maemachinebroke/hakurei
1
0
Fork 0
forked from rosa/hakurei
Code Pull Requests Activity
2,432 Commits 7 Branches 12 Tags
6c2f7089b65c5e3eb5c3e65210abc0147f97ff45
Commit Graph

2432 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
cat 2e52191404 system/dbus: dump method prints msgbuf 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-07 13:16:54 +09:00
cat 568d7758d5 helper/seccomp: panic on invalid closeWrite use 
Returning an error here puts exporter in an invalid state. The caller should guard against this condition instead.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-07 12:58:20 +09:00
cat 5b7b3fa9a4 helper/seccomp: implement reader interface via pipe 
This also does not require the libc tmpfile call.

BPF programs emitted by libseccomp seems to be deterministic. The tests would catch regressions as it verifies the program against known good output backed by manual testing.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-03 19:43:03 +09:00
cat d58fb8c6ee workflows: fix nix store cache 
Prefix does not seem to match correctly, this appears to be a Gitea implementation bug.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-01 21:16:13 +09:00
cat 5808fe61c3 nix: vm test set sway background 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-25 22:28:04 +09:00
cat f338d3bb4b nix: update flake lock 2025-01-25 19:46:33 +09:00
cat 8d04dd72f1 nix: mount nvidia devices 
These non-standard paths are required in the sandbox for nvidia drivers to work.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-25 18:05:18 +09:00
cat 21735a8abe release: 0.2.12 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-25 13:40:48 +09:00
cat 34272672b1 nix: verify silent output when not running with -v 
This checks behaviour of fmsg and seccomp.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-25 13:38:18 +09:00
cat 7b96cd6ded helper/seccomp: do not call F_println if not verbose 
This (slightly) improves performance.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-25 13:19:38 +09:00
cat 163f15e93f helper/seccomp: separate seccomp package 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-25 12:59:11 +09:00
cat 016da20443 nix: expose compat flag in nixos module 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-25 12:42:48 +09:00
cat 37780456a7 helper: block more unusual/privileged syscalls 
These are toggled by F_EXT and exposed as SyscallPolicy.Compat in the Go interface.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-25 12:35:47 +09:00
cat efacaa40fa nix: set deny_devel correctly 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-24 00:50:35 +09:00
cat ad6d0ee55f workflows: rename integration test artifact 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-24 00:30:39 +09:00
cat cf791469d8 workflows: gc store and purge old caches 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-24 00:25:57 +09:00
cat be14421775 workflows: merge test build job into test 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-24 00:22:44 +09:00
cat 045983d7f4 wl: separate inline C 
Having a huge blurb of inline C hurts readability on web pages and some text editors.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-23 22:06:29 +09:00
cat 7106b00968 release: 0.2.11 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-23 20:49:49 +09:00
cat 96d5d8a396 nix: apply shared home config to reserved aid 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-23 20:48:04 +09:00
cat 8a00a83c71 nix: expose syscall filter policy 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-23 17:24:42 +09:00
cat 134247b57d nix: configure target users via nixos 
This makes patching home-manager no longer necessary.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-23 17:04:19 +09:00
cat b5bb7654da nix: redirect sway output to journal 
This makes swaymsg exec output appear in test output.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-23 16:08:22 +09:00
cat cc1efa22e2 fst: add missing fields to template 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-22 12:09:25 +09:00
cat 580128922b cmd/fpkg: expose syscall policy options 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-22 12:01:30 +09:00
cat 23e1152baa app/share: clean BaseError message 
This removes trailing '\n' in the PulseAudio warning.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-22 11:54:16 +09:00
cat 8c51012ef5 dbus: enable syscall filter 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-22 11:49:23 +09:00
cat 5a64cdaf4f ldd: enable syscall filter 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-22 02:00:49 +09:00
cat a30f5e1226 fortify: set up seccomp verbose logging early 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-22 01:58:54 +09:00
cat 9a239fa1a5 helper/bwrap: integrate seccomp into helper interface 
This makes API usage much cleaner, and encapsulates all bwrap arguments in argsWt.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-22 01:52:57 +09:00
cat 82029948e6 proc: append to ExtraFiles slice pointer 
This is useful for initialising extra files before command.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-21 12:51:39 +09:00
cat dfcdc5ce20 state: store config in separate gob stream 
This enables early serialisation of config.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-21 12:10:58 +09:00
cat fa0616b274 fortify: print permissive defaults warning early 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-21 12:05:31 +09:00
cat 20a3d4c458 proc/priv/shim: resolve and load seccomp rules 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-20 23:52:56 +09:00
cat 3df344828f proc/priv/shim: seccomp bpf filter via libseccomp 
Rulesets adapted from Flatpak for compatibility.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-20 23:39:47 +09:00
cat 27f5922d5c fst: include syscall filter configuration 
This value is passed through to shim.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-20 21:12:39 +09:00
cat 2cf1f46ea2 nix: test show without --short 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-20 21:10:24 +09:00
cat 3c55fc8e86 proc/priv/shim: do not log bwrap args 
This message is very long and does not serve much real purpose. Remove it to de-clutter verbose messages.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-20 19:51:28 +09:00
cat eb0ef2d115 helper/bwrap: generic extra file interface 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-20 00:20:04 +09:00
cat 2f70506865 helper/bwrap: move sync to helper state 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-19 18:38:13 +09:00
cat cae567c109 proc/priv/shim: remove unnecessary state 
These values are only used during process creation.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-19 18:09:07 +09:00
cat 1ec901f79e release: 0.2.10 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-18 22:50:08 +09:00
cat 715addaccd helper/bwrap: append --sync-fd before -- 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-18 12:30:03 +09:00
cat b31d055e20 proc/priv/init: early init check 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-18 12:33:33 +09:00
cat 7baca66a56 proc: remove duplicate compile-time fortify reference 
This is no longer needed since shim and init are now part of the main program.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-18 11:59:33 +09:00
cat 27d2914286 proc/priv/init: merge init into main program 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-18 11:47:01 +09:00
cat ea8f228af3 proc/priv/shim: merge shim into main program 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-17 23:43:32 +09:00
cat 16db3dabe2 internal: do PR_SET_PDEATHSIG once 
This prctl affects the entire process, doing it on every OS thread is pointless.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-17 23:08:46 +09:00
cat c4de450217 nix: do not force static linking on nix 
In a typical Nix or NixOS-based setup, the entire /nix/store directory is available to the sandbox.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-17 22:56:16 +09:00
cat b60c01f440 fortify: switch to static linking 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-16 17:32:52 +09:00