bvisor 0.9.0

Sync-first boundary supervisor: platform-agnostic boundary contract (types + fail-closed planner) with real Linux (landlock/seccomp/cgroups) and Wasm (wasmi/WASI) confinement backends. ZERO OS code, ZERO BatPak writes in the Backend trait.
[package]
name = "bvisor"
version = "0.9.0"
edition = "2021"
rust-version = "1.92"
license = "MIT OR Apache-2.0"
description = "Sync-first boundary supervisor: platform-agnostic boundary contract (types + fail-closed planner) with real Linux (landlock/seccomp/cgroups) and Wasm (wasmi/WASI) confinement backends. ZERO OS code, ZERO BatPak writes in the Backend trait."

[lib]
path = "src/lib.rs"

# The single-threaded Linux confinement LAUNCHER (kernel plan §10.8) — a separate
# `[[bin]]` in the bvisor package, NOT a crate. Meaningful only on Linux: `main.rs`
# gates the real impl behind `cfg(target_os = "linux")` and provides a non-Linux
# stub so the bin compiles cross-platform. Requires `backend-linux` (the protocol
# types + libc basement live behind that feature).
[[bin]]
name = "bvisor-linux-launcher"
path = "launcher/linux/main.rs"
required-features = ["backend-linux"]

[features]
default = []
# The SimBackend monster + the harness-owned GroundTruth shadow + the
# reconciliation matrix live behind this feature, mirroring batpak's
# `store/sim` convention (`crates/core/Cargo.toml`). Without it the whole
# `sim/` module is compiled out and the crate stays the pure contract + Inert.
# Pulls in batpak's matching gate so the sim path reuses core's canonical
# deterministic `SimClock` (`batpak::store::SimClock`) instead of carrying a
# duplicate `Clock` impl.
dangerous-test-hooks = ["batpak/dangerous-test-hooks"]
# The QF_BV solver harness (kernel plan §4): an EXTERNAL, PINNED, CLOUD-ONLY SMT
# tool that discharges the admission-circuit equivalence proof. Gated so the solver
# never runs on the local potato — CI runs `cargo test --features qf-bv` with pinned
# z3/cvc5 (BVISOR_Z3 / BVISOR_CVC5). The pure SMT GENERATOR is always compiled and
# unit-tested locally; only the solver-invoking harness is behind this feature.
qf-bv = []
# Host wiring (kernel plan §11): mount the boundary contract as ONE hostbat
# `HostModule` over a `syncbat::Core`. Off by default — the pure `contract/` is
# the crate's identity; `host` adds the syncbat handlers + the hostbat module so
# bvisor never grows its own host architecture (there is NO `bvisor-host` crate).
host = ["dep:syncbat", "dep:hostbat"]
# Per-platform OS boundary backends (kernel plan §10 / SCOPE backend-ladder).
# OFF by default — the pure contract + Inert is the crate's identity. Each gates
# the OS-touching backend STRUCT + unsafe basement; the honest `support_matrix()`
# data is ALWAYS compiled regardless of feature, so the per-platform honesty
# tables stay cross-platform testable. Real OS deps land per build-ladder step in
# the matching `[target.'cfg(target_os="..")'.dependencies]` table below.
#
# CARGO PATTERN (compiles cleanly BOTH on Linux and non-Linux):
#   `backend-linux` activates `dep:libc` + `dep:landlock`, which live in the
#   `[target.'cfg(target_os = "linux")'.dependencies]` table below as
#   `optional = true`. The `dep:` syntax suppresses the implicit feature, so the
#   deps appear ONLY when the feature is on AND the host is Linux:
#     - Non-Linux build (any feature set): the target table is not resolved, so
#       libc/landlock are never fetched — no error, no unused-dep warning.
#     - Linux WITHOUT `backend-linux`: the optional deps stay inactive (the
#       `backend_impl`/`sys` modules are cfg-gated off) — no unused-dep warning.
#     - Linux WITH `backend-linux`: both deps activate and the real LinuxBackend
#       (probe ABI / landlock confinement / pre_exec basement) compiles.
backend-linux = ["dep:libc", "dep:landlock", "dep:seccompiler"]
backend-wasm = ["dep:wasmi", "dep:wasmi_wasi"]
backend-windows = []
backend-macos = []

[dependencies]
# batpak by path for the EventPayload derive + inventory registration and the
# canonical encoding / blake3 hash helpers reused for report sealing. The `blake3`
# default feature backs `event::hash::compute_hash`, which seals report bodies.
# The contract itself stays OS-free and writes no BatPak.
batpak = { path = "../core", version = "0.9.0" }
serde = { version = "1", features = ["derive"] }
# Named in report/plan seal signatures: batpak's canonical encoder returns
# `rmp_serde::encode::Error`, mirrored here exactly as core's *ReportBody does.
# Pinned to the same line core pins so the canonical bytes stay byte-identical.
rmp-serde = "=1.3.1"
# Host wiring (the `host` feature). The runtime layer bvisor mounts into and the
# generic module host that composes it; both optional so the default build stays
# the pure, OS-free, host-free contract.
syncbat = { path = "../syncbat", version = "0.9.0", optional = true }
hostbat = { path = "../hostbat", version = "0.9.0", optional = true }
# Wasm backend runtime. Host-OS-independent, so this lives in the plain dependency
# table rather than a target table.
wasmi = { version = "=1.1.0", default-features = false, features = ["std"], optional = true }
wasmi_wasi = { version = "=1.1.0", optional = true }

[dev-dependencies]
# The `host` end-to-end proof opens a real batpak Store in a tempdir to witness
# the PERSIST leg (request → admit → execute → seal → persist).
tempfile = ">=3.24, <3.25"
# Test fixtures are tiny WAT guests compiled in tests; no wasm32 toolchain needed.
wat = "=1.252.0"

# ── Per-platform backend deps (cfg-gated so a Linux build never resolves the
# Windows/macOS crates). EMPTY in scaffolding (step a) — the real `optional=true`
# deps land per build-ladder step:
#   Linux  (step b): libc, landlock, seccompiler  — gated `backend-linux`
#   Windows (step d): windows-sys                 — gated `backend-windows`
#   macOS  (step e): libc (Seatbelt extern)       — gated `backend-macos`
# Wasm (step c) deps are host-OS-independent, so they live in
# the plain `[dependencies]` behind `backend-wasm`, not in a target table.
[target.'cfg(target_os = "linux")'.dependencies]
# Step (b) — REAL filesystem confinement. Both `optional = true` + activated by
# the `backend-linux` feature via `dep:` (see the feature comment above), so a
# default Linux build never resolves them and a non-Linux build never sees this
# target table at all.
#   libc      — the raw landlock-ABI probe syscall + the `pre_exec` basement that
#               applies the ruleset in the child before exec (`linux/sys.rs`).
#   landlock  — the safe ABI-floor + ruleset builder used from the basement to
#               restrict FS access to exactly the declared roots.
libc = { version = "0.2", optional = true }
landlock = { version = "0.4.5", optional = true }
#   seccompiler — the D6 seccomp POLICY MODEL → BPF assembler (proof-spine S7). A
#               PURE Rust BPF compiler (no async runtime, no executor): the Rust
#               `SeccompFilter`/`BpfProgram` API compiles a policy to BPF bytes that
#               S10 (not S7) installs via the unsafe `sys.rs` basement. PINNED exact
#               so the compiled-BPF digest in the D6 evidence stays reproducible.
seccompiler = { version = "=0.5.0", optional = true }

[target.'cfg(target_os = "windows")'.dependencies]

[target.'cfg(target_os = "macos")'.dependencies]

[lints]
workspace = true