docs: resync package docs, AGENTS, and kernel-catalog with current code

Four drift fixes from a doc sweep. internal/daemon/doc.go Replace the capability-hook description that still said "Hook methods take *Daemon; VMService reaches them through a capabilityHooks seam." Current reality: every capability is a plain struct carrying its own service pointers (workDiskCapability{vm,ws,store}, dnsCapability{net}, natCapability{vm,net,logger}); wireServices builds the default list; no hook reaches *Daemon. internal/daemon/ARCHITECTURE.md The VMService field list still claimed guestWaitForSSH and guestDial were "per-instance fields." Those were deleted as refactor residue. Update the note to say the seams live on *Daemon (reached by WorkspaceService via closures wired at construction) and document the vsockHostDevice field that replaced the old package-global vsockHostDevicePath. AGENTS.md Drop the "experimental web UI" mention (removed) and the `session` subpackage (removed). Mention banger-vsock-agent as the third cmd/ binary while we're here — AGENTS hadn't listed it. docs/kernel-catalog.md The trust-model section still read as if upstream kernel sources were fetched by HTTPS alone. Add a paragraph covering the PGP verification make-generic-kernel.sh now does against the detached .tar.sign and the three kernel.org release signing keys. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-22 13:01:11 -03:00 · 2026-04-22 13:01:11 -03:00 · 80ae4d6667
commit 80ae4d6667
parent 88bc466d58
4 changed files with 28 additions and 8 deletions
--- a/internal/daemon/ARCHITECTURE.md
+++ b/internal/daemon/ARCHITECTURE.md
@ -107,7 +107,13 @@ idempotent and skips anything already set.
  process handles (PID, tap device, loop devices, DM target). Each
  VM directory holds a small `handles.json` scratch file so the
  cache can be rebuilt at daemon startup.
- Test seams `guestWaitForSSH`, `guestDial` are per-instance fields.
+- `vsockHostDevice` — path to `/dev/vhost-vsock` the preflight and
+  doctor checks RequireFile against. Defaulted in wireServices;
+  tests point at a tempfile to make the check pass without the
+  kernel module loaded. Guest-SSH test seams live on `*Daemon`
+  (`d.guestWaitForSSH`, `d.guestDial`), not VMService — workspace
+  prepare is the only path that reaches guest SSH, and it gets
+  there through closures WorkspaceService captured at wiring time.

 ## Subpackages

--- a/internal/daemon/doc.go
+++ b/internal/daemon/doc.go
@ -49,8 +49,14 @@
 //	                     cleanupRuntime / generateName (*VMService),
 //	                     and small stateless utilities.
 //	capabilities.go      Pluggable capability hooks executed at VM
-//	                     start. Hook methods take *Daemon; VMService
-//	                     reaches them through a capabilityHooks seam.
+//	                     start. Each capability is a plain struct
+//	                     with explicit service-pointer fields
+//	                     (workDiskCapability carries vm+ws+store,
+//	                     dnsCapability carries net, natCapability
+//	                     carries vm+net+logger). wireServices builds
+//	                     the default list; VMService invokes hooks
+//	                     through a capabilityHooks seam. No hook
+//	                     reaches back to *Daemon.
 //	vm_locks.go          vmLockSet primitive.
 //	guest_ssh.go         guestSSHClient, dialGuest, waitForGuestSSH.
 //	ssh_client_config.go Daemon-managed SSH client key material.