from toplevel 
This change also moves pd behaviour to cmd/hakurei, as this does not belong in the hst API.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 04:24:45 +09:00
Ophestra
f280994957 internal/app: check nscd socket for path hiding 
This can seriously break things, and exposes extra host attack surface, so include it here.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-05 20:47:30 +09:00
Ophestra
ae7b343cde hst: reword and move constants 
These values are considered part of the stable, exported API, so move them to hst.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-05 17:40:32 +09:00
Ophestra
a63a372fe0 internal/app: merge static stub 
These tests now serve as integration tests, and finer grained tests for each op will be added slowly.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-05 17:15:14 +09:00
Ophestra
16f9001f5f hst/config: update doc comments 
Some information here are horribly out of date. This change updates and improves all doc comments.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-05 04:12:53 +09:00
Ophestra
80ad2e4e23 internal/app: do not offset base value 
This value is applied to the shim, it is incorrect to offset the base value as well.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-05 03:59:52 +09:00
Ophestra
92b83bd599 internal/app: apply pd behaviour to outcomeState 
This avoids needlessly clobbering hst.Config.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-05 03:53:23 +09:00
Ophestra
8ace214832 system/wayland: hang up security-context-v1 internally 
This should have been an implementation detail and should not be up to the caller to close.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-05 03:25:13 +09:00
Ophestra
eb5ee4fece internal/app: modularise outcome finalise 
This is the initial effort of splitting up host and container side of finalisation for params to shim. The new layout also enables much finer grained unit testing of each step, as well as partition access to per-app state for each step.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-05 02:52:50 +09:00
Ophestra
9462af08f3 system/dbus: dump buffer internally 
This should have been an implementation detail and should not be up to the caller to call it.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-04 20:31:14 +09:00