app: separate interface from implementation
Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
@@ -1,7 +1,6 @@
|
||||
package app
|
||||
|
||||
import (
|
||||
"context"
|
||||
"sync"
|
||||
|
||||
"git.gensokyo.uk/security/fortify/fst"
|
||||
@@ -9,23 +8,11 @@ import (
|
||||
"git.gensokyo.uk/security/fortify/internal/sys"
|
||||
)
|
||||
|
||||
type App interface {
|
||||
// ID returns a copy of App's unique ID.
|
||||
ID() fst.ID
|
||||
// Run sets up the system and runs the App.
|
||||
Run(ctx context.Context, rs *RunState) error
|
||||
|
||||
Seal(config *fst.Config) error
|
||||
String() string
|
||||
}
|
||||
|
||||
type RunState struct {
|
||||
// Start is true if fsu is successfully started.
|
||||
Start bool
|
||||
// ExitCode is the value returned by shim.
|
||||
ExitCode int
|
||||
// WaitErr is error returned by the underlying wait syscall.
|
||||
WaitErr error
|
||||
func New(os sys.State) (fst.App, error) {
|
||||
a := new(app)
|
||||
a.id = new(fst.ID)
|
||||
a.os = os
|
||||
return a, fst.NewAppID(a.id)
|
||||
}
|
||||
|
||||
type app struct {
|
||||
@@ -63,10 +50,3 @@ func (a *app) String() string {
|
||||
|
||||
return "(unsealed fortified app)"
|
||||
}
|
||||
|
||||
func New(os sys.State) (App, error) {
|
||||
a := new(app)
|
||||
a.id = new(fst.ID)
|
||||
a.os = os
|
||||
return a, fst.NewAppID(a.id)
|
||||
}
|
||||
|
||||
@@ -7,7 +7,7 @@ import (
|
||||
"os/user"
|
||||
"strconv"
|
||||
|
||||
"git.gensokyo.uk/security/fortify/internal/sys"
|
||||
"git.gensokyo.uk/security/fortify/fst"
|
||||
)
|
||||
|
||||
// fs methods are not implemented using a real FS
|
||||
@@ -126,8 +126,8 @@ func (s *stubNixOS) Open(name string) (fs.File, error) {
|
||||
}
|
||||
}
|
||||
|
||||
func (s *stubNixOS) Paths() sys.Paths {
|
||||
return sys.Paths{
|
||||
func (s *stubNixOS) Paths() fst.Paths {
|
||||
return fst.Paths{
|
||||
SharePath: "/tmp/fortify.1971",
|
||||
RuntimePath: "/run/user/1971",
|
||||
RunDirPath: "/run/user/1971/fortify",
|
||||
|
||||
@@ -7,14 +7,14 @@ import (
|
||||
"git.gensokyo.uk/security/fortify/system"
|
||||
)
|
||||
|
||||
func NewWithID(id fst.ID, os sys.State) App {
|
||||
func NewWithID(id fst.ID, os sys.State) fst.App {
|
||||
a := new(app)
|
||||
a.id = &id
|
||||
a.os = os
|
||||
return a
|
||||
}
|
||||
|
||||
func AppSystemBwrap(a App) (*system.I, *bwrap.Config) {
|
||||
func AppSystemBwrap(a fst.App) (*system.I, *bwrap.Config) {
|
||||
v := a.(*app)
|
||||
return v.seal.sys.I, v.seal.sys.bwrap
|
||||
}
|
||||
|
||||
@@ -18,7 +18,6 @@ import (
|
||||
"git.gensokyo.uk/security/fortify/internal"
|
||||
"git.gensokyo.uk/security/fortify/internal/fmsg"
|
||||
"git.gensokyo.uk/security/fortify/internal/state"
|
||||
"git.gensokyo.uk/security/fortify/internal/sys"
|
||||
"git.gensokyo.uk/security/fortify/system"
|
||||
)
|
||||
|
||||
@@ -64,7 +63,7 @@ type appSeal struct {
|
||||
// seal system-level component
|
||||
sys *appSealSys
|
||||
|
||||
sys.Paths
|
||||
fst.Paths
|
||||
|
||||
// protected by upstream mutex
|
||||
}
|
||||
|
||||
@@ -10,6 +10,7 @@ import (
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"git.gensokyo.uk/security/fortify/fst"
|
||||
"git.gensokyo.uk/security/fortify/helper"
|
||||
"git.gensokyo.uk/security/fortify/internal/app/shim"
|
||||
"git.gensokyo.uk/security/fortify/internal/fmsg"
|
||||
@@ -19,7 +20,7 @@ import (
|
||||
|
||||
const shimSetupTimeout = 5 * time.Second
|
||||
|
||||
func (a *app) Run(ctx context.Context, rs *RunState) error {
|
||||
func (a *app) Run(ctx context.Context, rs *fst.RunState) error {
|
||||
a.lock.Lock()
|
||||
defer a.lock.Unlock()
|
||||
|
||||
|
||||
Reference in New Issue
Block a user