Eric Woo

Pintos

Tue, 16 Jun 2026 17:00:00 -0700

Background

A few weeks ago, I saw Rui Ueyama, author of the mold linker, had published a repo for a university operating systems project called Pintos, along with a course description.

These repos describe a project lineage through Stanford, Johns Hopkins, and other universities. Curious about this history, I looked at similar github repos until I encountered a clone with a more detailed commit history, which included changes by the original course creator Ben Pfaff and another well-known professor at Stanford, John Ousterhout.

Gathering Code Coverage for Sandboxed Processes

Thu, 29 Aug 2024 23:00:00 -0700

Motivation

While gathering code coverage for youtube-unthrottle, I encountered an interesting catch-22: tests exercising sandboxing features based on seccomp-bpf and Landlock could not write coverage data to disk because of the sandbox restrictions themselves.

Code Coverage Approach #1: gcc

The default behavior of gcc- and gcov-based code coverage is to open and write *.gcda coverage files on process exit.

My first thought, upon encountering a failure to write these *.gcda files, was to investigate whether gcc supports options or APIs for customizing this behavior: writing the coverage data elsewhere, opening the coverage files earlier in process startup, or similar.

Sandboxing and Porting youtube-unthrottle to OpenBSD

Thu, 04 Jul 2024 21:45:00 -0700

Motivation

Given that youtube-unthrottle parses HTML and executes JavaScript fragments, it seemed appropriate to explore sandboxing techniques that might mitigate bugs in handling untrusted inputs.

Along these lines, I’d recently been reading about OpenBSD’s pledge() and unveil() APIs on LWN. These APIs seemed to be designed to make application-layer sandboxing straightforward to implement, such that a program can voluntarily drop privileges early in main() to ensure later code, even if part of an exploit, is limited in its powers. Instead of the system administrator configuring a sandbox around the application through blackbox-style restrictions (like a syscall filter), the application developer makes the sandbox “just work” out of the box.

youtube-unthrottle

Sat, 29 Jun 2024 01:30:00 -0700

A fun personal project from the past week: youtube-unthrottle

Usage

youtube-unthrottle is essentially a tiny subset of the functionality provided by more sophisticated tools like yt-dlp, rusty_ytdl. and the OG youtube-dl.

Specifically, youtube-unthrottle extracts the video and audio stream URLs from a YouTube link passed via argv[1] and then prints the results to stdout. This output can be combined with an external video player like mpv:

uri="$(xclip -o)"
x="/tmp/streams.txt"
youtube-unthrottle "$uri" > "$x"

audio="$(head -1 $x)"
video="$(tail -1 $x)"
mpv --title="$uri" --audio-file="$audio" "$video"

Motivation

The main challenge here is that YouTube stream URLs contain parameters that must be deobfuscated using JavaScript fragments supplied elsewhere in the YouTube payload. This is why solving this puzzle requires the use of an embedded JavaScript engine (in this case, Duktape).

San Francisco History: Rincon Hill and the 2nd Street Cut

Sat, 30 Mar 2024 20:00:00 -0700

I recently learned that the Bay Bridge onramp at Harrison and Essex, which currently looks like:

… used to look like:

It turns out this part of SoMa was originally a well-to-do residential area, until Rincon Hill was demolished in order to make 2nd Street less steep. The upper right-hand corner of this photograph shows 2nd Street passing over Rincon Hill, before the so-called 2nd Street Cut:

Guiding the OOM Killer toward Firefox subprocesses

Wed, 18 May 2022 06:15:00 -0700

I recently figured out a combination of cgroups usage and scripting that improves how my desktop behaves under web-related memory pressure.

Systemd Units

Use memcg to restrict firefox processes in aggregate to N% of system RAM:

$ cat /usr/lib/systemd/system/firefox.slice
[Unit]
Description=Firefox
Before=slices.target

[Slice]
MemoryAccounting=true
MemoryMax=75%

Customize OOMPolicy such that systemd allows parent firefox processes to continue living, even if their children are OOM-killed.

$ cat /usr/lib/systemd/system/firefox.service
[Unit]
Description=Firefox
After=network.target

[Service]
Environment=DISPLAY=:0
ExecStart=/usr/bin/firefox-nightly
OOMPolicy=continue
Slice=firefox.slice
User=my-username

[Install]
WantedBy=graphical.target

Run firefox under this memcg configuration:

Choosing Hugo and GitLab Pages

Mon, 02 Aug 2021 11:30:00 -0700

It seems reasonable, in the spirit of self-documentation, for the first real post to this site to describe the creation of the site itself.

Hosting

The precipitating event for creating this site was my finding out about the .ooo TLD, which formed a clear domain hack with my family name.

I used Google Domains to test URLs for availability and eventually settled on this one, then completed the purchase through Google Domains.

I chose GitLab Pages for hosting. I considered GitHub Pages initially, but when I could neither access my GitHub account (second factor and recovery codes all failed) nor recover it (still waiting on response from GitHub support), I went with a different option.

Hello, World!

Wed, 28 Jul 2021 23:45:00 -0700

I will add some simple content in subsequent posts. For now, I am starting with the most basic content possible.