implement Milestone 20: Kernel Integration with LuaSandboxManager (149 tests)

2026-01-18 16:54:02 +01:00
parent 1b163891e0
commit 9805bdf175
6 changed files with 907 additions and 13 deletions
--- a/sandbox-test/CMakeLists.txt
+++ b/sandbox-test/CMakeLists.txt
@@ -32,6 +32,7 @@ add_library(mosis-sandbox STATIC
    ../src/main/cpp/sandbox/bluetooth_interface.cpp
    ../src/main/cpp/sandbox/contacts_interface.cpp
    ../src/main/cpp/sandbox/message_bus.cpp
+    ../src/main/cpp/sandbox/sandbox_manager.cpp
 )
 target_include_directories(mosis-sandbox PUBLIC
    ../src/main/cpp/sandbox
--- a/sandbox-test/src/main.cpp
+++ b/sandbox-test/src/main.cpp
@@ -22,6 +22,7 @@
 #include "bluetooth_interface.h"
 #include "contacts_interface.h"
 #include "message_bus.h"
+#include "sandbox_manager.h"
 #include "lua_fuzzer.h"
 #include <filesystem>
 #include <fstream>
@@ -3418,6 +3419,242 @@ bool Test_IntegrationAppLifecycle(std::string& error_msg) {
    return true;
 }

+//=============================================================================
+// Milestone 20: Kernel Integration (Sandbox Manager)
+//=============================================================================
+
+bool Test_ManagerStartStopApp(std::string& error_msg) {
+    // Create temporary directory for test
+    std::string test_dir = "test_manager_data";
+    std::filesystem::create_directories(test_dir);
+
+    mosis::LuaSandboxManager manager(test_dir);
+
+    // Start an app
+    bool started = manager.StartApp("test.app.1", ".", {"storage"}, false);
+    EXPECT_TRUE(started);
+
+    // Verify it's running
+    EXPECT_TRUE(manager.IsAppRunning("test.app.1"));
+    EXPECT_TRUE(manager.GetRunningAppCount() == 1);
+
+    // Stop the app
+    bool stopped = manager.StopApp("test.app.1");
+    EXPECT_TRUE(stopped);
+
+    // Verify it's stopped
+    EXPECT_TRUE(!manager.IsAppRunning("test.app.1"));
+    EXPECT_TRUE(manager.GetRunningAppCount() == 0);
+
+    // Clean up
+    std::filesystem::remove_all(test_dir);
+
+    return true;
+}
+
+bool Test_ManagerMultipleApps(std::string& error_msg) {
+    std::string test_dir = "test_manager_multi";
+    std::filesystem::create_directories(test_dir);
+
+    mosis::LuaSandboxManager manager(test_dir);
+
+    // Start multiple apps
+    EXPECT_TRUE(manager.StartApp("app.one", ".", {}, false));
+    EXPECT_TRUE(manager.StartApp("app.two", ".", {}, false));
+    EXPECT_TRUE(manager.StartApp("app.three", ".", {}, false));
+
+    // Verify all running
+    EXPECT_TRUE(manager.GetRunningAppCount() == 3);
+    EXPECT_TRUE(manager.IsAppRunning("app.one"));
+    EXPECT_TRUE(manager.IsAppRunning("app.two"));
+    EXPECT_TRUE(manager.IsAppRunning("app.three"));
+
+    // Get running apps list
+    auto apps = manager.GetRunningApps();
+    EXPECT_TRUE(apps.size() == 3);
+
+    // Stop one
+    EXPECT_TRUE(manager.StopApp("app.two"));
+    EXPECT_TRUE(manager.GetRunningAppCount() == 2);
+    EXPECT_TRUE(!manager.IsAppRunning("app.two"));
+
+    // Stop all remaining
+    EXPECT_TRUE(manager.StopApp("app.one"));
+    EXPECT_TRUE(manager.StopApp("app.three"));
+    EXPECT_TRUE(manager.GetRunningAppCount() == 0);
+
+    // Clean up
+    std::filesystem::remove_all(test_dir);
+
+    return true;
+}
+
+bool Test_ManagerAppIsolation(std::string& error_msg) {
+    std::string test_dir = "test_manager_isolation";
+    std::filesystem::create_directories(test_dir);
+
+    mosis::LuaSandboxManager manager(test_dir);
+
+    // Start two apps
+    EXPECT_TRUE(manager.StartApp("app.a", ".", {}, false));
+    EXPECT_TRUE(manager.StartApp("app.b", ".", {}, false));
+
+    // Execute valid code in both apps (using local variables since globals are blocked)
+    bool ok1 = manager.ExecuteCode("app.a", "local x = 1 + 1; return x == 2", "test1");
+    EXPECT_TRUE(ok1);
+
+    bool ok2 = manager.ExecuteCode("app.b", "local y = 2 + 2; return y == 4", "test2");
+    EXPECT_TRUE(ok2);
+
+    // Verify apps have different Lua states (true isolation)
+    auto* app_a = manager.GetApp("app.a");
+    auto* app_b = manager.GetApp("app.b");
+    EXPECT_TRUE(app_a != nullptr);
+    EXPECT_TRUE(app_b != nullptr);
+    EXPECT_TRUE(app_a->lua->GetState() != app_b->lua->GetState());
+
+    // Clean up
+    manager.StopApp("app.a");
+    manager.StopApp("app.b");
+    std::filesystem::remove_all(test_dir);
+
+    return true;
+}
+
+bool Test_ManagerExecuteCode(std::string& error_msg) {
+    std::string test_dir = "test_manager_exec";
+    std::filesystem::create_directories(test_dir);
+
+    mosis::LuaSandboxManager manager(test_dir);
+    EXPECT_TRUE(manager.StartApp("exec.test", ".", {}, false));
+
+    // Execute valid code
+    EXPECT_TRUE(manager.ExecuteCode("exec.test", "local x = 1 + 1", "valid"));
+
+    // Execute code with error should return false but not crash
+    bool result = manager.ExecuteCode("exec.test", "this is not valid lua!!!", "invalid");
+    EXPECT_TRUE(!result);  // Should fail gracefully
+
+    // Execute code on non-existent app should return false
+    EXPECT_TRUE(!manager.ExecuteCode("nonexistent.app", "return 1", "test"));
+
+    // Clean up
+    manager.StopApp("exec.test");
+    std::filesystem::remove_all(test_dir);
+
+    return true;
+}
+
+bool Test_ManagerResourceCleanup(std::string& error_msg) {
+    std::string test_dir = "test_manager_cleanup";
+    std::filesystem::create_directories(test_dir);
+
+    mosis::LuaSandboxManager manager(test_dir);
+    EXPECT_TRUE(manager.StartApp("cleanup.test", ".", {}, false));
+
+    // Verify app is running and accessible
+    auto* app = manager.GetApp("cleanup.test");
+    EXPECT_TRUE(app != nullptr);
+    EXPECT_TRUE(app->is_running);
+
+    // Stop the app - should clean up all resources
+    EXPECT_TRUE(manager.StopApp("cleanup.test"));
+
+    // Verify app is no longer accessible
+    EXPECT_TRUE(manager.GetApp("cleanup.test") == nullptr);
+
+    // Clean up
+    std::filesystem::remove_all(test_dir);
+
+    return true;
+}
+
+bool Test_ManagerUserGesture(std::string& error_msg) {
+    std::string test_dir = "test_manager_gesture";
+    std::filesystem::create_directories(test_dir);
+
+    mosis::LuaSandboxManager manager(test_dir);
+    EXPECT_TRUE(manager.StartApp("gesture.test", ".", {"camera"}, false));
+
+    auto* app = manager.GetApp("gesture.test");
+    EXPECT_TRUE(app != nullptr);
+
+    // Initially no recent gesture
+    EXPECT_TRUE(!app->permissions->HasRecentUserGesture(1000));
+
+    // Record a gesture through the manager
+    manager.RecordUserGesture("gesture.test");
+
+    // Now should have recent gesture
+    EXPECT_TRUE(app->permissions->HasRecentUserGesture(1000));
+
+    // Clean up
+    manager.StopApp("gesture.test");
+    std::filesystem::remove_all(test_dir);
+
+    return true;
+}
+
+bool Test_ManagerDoubleStartStop(std::string& error_msg) {
+    std::string test_dir = "test_manager_double";
+    std::filesystem::create_directories(test_dir);
+
+    mosis::LuaSandboxManager manager(test_dir);
+
+    // Start app
+    EXPECT_TRUE(manager.StartApp("double.test", ".", {}, false));
+
+    // Try to start same app again - should fail
+    EXPECT_TRUE(!manager.StartApp("double.test", ".", {}, false));
+
+    // Stop app
+    EXPECT_TRUE(manager.StopApp("double.test"));
+
+    // Try to stop again - should fail
+    EXPECT_TRUE(!manager.StopApp("double.test"));
+
+    // Now can start again
+    EXPECT_TRUE(manager.StartApp("double.test", ".", {}, false));
+    EXPECT_TRUE(manager.StopApp("double.test"));
+
+    // Clean up
+    std::filesystem::remove_all(test_dir);
+
+    return true;
+}
+
+bool Test_ManagerSharedComponents(std::string& error_msg) {
+    std::string test_dir = "test_manager_shared";
+    std::filesystem::create_directories(test_dir);
+
+    mosis::LuaSandboxManager manager(test_dir);
+
+    // Verify shared components are accessible
+    auto& audit = manager.GetAuditLog();
+    auto& rate_limiter = manager.GetRateLimiter();
+    auto& message_bus = manager.GetMessageBus();
+    auto& timers = manager.GetTimerManager();
+
+    // Log an event through shared audit log
+    audit.Log(mosis::AuditEvent::AppStart, "test.shared", "TEST", "Testing shared audit");
+
+    // Verify audit log has the entry
+    auto entries = audit.GetEntries();
+    bool found = false;
+    for (const auto& e : entries) {
+        if (e.app_id == "test.shared") {
+            found = true;
+            break;
+        }
+    }
+    EXPECT_TRUE(found);
+
+    // Clean up
+    std::filesystem::remove_all(test_dir);
+
+    return true;
+}
+
 //=============================================================================
 // MAIN
 //=============================================================================
@@ -3645,6 +3882,16 @@ int main(int argc, char* argv[]) {
    harness.AddTest("AuditResourceLimits", Test_AuditResourceLimits);
    harness.AddTest("IntegrationAppLifecycle", Test_IntegrationAppLifecycle);

+    // Milestone 20: Kernel Integration (Sandbox Manager)
+    harness.AddTest("ManagerStartStopApp", Test_ManagerStartStopApp);
+    harness.AddTest("ManagerMultipleApps", Test_ManagerMultipleApps);
+    harness.AddTest("ManagerAppIsolation", Test_ManagerAppIsolation);
+    harness.AddTest("ManagerExecuteCode", Test_ManagerExecuteCode);
+    harness.AddTest("ManagerResourceCleanup", Test_ManagerResourceCleanup);
+    harness.AddTest("ManagerUserGesture", Test_ManagerUserGesture);
+    harness.AddTest("ManagerDoubleStartStop", Test_ManagerDoubleStartStop);
+    harness.AddTest("ManagerSharedComponents", Test_ManagerSharedComponents);
+
    // Run tests
    auto results = harness.Run(filter);