Commit 3bee7a4
authored
chore: rust kernel hardening & feature parity (#1435)
* feat: US-001 - Remove dangerous builtins from DEFAULT_ALLOWED_NODE_BUILTINS
* feat: US-002 - Block Pyodide import js FFI sandbox escape
* feat: US-003 - Enable Node.js --permission flag for Pyodide host process
* feat: US-004 - Scrub AGENT_OS_* environment variables from guest process.env
* feat: US-005 - Virtualize process.cwd() to return kernel CWD
* feat: [US-006] - Virtualize process.execPath, argv[0], pid, ppid, getuid, getgid
* feat: US-007 - Intercept process signal handlers and deny native addon loading
* feat: [US-008] - [Fix exec/execSync bypass in wrapChildProcessModule]
* feat: [US-009] - [Translate host paths in require.resolve() and error messages]
* feat: [US-010] - Replace in-band control message parsing with side channel
* feat: US-011 - Make ALLOWED_NODE_BUILTINS configurable from AgentOsOptions
* feat: US-012 - Build SharedArrayBuffer RPC bridge for synchronous kernel syscalls
* feat: [US-013] - [Port os module polyfill with kernel-provided values]
* feat: [US-014] - [Port fs.promises async methods through kernel VFS RPC]
* feat: US-015 - Port fs sync methods through SharedArrayBuffer bridge
* feat: [US-016] - [Port fs fd-based operations and streams through kernel VFS]
* feat: US-017 - Port child_process polyfill through kernel process table
* feat: [US-018] - [Port net.Socket polyfill via kernel socket table]
* feat: [US-019] - [Port net.createServer polyfill via kernel socket listen/accept]
* feat: [Story ID] - [Story Title]
* feat: US-021 - Port dns polyfill via kernel DNS resolver
* feat: [US-022] - [Port tls polyfill via kernel networking]
* feat: [US-023] - [Port http/https/http2 on top of polyfilled net and tls]
* feat: US-027 - Wire options.permissions through to sidecar bridge
* feat: [US-028] - [Validate CWD within sandbox root]
* feat: US-024 - Add Drop impl, timeout, and kill for PythonExecution
* feat: [US-025] - [Add Python spawn_waiter thread and bounded stdout/stderr buffering]
* feat: US-030 - Fix --allow-child-process unconditional escalation
* feat: [US-031] - [Resolve symlinks before permission checks and fix link/exists gaps]
* feat: US-038 - Fix plugin SSRF and add mount permission checks
* feat: [US-041] - Enforce WASM permission tiers
* feat: [US-033] - [Add filesystem size and inode limits to ResourceLimits]
* feat: [US-034] - [Add WASM fuel/memory limits and socket/connection limits]
* feat: US-029 - Per-VM import cache paths to prevent cross-VM poisoning
* feat: [US-032] - [Fix host PID reuse in signal_runtime_process and dup2 bounds]
* feat: US-026 - Add VFS RPC path validation and sync bridge timeout
* feat: [Story ID] - [Story Title]
* feat: US-040 - Fix hardenProperty fallback and zombie reaper exit code handling
* feat: US-043 - Low-priority robustness fixes
* feat: US-035 - Fix Pyodide hardening order and VFS RPC queue bounds
* feat: [US-036] - [Add missing Pyodide integration tests]
* feat: US-042 - Extract Pyodide embedded JS and deduplicate cross-runtime code
* feat: US-037 - Add security audit logging
* feat: US-044 - Implement kernel-controlled DNS resolver instead of host delegation
* feat: [US-045] - [Implement real getConnections() and enforce server backlog]
* feat: US-046 - Add Unix domain socket support to net polyfill
* feat: US-047 - Add external networking CI tests
* feat: US-048 - Audit and verify network permission checks on socket operations
* feat: US-049 - Block remaining process properties that leak host information
* feat: [US-050] - [Prevent CJS require() from resolving host node_modules]
* feat: [US-051] - [Fix os polyfill fallbacks that default to host values]
* feat: [US-052] - [Strip AGENT_OS_* variables from child process spawn environments]
* feat: US-053 - Add permission check to unmount_filesystem
* feat: US-054 - Change KernelVmConfig default permissions to deny-all
* feat: US-055 - Add SSRF protection with private IP address validation on outbound connections
* feat: US-056 - Add per-operation size limits for pread, fd_write, env, and argv
* feat: US-057 - Protect RPC channel FDs from guest manipulation
* feat: US-058 - Add WASM module parser size limits and DoS protection
* feat: US-059 - Implement SIGCHLD delivery on child process exit
* feat: [US-060] - Implement SIGPIPE delivery on broken pipe write
* feat: US-061 - Implement waitpid flags: WNOHANG, WUNTRACED, WCONTINUED, and process group waits
* feat: US-062 - Implement advisory file locking (flock)
* feat: [US-063] - [Implement O_CREAT|O_EXCL atomicity and O_APPEND atomic writes]
* feat: US-064 - Implement non-blocking I/O (O_NONBLOCK) and PIPE_BUF atomicity
* feat: [US-065] - [Implement select/poll for FD multiplexing]
* feat: US-066 - Implement process reparenting to init and fix process group kill
* feat: US-067 - Implement OverlayFS opaque directories and persistent whiteouts
* feat: US-068 - Fix overlay hardlink copy-up, rmdir ENOTEMPTY, and cross-mount hardlink
* feat: US-069 - Implement /proc filesystem with essential entries
* feat: [US-070] - [Fix /dev/zero and /dev/urandom to return requested byte count]
* feat: US-071 - Implement shebang parsing for script execution
* feat: US-072 - Add JavaScript sync RPC timeout and response backpressure
* feat: [US-073] - [Add network port binding restrictions and VM network isolation]
* feat: US-074 - Fix guestVisiblePathFromHostPath to never fall back to raw host path
* feat: US-075 - Implement SIGSTOP/SIGCONT job control and SIGWINCH for PTY resize
* feat: [US-076] - [Add missing errno checks: EISDIR, ENOTDIR, ENAMETOOLONG, EROFS]
* feat: US-077 - Implement umask and stat blocks/dev fields
* feat: [US-078] - [Add WASM module path symlink TOCTOU protection and prewarm timeout]
* feat: US-079 - Add Pyodide process memory and execution timeout limits
* feat: US-080 - Enforce WASM runtime memory limits and pass fuel to Node.js runtime
* feat: US-081 - Make WASI conditional based on permission tier1 parent fc1c5a4 commit 3bee7a4
File tree
90 files changed
+41924
-4866
lines changed- .agent
- notes
- todo
- .github/workflows
- crates
- execution
- assets/runners
- src
- tests
- kernel
- src
- tests
- sidecar-browser/tests
- sidecar
- src
- tests
- support
- packages
- browser/src
- core
- src
- sidecar
- tests
- registry
- native
- crates/wasi-ext/src
- c/programs
- patches/wasi-libc
- stubs/uucore/src/lib/features
- tests/wasmvm
- scripts/ralph
- archive/2026-04-04-04-01-feat_rust_kernel_sidecar
Some content is hidden
Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
90 files changed
+41924
-4866
lines changedLarge diffs are not rendered by default.
Large diffs are not rendered by default.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
21 | 21 | | |
22 | 22 | | |
23 | 23 | | |
| 24 | + | |
| 25 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
Large diffs are not rendered by default.
0 commit comments