@secure-exec/core 0.1.1-rc.3 → 0.2.0-rc.1

package/dist/kernel/timer-table.d.ts

@@ -0,0 +1,54 @@
+/**
+ * Kernel timer table with per-process ownership and budget enforcement.
+ *
+ * Tracks active timers (setTimeout/setInterval) per-process. Actual
+ * scheduling is delegated to the host via callbacks — the kernel only
+ * manages ownership, limits, and cleanup.
+ */
+export interface KernelTimer {
+    readonly id: number;
+    readonly pid: number;
+    readonly delayMs: number;
+    readonly repeat: boolean;
+    /** Host-side handle returned by the scheduling function (for cancellation). */
+    hostHandle: ReturnType<typeof setTimeout> | number | undefined;
+    /** User callback to invoke when the timer fires. */
+    callback: () => void;
+    /** True once the timer has been cleared. */
+    cleared: boolean;
+}
+export interface TimerTableOptions {
+    /** Default per-process timer limit. 0 = unlimited. */
+    defaultMaxTimers?: number;
+}
+export declare class TimerTable {
+    private timers;
+    private nextTimerId;
+    private defaultMaxTimers;
+    /** Per-process limit overrides. */
+    private processLimits;
+    constructor(options?: TimerTableOptions);
+    /**
+     * Create a timer owned by `pid`.
+     * Returns the kernel timer ID. The caller must schedule the actual
+     * timeout on the host and set `timer.hostHandle`.
+     */
+    createTimer(pid: number, delayMs: number, repeat: boolean, callback: () => void): number;
+    /** Get a timer by ID. Returns null if not found. */
+    get(timerId: number): KernelTimer | null;
+    /** Clear (cancel) a timer. The caller should also cancel the host-side handle. */
+    clearTimer(timerId: number, pid?: number): void;
+    /** Set per-process timer limit. */
+    setLimit(pid: number, maxTimers: number): void;
+    /** Get the active timer count for a process. */
+    countForProcess(pid: number): number;
+    /** Get all active timers for a process. */
+    getActiveTimers(pid: number): KernelTimer[];
+    /** Clear all timers owned by a process. Called on process exit. */
+    clearAllForProcess(pid: number): void;
+    /** Dispose all timers. Called on kernel shutdown. */
+    disposeAll(): void;
+    /** Number of active timers across all processes. */
+    get size(): number;
+    private getLimit;
+}

package/dist/kernel/timer-table.js

@@ -0,0 +1,108 @@
+/**
+ * Kernel timer table with per-process ownership and budget enforcement.
+ *
+ * Tracks active timers (setTimeout/setInterval) per-process. Actual
+ * scheduling is delegated to the host via callbacks — the kernel only
+ * manages ownership, limits, and cleanup.
+ */
+import { KernelError } from "./types.js";
+export class TimerTable {
+    timers = new Map();
+    nextTimerId = 1;
+    defaultMaxTimers;
+    /** Per-process limit overrides. */
+    processLimits = new Map();
+    constructor(options) {
+        this.defaultMaxTimers = options?.defaultMaxTimers ?? 0;
+    }
+    /**
+     * Create a timer owned by `pid`.
+     * Returns the kernel timer ID. The caller must schedule the actual
+     * timeout on the host and set `timer.hostHandle`.
+     */
+    createTimer(pid, delayMs, repeat, callback) {
+        // Enforce per-process limit
+        const limit = this.getLimit(pid);
+        if (limit > 0) {
+            const count = this.countForProcess(pid);
+            if (count >= limit) {
+                throw new KernelError("EAGAIN", "timer limit exceeded");
+            }
+        }
+        const id = this.nextTimerId++;
+        const timer = {
+            id,
+            pid,
+            delayMs,
+            repeat,
+            hostHandle: undefined,
+            callback,
+            cleared: false,
+        };
+        this.timers.set(id, timer);
+        return id;
+    }
+    /** Get a timer by ID. Returns null if not found. */
+    get(timerId) {
+        return this.timers.get(timerId) ?? null;
+    }
+    /** Clear (cancel) a timer. The caller should also cancel the host-side handle. */
+    clearTimer(timerId, pid) {
+        const timer = this.timers.get(timerId);
+        if (!timer)
+            return; // Clearing a non-existent timer is a no-op (matches POSIX)
+        // Cross-process isolation: if pid is provided, only the owning process can clear
+        if (pid !== undefined && timer.pid !== pid) {
+            throw new KernelError("EACCES", `timer ${timerId} not owned by pid ${pid}`);
+        }
+        timer.cleared = true;
+        this.timers.delete(timerId);
+    }
+    /** Set per-process timer limit. */
+    setLimit(pid, maxTimers) {
+        this.processLimits.set(pid, maxTimers);
+    }
+    /** Get the active timer count for a process. */
+    countForProcess(pid) {
+        let count = 0;
+        for (const timer of this.timers.values()) {
+            if (timer.pid === pid)
+                count++;
+        }
+        return count;
+    }
+    /** Get all active timers for a process. */
+    getActiveTimers(pid) {
+        const result = [];
+        for (const timer of this.timers.values()) {
+            if (timer.pid === pid)
+                result.push(timer);
+        }
+        return result;
+    }
+    /** Clear all timers owned by a process. Called on process exit. */
+    clearAllForProcess(pid) {
+        for (const [id, timer] of this.timers) {
+            if (timer.pid === pid) {
+                timer.cleared = true;
+                this.timers.delete(id);
+            }
+        }
+        this.processLimits.delete(pid);
+    }
+    /** Dispose all timers. Called on kernel shutdown. */
+    disposeAll() {
+        for (const timer of this.timers.values()) {
+            timer.cleared = true;
+        }
+        this.timers.clear();
+        this.processLimits.clear();
+    }
+    /** Number of active timers across all processes. */
+    get size() {
+        return this.timers.size;
+    }
+    getLimit(pid) {
+        return this.processLimits.get(pid) ?? this.defaultMaxTimers;
+    }
+}

package/dist/kernel/types.d.ts

@@ -0,0 +1,500 @@
+/**
+ * Kernel type definitions.
+ *
+ * The kernel is the shared OS layer. All runtimes make "syscalls" to the
+ * kernel for filesystem, process, pipe, and FD operations.
+ */
+import type { WaitQueue } from "./wait.js";
+export type { VirtualFileSystem, VirtualDirEntry, VirtualStat, } from "./vfs.js";
+export interface KernelOptions {
+    filesystem: import("./vfs.js").VirtualFileSystem;
+    permissions?: Permissions;
+    env?: Record<string, string>;
+    cwd?: string;
+    /** Maximum number of concurrent processes. Spawn beyond this limit throws EAGAIN. */
+    maxProcesses?: number;
+    /** Host network adapter for external socket routing (TCP, UDP, DNS). */
+    hostNetworkAdapter?: import("./host-adapter.js").HostNetworkAdapter;
+}
+export interface Kernel {
+    /** Mount a runtime driver. Calls driver.init() and registers its commands. */
+    mount(driver: RuntimeDriver): Promise<void>;
+    /** Dispose the kernel and all mounted drivers. */
+    dispose(): Promise<void>;
+    /**
+     * Execute a command string through the shell.
+     * Equivalent to: spawn('sh', ['-c', command])
+     * Throws if no shell is mounted (e.g. no WasmVM runtime).
+     */
+    exec(command: string, options?: ExecOptions): Promise<ExecResult>;
+    /**
+     * Spawn a process directly (no shell interpretation).
+     * The kernel resolves the command via the command registry and delegates
+     * to the appropriate runtime driver.
+     */
+    spawn(command: string, args: string[], options?: SpawnOptions): ManagedProcess;
+    /**
+     * Flush pending /bin stub entries created by on-demand command discovery.
+     * Ensures VFS is consistent before shell PATH lookups.
+     */
+    flushPendingBinEntries(): Promise<void>;
+    /**
+     * Open an interactive shell on a PTY.
+     * Wires PTY + process groups + termios for terminal use.
+     */
+    openShell(options?: OpenShellOptions): ShellHandle;
+    /**
+     * Wire openShell() to process.stdin/stdout for an interactive terminal session.
+     * Sets raw mode, forwards input/output, handles resize, restores terminal on exit.
+     * Returns the shell exit code.
+     */
+    connectTerminal(options?: ConnectTerminalOptions): Promise<number>;
+    readFile(path: string): Promise<Uint8Array>;
+    writeFile(path: string, content: string | Uint8Array): Promise<void>;
+    mkdir(path: string): Promise<void>;
+    readdir(path: string): Promise<string[]>;
+    stat(path: string): Promise<import("./vfs.js").VirtualStat>;
+    exists(path: string): Promise<boolean>;
+    readonly socketTable: import("./socket-table.js").SocketTable;
+    readonly timerTable: import("./timer-table.js").TimerTable;
+    readonly inodeTable: import("./inode-table.js").InodeTable;
+    readonly commands: ReadonlyMap<string, string>;
+    readonly processes: ReadonlyMap<number, ProcessInfo>;
+    /** Number of pending zombie cleanup timers (test observability). */
+    readonly zombieTimerCount: number;
+}
+export interface ExecOptions {
+    env?: Record<string, string>;
+    cwd?: string;
+    stdin?: string | Uint8Array;
+    timeout?: number;
+    onStdout?: (data: Uint8Array) => void;
+    onStderr?: (data: Uint8Array) => void;
+}
+export interface ExecResult {
+    exitCode: number;
+    stdout: string;
+    stderr: string;
+}
+export interface SpawnOptions extends ExecOptions {
+    stdio?: "pipe" | "inherit";
+    /** FD in caller's table to wire as child's stdin (pipe read end). */
+    stdinFd?: number;
+    /** FD in caller's table to wire as child's stdout (pipe write end). */
+    stdoutFd?: number;
+    /** FD in caller's table to wire as child's stderr (pipe write end). */
+    stderrFd?: number;
+}
+export interface ManagedProcess {
+    pid: number;
+    writeStdin(data: Uint8Array | string): void;
+    closeStdin(): void;
+    kill(signal?: number): void;
+    wait(): Promise<number>;
+    readonly exitCode: number | null;
+}
+export interface OpenShellOptions {
+    /** Shell command to run (default: "sh"). */
+    command?: string;
+    /** Arguments to pass to the shell command. */
+    args?: string[];
+    /** Environment variables for the shell process. */
+    env?: Record<string, string>;
+    /** Working directory for the shell process. */
+    cwd?: string;
+    /** Initial terminal columns. */
+    cols?: number;
+    /** Initial terminal rows. */
+    rows?: number;
+}
+/**
+ * Handle returned by kernel.openShell().
+ * Provides write/onData/resize/kill/wait for interactive shell use.
+ */
+export interface ShellHandle {
+    /** PID of the shell process. */
+    pid: number;
+    /** Write data to the shell (goes through PTY line discipline). */
+    write(data: Uint8Array | string): void;
+    /** Callback for data produced by the shell (program output). */
+    onData: ((data: Uint8Array) => void) | null;
+    /** Notify terminal resize — delivers SIGWINCH to foreground process group. */
+    resize(cols: number, rows: number): void;
+    /** Kill the shell process. */
+    kill(signal?: number): void;
+    /** Wait for the shell to exit. Returns exit code. */
+    wait(): Promise<number>;
+}
+/**
+ * Options for connectTerminal().
+ * Extends OpenShellOptions with an optional output handler override.
+ */
+export interface ConnectTerminalOptions extends OpenShellOptions {
+    /** Custom output handler. Defaults to writing to process.stdout. */
+    onData?: (data: Uint8Array) => void;
+}
+export interface RuntimeDriver {
+    /** Driver name (e.g. 'wasmvm', 'node', 'python') */
+    name: string;
+    /** Commands this driver handles */
+    commands: string[];
+    /**
+     * Called when the driver is mounted to the kernel.
+     * Use this to initialize resources (compile WASM, load Pyodide, etc.)
+     */
+    init(kernel: KernelInterface): Promise<void>;
+    /**
+     * Spawn a process for the given command.
+     * The kernel has already resolved the command to this driver.
+     */
+    spawn(command: string, args: string[], ctx: ProcessContext): DriverProcess;
+    /**
+     * On-demand command discovery. Called by the kernel when a command is not
+     * found in the registry. Returns true if this driver can handle the command
+     * (e.g. found a matching WASM binary on disk). The kernel then registers
+     * the command and retries the spawn.
+     */
+    tryResolve?(command: string): boolean;
+    /** Cleanup resources */
+    dispose(): Promise<void>;
+}
+export interface ProcessContext {
+    pid: number;
+    ppid: number;
+    env: Record<string, string>;
+    cwd: string;
+    fds: {
+        stdin: number;
+        stdout: number;
+        stderr: number;
+    };
+    /** Whether stdin/stdout/stderr are connected to a PTY slave. */
+    stdinIsTTY?: boolean;
+    stdoutIsTTY?: boolean;
+    stderrIsTTY?: boolean;
+    /** Kernel-provided callback for stdout data emitted during spawn. */
+    onStdout?: (data: Uint8Array) => void;
+    /** Kernel-provided callback for stderr data emitted during spawn. */
+    onStderr?: (data: Uint8Array) => void;
+}
+export interface DriverProcess {
+    /** Called by kernel when data is written to this process's stdin FD */
+    writeStdin(data: Uint8Array): void;
+    closeStdin(): void;
+    /** Called by kernel to terminate the process */
+    kill(signal: number): void;
+    /** Resolves with exit code when process completes */
+    wait(): Promise<number>;
+    /** Callbacks for the driver to push data to the kernel */
+    onStdout: ((data: Uint8Array) => void) | null;
+    onStderr: ((data: Uint8Array) => void) | null;
+    onExit: ((code: number) => void) | null;
+}
+/**
+ * Interface the kernel exposes TO drivers.
+ * Drivers call these methods for kernel services.
+ */
+export interface KernelInterface {
+    vfs: import("./vfs.js").VirtualFileSystem;
+    fdOpen(pid: number, path: string, flags: number, mode?: number): number;
+    fdRead(pid: number, fd: number, length: number): Promise<Uint8Array>;
+    fdWrite(pid: number, fd: number, data: Uint8Array): number | Promise<number>;
+    fdClose(pid: number, fd: number): void;
+    fdSeek(pid: number, fd: number, offset: bigint, whence: number): Promise<bigint>;
+    fdPread(pid: number, fd: number, length: number, offset: bigint): Promise<Uint8Array>;
+    fdPwrite(pid: number, fd: number, data: Uint8Array, offset: bigint): Promise<number>;
+    fdDup(pid: number, fd: number): number;
+    fdDup2(pid: number, oldFd: number, newFd: number): void;
+    fdDupMin(pid: number, fd: number, minFd: number): number;
+    fdStat(pid: number, fd: number): FDStat;
+    /** Query poll state for a file descriptor (pipe, PTY, or regular file). */
+    fdPoll(pid: number, fd: number): {
+        readable: boolean;
+        writable: boolean;
+        hangup: boolean;
+        invalid: boolean;
+    };
+    fdSetCloexec(pid: number, fd: number, value: boolean): void;
+    fdGetCloexec(pid: number, fd: number): boolean;
+    fcntl(pid: number, fd: number, cmd: number, arg?: number): number;
+    /** Apply or remove an advisory lock on the file referenced by fd. */
+    flock(pid: number, fd: number, operation: number): Promise<void>;
+    spawn(command: string, args: string[], ctx: Partial<ProcessContext> & {
+        stdinFd?: number;
+        stdoutFd?: number;
+        stderrFd?: number;
+    }): ManagedProcess;
+    waitpid(pid: number, options?: number): Promise<{
+        pid: number;
+        status: number;
+        termSignal: number;
+    } | null>;
+    kill(pid: number, signal: number): void;
+    getpid(pid: number): number;
+    getppid(pid: number): number;
+    setpgid(pid: number, pgid: number): void;
+    getpgid(pid: number): number;
+    setsid(pid: number): number;
+    getsid(pid: number): number;
+    /** Create a pipe and install both ends in the given process's FD table. */
+    pipe(pid: number): {
+        readFd: number;
+        writeFd: number;
+    };
+    /** Allocate a PTY master/slave pair and install FDs in the process's table. */
+    openpty(pid: number): {
+        masterFd: number;
+        slaveFd: number;
+        path: string;
+    };
+    /** Check if an FD refers to a terminal (PTY slave). */
+    isatty(pid: number, fd: number): boolean;
+    /** Set line discipline configuration on the PTY associated with the given FD. */
+    ptySetDiscipline(pid: number, fd: number, config: {
+        canonical?: boolean;
+        echo?: boolean;
+        isig?: boolean;
+    }): void;
+    /** Set the foreground process group for signal delivery on the PTY. */
+    ptySetForegroundPgid(pid: number, fd: number, pgid: number): void;
+    /** Get terminal attributes for the PTY associated with the given FD. */
+    tcgetattr(pid: number, fd: number): Termios;
+    /** Set terminal attributes for the PTY associated with the given FD. */
+    tcsetattr(pid: number, fd: number, termios: Partial<Termios>): void;
+    /** Set the foreground process group for the terminal. */
+    tcsetpgrp(pid: number, fd: number, pgid: number): void;
+    /** Get the foreground process group for the terminal. */
+    tcgetpgrp(pid: number, fd: number): number;
+    /** List open FD numbers for a process (readDir /dev/fd). */
+    devFdReadDir(pid: number): string[];
+    /** Stat the underlying file for /dev/fd/N. */
+    devFdStat(pid: number, fd: number): Promise<import("./vfs.js").VirtualStat>;
+    getenv(pid: number): Record<string, string>;
+    setenv(pid: number, key: string, value: string): void;
+    unsetenv(pid: number, key: string): void;
+    getcwd(pid: number): string;
+    chdir(pid: number, path: string): Promise<void>;
+    /** Schedule SIGALRM delivery after `seconds`. Returns previous alarm remaining (0 if none). alarm(pid, 0) cancels. */
+    alarm(pid: number, seconds: number): number;
+    /** Get/set the process's umask. Returns the previous mask. If newMask is omitted, mask is unchanged. */
+    umask(pid: number, newMask?: number): number;
+    /** Create a directory, applying the process's umask to the given mode. */
+    mkdir(pid: number, path: string, mode?: number): Promise<void>;
+    readonly socketTable: import("./socket-table.js").SocketTable;
+    readonly timerTable: import("./timer-table.js").TimerTable;
+    readonly processTable: import("./process-table.js").ProcessTable;
+}
+export interface FDStat {
+    filetype: number;
+    flags: number;
+    rights: bigint;
+}
+export interface FileDescription {
+    id: number;
+    path: string;
+    /** Stable inode identity for FD I/O after the pathname is unlinked. */
+    inode?: number;
+    cursor: bigint;
+    flags: number;
+    refCount: number;
+    /** Mode to apply when the file is first created (set by O_CREAT with umask). */
+    creationMode?: number;
+}
+export interface FDEntry {
+    fd: number;
+    description: FileDescription;
+    rights: bigint;
+    filetype: number;
+    /** Close-on-exec flag (FD_CLOEXEC). Per-FD, not per-description. */
+    cloexec: boolean;
+}
+export declare const O_RDONLY = 0;
+export declare const O_WRONLY = 1;
+export declare const O_RDWR = 2;
+export declare const O_CREAT = 64;
+export declare const O_EXCL = 128;
+export declare const O_TRUNC = 512;
+export declare const O_APPEND = 1024;
+export declare const O_NONBLOCK = 4;
+export declare const O_CLOEXEC = 524288;
+export declare const F_DUPFD = 0;
+export declare const F_GETFD = 1;
+export declare const F_SETFD = 2;
+export declare const F_GETFL = 3;
+export declare const F_DUPFD_CLOEXEC = 1030;
+export declare const FD_CLOEXEC = 1;
+export declare const SEEK_SET = 0;
+export declare const SEEK_CUR = 1;
+export declare const SEEK_END = 2;
+export declare const FILETYPE_UNKNOWN = 0;
+export declare const FILETYPE_CHARACTER_DEVICE = 2;
+export declare const FILETYPE_DIRECTORY = 3;
+export declare const FILETYPE_REGULAR_FILE = 4;
+export declare const FILETYPE_SYMBOLIC_LINK = 7;
+export declare const FILETYPE_PIPE = 6;
+export interface ProcessEntry {
+    pid: number;
+    ppid: number;
+    /** Process group ID. Defaults to parent's pgid, or pid for session leaders. */
+    pgid: number;
+    /** Session ID. Defaults to parent's sid, or pid for session leaders. */
+    sid: number;
+    driver: string;
+    command: string;
+    args: string[];
+    status: "running" | "stopped" | "exited";
+    exitCode: number | null;
+    /** How the process terminated: 'normal' for exit(), 'signal' for kill(). */
+    exitReason: "normal" | "signal" | null;
+    /** Signal that killed the process (0 = normal exit). */
+    termSignal: number;
+    exitTime: number | null;
+    env: Record<string, string>;
+    cwd: string;
+    /** File mode creation mask (POSIX umask). Inherited from parent, default 0o022. */
+    umask: number;
+    /** Active handles tracked for this process (id → description). */
+    activeHandles: Map<string, string>;
+    /** Maximum number of active handles allowed for this process. 0 = unlimited. */
+    handleLimit: number;
+    /** Signal handling state: registered handlers, blocked signals, pending signals. */
+    signalState: ProcessSignalState;
+    driverProcess: DriverProcess;
+}
+export interface ProcessInfo {
+    pid: number;
+    ppid: number;
+    pgid: number;
+    sid: number;
+    driver: string;
+    command: string;
+    status: "running" | "stopped" | "exited";
+    exitCode: number | null;
+}
+/** POSIX error codes used by the kernel. */
+export type KernelErrorCode = "EACCES" | "EADDRINUSE" | "EAGAIN" | "EBADF" | "ECONNREFUSED" | "EINPROGRESS" | "EINTR" | "EEXIST" | "EINVAL" | "EIO" | "EISDIR" | "EMFILE" | "EMSGSIZE" | "ENOENT" | "ENOSPC" | "ENOSYS" | "ENOTCONN" | "ENOTEMPTY" | "ENOTDIR" | "EPERM" | "EPIPE" | "ESPIPE" | "ESRCH" | "ETIMEDOUT";
+/**
+ * Structured error for kernel operations.
+ * Carries a machine-readable `code` so callers can map to errno without
+ * string matching.
+ */
+export declare class KernelError extends Error {
+    readonly code: KernelErrorCode;
+    constructor(code: KernelErrorCode, message: string);
+}
+/** Terminal attributes — controls line discipline behavior on a PTY. */
+export interface Termios {
+    /** Map CR (0x0d) to NL (0x0a) on input (POSIX ICRNL). */
+    icrnl: boolean;
+    /** Post-process output (master for ONLCR, etc.). */
+    opost: boolean;
+    /** Map NL to CR-NL on output (requires opost). */
+    onlcr: boolean;
+    /** Canonical mode: buffer input until newline, handle backspace. */
+    icanon: boolean;
+    /** Echo input bytes back through output (master reads them). */
+    echo: boolean;
+    /** Enable signal generation from control characters (^C, ^Z, ^\). */
+    isig: boolean;
+    /** Control characters. */
+    cc: TermiosCC;
+}
+export interface TermiosCC {
+    vintr: number;
+    vquit: number;
+    vsusp: number;
+    veof: number;
+    verase: number;
+}
+/** Returns the POSIX-standard default termios: canonical on, echo on, isig on, opost+onlcr on. */
+export declare function defaultTermios(): Termios;
+export declare const SIGHUP = 1;
+export declare const SIGINT = 2;
+export declare const SIGQUIT = 3;
+export declare const SIGKILL = 9;
+export declare const SIGPIPE = 13;
+export declare const SIGALRM = 14;
+export declare const SIGTERM = 15;
+export declare const SIGCHLD = 17;
+export declare const SIGCONT = 18;
+export declare const SIGSTOP = 19;
+export declare const SIGTSTP = 20;
+export declare const SIGWINCH = 28;
+export declare const SA_RESTART = 268435456;
+export declare const SA_RESETHAND = 2147483648;
+export declare const SA_NOCLDSTOP = 1;
+export declare const SIG_BLOCK = 0;
+export declare const SIG_UNBLOCK = 1;
+export declare const SIG_SETMASK = 2;
+export declare const WNOHANG = 1;
+/** Signal disposition: default kernel action, ignore, or user-defined handler. */
+export type SignalDisposition = "default" | "ignore" | ((signal: number) => void);
+/** Per-signal handler registration (matches POSIX struct sigaction). */
+export interface SignalHandler {
+    handler: SignalDisposition;
+    /** Signals to block during handler execution (sa_mask). */
+    mask: Set<number>;
+    /** Flags (SA_RESTART, SA_RESETHAND, SA_NOCLDSTOP, etc.). */
+    flags: number;
+}
+/** Per-process signal state. */
+export interface ProcessSignalState {
+    /** Signal number → registered handler. */
+    handlers: Map<number, SignalHandler>;
+    /** Currently blocked signals (sigprocmask). */
+    blockedSignals: Set<number>;
+    /** Signals queued while blocked. Standard signals (1-31) coalesce to max 1. */
+    pendingSignals: Set<number>;
+    /** Waiters blocked on signal-aware syscalls for this process. */
+    signalWaiters: WaitQueue;
+    /** Monotonic counter for delivered signals. */
+    deliverySeq: number;
+    /** Most recently delivered signal number, or null if none. */
+    lastDeliveredSignal: number | null;
+    /** Flags from the most recently delivered handler registration. */
+    lastDeliveredFlags: number;
+}
+export interface Pipe {
+    id: number;
+    readFd: number;
+    writeFd: number;
+    readerPid: number;
+    writerPid: number;
+    buffer: Uint8Array[];
+    closed: {
+        read: boolean;
+        write: boolean;
+    };
+}
+export interface PermissionDecision {
+    allow: boolean;
+    reason?: string;
+}
+export type PermissionCheck<T> = (request: T) => PermissionDecision;
+export interface FsAccessRequest {
+    op: "read" | "write" | "mkdir" | "createDir" | "readdir" | "stat" | "rm" | "rename" | "exists" | "symlink" | "readlink" | "link" | "chmod" | "chown" | "utimes" | "truncate";
+    path: string;
+}
+export interface NetworkAccessRequest {
+    op: "fetch" | "http" | "dns" | "listen" | "connect";
+    url?: string;
+    method?: string;
+    hostname?: string;
+}
+export interface ChildProcessAccessRequest {
+    command: string;
+    args: string[];
+    cwd?: string;
+    env?: Record<string, string>;
+}
+export interface EnvAccessRequest {
+    op: "read" | "write";
+    key: string;
+    value?: string;
+}
+export interface Permissions {
+    fs?: PermissionCheck<FsAccessRequest>;
+    network?: PermissionCheck<NetworkAccessRequest>;
+    childProcess?: PermissionCheck<ChildProcessAccessRequest>;
+    env?: PermissionCheck<EnvAccessRequest>;
+}