2024-10-16 01:31:23 +09:00
|
|
|
package system
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"errors"
|
|
|
|
|
"sync"
|
2024-10-21 20:47:02 +09:00
|
|
|
|
|
|
|
|
"git.ophivana.moe/security/fortify/internal/fmsg"
|
2024-10-16 01:31:23 +09:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const (
|
|
|
|
|
// User type is reverted at final launcher exit.
|
2024-10-16 14:38:57 +09:00
|
|
|
User = Enablement(ELen)
|
|
|
|
|
// Process type is unconditionally reverted on exit.
|
|
|
|
|
Process = Enablement(ELen + 1)
|
2024-10-16 01:31:23 +09:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type Criteria struct {
|
2024-10-16 14:38:57 +09:00
|
|
|
*Enablements
|
2024-10-16 01:31:23 +09:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (ec *Criteria) hasType(o Op) bool {
|
|
|
|
|
// nil criteria: revert everything except User
|
|
|
|
|
if ec.Enablements == nil {
|
|
|
|
|
return o.Type() != User
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ec.Has(o.Type())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Op is a reversible system operation.
|
|
|
|
|
type Op interface {
|
|
|
|
|
// Type returns Op's enablement type.
|
2024-10-16 14:38:57 +09:00
|
|
|
Type() Enablement
|
2024-10-16 01:31:23 +09:00
|
|
|
|
|
|
|
|
// apply the Op
|
|
|
|
|
apply(sys *I) error
|
|
|
|
|
// revert reverses the Op if criteria is met
|
|
|
|
|
revert(sys *I, ec *Criteria) error
|
|
|
|
|
|
|
|
|
|
Is(o Op) bool
|
|
|
|
|
Path() string
|
|
|
|
|
String() string
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-16 14:38:57 +09:00
|
|
|
func TypeString(e Enablement) string {
|
2024-10-16 01:31:23 +09:00
|
|
|
switch e {
|
|
|
|
|
case User:
|
|
|
|
|
return "User"
|
|
|
|
|
case Process:
|
|
|
|
|
return "Process"
|
|
|
|
|
default:
|
|
|
|
|
return e.String()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type I struct {
|
|
|
|
|
uid int
|
|
|
|
|
ops []Op
|
|
|
|
|
|
|
|
|
|
state [2]bool
|
|
|
|
|
lock sync.Mutex
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (sys *I) UID() int {
|
|
|
|
|
return sys.uid
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-23 14:15:13 +09:00
|
|
|
func (sys *I) Equal(v *I) bool {
|
|
|
|
|
if v == nil || sys.uid != v.uid || len(sys.ops) != len(v.ops) {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for i, o := range sys.ops {
|
|
|
|
|
if !o.Is(v.ops[i]) {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-16 01:31:23 +09:00
|
|
|
func (sys *I) Commit() error {
|
|
|
|
|
sys.lock.Lock()
|
|
|
|
|
defer sys.lock.Unlock()
|
|
|
|
|
|
|
|
|
|
if sys.state[0] {
|
|
|
|
|
panic("sys instance committed twice")
|
|
|
|
|
}
|
|
|
|
|
sys.state[0] = true
|
|
|
|
|
|
|
|
|
|
sp := New(sys.uid)
|
|
|
|
|
sp.ops = make([]Op, 0, len(sys.ops)) // prevent copies during commits
|
|
|
|
|
defer func() {
|
|
|
|
|
// sp is set to nil when all ops are applied
|
|
|
|
|
if sp != nil {
|
|
|
|
|
// rollback partial commit
|
2024-10-25 17:08:21 +09:00
|
|
|
fmsg.VPrintf("commit faulted after %d ops, rolling back partial commit", len(sp.ops))
|
2024-10-16 01:31:23 +09:00
|
|
|
if err := sp.Revert(&Criteria{nil}); err != nil {
|
2024-10-21 20:47:02 +09:00
|
|
|
fmsg.Println("errors returned reverting partial commit:", err)
|
2024-10-16 01:31:23 +09:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}()
|
|
|
|
|
|
|
|
|
|
for _, o := range sys.ops {
|
|
|
|
|
if err := o.apply(sys); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
} else {
|
|
|
|
|
// register partial commit
|
|
|
|
|
sp.ops = append(sp.ops, o)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// disarm partial commit rollback
|
|
|
|
|
sp = nil
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (sys *I) Revert(ec *Criteria) error {
|
|
|
|
|
sys.lock.Lock()
|
|
|
|
|
defer sys.lock.Unlock()
|
|
|
|
|
|
|
|
|
|
if sys.state[1] {
|
|
|
|
|
panic("sys instance reverted twice")
|
|
|
|
|
}
|
|
|
|
|
sys.state[1] = true
|
|
|
|
|
|
|
|
|
|
// collect errors
|
|
|
|
|
errs := make([]error, len(sys.ops))
|
|
|
|
|
|
|
|
|
|
for i := range sys.ops {
|
|
|
|
|
errs[i] = sys.ops[len(sys.ops)-i-1].revert(sys, ec)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// errors.Join filters nils
|
|
|
|
|
return errors.Join(errs...)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func New(uid int) *I {
|
|
|
|
|
return &I{uid: uid}
|
|
|
|
|
}
|
