fortify

Author	SHA1	Message	Date
Ophestra	9d9a165379	release: 0.2.16 All checks were successful Release / Create release (push) Successful in 35s Details Test / Create distribution (push) Successful in 22s Details Test / Run NixOS test (push) Successful in 2m41s Details Mostly refactor and cleanup, but also contains major fix to process lifecycle management. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 23:39:16 +09:00
Ophestra	d0dff1cac9	wl: check against null character All checks were successful Test / Create distribution (push) Successful in 23s Details Test / Run NixOS test (push) Successful in 54s Details Wayland library takes null terminated strings. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 23:35:49 +09:00
Ophestra	3c80fd2b0f	app: defer system.I revert All checks were successful Test / Create distribution (push) Successful in 19s Details Test / Run NixOS test (push) Successful in 49s Details Just returning an error after a successful call of commit will leave garbage behind with no way for the caller to clean them. This change ensures revert is always called after successful commit with at least per-process state enabled. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 21:12:11 +09:00
Ophestra	ef81828e0c	app: remove share method All checks were successful Test / Create distribution (push) Successful in 26s Details Test / Run NixOS test (push) Successful in 2m3s Details This is yet another implementation detail from before system.I, getting rid of this vastly cuts down on redundant seal state. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 16:20:25 +09:00
Ophestra	2978a6f046	app: separate appSeal finalise method All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Run NixOS test (push) Successful in 3m27s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 12:33:51 +09:00
Ophestra	dfd9467523	app: merge seal with sys All checks were successful Test / Create distribution (push) Successful in 27s Details Test / Run NixOS test (push) Successful in 3m20s Details The existence of the appSealSys struct was an implementation detail obsolete since system.I was integrated in `084cd84f36`. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 01:36:29 +09:00
Ophestra	53571f030e	app: embed appSeal in app struct All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Run NixOS test (push) Successful in 3m22s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 01:10:37 +09:00
Ophestra	aa164081e1	app/seal: improve documentation All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Run NixOS test (push) Successful in 3m22s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 01:04:14 +09:00
Ophestra	9a10eeab90	app/seal: embed enablements All checks were successful Test / Create distribution (push) Successful in 26s Details Test / Run NixOS test (push) Successful in 3m28s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 00:41:51 +09:00
Ophestra	d1f83f40d6	helper/bwrap: rename Write to WriteFile All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Run NixOS test (push) Successful in 3m25s Details In case this might want to be an io.Writer. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 00:34:19 +09:00
Ophestra	a748d40745	app: store values with string representation All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Run NixOS test (push) Successful in 3m26s Details Improves code readability without changing memory layout. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 00:25:00 +09:00
Ophestra	648e1d641a	app: separate interface from implementation All checks were successful Test / Create distribution (push) Successful in 26s Details Test / Run NixOS test (push) Successful in 3m31s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 23:07:28 +09:00
Ophestra	3c327084d3	fst: declare wrappers for sandbox config All checks were successful Test / Create distribution (push) Successful in 26s Details Test / Run NixOS test (push) Successful in 3m30s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 23:04:13 +09:00
Ophestra	ffaa12b9d8	sys: wrap log methods All checks were successful Test / Create distribution (push) Successful in 26s Details Test / Run NixOS test (push) Successful in 3m31s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 22:52:09 +09:00
Ophestra	bf95127332	fst: move App interface declaration All checks were successful Test / Create distribution (push) Successful in 26s Details Test / Run NixOS test (push) Successful in 3m24s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 22:36:45 +09:00
Ophestra	e0f321b2c4	sys: rename from linux All checks were successful Test / Create distribution (push) Successful in 26s Details Test / Run NixOS test (push) Successful in 3m28s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 18:47:48 +09:00
Ophestra	2c9c7fee5b	linux: wrap fsu lookup error All checks were successful Test / Create distribution (push) Successful in 35s Details Test / Run NixOS test (push) Successful in 5m58s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 17:39:53 +09:00
Ophestra	d0400f3c81	fmsg: PrintBaseError skip empty message All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Run NixOS test (push) Successful in 3m22s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 17:01:26 +09:00
Ophestra	e9b0f9faef	fmsg: export logBaseError function All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Run NixOS test (push) Successful in 3m16s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 13:02:51 +09:00
Ophestra	e85be67fd9	acl: implement Update in C All checks were successful Test / Create distribution (push) Successful in 18s Details Test / Run NixOS test (push) Successful in 46s Details The original implementation was effectively just writing C in Go. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-17 21:39:14 +09:00
Ophestra	7e69893264	acl: rename UpdatePerms to Update All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Run NixOS test (push) Successful in 3m21s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-17 20:33:18 +09:00
Ophestra	38a3e6af03	system: make xcb internal All checks were successful Test / Create distribution (push) Successful in 27s Details Test / Run NixOS test (push) Successful in 3m29s Details This package is hauntingly ugly. Move this to internal until it is removed or replaced. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-17 19:07:53 +09:00
Ophestra	90cb01b274	system: move out of internal All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Run NixOS test (push) Successful in 3m17s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-17 19:00:43 +09:00
Ophestra	b1e1d5627e	system: wrap console output functions All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Run NixOS test (push) Successful in 3m13s Details This eliminates all fmsg imports from internal/system. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-17 18:17:55 +09:00
Ophestra	3ae2ab652e	system/wayland: sync file at caller specified address All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Run NixOS test (push) Successful in 3m14s Details Storing this in sys is incredibly ugly: sys should be stateless and Ops must keep track of their state. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-17 13:24:17 +09:00
Ophestra	db71fbe22b	system/tmpfiles: fail gracefully in API misuse All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Run NixOS test (push) Successful in 3m25s Details Panicking here leaves garbage behind. Not ideal if this package is going to be exported. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-17 12:17:01 +09:00
Ophestra	83e72c2b59	release: 0.2.15 All checks were successful Test / Create distribution (push) Successful in 19s Details Release / Create release (push) Successful in 33s Details Test / Run NixOS test (push) Successful in 3m12s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-17 00:13:04 +09:00
Ophestra	82a072f641	system/tmpfiles: implement private tmpfiles All checks were successful Test / Create distribution (push) Successful in 19s Details Test / Run NixOS test (push) Successful in 3m30s Details These are only available within the mount namespace and should significantly reduce attack surface. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-17 00:07:52 +09:00
Ophestra	60c10c3f4a	nix: run integration tests with race detector All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Run NixOS test (push) Successful in 3m4s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 20:58:08 +09:00
Ophestra	468696f611	internal: beforeExit before reachable fatal calls All checks were successful Test / Create distribution (push) Successful in 18s Details Test / Run NixOS test (push) Successful in 47s Details These are the only two calls to log.Fatal* reachable during suspended output. Call fmsg.BeforeExit here to catch that. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 19:03:34 +09:00
Ophestra	29c38caac8	app/shim/manager: return error on bad fsu path All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Run NixOS test (push) Successful in 2m9s Details This results in a graceful failure that does not leave garbage behind. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 18:59:45 +09:00
Ophestra	e599b5583d	fmsg: implement suspend in writer All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Run NixOS test (push) Successful in 2m18s Details This removes the requirement to call fmsg.Exit on every exit path, and enables direct use of the "log" package. However, fmsg.BeforeExit is still encouraged when possible to catch exit on suspended output. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 18:51:53 +09:00
Ophestra	33a4ab11c2	internal: move shim and init into app All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Run NixOS test (push) Successful in 2m7s Details This structure makes more sense, as both processes are part of an app's lifecycle. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 16:28:46 +09:00
Ophestra	1fa5e992e4	helper/bwrap: expose address of DataConfig All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Run NixOS test (push) Successful in 2m7s Details This allows the caller to defer fulfilling its payload. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 12:33:59 +09:00
Ophestra	c667b13a00	system: separate link Op implementation All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Run NixOS test (push) Successful in 2m13s Details This Op would still be useful after replacing the Tmpfiles interface, so isolate it here. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 12:15:26 +09:00
Ophestra	90b86a5531	release: 0.2.14 All checks were successful Release / Create release (push) Successful in 24s Details Test / Create distribution (push) Successful in 18s Details Test / Run NixOS test (push) Successful in 50s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 23:05:02 +09:00
Ophestra	f545e154f0	workflows: use native nix runner All checks were successful Test / Create distribution (push) Successful in 20s Details Test / Run NixOS test (push) Successful in 51s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 22:58:04 +09:00
Ophestra	268a90f1a5	app: improve WAYLAND_DISPLAY correctness All checks were successful Test / Create distribution (push) Successful in 46s Details Test / Run NixOS test (push) Successful in 3m35s Details This now has identical behaviour as wayland C library. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 14:45:09 +09:00
Ophestra	3054527ca5	fortify: prevent exit status 0 on app failure All checks were successful Test / Create distribution (push) Successful in 46s Details Test / Run NixOS test (push) Successful in 3m37s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 14:40:19 +09:00
Ophestra	ddb2f9c11b	app: remove wayland socket hard link All checks were successful Test / Create distribution (push) Successful in 49s Details Test / Run NixOS test (push) Successful in 3m32s Details This Op was not doing anything useful. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 10:54:00 +09:00
Ophestra	6ae02e72fa	nix: test direct_wayland behaviour All checks were successful Test / Create distribution (push) Successful in 47s Details Test / Run NixOS test (push) Successful in 3m35s Details This should never be used outside tests unless you absolutely know what you're doing or are using GNOME. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 10:45:27 +09:00
Ophestra	989fb5395f	nix: remove unused configuration All checks were successful Test / Create distribution (push) Successful in 49s Details Test / Run NixOS test (push) Successful in 3m30s Details User setup no longer depends on userdb. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 10:10:42 +09:00
Ophestra	f955b15b84	system: remove write mode tmpfiles All checks were successful Test / Create distribution (push) Successful in 57s Details Test / Run NixOS test (push) Successful in 3m42s Details This interface is ugly and bug-prone. This change removes its write mode which has been obsoleted by CopyBind. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 03:22:20 +09:00
Ophestra	0340c67995	app: port passwd and group files to copy All checks were successful Test / Create distribution (push) Successful in 49s Details Test / Run NixOS test (push) Successful in 3m41s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 03:19:06 +09:00
Ophestra	72b0160aad	helper/bwrap: implement file copy flags All checks were successful Test / Create distribution (push) Successful in 49s Details Test / Run NixOS test (push) Successful in 3m42s Details These are significantly more efficient and less error-prone than mounting an external tmpfile. This should also reduce attack surface as the resulting files are private to its specific sandbox. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 03:13:15 +09:00
Ophestra	ea8d1c07df	priv/shim: move /sbin/init setup to app All checks were successful Test / Create distribution (push) Successful in 49s Details Test / Run NixOS test (push) Successful in 3m36s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 03:06:10 +09:00
Ophestra	a0062d8275	fmsg: resume on exit All checks were successful Test / Create distribution (push) Successful in 47s Details Test / Run NixOS test (push) Successful in 3m32s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 02:22:09 +09:00
Ophestra	43d2e4f5d7	nix: sway increase resolution All checks were successful Test / Create distribution (push) Successful in 50s Details Test / Run NixOS test (push) Successful in 3m46s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 02:21:24 +09:00
Ophestra	be7d944b39	helper/bwrap: PositionalArg implement fmt.Stringer All checks were successful Test / Create distribution (push) Successful in 49s Details Test / Run NixOS test (push) Successful in 3m28s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-15 00:11:48 +09:00
Ophestra	ace97952cc	helper/bwrap: merge Args and FDArgs All checks were successful Test / Create distribution (push) Successful in 1m13s Details Test / Run NixOS test (push) Successful in 4m34s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-14 18:13:06 +09:00

1 2 3 4 5 ...

505 Commits