7311802822
On slower disks (Pi5 SD cards, mu's hardware) the json.dump → write → os.replace path inside _write_meta takes more than 1 ms, so when the snapshot_load event fired afterwards its t_mono_ns drifted past the "<1 ms after origin" assertion in test_driver_events_persist_to_events_jsonl. Fix: emit snapshot_load immediately after setting _t_mono_origin_ns, before any file I/O. Matches the semantic intent (snapshot_load marks episode clock = 0) and removes the disk-speed dependency from the event timeline. Diagnosis + suggested patch from spectral/CIS490#7 (filed by mu). Closes spectral/CIS490#7. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| __main__.py | ||
| episode.py | ||
| fleet.py | ||
| README.md | ||
| ulid.py | ||
orchestrator/
The state machine that drives a single episode:
snapshot_load → clean → armed → infecting → infected_running → dormant → reverting
Responsibilities:
- Bring up the host-only bridge and verify isolation before the guest starts.
- Boot the guest from a named snapshot.
- Spawn the five telemetry collectors (
collectors/) with a shared episode id and shared monotonic clock origin. - Drive the Metasploit Framework over RPC to fire the configured exploit module.
- Upload + execute the configured malware sample once a session is open.
- Emit phase transitions to
labels.jsonlat the moment the action is taken. - Revert the snapshot at episode end.
- Write
meta.jsonwith the result summary.
Implementation lives in this directory and is imported as orchestrator.*.