mirror of
https://github.com/comfyanonymous/ComfyUI.git
synced 2026-03-13 09:10:12 +00:00
c5e7b9cdaf
Adds opt-in process isolation for custom nodes using pyisolate's bwrap sandbox and JSON-RPC bridge. Each isolated node pack runs in its own child process with zero-copy tensor transfer via shared memory. Core infrastructure: - CLI flag --use-process-isolation to enable isolation - Host/child startup fencing via PYISOLATE_CHILD env var - Manifest-driven node discovery and extension loading - JSON-RPC bridge between host and child processes - Shared memory forensics for leak detection Proxy layer: - ModelPatcher, CLIP, VAE, and ModelSampling proxies - Host service proxies (folder_paths, model_management, progress, etc.) - Proxy base with automatic method forwarding Execution integration: - Extension wrapper with V3 hidden param mapping - Runtime helpers for isolated node execution - Host policy for node isolation decisions - Fenced sampler device handling and model ejection parity Serializers for cross-process data transfer: - File3D (GLB), PLY (structured + gaussian), NPZ (streaming frames), VIDEO (VideoFromFile + VideoFromComponents) serializers - data_type flag in SerializerRegistry for type-aware dispatch - Isolated get_temp_directory() fence New core save nodes: - SavePLY and SaveNPZ with comfytype registrations (Ply, Npz) DynamicVRAM compatibility: - comfy-aimdo early init gated by isolation fence Tests: - Integration and policy tests for isolation lifecycle - Manifest loader, host policy, proxy, and adapter unit tests Depends on: pyisolate >= 0.9.2
84 lines
2.4 KiB
Python
84 lines
2.4 KiB
Python
# pylint: disable=logging-fstring-interpolation
|
|
from __future__ import annotations
|
|
|
|
import logging
|
|
from pathlib import Path
|
|
from typing import Dict, List, TypedDict
|
|
|
|
try:
|
|
import tomllib
|
|
except ImportError:
|
|
import tomli as tomllib # type: ignore[no-redef]
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
class HostSecurityPolicy(TypedDict):
|
|
allow_network: bool
|
|
writable_paths: List[str]
|
|
readonly_paths: List[str]
|
|
whitelist: Dict[str, str]
|
|
|
|
|
|
DEFAULT_POLICY: HostSecurityPolicy = {
|
|
"allow_network": False,
|
|
"writable_paths": ["/dev/shm", "/tmp"],
|
|
"readonly_paths": [],
|
|
"whitelist": {},
|
|
}
|
|
|
|
|
|
def _default_policy() -> HostSecurityPolicy:
|
|
return {
|
|
"allow_network": DEFAULT_POLICY["allow_network"],
|
|
"writable_paths": list(DEFAULT_POLICY["writable_paths"]),
|
|
"readonly_paths": list(DEFAULT_POLICY["readonly_paths"]),
|
|
"whitelist": dict(DEFAULT_POLICY["whitelist"]),
|
|
}
|
|
|
|
|
|
def load_host_policy(comfy_root: Path) -> HostSecurityPolicy:
|
|
config_path = comfy_root / "pyproject.toml"
|
|
policy = _default_policy()
|
|
|
|
if not config_path.exists():
|
|
logger.debug("Host policy file missing at %s, using defaults.", config_path)
|
|
return policy
|
|
|
|
try:
|
|
with config_path.open("rb") as f:
|
|
data = tomllib.load(f)
|
|
except Exception:
|
|
logger.warning(
|
|
"Failed to parse host policy from %s, using defaults.",
|
|
config_path,
|
|
exc_info=True,
|
|
)
|
|
return policy
|
|
|
|
tool_config = data.get("tool", {}).get("comfy", {}).get("host", {})
|
|
if not isinstance(tool_config, dict):
|
|
logger.debug("No [tool.comfy.host] section found, using defaults.")
|
|
return policy
|
|
|
|
if "allow_network" in tool_config:
|
|
policy["allow_network"] = bool(tool_config["allow_network"])
|
|
|
|
if "writable_paths" in tool_config:
|
|
policy["writable_paths"] = [str(p) for p in tool_config["writable_paths"]]
|
|
|
|
if "readonly_paths" in tool_config:
|
|
policy["readonly_paths"] = [str(p) for p in tool_config["readonly_paths"]]
|
|
|
|
whitelist_raw = tool_config.get("whitelist")
|
|
if isinstance(whitelist_raw, dict):
|
|
policy["whitelist"] = {str(k): str(v) for k, v in whitelist_raw.items()}
|
|
|
|
logger.debug(
|
|
f"Loaded Host Policy: {len(policy['whitelist'])} whitelisted nodes, Network={policy['allow_network']}"
|
|
)
|
|
return policy
|
|
|
|
|
|
__all__ = ["HostSecurityPolicy", "load_host_policy", "DEFAULT_POLICY"]
|