Merge remote-tracking branch 'upstream/main' into CCv0

Signed-off-by: stevenhorsman <steven@uk.ibm.com>

src/runtime/pkg/containerd-shim-v2/create.go

@@ -34,9 +34,9 @@ import (
 
 	"github.com/kata-containers/kata-containers/src/runtime/pkg/katautils"
 	"github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace"
+	"github.com/kata-containers/kata-containers/src/runtime/pkg/oci"
 	vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/compatoci"
-	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/oci"
 )
 
 type startManagementServerFunc func(s *service, ctx context.Context, ociSpec *specs.Spec)

src/runtime/pkg/containerd-shim-v2/errors.go

@@ -13,7 +13,7 @@ import (
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 
-	vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/types"
+	vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types"
 )
 
 // toGRPC maps the virtcontainers error into a grpc error,

src/runtime/pkg/containerd-shim-v2/errors_test.go

@@ -10,7 +10,7 @@ import (
 	"syscall"
 	"testing"
 
-	vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/types"
+	vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types"
 	"github.com/stretchr/testify/assert"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"

src/runtime/pkg/containerd-shim-v2/service.go

@@ -31,9 +31,9 @@ import (
 
 	"github.com/kata-containers/kata-containers/src/runtime/pkg/katautils"
 	"github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace"
+	"github.com/kata-containers/kata-containers/src/runtime/pkg/oci"
 	vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/compatoci"
-	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/oci"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types"
 )
 

src/runtime/pkg/containerd-shim-v2/utils.go

@@ -16,9 +16,9 @@ import (
 	"github.com/containerd/containerd/mount"
 	cdshim "github.com/containerd/containerd/runtime/v2/shim"
 	"github.com/kata-containers/kata-containers/src/runtime/pkg/katautils"
+	"github.com/kata-containers/kata-containers/src/runtime/pkg/oci"
 	vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/compatoci"
-	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/oci"
 )
 
 func cReap(s *service, status int, id, execid string, exitat time.Time) {

src/runtime/pkg/containerd-shim-v2/utils_test.go

@@ -16,8 +16,8 @@ import (
 	"github.com/stretchr/testify/assert"
 
 	ktu "github.com/kata-containers/kata-containers/src/runtime/pkg/katatestutils"
+	"github.com/kata-containers/kata-containers/src/runtime/pkg/oci"
 	vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers"
-	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/oci"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/vcmock"
 	"github.com/pkg/errors"
 )

src/runtime/pkg/containerd-shim-v2/wait.go

@@ -17,7 +17,7 @@ import (
 	"github.com/sirupsen/logrus"
 	"google.golang.org/grpc/codes"
 
-	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/oci"
+	"github.com/kata-containers/kata-containers/src/runtime/pkg/oci"
 )
 
 const defaultCheckInterval = 1 * time.Second

src/runtime/pkg/katautils/config.go

@@ -17,10 +17,10 @@ import (
 	"github.com/BurntSushi/toml"
 	govmmQemu "github.com/kata-containers/govmm/qemu"
 	"github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace"
+	"github.com/kata-containers/kata-containers/src/runtime/pkg/oci"
 	vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config"
 	exp "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/experimental"
-	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/oci"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils"
 	"github.com/sirupsen/logrus"
 )

src/runtime/pkg/katautils/config_test.go

@@ -19,8 +19,8 @@ import (
 	"testing"
 
 	ktu "github.com/kata-containers/kata-containers/src/runtime/pkg/katatestutils"
+	"github.com/kata-containers/kata-containers/src/runtime/pkg/oci"
 	vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers"
-	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/oci"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils"
 	"github.com/stretchr/testify/assert"
 )

src/runtime/pkg/katautils/create.go

@@ -14,9 +14,9 @@ import (
 	"strings"
 
 	"github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace"
+	"github.com/kata-containers/kata-containers/src/runtime/pkg/oci"
 	vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers"
 	vf "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/factory"
-	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/oci"
 	specs "github.com/opencontainers/runtime-spec/specs-go"
 )
 

src/runtime/pkg/katautils/create_test.go

@@ -19,9 +19,9 @@ import (
 	"testing"
 
 	ktu "github.com/kata-containers/kata-containers/src/runtime/pkg/katatestutils"
+	"github.com/kata-containers/kata-containers/src/runtime/pkg/oci"
 	vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/compatoci"
-	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/oci"
 	"github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/vcmock"
 	"github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/stretchr/testify/assert"

src/runtime/pkg/oci/utils_test_config.go

@@ -0,0 +1,134 @@
+// Copyright (c) 2017 Intel Corporation
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+package oci
+
+const minimalConfig = `
+{
+	"ociVersion": "1.0.0-rc1-dev",
+	"platform": {
+		"os": "linux",
+		"arch": "amd64"
+	},
+	"process": {
+		"terminal": true,
+		"user": {
+			"uid": 0,
+			"gid": 0,
+			"additionalGids":[10,29]
+		},
+		"args": [
+			"sh"
+		],
+		"env": [
+			"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
+			"TERM=xterm"
+		],
+		"cwd": "/",
+		"capabilities": [
+				"CAP_AUDIT_WRITE",
+				"CAP_KILL",
+				"CAP_NET_BIND_SERVICE"
+		],
+		"rlimits": [
+			{
+				"type": "RLIMIT_NOFILE",
+				"hard": 1024,
+				"soft": 1024
+			}
+		],
+		"noNewPrivileges": true
+	},
+	"root": {
+		"path": "rootfs",
+		"readonly": true
+	},
+	"hostname": "testHostname",
+	"mounts": [
+		{
+			"destination": "/proc",
+			"type": "proc",
+			"source": "proc"
+		},
+		{
+			"destination": "/dev",
+			"type": "tmpfs",
+			"source": "tmpfs",
+			"options": [
+				"nosuid",
+				"strictatime",
+				"mode=755",
+				"size=65536k"
+			]
+		},
+		{
+			"destination": "/dev/pts",
+			"type": "devpts",
+			"source": "devpts",
+			"options": [
+				"nosuid",
+				"noexec",
+				"newinstance",
+				"ptmxmode=0666",
+				"mode=0620",
+				"gid=5"
+			]
+		}
+	],
+	"hooks": {},
+	"linux": {
+		"devices": [
+				{
+					"gid": 0,
+					"major": 242,
+					"minor": 0,
+					"path": "/dev/vfio/17",
+					"type": "c",
+					"uid": 0
+				 }
+			],
+		"resources": {
+			"devices": [
+				{
+					"allow": false,
+					"access": "rwm"
+				}
+			]
+		},
+		"namespaces": [
+			{
+				"type": "pid"
+			},
+			{
+				"type": "network"
+			},
+			{
+				"type": "ipc"
+			},
+			{
+				"type": "uts"
+			},
+			{
+				"type": "mount"
+			}
+		],
+		"maskedPaths": [
+			"/proc/kcore",
+			"/proc/latency_stats",
+			"/proc/timer_list",
+			"/proc/timer_stats",
+			"/proc/sched_debug"
+		],
+		"readonlyPaths": [
+			"/proc/asound",
+			"/proc/bus",
+			"/proc/fs",
+			"/proc/irq",
+			"/proc/sys",
+			"/proc/sysrq-trigger"
+		]
+	}
+}
+`

src/runtime/pkg/uuid/uuid.go

@@ -0,0 +1,129 @@
+// Copyright (c) 2017 Intel Corporation
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+// Package uuid can be used to generate 128 bit UUIDs compatible with
+// rfc4122.  Currently, only version 4 UUIDs, UUIDs generated from random
+// data, can be created.  The package includes functions for generating
+// UUIDs and for converting them to and from strings.
+package uuid
+
+import (
+	"crypto/rand"
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"io"
+	"strconv"
+	"strings"
+)
+
+// UUID represents a single 128 bit UUID as an array of 16 bytes.
+type UUID [16]byte
+
+// UUIDRegex defines a pattern for validating UUIDs
+const UUIDRegex = "[a-fA-F0-9]{8}-?[a-fA-F0-9]{4}-?4[a-fA-F0-9]{3}-?[8|9|aA|bB][a-fA-F0-9]{3}-?[a-fA-F0-9]{12}"
+
+var (
+	// ErrUUIDInvalid indicates that a UIID is invalid.  Currently,
+	// returned by uuid.Parse if the string passed to this function
+	// does not contain a valid UUID.
+	ErrUUIDInvalid = errors.New("invalid uuid")
+)
+
+func encode4bytes(n uint64, b []byte) {
+	binary.BigEndian.PutUint32(b, uint32(n))
+}
+
+func encode2bytes(n uint64, b []byte) {
+	binary.BigEndian.PutUint16(b, uint16(n))
+}
+
+func encode1byte(n uint64, b []byte) {
+	b[0] = uint8(n)
+}
+
+func encode6bytes(n uint64, b []byte) {
+	d := make([]byte, 8)
+	binary.BigEndian.PutUint64(d, n)
+	copy(b, d[2:])
+}
+
+func stringToBE(s string, b []byte, f func(uint64, []byte)) error {
+	num, err := strconv.ParseUint(s, 16, len(s)*4)
+	if err != nil {
+		return ErrUUIDInvalid
+	}
+	f(num, b)
+	return nil
+}
+
+// Parse returns the binary encoding of the UUID passed in the s parameter.
+// The error ErrUUIDInvalid will be returned if s does not represent a valid
+// UUID.
+func Parse(s string) (UUID, error) {
+	var uuid UUID
+	var segmentSizes = [...]int{8, 4, 4, 4, 12}
+
+	segments := strings.Split(s, "-")
+	if len(segments) != len(segmentSizes) {
+		return uuid, ErrUUIDInvalid
+	}
+
+	for i, l := range segmentSizes {
+		if len(segments[i]) != l {
+			return uuid, ErrUUIDInvalid
+		}
+	}
+
+	if err := stringToBE(segments[0], uuid[:4], encode4bytes); err != nil {
+		return uuid, err
+	}
+	if err := stringToBE(segments[1], uuid[4:6], encode2bytes); err != nil {
+		return uuid, err
+	}
+	if err := stringToBE(segments[2], uuid[6:8], encode2bytes); err != nil {
+		return uuid, err
+	}
+	if err := stringToBE(segments[3][:2], uuid[8:9], encode1byte); err != nil {
+		return uuid, err
+	}
+	if err := stringToBE(segments[3][2:], uuid[9:10], encode1byte); err != nil {
+		return uuid, err
+	}
+	if err := stringToBE(segments[4], uuid[10:], encode6bytes); err != nil {
+		return uuid, err
+	}
+
+	return uuid, nil
+}
+
+// Generate generates a new v4 UUID, i.e., a random UUID.
+func Generate() UUID {
+	var u UUID
+
+	_, err := io.ReadFull(rand.Reader, u[:])
+	if err != nil {
+		panic(fmt.Errorf("Unable to read random data : %v", err))
+	}
+
+	u[6] = (u[6] & 0x0f) | 0x40
+	u[8] = (u[8] & 0x3f) | 0x80
+
+	return u
+}
+
+func (u UUID) String() string {
+	timeLow := binary.BigEndian.Uint32(u[:4])
+	timeMid := binary.BigEndian.Uint16(u[4:6])
+	timeHi := binary.BigEndian.Uint16(u[6:8])
+	clkSeqHi := u[8]
+	clkSeqLow := u[9]
+	buf := make([]byte, 8)
+	copy(buf[2:], u[10:])
+	node := binary.BigEndian.Uint64(buf)
+
+	return fmt.Sprintf("%08x-%04x-%04x-%02x%02x-%012x",
+		timeLow, timeMid, timeHi, clkSeqHi, clkSeqLow, node)
+}

src/runtime/pkg/uuid/uuid_test.go

@@ -0,0 +1,78 @@
+// Copyright (c) 2017 Intel Corporation
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+package uuid
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+// Test UUID parsing and string conversation.
+//
+// This test simply converts a set of strings to UUIDs and back again.
+//
+// The original strings and the strings generated from the UUIDs match.
+func TestUUID(t *testing.T) {
+	assert := assert.New(t)
+	testUUIDs := []string{
+		"f81d4fae-7dec-11d0-a765-00a0c91e6bf6",
+		"30dedd5c-48d9-45d3-8b44-f973e4f35e48",
+		"69e84267-ed01-4738-b15f-b47de06b62e7",
+		"e35ed972-c46c-4aad-a1e7-ef103ae079a2",
+		"eba04826-62a5-48bd-876f-9119667b1487",
+		"ca957444-fa46-11e5-94f9-38607786d9ec",
+		"ab68111c-03a6-11e6-87de-001320fb6e31",
+	}
+
+	for _, s := range testUUIDs {
+		uuid, err := Parse(s)
+		assert.NoError(err)
+		s2 := uuid.String()
+		assert.Equal(s, s2)
+	}
+}
+
+// Test UUID generation.
+//
+// This test generates 100 new UUIDs and then verifies that those UUIDs
+// can be parsed.
+//
+// The UUIDs are generated correctly, their version number is correct,
+// and they can be parsed.
+func TestGenUUID(t *testing.T) {
+	assert := assert.New(t)
+	for i := 0; i < 100; i++ {
+		u := Generate()
+		s := u.String()
+		assert.EqualValues(s[14], '4')
+		u2, err := Parse(s)
+		assert.NoError(err)
+		assert.Equal(u, u2)
+	}
+}
+
+// Test uuid.Parse on invalid input.
+//
+// This test attempts to parse a set of invalid UUIDs.
+//
+// uuid.Parse should return an error for each invalid UUID.
+func TestBadUUID(t *testing.T) {
+	badTestUUIDs := []string{
+		"",
+		"48d9-45d3-8b44-f973e4f35e48",
+		"69e8426--ed01-4738-b15f-b47de06b62e7",
+		"e35ed972-46c-4aad-a1e7-ef103ae079a2",
+		"sba04826-62a5-48bd-876f-9119667b1487",
+		"ca957444fa4611e594f938607786d9ec0000",
+		"ab68111c-03a6-11e6-87de-001320fb6e31a",
+	}
+
+	for _, s := range badTestUUIDs {
+		_, err := Parse(s)
+		assert.Error(t, err)
+	}
+}