rosa/hakurei
6
4
Fork 2
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 19 Wiki Activity
762 Commits 3 Branches 19 Tags
1fb453dffe4c83866fedfa4590be30ec65e815ff
Commit Graph

94 Commits

Author SHA1 Message Date
cat 37780456a7 helper: block more unusual/privileged syscalls
Test / Create distribution (push) Successful in 1m44s
Details
Test / Run NixOS test (push) Successful in 3m35s
Details 
These are toggled by F_EXT and exposed as SyscallPolicy.Compat in the Go interface.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-25 12:35:47 +09:00
cat 9a239fa1a5 helper/bwrap: integrate seccomp into helper interface
Build / Create distribution (push) Successful in 1m36s
Details
Test / Run NixOS test (push) Successful in 3m40s
Details 
This makes API usage much cleaner, and encapsulates all bwrap arguments in argsWt.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-22 01:52:57 +09:00
cat eb0ef2d115 helper/bwrap: generic extra file interface
Build / Create distribution (push) Successful in 1m32s
Details
Test / Run NixOS test (push) Successful in 3m50s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-20 00:20:04 +09:00
cat 2f70506865 helper/bwrap: move sync to helper state
Build / Create distribution (push) Successful in 1m25s
Details
Test / Run NixOS test (push) Successful in 3m33s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-19 18:38:13 +09:00
cat 715addaccd helper/bwrap: append --sync-fd before --
Build / Create distribution (push) Successful in 1m26s
Details
Test / Run NixOS test (push) Successful in 3m26s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-18 12:30:03 +09:00
cat 3e11ce6868 helper/bwrap: separate sequential/static args
Tests / Go tests (push) Successful in 41s
Details
Nix / NixOS tests (push) Successful in 3m59s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-15 13:07:06 +09:00
cat 7d99e45b88 helper/bwrap: register OverlayConfig with gob
Tests / Go tests (push) Successful in 58s
Details
Nix / NixOS tests (push) Successful in 3m5s
Details 
This is required for copying bwrap configurations across processes.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-14 12:25:10 +09:00
cat e2489059c1 helper/bwrap: implement overlayfs builder
Tests / Go tests (push) Successful in 33s
Details
Nix / NixOS tests (push) Successful in 4m5s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-05 20:09:35 +09:00
cat 2e3f6a4c51 helper/bwrap: move test out of bwrap package
Tests / Go tests (push) Successful in 36s
Details
Nix / NixOS tests (push) Successful in 4m51s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-05 19:45:24 +09:00
cat 2162029f46 helper/bwrap: add json struct tag to filesystem
Tests / Go tests (push) Successful in 38s
Details
Nix / NixOS tests (push) Successful in 4m43s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-05 19:41:04 +09:00
cat aef847b5ae helper/bwrap: fix typo in --dir config builder
Tests / Go tests (push) Successful in 32s
Details
Nix / NixOS tests (push) Successful in 3m33s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2024-12-27 15:34:43 +09:00
cat df6fc298f6 migrate to git.gensokyo.uk/security/fortify
Tests / Go tests (push) Successful in 2m55s
Details
Nix / NixOS tests (push) Successful in 5m10s
Details 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-12-20 00:20:02 +09:00
cat cc816a1aaa proc: cleaner extra files
test / test (push) Successful in 37s
Details 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-12-06 16:05:04 +09:00
cat 8d0573405a helper/bwrap: implement sync fd
test / test (push) Successful in 38s
Details 
This is required by wayland security-context-v1.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-12-06 04:21:37 +09:00
cat 4b7b899bb3 add package doc comments
test / test (push) Successful in 19s
Details 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-28 20:57:59 +09:00
cat ae1a102882 fmsg: support temporarily withholding output
test / test (push) Successful in 31s
Details 
Trying to print to a shared stdout is a terrible idea. This change makes it possible to withhold output for the lifetime of the sandbox.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-26 23:09:32 +09:00
cat 050ffceb27 helper/bwrap: register generic PermConfig types with gob
test / test (push) Successful in 21s
Details 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-25 13:26:01 +09:00
cat 65af1684e3 migrate to git.ophivana.moe/security/fortify
test / test (push) Successful in 14s
Details 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-20 19:50:13 +09:00
cat 184a5f29fa helper/bwrap: add fortify permissive default test case 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-15 02:56:13 +09:00
cat 3015266e5a helper/bwrap: sort SetEnv arguments 
This guarantees consistency of resulting args.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-15 02:55:48 +09:00
cat 2faf510146 helper/bwrap: ordered filesystem args 
The argument builder was written based on the incorrect assumption that bwrap arguments are unordered. The argument builder is replaced in this commit to correct that mistake.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-15 02:15:55 +09:00
cat a0db19b9ad helper/bwrap: format mode in octal 
Bubblewrap expects an octal representation of mode.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-14 13:47:50 +09:00
cat aee96b0fdf helper/bwrap: allow pushing generic arguments to the end of argument stream 
Bwrap argument order determines the order their corresponding actions are performed. This allows generic arguments like tmpfs to the end of the stream to override bind mounts.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-13 02:26:01 +09:00
cat 8d82446d97 helper: remove unused bwrap config field 
This configuration is not saved anywhere, and does not need to be saved. Bwrap configuration information is already saved into p.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-12 00:55:14 +09:00
cat 713872a5cd helper/bwrap: move interfaceArgs before stringArgs 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-11 04:12:47 +09:00
cat 101e49a48b helper/bwrap: proc, dev and mqueue as string arguments 
These flags do not support --chmod.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-11 01:30:11 +09:00
cat b99ed94386 helper/bwrap: pass --unshare-user when unshare everything 
Bubblewrap apparently requires --unshare-user even when --unshare-all is set to apply --disable-userns. This behaviour is not clearly documented.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-09 00:22:48 +09:00
cat c201c30c7f helper/bwrap: check args only for internal tests 
Tests internal to the helper package sets crash-test-dummy as the command whenever a launch is expected to go through, and the hardcoded args are only valid for internal tests, so this characteristic is used here to exclude external tests that pass real program names and custom bwrap configurations.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-09 00:21:31 +09:00
cat 7c7999e9e5 helper: implementation of helper.Helper using bwrap 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-08 18:02:38 +09:00
cat c6223771db helper: generalise helper.Helper test 
For testing the upcoming bwrap implementation of helper.Helper as it must have identical behaviour.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-08 14:02:54 +09:00
cat 3c5185d770 helper: move test sample data out of direct 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-07 22:51:08 +09:00
cat 85407dd3c0 helper: helper.Helper interface 
For upcoming bwrap implementation of helper.Helper

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-07 15:37:52 +09:00
cat 6a2802cf30 helper: move bwrap into helper 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-07 14:40:35 +09:00
cat 0fb9e40191 helper/args: MustNewCheckedArgs for cleaner hardcoded args 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-07 13:33:18 +09:00
cat 9647eb6a6b helper: separate pipes from Helper 
Upcoming bwrap helper implementation requires two sets of pipes to be managed, fd will also no longer be constant.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-07 12:48:20 +09:00
cat 18d9ce733e helper: test non-existent helpers 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-06 16:00:59 +09:00
cat 7e7327ebf8 helper: export internal stub functions for cross-package testing 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-09-29 15:22:35 +09:00
cat 3bf456da65 helper: test child process handling 
The stub child process simulates reading from the argument fd and copies the entire payload unmodified to stdout. If status pipe is enabled it will simulate sync fd behaviour as well.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-09-29 14:59:39 +09:00
cat 61ba841c88 helper: remove unreachable check 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-09-29 14:48:38 +09:00
cat d530a9e9f9 helper: stub helper for tests 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-09-29 14:40:01 +09:00
cat 8492239cba helper/args: simplify argument parsing and eliminate excess memory copies 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-09-25 14:00:30 +09:00
cat 97bab6c406 helper: clean up and separate helper process management from dbus 
The previous code was poorly documented and made little sense in some parts. This is a generalised and cleaned up implementation in the helper package making use of the Args interface.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-09-25 01:16:06 +09:00
cat 831b1aad6f helper/args: hold a read lock in WriteTo 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-09-24 20:22:37 +09:00
cat 000607da5f helper: separate helper args fd builder from dbus 
This method of passing arguments is used in bubblewrap as well as other tools, this commit separates the argument builder/writer to the helper package and generalise it as an interface.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-09-24 16:11:08 +09:00