From fc4a67eec31f3a3d0ab6900150b5b95f1f1e10c9 Mon Sep 17 00:00:00 2001 From: Zhongtao Hu Date: Fri, 2 Dec 2022 14:11:46 +0800 Subject: [PATCH 01/62] runtime-rs: enable vm hugepage support vm hugepage,set the hugetlbfs mount point as vm memory path Fixes:#5560 Signed-off-by: Zhongtao Hu --- src/runtime-rs/config/configuration-dragonball.toml.in | 8 ++++++++ src/runtime-rs/crates/hypervisor/src/dragonball/inner.rs | 9 ++++++++- .../crates/hypervisor/src/dragonball/vmm_instance.rs | 4 ++-- src/runtime-rs/crates/hypervisor/src/lib.rs | 7 +++++++ src/runtime-rs/crates/persist/src/lib.rs | 4 ++-- 5 files changed, 27 insertions(+), 5 deletions(-) diff --git a/src/runtime-rs/config/configuration-dragonball.toml.in b/src/runtime-rs/config/configuration-dragonball.toml.in index cb8d7aeee..ca1db2681 100644 --- a/src/runtime-rs/config/configuration-dragonball.toml.in +++ b/src/runtime-rs/config/configuration-dragonball.toml.in @@ -136,6 +136,14 @@ block_device_driver = "@DEFBLOCKSTORAGEDRIVER_DB@" # of shim, does not need an external virtiofsd process. shared_fs = "@DBSHAREDFS@" +# Enable huge pages for VM RAM, default false +# Enabling this will result in the VM memory +# being allocated using huge pages. +# This is useful when you want to use vhost-user network +# stacks within the container. This will automatically +# result in memory pre allocation +#enable_hugepages = true + [agent.@PROJECT_TYPE@] container_pipe_size=@PIPESIZE@ # If enabled, make the agent display debug-level messages. diff --git a/src/runtime-rs/crates/hypervisor/src/dragonball/inner.rs b/src/runtime-rs/crates/hypervisor/src/dragonball/inner.rs index 7db3f3278..17934a62b 100644 --- a/src/runtime-rs/crates/hypervisor/src/dragonball/inner.rs +++ b/src/runtime-rs/crates/hypervisor/src/dragonball/inner.rs @@ -7,7 +7,7 @@ use super::vmm_instance::VmmInstance; use crate::{ device::Device, hypervisor_persist::HypervisorState, kernel_param::KernelParams, VmmState, - HYPERVISOR_DRAGONBALL, VM_ROOTFS_DRIVER_BLK, + DEV_HUGEPAGES, HUGETLBFS, HYPERVISOR_DRAGONBALL, SHMEM, VM_ROOTFS_DRIVER_BLK, }; use anyhow::{anyhow, Context, Result}; use async_trait::async_trait; @@ -186,11 +186,18 @@ impl DragonballInner { fn set_vm_base_config(&mut self) -> Result<()> { let serial_path = [&self.run_dir, "console.sock"].join("/"); + let (mem_type, mem_file_path) = if self.config.memory_info.enable_hugepages { + (String::from(HUGETLBFS), String::from(DEV_HUGEPAGES)) + } else { + (String::from(SHMEM), String::from("")) + }; let vm_config = VmConfigInfo { serial_path: Some(serial_path), mem_size_mib: self.config.memory_info.default_memory as usize, vcpu_count: self.config.cpu_info.default_vcpus as u8, max_vcpu_count: self.config.cpu_info.default_maxvcpus as u8, + mem_type, + mem_file_path, ..Default::default() }; info!(sl!(), "vm config: {:?}", vm_config); diff --git a/src/runtime-rs/crates/hypervisor/src/dragonball/vmm_instance.rs b/src/runtime-rs/crates/hypervisor/src/dragonball/vmm_instance.rs index 70172c73a..00829ad4c 100644 --- a/src/runtime-rs/crates/hypervisor/src/dragonball/vmm_instance.rs +++ b/src/runtime-rs/crates/hypervisor/src/dragonball/vmm_instance.rs @@ -327,9 +327,9 @@ impl VmmInstance { } } } - return Err(anyhow::anyhow!( + Err(anyhow::anyhow!( "After {} attempts, it still doesn't work.", REQUEST_RETRY - )); + )) } } diff --git a/src/runtime-rs/crates/hypervisor/src/lib.rs b/src/runtime-rs/crates/hypervisor/src/lib.rs index 6b499d0ba..2aea25d10 100644 --- a/src/runtime-rs/crates/hypervisor/src/lib.rs +++ b/src/runtime-rs/crates/hypervisor/src/lib.rs @@ -26,6 +26,13 @@ use kata_types::config::hypervisor::Hypervisor as HypervisorConfig; // Config which driver to use as vm root dev const VM_ROOTFS_DRIVER_BLK: &str = "virtio-blk"; const VM_ROOTFS_DRIVER_PMEM: &str = "virtio-pmem"; +// before using hugepages for VM, we need to mount hugetlbfs +// /dev/hugepages will be the mount point +// mkdir -p /dev/hugepages +// mount -t hugetlbfs none /dev/hugepages +const DEV_HUGEPAGES: &str = "/dev/hugepages"; +pub const HUGETLBFS: &str = "hugetlbfs"; +const SHMEM: &str = "shmem"; pub const HYPERVISOR_DRAGONBALL: &str = "dragonball"; #[derive(PartialEq)] diff --git a/src/runtime-rs/crates/persist/src/lib.rs b/src/runtime-rs/crates/persist/src/lib.rs index ff61a2d4b..4ea073141 100644 --- a/src/runtime-rs/crates/persist/src/lib.rs +++ b/src/runtime-rs/crates/persist/src/lib.rs @@ -26,7 +26,7 @@ pub fn to_disk(value: &T, sid: &str) -> Result<()> { serde_json::to_writer_pretty(f, &j)?; return Ok(()); } - return Err(anyhow!("invalid sid {}", sid)); + Err(anyhow!("invalid sid {}", sid)) } pub fn from_disk(sid: &str) -> Result @@ -41,7 +41,7 @@ where let reader = BufReader::new(file); return serde_json::from_reader(reader).map_err(|e| anyhow!(e.to_string())); } - return Err(anyhow!("invalid sid {}", sid)); + Err(anyhow!("invalid sid {}", sid)) } #[cfg(test)] From afaf17f42371a8afb6da7756172c37f870ac6d2c Mon Sep 17 00:00:00 2001 From: Zhongtao Hu Date: Fri, 2 Dec 2022 14:16:39 +0800 Subject: [PATCH 02/62] runtime-rs: enable container hugepage enable the functionality of using hugepages in container Fixes: #5560 Signed-off-by: Zhongtao Hu --- src/libs/Cargo.lock | 8 + src/libs/kata-sys-util/src/mount.rs | 2 +- src/runtime-rs/Cargo.lock | 20 +- src/runtime-rs/crates/resource/Cargo.toml | 2 + src/runtime-rs/crates/resource/src/manager.rs | 4 +- .../crates/resource/src/manager_inner.rs | 4 +- .../crates/resource/src/share_fs/mod.rs | 1 + .../src/share_fs/virtio_fs_share_mount.rs | 2 +- .../crates/resource/src/volume/hugepage.rs | 223 ++++++++++++++++++ .../crates/resource/src/volume/mod.rs | 22 +- .../src/container_manager/container.rs | 3 +- 11 files changed, 279 insertions(+), 12 deletions(-) create mode 100644 src/runtime-rs/crates/resource/src/volume/hugepage.rs diff --git a/src/libs/Cargo.lock b/src/libs/Cargo.lock index 66090c19c..90423e002 100644 --- a/src/libs/Cargo.lock +++ b/src/libs/Cargo.lock @@ -40,6 +40,12 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" +[[package]] +name = "base64" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" + [[package]] name = "bitflags" version = "1.2.1" @@ -420,6 +426,8 @@ dependencies = [ name = "kata-types" version = "0.1.0" dependencies = [ + "anyhow", + "base64", "bitmask-enum", "byte-unit", "glob", diff --git a/src/libs/kata-sys-util/src/mount.rs b/src/libs/kata-sys-util/src/mount.rs index 61a80f150..d9064935b 100644 --- a/src/libs/kata-sys-util/src/mount.rs +++ b/src/libs/kata-sys-util/src/mount.rs @@ -62,7 +62,7 @@ use crate::sl; /// Default permission for directories created for mountpoint. const MOUNT_PERM: u32 = 0o755; -const PROC_MOUNTS_FILE: &str = "/proc/mounts"; +pub const PROC_MOUNTS_FILE: &str = "/proc/mounts"; const PROC_FIELDS_PER_LINE: usize = 6; const PROC_DEVICE_INDEX: usize = 0; const PROC_PATH_INDEX: usize = 1; diff --git a/src/runtime-rs/Cargo.lock b/src/runtime-rs/Cargo.lock index 5c436ca53..7fecc459f 100644 --- a/src/runtime-rs/Cargo.lock +++ b/src/runtime-rs/Cargo.lock @@ -329,6 +329,16 @@ version = "3.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "415301c9de11005d4b92193c0eb7ac7adc37e5a49e0ac9bed0a42343512744b8" +[[package]] +name = "byte-unit" +version = "4.0.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "581ad4b3d627b0c09a0ccb2912148f839acaca0b93cf54cbe42b6c674e86079c" +dependencies = [ + "serde", + "utf8-width", +] + [[package]] name = "byteorder" version = "1.4.3" @@ -1361,7 +1371,7 @@ dependencies = [ "anyhow", "base64", "bitmask-enum", - "byte-unit", + "byte-unit 3.1.4", "glob", "lazy_static", "num_cpus", @@ -2279,6 +2289,7 @@ dependencies = [ "anyhow", "async-trait", "bitflags", + "byte-unit 4.0.17", "cgroups-rs", "futures 0.3.21", "hypervisor", @@ -2299,6 +2310,7 @@ dependencies = [ "serde_json", "slog", "slog-scope", + "tempfile", "test-utils", "tokio", "uuid", @@ -2998,6 +3010,12 @@ dependencies = [ "percent-encoding", ] +[[package]] +name = "utf8-width" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5190c9442dcdaf0ddd50f37420417d219ae5261bbf5db120d0f9bab996c9cba1" + [[package]] name = "uuid" version = "0.4.0" diff --git a/src/runtime-rs/crates/resource/Cargo.toml b/src/runtime-rs/crates/resource/Cargo.toml index e39169f0e..f1957755c 100644 --- a/src/runtime-rs/crates/resource/Cargo.toml +++ b/src/runtime-rs/crates/resource/Cargo.toml @@ -7,11 +7,13 @@ license = "Apache-2.0" [dev-dependencies] test-utils = { path = "../../../libs/test-utils" } +tempfile = "3.2.0" [dependencies] anyhow = "^1.0" async-trait = "0.1.48" bitflags = "1.2.1" +byte-unit = "4.0.14" cgroups-rs = "0.2.9" futures = "0.3.11" lazy_static = "1.4.0" diff --git a/src/runtime-rs/crates/resource/src/manager.rs b/src/runtime-rs/crates/resource/src/manager.rs index 78b40380f..ef14a0e4d 100644 --- a/src/runtime-rs/crates/resource/src/manager.rs +++ b/src/runtime-rs/crates/resource/src/manager.rs @@ -78,10 +78,10 @@ impl ResourceManager { pub async fn handler_volumes( &self, cid: &str, - oci_mounts: &[oci::Mount], + spec: &oci::Spec, ) -> Result>> { let inner = self.inner.read().await; - inner.handler_volumes(cid, oci_mounts).await + inner.handler_volumes(cid, spec).await } pub async fn dump(&self) { diff --git a/src/runtime-rs/crates/resource/src/manager_inner.rs b/src/runtime-rs/crates/resource/src/manager_inner.rs index 791d76a37..d9e3816cb 100644 --- a/src/runtime-rs/crates/resource/src/manager_inner.rs +++ b/src/runtime-rs/crates/resource/src/manager_inner.rs @@ -214,10 +214,10 @@ impl ResourceManagerInner { pub async fn handler_volumes( &self, cid: &str, - oci_mounts: &[oci::Mount], + spec: &oci::Spec, ) -> Result>> { self.volume_resource - .handler_volumes(&self.share_fs, cid, oci_mounts) + .handler_volumes(&self.share_fs, cid, spec) .await } diff --git a/src/runtime-rs/crates/resource/src/share_fs/mod.rs b/src/runtime-rs/crates/resource/src/share_fs/mod.rs index 96f6dc32f..83942288c 100644 --- a/src/runtime-rs/crates/resource/src/share_fs/mod.rs +++ b/src/runtime-rs/crates/resource/src/share_fs/mod.rs @@ -15,6 +15,7 @@ use tokio::sync::Mutex; pub use utils::{do_get_guest_path, do_get_guest_share_path, get_host_rw_shared_path}; mod virtio_fs_share_mount; use virtio_fs_share_mount::VirtiofsShareMount; +pub use virtio_fs_share_mount::EPHEMERAL_PATH; use std::{collections::HashMap, fmt::Debug, path::PathBuf, sync::Arc}; diff --git a/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs b/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs index c1d999cfb..8627150a5 100644 --- a/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs +++ b/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs @@ -17,7 +17,7 @@ use std::path::Path; const WATCHABLE_PATH_NAME: &str = "watchable"; const WATCHABLE_BIND_DEV_TYPE: &str = "watchable-bind"; -const EPHEMERAL_PATH: &str = "/run/kata-containers/sandbox/ephemeral"; +pub const EPHEMERAL_PATH: &str = "/run/kata-containers/sandbox/ephemeral"; use super::{ utils::{self, do_get_host_path}, diff --git a/src/runtime-rs/crates/resource/src/volume/hugepage.rs b/src/runtime-rs/crates/resource/src/volume/hugepage.rs new file mode 100644 index 000000000..a827b2657 --- /dev/null +++ b/src/runtime-rs/crates/resource/src/volume/hugepage.rs @@ -0,0 +1,223 @@ +// Copyright (c) 2019-2022 Alibaba Cloud +// Copyright (c) 2019-2022 Ant Group +// +// SPDX-License-Identifier: Apache-2.0 +// + +use std::{ + collections::HashMap, + fs::File, + io::{BufRead, BufReader}, +}; + +use crate::share_fs::EPHEMERAL_PATH; +use agent::Storage; +use anyhow::{anyhow, Context, Ok, Result}; +use async_trait::async_trait; +use byte_unit::Byte; +use hypervisor::HUGETLBFS; +use kata_sys_util::{fs::get_base_name, mount::PROC_MOUNTS_FILE}; +use kata_types::mount::KATA_EPHEMERAL_VOLUME_TYPE; + +use super::{Volume, BIND}; + +type PageSize = Byte; +type Limit = u64; + +const NODEV: &str = "nodev"; + +// container hugepage +pub(crate) struct Hugepage { + // storage info + storage: Option, + // mount info + mount: oci::Mount, +} + +// handle hugepage +impl Hugepage { + pub(crate) fn new( + mount: &oci::Mount, + hugepage_limits_map: HashMap, + fs_options: Vec, + ) -> Result { + // Create mount option string + let page_size = get_page_size(fs_options).context("failed to get page size")?; + let option = hugepage_limits_map + .get(&page_size) + .map(|limit| format!("pagesize={},size={}", page_size.get_bytes(), limit)) + .context("failed to get hugepage option")?; + let base_name = get_base_name(mount.source.clone())? + .into_string() + .map_err(|e| anyhow!("failed to convert to string{:?}", e))?; + let mut mount = mount.clone(); + // Set the mount source path to a path that resides inside the VM + mount.source = format!("{}{}{}", EPHEMERAL_PATH, "/", base_name); + // Set the mount type to "bind" + mount.r#type = BIND.to_string(); + + // Create a storage struct so that kata agent is able to create + // hugetlbfs backed volume inside the VM + let storage = Storage { + driver: KATA_EPHEMERAL_VOLUME_TYPE.to_string(), + source: NODEV.to_string(), + fs_type: HUGETLBFS.to_string(), + mount_point: mount.source.clone(), + options: vec![option], + ..Default::default() + }; + Ok(Self { + storage: Some(storage), + mount, + }) + } +} + +#[async_trait] +impl Volume for Hugepage { + fn get_volume_mount(&self) -> Result> { + Ok(vec![self.mount.clone()]) + } + + fn get_storage(&self) -> Result> { + let s = if let Some(s) = self.storage.as_ref() { + vec![s.clone()] + } else { + vec![] + }; + Ok(s) + } + + async fn cleanup(&self) -> Result<()> { + Ok(()) + } +} + +pub(crate) fn get_huge_page_option(m: &oci::Mount) -> Result>> { + if m.source.is_empty() { + return Err(anyhow!("empty mount source")); + } + let file = File::open(PROC_MOUNTS_FILE).context("failed open file")?; + let reader = BufReader::new(file); + for line in reader.lines().flatten() { + let items: Vec<&str> = line.split(' ').collect(); + if m.source == items[1] && items[2] == HUGETLBFS { + let fs_options: Vec<&str> = items[3].split(',').collect(); + return Ok(Some( + fs_options + .iter() + .map(|&s| s.to_string()) + .collect::>(), + )); + } + } + Ok(None) +} + +// TODO add hugepage limit to sandbox memory once memory hotplug is enabled +// https://github.com/kata-containers/kata-containers/issues/5880 +pub(crate) fn get_huge_page_limits_map(spec: &oci::Spec) -> Result> { + let mut hugepage_limits_map: HashMap = HashMap::new(); + if let Some(l) = &spec.linux { + if let Some(r) = &l.resources { + let hugepage_limits = r.hugepage_limits.clone(); + for hugepage_limit in hugepage_limits { + // the pagesize send from oci spec is MB or GB, change it to Mi and Gi + let page_size = hugepage_limit.page_size.replace('B', "i"); + let page_size = Byte::from_str(page_size) + .context("failed to create Byte object from String")?; + hugepage_limits_map.insert(page_size, hugepage_limit.limit); + } + return Ok(hugepage_limits_map); + } + return Ok(hugepage_limits_map); + } + Ok(hugepage_limits_map) +} + +fn get_page_size(fs_options: Vec) -> Result { + for fs_option in fs_options { + if fs_option.starts_with("pagesize=") { + let page_size = fs_option + .strip_prefix("pagesize=") + // the parameters passed are in unit M or G, append i to be Mi and Gi + .map(|s| format!("{}i", s)) + .context("failed to strip prefix pagesize")?; + return Byte::from_str(page_size) + .map_err(|_| anyhow!("failed to convert string to byte")); + } + } + Err(anyhow!("failed to get page size")) +} + +#[cfg(test)] +mod tests { + + use std::{collections::HashMap, fs}; + + use crate::volume::hugepage::{get_page_size, HUGETLBFS, NODEV}; + + use super::{get_huge_page_limits_map, get_huge_page_option}; + use byte_unit::Byte; + use nix::mount::{mount, umount, MsFlags}; + use oci::{Linux, LinuxHugepageLimit, LinuxResources}; + use test_utils::skip_if_not_root; + + #[test] + fn test_get_huge_page_option() { + let format_sizes = ["1GB", "2MB"]; + let mut huge_page_limits: Vec = vec![]; + for format_size in format_sizes { + huge_page_limits.push(LinuxHugepageLimit { + page_size: format_size.to_string(), + limit: 100000, + }); + } + + let spec = oci::Spec { + linux: Some(Linux { + resources: Some(LinuxResources { + hugepage_limits: huge_page_limits, + ..Default::default() + }), + ..Default::default() + }), + ..Default::default() + }; + + assert!(get_huge_page_limits_map(&spec).is_ok()); + + let mut expect_res = HashMap::new(); + expect_res.insert(Byte::from_str("1Gi").ok().unwrap(), 100000); + expect_res.insert(Byte::from_str("2Mi").ok().unwrap(), 100000); + assert_eq!(get_huge_page_limits_map(&spec).unwrap(), expect_res); + } + + #[test] + fn test_get_huge_page_size() { + skip_if_not_root!(); + let format_sizes = ["1Gi", "2Mi"]; + for format_size in format_sizes { + let dir = tempfile::tempdir().unwrap(); + let dst = dir.path().join(format!("hugepages-{}", format_size)); + fs::create_dir_all(&dst).unwrap(); + mount( + Some(NODEV), + &dst, + Some(HUGETLBFS), + MsFlags::MS_NODEV, + Some(format!("pagesize={}", format_size).as_str()), + ) + .unwrap(); + let mount = oci::Mount { + source: dst.to_str().unwrap().to_string(), + ..Default::default() + }; + let option = get_huge_page_option(&mount).unwrap().unwrap(); + let page_size = get_page_size(option).unwrap(); + assert_eq!(page_size, Byte::from_str(format_size).unwrap()); + umount(&dst).unwrap(); + fs::remove_dir(&dst).unwrap(); + } + } +} diff --git a/src/runtime-rs/crates/resource/src/volume/mod.rs b/src/runtime-rs/crates/resource/src/volume/mod.rs index 684b76431..7a603c601 100644 --- a/src/runtime-rs/crates/resource/src/volume/mod.rs +++ b/src/runtime-rs/crates/resource/src/volume/mod.rs @@ -6,17 +6,20 @@ mod block_volume; mod default_volume; +pub mod hugepage; mod share_fs_volume; mod shm_volume; use async_trait::async_trait; -use std::{sync::Arc, vec::Vec}; - use anyhow::{Context, Result}; +use std::{sync::Arc, vec::Vec}; use tokio::sync::RwLock; use crate::share_fs::ShareFs; +use self::hugepage::{get_huge_page_limits_map, get_huge_page_option}; + +const BIND: &str = "bind"; #[async_trait] pub trait Volume: Send + Sync { fn get_volume_mount(&self) -> Result>; @@ -43,9 +46,11 @@ impl VolumeResource { &self, share_fs: &Option>, cid: &str, - oci_mounts: &[oci::Mount], + spec: &oci::Spec, ) -> Result>> { let mut volumes: Vec> = vec![]; + let oci_mounts = &spec.mounts; + // handle mounts for m in oci_mounts { let volume: Arc = if shm_volume::is_shim_volume(m) { let shm_size = shm_volume::DEFAULT_SHM_SIZE; @@ -59,6 +64,17 @@ impl VolumeResource { .await .with_context(|| format!("new share fs volume {:?}", m))?, ) + } else if let Some(options) = + get_huge_page_option(m).context("failed to check huge page")? + { + // get hugepage limits from oci + let hugepage_limits = + get_huge_page_limits_map(spec).context("get huge page option")?; + // handle container hugepage + Arc::new( + hugepage::Hugepage::new(m, hugepage_limits, options) + .with_context(|| format!("handle hugepages {:?}", m))?, + ) } else if block_volume::is_block_volume(m) { Arc::new( block_volume::BlockVolume::new(m) diff --git a/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container.rs b/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container.rs index ded8f0a45..54aa0ebbf 100644 --- a/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container.rs +++ b/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container.rs @@ -110,7 +110,7 @@ impl Container { // handler volumes let volumes = self .resource_manager - .handler_volumes(&config.container_id, &spec.mounts) + .handler_volumes(&config.container_id, &spec) .await .context("handler volumes")?; let mut oci_mounts = vec![]; @@ -394,7 +394,6 @@ fn amend_spec(spec: &mut oci::Spec, disable_guest_seccomp: bool) -> Result<()> { resource.devices = Vec::new(); resource.pids = None; resource.block_io = None; - resource.hugepage_limits = Vec::new(); resource.network = None; } From 087515a46e7da7cb202325566d481fe54a16dda1 Mon Sep 17 00:00:00 2001 From: James Tumber Date: Tue, 13 Dec 2022 14:02:25 +0000 Subject: [PATCH 03/62] agent: unset `CC` for cross-build When `HOST_ARCH` != `ARCH` unset `CC` Specifying a foreign CC is incompatible with building libgit2. Thus after the RUSTFLAGS linker has been set we can safely unset CC to avoid passing this value through the build. Fixes: #5890 Signed-off-by: James Tumber --- utils.mk | 1 + 1 file changed, 1 insertion(+) diff --git a/utils.mk b/utils.mk index a7d559d34..27768809c 100644 --- a/utils.mk +++ b/utils.mk @@ -169,6 +169,7 @@ ifneq ($(HOST_ARCH),$(ARCH)) $(warning "WARNING: A foreign ARCH was passed, but no CC alternative. Using gcc.") endif override EXTRA_RUSTFLAGS += -C linker=$(CC) + undefine CC endif TRIPLE = $(ARCH)-unknown-linux-$(LIBC) From ecb28e2b13f9ab3fecdafac5f5821e7e0948e56b Mon Sep 17 00:00:00 2001 From: Alex Carter Date: Wed, 14 Dec 2022 14:52:39 +0000 Subject: [PATCH 04/62] kernel: adding kmod to do docker env adding kmod to kernel building docker env to remove warning Fixes: #5866 Signed-off-by: Alex Carter --- tools/packaging/static-build/kernel/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/packaging/static-build/kernel/Dockerfile b/tools/packaging/static-build/kernel/Dockerfile index 2595a08e7..4ccf2c0df 100644 --- a/tools/packaging/static-build/kernel/Dockerfile +++ b/tools/packaging/static-build/kernel/Dockerfile @@ -16,6 +16,7 @@ RUN apt-get update && \ flex \ git \ iptables \ + kmod \ libelf-dev \ patch && \ if [ "$(uname -m)" = "s390x" ]; then apt-get install -y --no-install-recommends libssl-dev; fi && \ From 0e692079094dec4d5e67bf542a52a31ba065924c Mon Sep 17 00:00:00 2001 From: Xuewei Niu Date: Wed, 14 Dec 2022 11:32:00 +0800 Subject: [PATCH 05/62] runtime-rs: Clean up mount points shared to guest Fixed issues where shared volumes couldn't umount correctly. The rootfs of each container is cleaned up after the container is killed, except for `NydusRootfs`. `ShareFsRootfs::cleanup()` calls `VirtiofsShareMount::umount_rootfs()` to umount mount points shared to the guest, and umounts the bundle rootfs. Fixes: #5898 Signed-off-by: Xuewei Niu --- .../crates/resource/src/rootfs/mod.rs | 19 +++------ .../resource/src/rootfs/nydus_rootfs.rs | 28 ++++++++----- .../resource/src/rootfs/share_fs_rootfs.rs | 41 ++++++++++++++----- .../crates/resource/src/share_fs/mod.rs | 6 ++- .../src/share_fs/virtio_fs_share_mount.rs | 30 ++++++++++++-- .../resource/src/volume/share_fs_volume.rs | 13 +++--- .../src/container_manager/container_inner.rs | 22 +++++++++- 7 files changed, 112 insertions(+), 47 deletions(-) diff --git a/src/runtime-rs/crates/resource/src/rootfs/mod.rs b/src/runtime-rs/crates/resource/src/rootfs/mod.rs index 5f69dd465..b18085ed8 100644 --- a/src/runtime-rs/crates/resource/src/rootfs/mod.rs +++ b/src/runtime-rs/crates/resource/src/rootfs/mod.rs @@ -27,6 +27,7 @@ pub trait Rootfs: Send + Sync { async fn get_guest_rootfs_path(&self) -> Result; async fn get_rootfs_mount(&self) -> Result>; async fn get_storage(&self) -> Option; + async fn cleanup(&self) -> Result<()>; } #[derive(Default)] @@ -66,11 +67,10 @@ impl RootFsResource { // if rootfs_mounts is empty mounts_vec if mounts_vec.is_empty() => { if let Some(share_fs) = share_fs { - let share_fs_mount = share_fs.get_share_fs_mount(); // share fs rootfs Ok(Arc::new( share_fs_rootfs::ShareFsRootfs::new( - &share_fs_mount, + share_fs, cid, root.path.as_str(), None, @@ -86,25 +86,18 @@ impl RootFsResource { // Safe as single_layer_rootfs must have one layer let layer = &mounts_vec[0]; let rootfs: Arc = if let Some(share_fs) = share_fs { - let share_fs_mount = share_fs.get_share_fs_mount(); // nydus rootfs if layer.fs_type == NYDUS_ROOTFS_TYPE { Arc::new( - nydus_rootfs::NydusRootfs::new( - &share_fs_mount, - hypervisor, - sid, - cid, - layer, - ) - .await - .context("new nydus rootfs")?, + nydus_rootfs::NydusRootfs::new(share_fs, hypervisor, sid, cid, layer) + .await + .context("new nydus rootfs")?, ) } else { // share fs rootfs Arc::new( share_fs_rootfs::ShareFsRootfs::new( - &share_fs_mount, + share_fs, cid, bundle_path, Some(layer), diff --git a/src/runtime-rs/crates/resource/src/rootfs/nydus_rootfs.rs b/src/runtime-rs/crates/resource/src/rootfs/nydus_rootfs.rs index 68e5124cf..4fa095164 100644 --- a/src/runtime-rs/crates/resource/src/rootfs/nydus_rootfs.rs +++ b/src/runtime-rs/crates/resource/src/rootfs/nydus_rootfs.rs @@ -9,8 +9,8 @@ use super::{Rootfs, TYPE_OVERLAY_FS}; use crate::{ rootfs::{HYBRID_ROOTFS_LOWER_DIR, ROOTFS}, share_fs::{ - do_get_guest_path, do_get_guest_share_path, get_host_rw_shared_path, rafs_mount, - ShareFsMount, ShareFsRootfsConfig, PASSTHROUGH_FS_DIR, + do_get_guest_path, do_get_guest_share_path, get_host_rw_shared_path, rafs_mount, ShareFs, + ShareFsRootfsConfig, PASSTHROUGH_FS_DIR, }, }; use agent::Storage; @@ -36,16 +36,25 @@ pub(crate) struct NydusRootfs { impl NydusRootfs { pub async fn new( - share_fs_mount: &Arc, + share_fs: &Arc, h: &dyn Hypervisor, sid: &str, cid: &str, rootfs: &Mount, ) -> Result { + let share_fs = Arc::clone(share_fs); + let share_fs_mount = share_fs.get_share_fs_mount(); let extra_options = NydusExtraOptions::new(rootfs).context("failed to parse nydus extra options")?; info!(sl!(), "extra_option {:?}", &extra_options); let rafs_meta = &extra_options.source; + let config = ShareFsRootfsConfig { + cid: cid.to_string(), + source: extra_options.snapshot_dir.clone(), + target: SNAPSHOT_DIR.to_string(), + readonly: true, + is_rafs: false, + }; let (rootfs_storage, rootfs_guest_path) = match extra_options.fs_version.as_str() { // both nydus v5 and v6 can be handled by the builtin nydus in dragonball by using the rafs mode. // nydus v6 could also be handled by the guest kernel as well, but some kernel patch is not support in the upstream community. We will add an option to let runtime-rs handle nydus v6 in the guest kernel optionally once the patch is ready @@ -72,13 +81,7 @@ impl NydusRootfs { let rootfs_guest_path = do_get_guest_path(ROOTFS, cid, false, false); // bind mount the snapshot dir under the share directory share_fs_mount - .share_rootfs(ShareFsRootfsConfig { - cid: cid.to_string(), - source: extra_options.snapshot_dir.clone(), - target: SNAPSHOT_DIR.to_string(), - readonly: true, - is_rafs: false, - }) + .share_rootfs(config.clone()) .await .context("share nydus rootfs")?; let mut options: Vec = Vec::new(); @@ -143,4 +146,9 @@ impl Rootfs for NydusRootfs { async fn get_storage(&self) -> Option { Some(self.rootfs.clone()) } + + async fn cleanup(&self) -> Result<()> { + warn!(sl!(), "Cleaning up Nydus Rootfs is still unimplemented."); + Ok(()) + } } diff --git a/src/runtime-rs/crates/resource/src/rootfs/share_fs_rootfs.rs b/src/runtime-rs/crates/resource/src/rootfs/share_fs_rootfs.rs index e52642229..ee46de805 100644 --- a/src/runtime-rs/crates/resource/src/rootfs/share_fs_rootfs.rs +++ b/src/runtime-rs/crates/resource/src/rootfs/share_fs_rootfs.rs @@ -7,20 +7,22 @@ use agent::Storage; use anyhow::{Context, Result}; use async_trait::async_trait; -use kata_sys_util::mount::Mounter; +use kata_sys_util::mount::{umount_timeout, Mounter}; use kata_types::mount::Mount; use std::sync::Arc; use super::{Rootfs, ROOTFS}; -use crate::share_fs::{ShareFsMount, ShareFsRootfsConfig}; +use crate::share_fs::{ShareFs, ShareFsRootfsConfig}; pub(crate) struct ShareFsRootfs { guest_path: String, + share_fs: Arc, + config: ShareFsRootfsConfig, } impl ShareFsRootfs { pub async fn new( - share_fs_mount: &Arc, + share_fs: &Arc, cid: &str, bundle_path: &str, rootfs: Option<&Mount>, @@ -35,19 +37,25 @@ impl ShareFsRootfs { } else { bundle_path.to_string() }; + + let share_fs_mount = share_fs.get_share_fs_mount(); + let config = ShareFsRootfsConfig { + cid: cid.to_string(), + source: bundle_rootfs.to_string(), + target: ROOTFS.to_string(), + readonly: false, + is_rafs: false, + }; + let mount_result = share_fs_mount - .share_rootfs(ShareFsRootfsConfig { - cid: cid.to_string(), - source: bundle_rootfs.to_string(), - target: ROOTFS.to_string(), - readonly: false, - is_rafs: false, - }) + .share_rootfs(config.clone()) .await .context("share rootfs")?; Ok(ShareFsRootfs { guest_path: mount_result.guest_path, + share_fs: Arc::clone(share_fs), + config, }) } } @@ -65,4 +73,17 @@ impl Rootfs for ShareFsRootfs { async fn get_storage(&self) -> Option { None } + + async fn cleanup(&self) -> Result<()> { + // Umount the mount point shared to guest + let share_fs_mount = self.share_fs.get_share_fs_mount(); + share_fs_mount + .umount_rootfs(self.config.clone()) + .await + .context("umount shared rootfs")?; + + // Umount the bundle rootfs + umount_timeout(&self.config.source, 0).context("umount bundle rootfs")?; + Ok(()) + } } diff --git a/src/runtime-rs/crates/resource/src/share_fs/mod.rs b/src/runtime-rs/crates/resource/src/share_fs/mod.rs index 96f6dc32f..c6fbd73c7 100644 --- a/src/runtime-rs/crates/resource/src/share_fs/mod.rs +++ b/src/runtime-rs/crates/resource/src/share_fs/mod.rs @@ -47,7 +47,7 @@ pub trait ShareFs: Send + Sync { fn mounted_info_set(&self) -> Arc>>; } -#[derive(Debug)] +#[derive(Debug, Clone)] pub struct ShareFsRootfsConfig { // TODO: for nydus v5/v6 need to update ShareFsMount pub cid: String, @@ -127,7 +127,9 @@ pub trait ShareFsMount: Send + Sync { /// Downgrade to readonly permission async fn downgrade_to_ro(&self, file_name: &str) -> Result<()>; /// Umount the volume - async fn umount(&self, file_name: &str) -> Result<()>; + async fn umount_volume(&self, file_name: &str) -> Result<()>; + /// Umount the rootfs + async fn umount_rootfs(&self, config: ShareFsRootfsConfig) -> Result<()>; } pub fn new(id: &str, config: &SharedFsInfo) -> Result> { diff --git a/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs b/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs index c1d999cfb..2e49c47fd 100644 --- a/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs +++ b/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs @@ -194,10 +194,34 @@ impl ShareFsMount for VirtiofsShareMount { Ok(()) } - async fn umount(&self, file_name: &str) -> Result<()> { - let host_dest = do_get_host_path(file_name, &self.id, "", true, true); - umount_timeout(&host_dest, 0).context("Umount readwrite host dest")?; + async fn umount_volume(&self, file_name: &str) -> Result<()> { + let host_dest = do_get_host_path(file_name, &self.id, "", true, false); + umount_timeout(&host_dest, 0).context("umount volume")?; // Umount event will be propagated to ro directory + + // Remove the directory of mointpoint + if let Ok(md) = fs::metadata(&host_dest) { + if md.is_file() { + fs::remove_file(&host_dest).context("remove the volume mount point as a file")?; + } + if md.is_dir() { + fs::remove_dir(&host_dest).context("remove the volume mount point as a dir")?; + } + } + Ok(()) + } + + async fn umount_rootfs(&self, config: ShareFsRootfsConfig) -> Result<()> { + let host_dest = do_get_host_path(&config.target, &self.id, &config.cid, false, false); + umount_timeout(&host_dest, 0).context("umount rootfs")?; + + // Remove the directory of mointpoint + if let Ok(md) = fs::metadata(&host_dest) { + if md.is_dir() { + fs::remove_dir(&host_dest).context("remove the rootfs mount point as a dir")?; + } + } + Ok(()) } } diff --git a/src/runtime-rs/crates/resource/src/volume/share_fs_volume.rs b/src/runtime-rs/crates/resource/src/volume/share_fs_volume.rs index 794f775c4..38aad4cde 100644 --- a/src/runtime-rs/crates/resource/src/volume/share_fs_volume.rs +++ b/src/runtime-rs/crates/resource/src/volume/share_fs_volume.rs @@ -7,7 +7,7 @@ use std::{ path::{Path, PathBuf}, str::FromStr, - sync::{Arc, Weak}, + sync::Arc, }; use anyhow::{anyhow, Context, Result}; @@ -24,7 +24,7 @@ use kata_types::mount; // device nodes to the guest. // skip the volumes whose source had already set to guest share dir. pub(crate) struct ShareFsVolume { - share_fs: Option>, + share_fs: Option>, mounts: Vec, storages: Vec, } @@ -40,7 +40,7 @@ impl ShareFsVolume { let file_name = generate_mount_path("sandbox", file_name); let mut volume = Self { - share_fs: share_fs.as_ref().map(Arc::downgrade), + share_fs: share_fs.as_ref().map(Arc::clone), mounts: vec![], storages: vec![], }; @@ -161,10 +161,7 @@ impl Volume for ShareFsVolume { if self.share_fs.is_none() { return Ok(()); } - let share_fs = match self.share_fs.as_ref().unwrap().upgrade() { - Some(share_fs) => share_fs, - None => return Err(anyhow!("The share_fs was released unexpectedly")), - }; + let share_fs = self.share_fs.as_ref().unwrap(); let mounted_info_set = share_fs.mounted_info_set(); let mut mounted_info_set = mounted_info_set.lock().await; @@ -219,7 +216,7 @@ impl Volume for ShareFsVolume { mounted_info_set.remove(&host_source); // Umount the volume share_fs_mount - .umount(&file_name) + .umount_volume(&file_name) .await .context("Umount volume")? } diff --git a/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container_inner.rs b/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container_inner.rs index 4e694f2e4..5e1cbb398 100644 --- a/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container_inner.rs +++ b/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/container_inner.rs @@ -249,6 +249,7 @@ impl ContainerInner { .await?; self.clean_volumes().await.context("clean volumes")?; + self.clean_rootfs().await.context("clean rootfs")?; Ok(()) } @@ -279,7 +280,7 @@ impl ContainerInner { unhandled.push(Arc::clone(v)); warn!( sl!(), - "Failed to clean volume {:?}, error = {:?}", + "Failed to clean the volume = {:?}, error = {:?}", v.get_volume_mount(), err ); @@ -290,4 +291,23 @@ impl ContainerInner { } Ok(()) } + + async fn clean_rootfs(&mut self) -> Result<()> { + let mut unhandled = Vec::new(); + for rootfs in self.rootfs.iter() { + if let Err(err) = rootfs.cleanup().await { + unhandled.push(Arc::clone(rootfs)); + warn!( + sl!(), + "Failed to umount rootfs, cid = {:?}, error = {:?}", + self.container_id(), + err + ); + } + } + if !unhandled.is_empty() { + self.rootfs = unhandled; + } + Ok(()) + } } From fd77eebd4d783dadf4707e3074910eb3c97c33cb Mon Sep 17 00:00:00 2001 From: Xuewei Niu Date: Thu, 15 Dec 2022 11:22:03 +0800 Subject: [PATCH 06/62] runtime-rs: fix the issues mentioned in the code review In order to avoid cloning, changed the signature of `ShareFsMount::share_rootfs`, `ShareFsMount::share_volume`, and `ShareFsMount::umount_rootfs` to receive a reference to a config. Fixes: #5898 Signed-off-by: Xuewei Niu --- src/runtime-rs/Cargo.lock | 15 +++++++++++++++ .../resource/src/rootfs/nydus_rootfs.rs | 19 +++++++++---------- .../resource/src/rootfs/share_fs_rootfs.rs | 4 ++-- .../crates/resource/src/share_fs/mod.rs | 6 +++--- .../src/share_fs/virtio_fs_share_mount.rs | 8 ++++---- .../resource/src/volume/block_volume.rs | 1 + .../resource/src/volume/default_volume.rs | 1 + .../resource/src/volume/share_fs_volume.rs | 10 +++++----- .../crates/resource/src/volume/shm_volume.rs | 1 + 9 files changed, 41 insertions(+), 24 deletions(-) diff --git a/src/runtime-rs/Cargo.lock b/src/runtime-rs/Cargo.lock index 060f7a76f..90129b4c5 100644 --- a/src/runtime-rs/Cargo.lock +++ b/src/runtime-rs/Cargo.lock @@ -1223,6 +1223,7 @@ dependencies = [ "seccompiler", "serde", "serde_json", + "shim-interface", "slog", "slog-scope", "thiserror", @@ -1919,6 +1920,7 @@ dependencies = [ "safe-path", "serde", "serde_json", + "shim-interface", ] [[package]] @@ -2343,6 +2345,7 @@ dependencies = [ "logging", "oci", "persist", + "shim-interface", "slog", "slog-scope", "tokio", @@ -2474,6 +2477,7 @@ dependencies = [ "logging", "persist", "runtimes", + "shim-interface", "slog", "slog-scope", "tokio", @@ -2539,12 +2543,23 @@ dependencies = [ name = "shim-ctl" version = "0.1.0" dependencies = [ + "anyhow", "common", "logging", "runtimes", "tokio", ] +[[package]] +name = "shim-interface" +version = "0.1.0" +dependencies = [ + "anyhow", + "hyper", + "hyperlocal", + "tokio", +] + [[package]] name = "signal-hook-registry" version = "1.4.0" diff --git a/src/runtime-rs/crates/resource/src/rootfs/nydus_rootfs.rs b/src/runtime-rs/crates/resource/src/rootfs/nydus_rootfs.rs index 4fa095164..16f9c48dd 100644 --- a/src/runtime-rs/crates/resource/src/rootfs/nydus_rootfs.rs +++ b/src/runtime-rs/crates/resource/src/rootfs/nydus_rootfs.rs @@ -42,19 +42,11 @@ impl NydusRootfs { cid: &str, rootfs: &Mount, ) -> Result { - let share_fs = Arc::clone(share_fs); let share_fs_mount = share_fs.get_share_fs_mount(); let extra_options = NydusExtraOptions::new(rootfs).context("failed to parse nydus extra options")?; info!(sl!(), "extra_option {:?}", &extra_options); let rafs_meta = &extra_options.source; - let config = ShareFsRootfsConfig { - cid: cid.to_string(), - source: extra_options.snapshot_dir.clone(), - target: SNAPSHOT_DIR.to_string(), - readonly: true, - is_rafs: false, - }; let (rootfs_storage, rootfs_guest_path) = match extra_options.fs_version.as_str() { // both nydus v5 and v6 can be handled by the builtin nydus in dragonball by using the rafs mode. // nydus v6 could also be handled by the guest kernel as well, but some kernel patch is not support in the upstream community. We will add an option to let runtime-rs handle nydus v6 in the guest kernel optionally once the patch is ready @@ -81,7 +73,13 @@ impl NydusRootfs { let rootfs_guest_path = do_get_guest_path(ROOTFS, cid, false, false); // bind mount the snapshot dir under the share directory share_fs_mount - .share_rootfs(config.clone()) + .share_rootfs(&ShareFsRootfsConfig { + cid: cid.to_string(), + source: extra_options.snapshot_dir.clone(), + target: SNAPSHOT_DIR.to_string(), + readonly: true, + is_rafs: false, + }) .await .context("share nydus rootfs")?; let mut options: Vec = Vec::new(); @@ -148,7 +146,8 @@ impl Rootfs for NydusRootfs { } async fn cleanup(&self) -> Result<()> { - warn!(sl!(), "Cleaning up Nydus Rootfs is still unimplemented."); + // TODO: Clean up NydusRootfs after the container is killed + warn!(sl!(), "Cleaning up NydusRootfs is still unimplemented."); Ok(()) } } diff --git a/src/runtime-rs/crates/resource/src/rootfs/share_fs_rootfs.rs b/src/runtime-rs/crates/resource/src/rootfs/share_fs_rootfs.rs index ee46de805..b5d4136c1 100644 --- a/src/runtime-rs/crates/resource/src/rootfs/share_fs_rootfs.rs +++ b/src/runtime-rs/crates/resource/src/rootfs/share_fs_rootfs.rs @@ -48,7 +48,7 @@ impl ShareFsRootfs { }; let mount_result = share_fs_mount - .share_rootfs(config.clone()) + .share_rootfs(&config) .await .context("share rootfs")?; @@ -78,7 +78,7 @@ impl Rootfs for ShareFsRootfs { // Umount the mount point shared to guest let share_fs_mount = self.share_fs.get_share_fs_mount(); share_fs_mount - .umount_rootfs(self.config.clone()) + .umount_rootfs(&self.config) .await .context("umount shared rootfs")?; diff --git a/src/runtime-rs/crates/resource/src/share_fs/mod.rs b/src/runtime-rs/crates/resource/src/share_fs/mod.rs index c6fbd73c7..4865db17b 100644 --- a/src/runtime-rs/crates/resource/src/share_fs/mod.rs +++ b/src/runtime-rs/crates/resource/src/share_fs/mod.rs @@ -120,8 +120,8 @@ impl MountedInfo { #[async_trait] pub trait ShareFsMount: Send + Sync { - async fn share_rootfs(&self, config: ShareFsRootfsConfig) -> Result; - async fn share_volume(&self, config: ShareFsVolumeConfig) -> Result; + async fn share_rootfs(&self, config: &ShareFsRootfsConfig) -> Result; + async fn share_volume(&self, config: &ShareFsVolumeConfig) -> Result; /// Upgrade to readwrite permission async fn upgrade_to_rw(&self, file_name: &str) -> Result<()>; /// Downgrade to readonly permission @@ -129,7 +129,7 @@ pub trait ShareFsMount: Send + Sync { /// Umount the volume async fn umount_volume(&self, file_name: &str) -> Result<()>; /// Umount the rootfs - async fn umount_rootfs(&self, config: ShareFsRootfsConfig) -> Result<()>; + async fn umount_rootfs(&self, config: &ShareFsRootfsConfig) -> Result<()>; } pub fn new(id: &str, config: &SharedFsInfo) -> Result> { diff --git a/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs b/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs index 2e49c47fd..30d6a9336 100644 --- a/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs +++ b/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs @@ -38,7 +38,7 @@ impl VirtiofsShareMount { #[async_trait] impl ShareFsMount for VirtiofsShareMount { - async fn share_rootfs(&self, config: ShareFsRootfsConfig) -> Result { + async fn share_rootfs(&self, config: &ShareFsRootfsConfig) -> Result { // TODO: select virtiofs or support nydus let guest_path = utils::share_to_guest( &config.source, @@ -56,7 +56,7 @@ impl ShareFsMount for VirtiofsShareMount { }) } - async fn share_volume(&self, config: ShareFsVolumeConfig) -> Result { + async fn share_volume(&self, config: &ShareFsVolumeConfig) -> Result { let mut guest_path = utils::share_to_guest( &config.source, &config.target, @@ -103,7 +103,7 @@ impl ShareFsMount for VirtiofsShareMount { source: guest_path, fs_type: String::from("bind"), fs_group: None, - options: config.mount_options, + options: config.mount_options.clone(), mount_point: watchable_guest_mount.clone(), }; @@ -211,7 +211,7 @@ impl ShareFsMount for VirtiofsShareMount { Ok(()) } - async fn umount_rootfs(&self, config: ShareFsRootfsConfig) -> Result<()> { + async fn umount_rootfs(&self, config: &ShareFsRootfsConfig) -> Result<()> { let host_dest = do_get_host_path(&config.target, &self.id, &config.cid, false, false); umount_timeout(&host_dest, 0).context("umount rootfs")?; diff --git a/src/runtime-rs/crates/resource/src/volume/block_volume.rs b/src/runtime-rs/crates/resource/src/volume/block_volume.rs index 67d0bc7af..da8ef03f9 100644 --- a/src/runtime-rs/crates/resource/src/volume/block_volume.rs +++ b/src/runtime-rs/crates/resource/src/volume/block_volume.rs @@ -30,6 +30,7 @@ impl Volume for BlockVolume { } async fn cleanup(&self) -> Result<()> { + // TODO: Clean up BlockVolume warn!(sl!(), "Cleaning up BlockVolume is still unimplemented."); Ok(()) } diff --git a/src/runtime-rs/crates/resource/src/volume/default_volume.rs b/src/runtime-rs/crates/resource/src/volume/default_volume.rs index bc14ba959..8855a8e03 100644 --- a/src/runtime-rs/crates/resource/src/volume/default_volume.rs +++ b/src/runtime-rs/crates/resource/src/volume/default_volume.rs @@ -34,6 +34,7 @@ impl Volume for DefaultVolume { } async fn cleanup(&self) -> Result<()> { + // TODO: Clean up DefaultVolume warn!(sl!(), "Cleaning up DefaultVolume is still unimplemented."); Ok(()) } diff --git a/src/runtime-rs/crates/resource/src/volume/share_fs_volume.rs b/src/runtime-rs/crates/resource/src/volume/share_fs_volume.rs index 38aad4cde..95bc2edfb 100644 --- a/src/runtime-rs/crates/resource/src/volume/share_fs_volume.rs +++ b/src/runtime-rs/crates/resource/src/volume/share_fs_volume.rs @@ -112,7 +112,7 @@ impl ShareFsVolume { } else { // Not mounted ever let mount_result = share_fs_mount - .share_volume(ShareFsVolumeConfig { + .share_volume(&ShareFsVolumeConfig { // The scope of shared volume is sandbox cid: String::from(""), source: m.source.clone(), @@ -158,10 +158,10 @@ impl Volume for ShareFsVolume { } async fn cleanup(&self) -> Result<()> { - if self.share_fs.is_none() { - return Ok(()); - } - let share_fs = self.share_fs.as_ref().unwrap(); + let share_fs = match self.share_fs.as_ref() { + Some(fs) => fs, + None => return Ok(()), + }; let mounted_info_set = share_fs.mounted_info_set(); let mut mounted_info_set = mounted_info_set.lock().await; diff --git a/src/runtime-rs/crates/resource/src/volume/shm_volume.rs b/src/runtime-rs/crates/resource/src/volume/shm_volume.rs index 53f3addf8..5805106d2 100644 --- a/src/runtime-rs/crates/resource/src/volume/shm_volume.rs +++ b/src/runtime-rs/crates/resource/src/volume/shm_volume.rs @@ -100,6 +100,7 @@ impl Volume for ShmVolume { } async fn cleanup(&self) -> Result<()> { + // TODO: Clean up ShmVolume warn!(sl!(), "Cleaning up ShmVolume is still unimplemented."); Ok(()) } From 1bd533f10b003478dec80d4de1f99594335b99f1 Mon Sep 17 00:00:00 2001 From: Jianyong Wu Date: Sat, 17 Dec 2022 13:03:38 +0800 Subject: [PATCH 07/62] kata-ctl: let check framework arch-agnostic The current check framwork is specific for x86. Refactor the code to let it arch-agnostic. Fixes: #5923 Signed-off-by: Jianyong Wu --- src/tools/kata-ctl/src/arch/x86_64/mod.rs | 4 ++-- src/tools/kata-ctl/src/ops/check_ops.rs | 20 ++++++++++---------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/src/tools/kata-ctl/src/arch/x86_64/mod.rs b/src/tools/kata-ctl/src/arch/x86_64/mod.rs index fbd01cfd3..53413b2c5 100644 --- a/src/tools/kata-ctl/src/arch/x86_64/mod.rs +++ b/src/tools/kata-ctl/src/arch/x86_64/mod.rs @@ -25,8 +25,8 @@ mod arch_specific { perm: PermissionType::NonPrivileged, }]; - pub fn get_checks() -> &'static [CheckItem<'static>] { - CHECK_LIST + pub fn get_checks() -> Option<&'static [CheckItem<'static>]> { + Some(CHECK_LIST) } fn check_cpu(_args: &str) -> Result<()> { diff --git a/src/tools/kata-ctl/src/ops/check_ops.rs b/src/tools/kata-ctl/src/ops/check_ops.rs index 2890053cc..414e499fc 100644 --- a/src/tools/kata-ctl/src/ops/check_ops.rs +++ b/src/tools/kata-ctl/src/ops/check_ops.rs @@ -3,7 +3,7 @@ // SPDX-License-Identifier: Apache-2.0 // -use crate::arch::x86_64::get_checks; +use crate::arch::arch_specific::get_checks; use crate::args::{CheckArgument, CheckSubCommand, IptablesCommand, MetricsCommand}; @@ -19,11 +19,11 @@ const NAME: &str = "kata-ctl"; // This function retrieves the cmd function passes as argument fn get_builtin_check_func(name: CheckType) -> Result { - let check_list = get_checks(); - - for check in check_list { - if check.name.eq(&name) { - return Ok(check.fp); + if let Some(check_list) = get_checks() { + for check in check_list { + if check.name.eq(&name) { + return Ok(check.fp); + } } } @@ -42,10 +42,10 @@ fn handle_builtin_check(check: CheckType, args: &str) -> Result<()> { fn get_client_cmd_details() -> Vec { let mut cmds = Vec::new(); - let check_list = get_checks(); - - for cmd in check_list { - cmds.push(format!("{} ({}. Mode: {})", cmd.name, cmd.descr, cmd.perm)); + if let Some(check_list) = get_checks() { + for cmd in check_list { + cmds.push(format!("{} ({}. Mode: {})", cmd.name, cmd.descr, cmd.perm)); + } } cmds From 3480780bd8d9c50be9c89fe9742862f22b6565c4 Mon Sep 17 00:00:00 2001 From: Jianyong Wu Date: Sat, 17 Dec 2022 13:06:00 +0800 Subject: [PATCH 08/62] kata-ctl: add check framework support for non-x86 x86 changes the check framwork. Enable them for non-x86 accordingly. Fixes: #5923 Signed-off-by: Jianyong Wu --- src/tools/kata-ctl/src/arch/aarch64/mod.rs | 15 ++++++++++++++- src/tools/kata-ctl/src/arch/powerpc64le/mod.rs | 5 +++++ src/tools/kata-ctl/src/arch/s390x/mod.rs | 12 ++++++++++++ 3 files changed, 31 insertions(+), 1 deletion(-) diff --git a/src/tools/kata-ctl/src/arch/aarch64/mod.rs b/src/tools/kata-ctl/src/arch/aarch64/mod.rs index 314b3a137..0dc8692b5 100644 --- a/src/tools/kata-ctl/src/arch/aarch64/mod.rs +++ b/src/tools/kata-ctl/src/arch/aarch64/mod.rs @@ -7,12 +7,21 @@ pub use arch_specific::*; mod arch_specific { + use crate::types::*; use anyhow::Result; use std::path::Path; const KVM_DEV: &str = "/dev/kvm"; - pub fn check() -> Result<()> { + // List of check functions + static CHECK_LIST: &[CheckItem] = &[CheckItem { + name: CheckType::CheckCpu, + descr: "This parameter performs the host check", + fp: check, + perm: PermissionType::NonPrivileged, + }]; + + pub fn check(_args: &str) -> Result<()> { println!("INFO: check: aarch64"); if Path::new(KVM_DEV).exists() { println!("Kata Containers can run on this host\n"); @@ -22,4 +31,8 @@ mod arch_specific { Ok(()) } + + pub fn get_checks() -> Option<&'static [CheckItem<'static>]> { + Some(CHECK_LIST) + } } diff --git a/src/tools/kata-ctl/src/arch/powerpc64le/mod.rs b/src/tools/kata-ctl/src/arch/powerpc64le/mod.rs index a87ab02f8..6d8affaa1 100644 --- a/src/tools/kata-ctl/src/arch/powerpc64le/mod.rs +++ b/src/tools/kata-ctl/src/arch/powerpc64le/mod.rs @@ -3,6 +3,7 @@ // SPDX-License-Identifier: Apache-2.0 // +use crate::types::*; #[cfg(target_arch = "powerpc64le")] pub use arch_specific::*; @@ -12,4 +13,8 @@ mod arch_specific { pub fn check() -> Result<()> { unimplemented!("Check not implemented in powerpc64le"); } + + pub fn get_checks() -> Option<&'static [CheckItem<'static>]> { + None + } } diff --git a/src/tools/kata-ctl/src/arch/s390x/mod.rs b/src/tools/kata-ctl/src/arch/s390x/mod.rs index 20daa49dc..2eca0fbee 100644 --- a/src/tools/kata-ctl/src/arch/s390x/mod.rs +++ b/src/tools/kata-ctl/src/arch/s390x/mod.rs @@ -48,4 +48,16 @@ mod arch_specific { Ok(()) } + + // List of check functions + static CHECK_LIST: &[CheckItem] = &[CheckItem { + name: CheckType::CheckCpu, + descr: "This parameter performs the cpu check", + fp: check, + perm: PermissionType::NonPrivileged, + }]; + + pub fn get_checks() -> Option<&'static [CheckItem<'static>]> { + Some(CHECK_LIST) + } } From 0fe24e08bb2a80e96311e0b130cc4bbda8cf171c Mon Sep 17 00:00:00 2001 From: Bin Liu Date: Thu, 22 Dec 2022 14:56:06 +0800 Subject: [PATCH 09/62] packaging: fix indents in build-kernel.sh In the function get_kernel, the indents are two tabs, which should be 1 tab. Fixes: #5944 Signed-off-by: Bin Liu --- tools/packaging/kernel/build-kernel.sh | 48 +++++++++++++------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/tools/packaging/kernel/build-kernel.sh b/tools/packaging/kernel/build-kernel.sh index 16759fb6a..014e08359 100755 --- a/tools/packaging/kernel/build-kernel.sh +++ b/tools/packaging/kernel/build-kernel.sh @@ -151,36 +151,36 @@ get_kernel() { return fi - #Remove extra 'v' - version=${version#v} + #Remove extra 'v' + version=${version#v} - major_version=$(echo "${version}" | cut -d. -f1) - kernel_tarball="linux-${version}.tar.xz" + major_version=$(echo "${version}" | cut -d. -f1) + kernel_tarball="linux-${version}.tar.xz" - if [ ! -f sha256sums.asc ] || ! grep -q "${kernel_tarball}" sha256sums.asc; then - shasum_url="https://cdn.kernel.org/pub/linux/kernel/v${major_version}.x/sha256sums.asc" - info "Download kernel checksum file: sha256sums.asc from ${shasum_url}" - curl --fail -OL "${shasum_url}" - fi - grep "${kernel_tarball}" sha256sums.asc >"${kernel_tarball}.sha256" + if [ ! -f sha256sums.asc ] || ! grep -q "${kernel_tarball}" sha256sums.asc; then + shasum_url="https://cdn.kernel.org/pub/linux/kernel/v${major_version}.x/sha256sums.asc" + info "Download kernel checksum file: sha256sums.asc from ${shasum_url}" + curl --fail -OL "${shasum_url}" + fi + grep "${kernel_tarball}" sha256sums.asc >"${kernel_tarball}.sha256" - if [ -f "${kernel_tarball}" ] && ! sha256sum -c "${kernel_tarball}.sha256"; then - info "invalid kernel tarball ${kernel_tarball} removing " - rm -f "${kernel_tarball}" - fi - if [ ! -f "${kernel_tarball}" ]; then - info "Download kernel version ${version}" - info "Download kernel" - curl --fail -OL "https://www.kernel.org/pub/linux/kernel/v${major_version}.x/${kernel_tarball}" - else - info "kernel tarball already downloaded" - fi + if [ -f "${kernel_tarball}" ] && ! sha256sum -c "${kernel_tarball}.sha256"; then + info "invalid kernel tarball ${kernel_tarball} removing " + rm -f "${kernel_tarball}" + fi + if [ ! -f "${kernel_tarball}" ]; then + info "Download kernel version ${version}" + info "Download kernel" + curl --fail -OL "https://www.kernel.org/pub/linux/kernel/v${major_version}.x/${kernel_tarball}" + else + info "kernel tarball already downloaded" + fi - sha256sum -c "${kernel_tarball}.sha256" + sha256sum -c "${kernel_tarball}.sha256" - tar xf "${kernel_tarball}" + tar xf "${kernel_tarball}" - mv "linux-${version}" "${kernel_path}" + mv "linux-${version}" "${kernel_path}" } get_major_kernel_version() { From b4b5d8150e2fc234c3a04dcf69884db81737cdc6 Mon Sep 17 00:00:00 2001 From: Bin Liu Date: Thu, 22 Dec 2022 12:50:49 +0800 Subject: [PATCH 10/62] docs: remove old and misleading instructions for minikube Some instructions are old, delete them to prevent misleading. Fixes: #5942 Signed-off-by: Bin Liu --- docs/install/minikube-installation-guide.md | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/docs/install/minikube-installation-guide.md b/docs/install/minikube-installation-guide.md index 299e5fa59..c49e2bac9 100644 --- a/docs/install/minikube-installation-guide.md +++ b/docs/install/minikube-installation-guide.md @@ -71,12 +71,6 @@ To use containerd, modify the `--container-runtime` argument: > **Notes:** > - Adjust the `--memory 6144` line to suit your environment and requirements. Kata Containers default to > requesting 2048MB per container. We recommended you supply more than that to the Minikube node. -> - Prior to Minikube/Kubernetes v1.14, the beta `RuntimeClass` feature also needed enabling with -> the following. -> -> | what | why | -> | ---- | --- | -> | `--feature-gates=RuntimeClass=true` | Kata needs to use the `RuntimeClass` Kubernetes feature | The full command is therefore: @@ -138,17 +132,9 @@ $ kubectl -n kube-system exec ${podname} -- ps -ef | fgrep infinity ## Enabling Kata Containers -> **Note:** Only Minikube/Kubernetes versions <= 1.13 require this step. Since version -> v1.14, the `RuntimeClass` is enabled by default. Performing this step on Kubernetes > v1.14 is -> however benign. - Now you have installed the Kata Containers components in the Minikube node. Next, you need to configure Kubernetes `RuntimeClass` to know when to use Kata Containers to run a pod. -```sh -$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/node-api/master/manifests/runtimeclass_crd.yaml > runtimeclass_crd.yaml -``` - ### Register the runtime Now register the `kata qemu` runtime with that class. This should result in no errors: From 1dcbda3f0f9a43748e729f662557df686c0f9210 Mon Sep 17 00:00:00 2001 From: Bin Liu Date: Fri, 23 Dec 2022 15:06:50 +0800 Subject: [PATCH 11/62] kata-ctl: update Cargo.lock kata-ctl depends on runtime-rs, and this commit: https://github.com/kata-containers/kata-containers/commit/fbf294da3fe4545f8ad7c64d9e0b9d35c59ab65c added a new dependency named shim-interface, this Cargo.lock should be updated too. Signed-off-by: Bin Liu --- src/tools/kata-ctl/Cargo.lock | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/src/tools/kata-ctl/Cargo.lock b/src/tools/kata-ctl/Cargo.lock index 903465d49..e1c794294 100644 --- a/src/tools/kata-ctl/Cargo.lock +++ b/src/tools/kata-ctl/Cargo.lock @@ -1382,6 +1382,7 @@ dependencies = [ "seccompiler", "serde", "serde_json", + "shim-interface", "slog", "slog-scope", "thiserror", @@ -2188,6 +2189,7 @@ dependencies = [ "safe-path", "serde", "serde_json", + "shim-interface", ] [[package]] @@ -2717,6 +2719,7 @@ dependencies = [ "logging", "oci", "persist", + "shim-interface", "slog", "slog-scope", "tokio", @@ -2913,6 +2916,16 @@ dependencies = [ "digest", ] +[[package]] +name = "shim-interface" +version = "0.1.0" +dependencies = [ + "anyhow", + "hyper", + "hyperlocal", + "tokio", +] + [[package]] name = "signal-hook-registry" version = "1.4.0" From 03a0c9d78ee355a9b6e0f310f73f5f3e4f55159e Mon Sep 17 00:00:00 2001 From: Bin Liu Date: Fri, 23 Dec 2022 15:08:25 +0800 Subject: [PATCH 12/62] kata-ctl: skip test if access GitHub.com fail This commit will call `error_for_status` after `send`, this call will generate errors if status code between 400-499 and 500-599. And sometime access github.com will fail, in this case we can skip the test to prevent the CI failing. Fixes: #5948 Signed-off-by: Bin Liu --- src/tools/kata-ctl/src/check.rs | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/tools/kata-ctl/src/check.rs b/src/tools/kata-ctl/src/check.rs index 0d72d087d..28499da10 100644 --- a/src/tools/kata-ctl/src/check.rs +++ b/src/tools/kata-ctl/src/check.rs @@ -126,6 +126,7 @@ fn get_kata_all_releases_by_url() -> std::result::Result, reqwest:: .header(CONTENT_TYPE, JSON_TYPE) .header(USER_AGENT, USER_AGT) .send()? + .error_for_status()? .json()?; Ok(releases) } @@ -202,6 +203,7 @@ mod tests { .header(CONTENT_TYPE, JSON_TYPE) .header(USER_AGENT, USER_AGT) .send()? + .error_for_status()? .json::>()?; let version = content["tag_name"].as_str().unwrap(); @@ -254,7 +256,17 @@ mod tests { #[test] fn check_latest_version() { - let version = get_kata_version_by_url(KATA_GITHUB_URL).unwrap(); + let version = get_kata_version_by_url(KATA_GITHUB_URL); + // sometime in GitHub action accessing to github.com API may fail + // we can skip this test to prevent the whole test fail. + if version.is_err() { + println!( + "WARNING!!!\nget kata version failed({:?}), this maybe a temporary error, just skip the test.", + version.unwrap_err() + ); + return; + } + let version = version.unwrap(); let v = Version::parse(&version).unwrap(); assert!(!v.major.to_string().is_empty()); From 360506225808649a8ec71e14af2ccac63df9238b Mon Sep 17 00:00:00 2001 From: Zhongtao Hu Date: Fri, 23 Dec 2022 14:03:45 +0800 Subject: [PATCH 13/62] runtime-rs: add dbs-upcall feature add dbs-upcall feature to dragonball Fixes:#5949 Depends-on: github.com/kata-containers/tests#5355 Signed-off-by: Zhongtao Hu --- src/runtime-rs/Cargo.lock | 15 +++++++++++++++ src/runtime-rs/crates/hypervisor/Cargo.toml | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/src/runtime-rs/Cargo.lock b/src/runtime-rs/Cargo.lock index 90129b4c5..a7b3a186e 100644 --- a/src/runtime-rs/Cargo.lock +++ b/src/runtime-rs/Cargo.lock @@ -651,6 +651,20 @@ dependencies = [ "mio", ] +[[package]] +name = "dbs-upcall" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b2fa8b67657cd71779eaceea1b5fa989b62a1be629a07be8498417772e5a8d35" +dependencies = [ + "anyhow", + "dbs-utils", + "dbs-virtio-devices", + "log", + "thiserror", + "timerfd", +] + [[package]] name = "dbs-utils" version = "0.2.1" @@ -743,6 +757,7 @@ dependencies = [ "dbs-device", "dbs-interrupt", "dbs-legacy-devices", + "dbs-upcall", "dbs-utils", "dbs-virtio-devices", "kvm-bindings", diff --git a/src/runtime-rs/crates/hypervisor/Cargo.toml b/src/runtime-rs/crates/hypervisor/Cargo.toml index 7e49850a0..9c70f3914 100644 --- a/src/runtime-rs/crates/hypervisor/Cargo.toml +++ b/src/runtime-rs/crates/hypervisor/Cargo.toml @@ -30,6 +30,6 @@ kata-types = { path = "../../../libs/kata-types" } logging = { path = "../../../libs/logging" } shim-interface = { path = "../../../libs/shim-interface" } -dragonball = { path = "../../../dragonball", features = ["atomic-guest-memory", "virtio-vsock", "hotplug", "virtio-blk", "virtio-net", "virtio-fs"] } +dragonball = { path = "../../../dragonball", features = ["atomic-guest-memory", "virtio-vsock", "hotplug", "virtio-blk", "virtio-net", "virtio-fs","dbs-upcall"] } [features] From 85f9094f17c4dabd5a3179be54f67c0abe551467 Mon Sep 17 00:00:00 2001 From: Yushuo Date: Sun, 4 Dec 2022 16:24:49 +0800 Subject: [PATCH 14/62] agent: refactor guest hooks We have to execute some hooks both in host and guest. And in /libs/kata-sys-util/src/hooks.rs, the coomon operations are implemented. In this commit, we are going to refactor the code of guest hooks using code in /libs/kata-sys-util/src/hooks.rs. At the same time, we move function valid_env to kata-sys-util to make it usable by both agent and runtime. Fixes: #5857 Signed-off-by: Yushuo --- src/agent/Cargo.lock | 1 + src/agent/rustjail/Cargo.toml | 1 + src/agent/rustjail/src/container.rs | 342 ++----------------- src/libs/Cargo.lock | 8 + src/libs/kata-sys-util/src/hooks.rs | 6 +- src/libs/kata-sys-util/src/validate.rs | 66 ++++ src/tools/runk/Cargo.lock | 171 +++++++++- src/tools/runk/libcontainer/Cargo.toml | 1 + src/tools/runk/libcontainer/src/container.rs | 18 +- 9 files changed, 281 insertions(+), 333 deletions(-) diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index 4b351c5c6..3a251a2bd 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -1684,6 +1684,7 @@ dependencies = [ "cgroups-rs", "futures", "inotify", + "kata-sys-util", "lazy_static", "libc", "libseccomp", diff --git a/src/agent/rustjail/Cargo.toml b/src/agent/rustjail/Cargo.toml index 031175e86..8a0c413d2 100644 --- a/src/agent/rustjail/Cargo.toml +++ b/src/agent/rustjail/Cargo.toml @@ -11,6 +11,7 @@ serde_json = "1.0.39" serde_derive = "1.0.91" oci = { path = "../../libs/oci" } protocols = { path ="../../libs/protocols" } +kata-sys-util = { path = "../../libs/kata-sys-util" } caps = "0.5.0" nix = "0.24.2" scopeguard = "1.0.0" diff --git a/src/agent/rustjail/src/container.rs b/src/agent/rustjail/src/container.rs index de92adf4c..c869d274e 100644 --- a/src/agent/rustjail/src/container.rs +++ b/src/agent/rustjail/src/container.rs @@ -6,7 +6,7 @@ use anyhow::{anyhow, Context, Result}; use libc::pid_t; use oci::{ContainerState, LinuxDevice, LinuxIdMapping}; -use oci::{Hook, Linux, LinuxNamespace, LinuxResources, Spec}; +use oci::{Linux, LinuxNamespace, LinuxResources, Spec}; use std::clone::Clone; use std::ffi::CString; use std::fmt::Display; @@ -66,6 +66,9 @@ use rlimit::{setrlimit, Resource, Rlim}; use tokio::io::AsyncBufReadExt; use tokio::sync::Mutex; +use kata_sys_util::hooks::HookStates; +use kata_sys_util::validate::valid_env; + pub const EXEC_FIFO_FILENAME: &str = "exec.fifo"; const INIT: &str = "INIT"; @@ -1099,12 +1102,14 @@ impl BaseContainer for LinuxContainer { } } - if spec.hooks.is_some() { - info!(self.logger, "poststop"); - let hooks = spec.hooks.as_ref().unwrap(); - for h in hooks.poststop.iter() { - execute_hook(&self.logger, h, &st).await?; - } + // guest Poststop hook + // * should be executed after the container is deleted but before the delete operation returns + // * the executable file is in agent namespace + // * should also be executed in agent namespace. + if let Some(hooks) = spec.hooks.as_ref() { + info!(self.logger, "guest Poststop hook"); + let mut hook_states = HookStates::new(); + hook_states.execute_hooks(&hooks.poststop, Some(st))?; } self.status.transition(ContainerState::Stopped); @@ -1150,16 +1155,14 @@ impl BaseContainer for LinuxContainer { .ok_or_else(|| anyhow!("OCI spec was not found"))?; let st = self.oci_state()?; - // run poststart hook - if spec.hooks.is_some() { - info!(self.logger, "poststart hook"); - let hooks = spec - .hooks - .as_ref() - .ok_or_else(|| anyhow!("OCI hooks were not found"))?; - for h in hooks.poststart.iter() { - execute_hook(&self.logger, h, &st).await?; - } + // guest Poststart hook + // * should be executed after the container is started but before the delete operation returns + // * the executable file is in agent namespace + // * should also be executed in agent namespace. + if let Some(hooks) = spec.hooks.as_ref() { + info!(self.logger, "guest Poststart hook"); + let mut hook_states = HookStates::new(); + hook_states.execute_hooks(&hooks.poststart, Some(st))?; } unistd::close(fd)?; @@ -1380,13 +1383,14 @@ async fn join_namespaces( info!(logger, "get ready to run prestart hook!"); - // run prestart hook - if spec.hooks.is_some() { - info!(logger, "prestart hook"); - let hooks = spec.hooks.as_ref().unwrap(); - for h in hooks.prestart.iter() { - execute_hook(&logger, h, st).await?; - } + // guest Prestart hook + // * should be executed during the start operation, and before the container command is executed + // * the executable file is in agent namespace + // * should also be executed in agent namespace. + if let Some(hooks) = spec.hooks.as_ref() { + info!(logger, "guest Prestart hook"); + let mut hook_states = HookStates::new(); + hook_states.execute_hooks(&hooks.prestart, Some(st.clone()))?; } // notify child run prestart hooks completed @@ -1566,143 +1570,6 @@ fn set_sysctls(sysctls: &HashMap) -> Result<()> { Ok(()) } -use std::process::Stdio; -use std::time::Duration; -use tokio::io::{AsyncReadExt, AsyncWriteExt}; - -pub async fn execute_hook(logger: &Logger, h: &Hook, st: &OCIState) -> Result<()> { - let logger = logger.new(o!("action" => "execute-hook")); - - let binary = PathBuf::from(h.path.as_str()); - let path = binary.canonicalize()?; - if !path.exists() { - return Err(anyhow!("Path {:?} does not exist", path)); - } - - let mut args = h.args.clone(); - // the hook.args[0] is the hook binary name which shouldn't be included - // in the Command.args - if args.len() > 1 { - args.remove(0); - } - - // all invalid envs will be omitted, only valid envs will be passed to hook. - let env: HashMap<&str, &str> = h.env.iter().filter_map(|e| valid_env(e)).collect(); - - // Avoid the exit signal to be reaped by the global reaper. - let _wait_locker = WAIT_PID_LOCKER.lock().await; - let mut child = tokio::process::Command::new(path) - .args(args.iter()) - .envs(env.iter()) - .kill_on_drop(true) - .stdin(Stdio::piped()) - .stdout(Stdio::piped()) - .stderr(Stdio::piped()) - .spawn()?; - - // default timeout 10s - let mut timeout: u64 = 10; - - // if timeout is set if hook, then use the specified value - if let Some(t) = h.timeout { - if t > 0 { - timeout = t as u64; - } - } - - let state = serde_json::to_string(st)?; - let path = h.path.clone(); - - let join_handle = tokio::spawn(async move { - if let Some(mut stdin) = child.stdin.take() { - match stdin.write_all(state.as_bytes()).await { - Ok(_) => {} - Err(e) => { - info!(logger, "write to child stdin failed: {:?}", e); - } - } - } - - // read something from stdout and stderr for debug - if let Some(stdout) = child.stdout.as_mut() { - let mut out = String::new(); - match stdout.read_to_string(&mut out).await { - Ok(_) => { - info!(logger, "child stdout: {}", out.as_str()); - } - Err(e) => { - info!(logger, "read from child stdout failed: {:?}", e); - } - } - } - - let mut err = String::new(); - if let Some(stderr) = child.stderr.as_mut() { - match stderr.read_to_string(&mut err).await { - Ok(_) => { - info!(logger, "child stderr: {}", err.as_str()); - } - Err(e) => { - info!(logger, "read from child stderr failed: {:?}", e); - } - } - } - - match child.wait().await { - Ok(exit) => { - let code = exit - .code() - .ok_or_else(|| anyhow!("hook exit status has no status code"))?; - - if code != 0 { - error!( - logger, - "hook {} exit status is {}, error message is {}", &path, code, err - ); - return Err(anyhow!(nix::Error::UnknownErrno)); - } - - debug!(logger, "hook {} exit status is 0", &path); - Ok(()) - } - Err(e) => Err(anyhow!( - "wait child error: {} {}", - e, - e.raw_os_error().unwrap() - )), - } - }); - - match tokio::time::timeout(Duration::new(timeout, 0), join_handle).await { - Ok(r) => r.unwrap(), - Err(_) => Err(anyhow!(nix::Error::ETIMEDOUT)), - } -} - -// valid environment variables according to https://doc.rust-lang.org/std/env/fn.set_var.html#panics -fn valid_env(e: &str) -> Option<(&str, &str)> { - // wherther key or value will contain NULL char. - if e.as_bytes().contains(&b'\0') { - return None; - } - - let v: Vec<&str> = e.splitn(2, '=').collect(); - - // key can't hold an `equal` sign, but value can - if v.len() != 2 { - return None; - } - - let (key, value) = (v[0].trim(), v[1].trim()); - - // key can't be empty - if key.is_empty() { - return None; - } - - Some((key, value)) -} - #[cfg(test)] mod tests { use super::*; @@ -1713,7 +1580,6 @@ mod tests { use std::os::unix::io::AsRawFd; use tempfile::tempdir; use test_utils::skip_if_not_root; - use tokio::process::Command; macro_rules! sl { () => { @@ -1721,113 +1587,6 @@ mod tests { }; } - async fn which(cmd: &str) -> String { - let output: std::process::Output = Command::new("which") - .arg(cmd) - .output() - .await - .expect("which command failed to run"); - - match String::from_utf8(output.stdout) { - Ok(v) => v.trim_end_matches('\n').to_string(), - Err(e) => panic!("Invalid UTF-8 sequence: {}", e), - } - } - - #[tokio::test] - async fn test_execute_hook() { - let temp_file = "/tmp/test_execute_hook"; - - let touch = which("touch").await; - - defer!(fs::remove_file(temp_file).unwrap();); - let invalid_str = vec![97, b'\0', 98]; - let invalid_string = std::str::from_utf8(&invalid_str).unwrap(); - let invalid_env = format!("{}=value", invalid_string); - - execute_hook( - &slog_scope::logger(), - &Hook { - path: touch, - args: vec!["touch".to_string(), temp_file.to_string()], - env: vec![invalid_env], - timeout: Some(10), - }, - &OCIState { - version: "1.2.3".to_string(), - id: "321".to_string(), - status: ContainerState::Running, - pid: 2, - bundle: "".to_string(), - annotations: Default::default(), - }, - ) - .await - .unwrap(); - - assert_eq!(Path::new(&temp_file).exists(), true); - } - - #[tokio::test] - async fn test_execute_hook_with_error() { - let ls = which("ls").await; - - let res = execute_hook( - &slog_scope::logger(), - &Hook { - path: ls, - args: vec!["ls".to_string(), "/tmp/not-exist".to_string()], - env: vec![], - timeout: None, - }, - &OCIState { - version: "1.2.3".to_string(), - id: "321".to_string(), - status: ContainerState::Running, - pid: 2, - bundle: "".to_string(), - annotations: Default::default(), - }, - ) - .await; - - let expected_err = nix::Error::UnknownErrno; - assert_eq!( - res.unwrap_err().downcast::().unwrap(), - expected_err - ); - } - - #[tokio::test] - async fn test_execute_hook_with_timeout() { - let sleep = which("sleep").await; - - let res = execute_hook( - &slog_scope::logger(), - &Hook { - path: sleep, - args: vec!["sleep".to_string(), "2".to_string()], - env: vec![], - timeout: Some(1), - }, - &OCIState { - version: "1.2.3".to_string(), - id: "321".to_string(), - status: ContainerState::Running, - pid: 2, - bundle: "".to_string(), - annotations: Default::default(), - }, - ) - .await; - - let expected_err = nix::Error::ETIMEDOUT; - assert_eq!( - res.unwrap_err().downcast::().unwrap(), - expected_err - ); - } - #[test] fn test_status_transtition() { let mut status = ContainerStatus::new(); @@ -2167,49 +1926,4 @@ mod tests { let ret = do_init_child(std::io::stdin().as_raw_fd()); assert!(ret.is_err(), "Expecting Err, Got {:?}", ret); } - - #[test] - fn test_valid_env() { - let env = valid_env("a=b=c"); - assert_eq!(Some(("a", "b=c")), env); - - let env = valid_env("a=b"); - assert_eq!(Some(("a", "b")), env); - let env = valid_env("a =b"); - assert_eq!(Some(("a", "b")), env); - - let env = valid_env(" a =b"); - assert_eq!(Some(("a", "b")), env); - - let env = valid_env("a= b"); - assert_eq!(Some(("a", "b")), env); - - let env = valid_env("a=b "); - assert_eq!(Some(("a", "b")), env); - let env = valid_env("a=b c "); - assert_eq!(Some(("a", "b c")), env); - - let env = valid_env("=b"); - assert_eq!(None, env); - - let env = valid_env("a="); - assert_eq!(Some(("a", "")), env); - - let env = valid_env("a=="); - assert_eq!(Some(("a", "=")), env); - - let env = valid_env("a"); - assert_eq!(None, env); - - let invalid_str = vec![97, b'\0', 98]; - let invalid_string = std::str::from_utf8(&invalid_str).unwrap(); - - let invalid_env = format!("{}=value", invalid_string); - let env = valid_env(&invalid_env); - assert_eq!(None, env); - - let invalid_env = format!("key={}", invalid_string); - let env = valid_env(&invalid_env); - assert_eq!(None, env); - } } diff --git a/src/libs/Cargo.lock b/src/libs/Cargo.lock index 66090c19c..90423e002 100644 --- a/src/libs/Cargo.lock +++ b/src/libs/Cargo.lock @@ -40,6 +40,12 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" +[[package]] +name = "base64" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" + [[package]] name = "bitflags" version = "1.2.1" @@ -420,6 +426,8 @@ dependencies = [ name = "kata-types" version = "0.1.0" dependencies = [ + "anyhow", + "base64", "bitmask-enum", "byte-unit", "glob", diff --git a/src/libs/kata-sys-util/src/hooks.rs b/src/libs/kata-sys-util/src/hooks.rs index 78e3ae662..8a36e606e 100644 --- a/src/libs/kata-sys-util/src/hooks.rs +++ b/src/libs/kata-sys-util/src/hooks.rs @@ -13,6 +13,7 @@ use std::time::Duration; use subprocess::{ExitStatus, Popen, PopenConfig, PopenError, Redirection}; +use crate::validate::valid_env; use crate::{eother, sl}; const DEFAULT_HOOK_TIMEOUT_SEC: i32 = 10; @@ -206,9 +207,8 @@ impl<'a> HookExecutor<'a> { let mut envs: Vec<(OsString, OsString)> = Vec::new(); for e in hook.env.iter() { - match e.split_once('=') { - Some((key, value)) => envs.push((OsString::from(key), OsString::from(value))), - None => warn!(sl!(), "env {} of hook {:?} is invalid", e, hook), + if let Some((key, value)) = valid_env(e) { + envs.push((OsString::from(key), OsString::from(value))); } } diff --git a/src/libs/kata-sys-util/src/validate.rs b/src/libs/kata-sys-util/src/validate.rs index 0847398ce..8348b0eb5 100644 --- a/src/libs/kata-sys-util/src/validate.rs +++ b/src/libs/kata-sys-util/src/validate.rs @@ -34,6 +34,27 @@ pub fn verify_id(id: &str) -> Result<(), Error> { } } +// check and reserve valid environment variables +// invalid env var may cause panic, refer to https://doc.rust-lang.org/std/env/fn.set_var.html#panics +// key should not: +// * contain NUL character '\0' +// * contain ASCII equal sign '=' +// * be empty +// value should not: +// * contain NUL character '\0' +pub fn valid_env(e: &str) -> Option<(&str, &str)> { + // split the env str by '=' at the first time to ensure there is no '=' in key, + // and also to ensure there is at least '=' in env str + if let Some((key, value)) = e.split_once('=') { + if !key.is_empty() && !key.as_bytes().contains(&b'\0') && !value.as_bytes().contains(&b'\0') + { + return Some((key.trim(), value.trim())); + } + } + + None +} + #[cfg(test)] mod tests { use super::*; @@ -264,4 +285,49 @@ mod tests { } } } + + #[test] + fn test_valid_env() { + let env = valid_env("a=b=c"); + assert_eq!(Some(("a", "b=c")), env); + + let env = valid_env("a=b"); + assert_eq!(Some(("a", "b")), env); + let env = valid_env("a =b"); + assert_eq!(Some(("a", "b")), env); + + let env = valid_env(" a =b"); + assert_eq!(Some(("a", "b")), env); + + let env = valid_env("a= b"); + assert_eq!(Some(("a", "b")), env); + + let env = valid_env("a=b "); + assert_eq!(Some(("a", "b")), env); + let env = valid_env("a=b c "); + assert_eq!(Some(("a", "b c")), env); + + let env = valid_env("=b"); + assert_eq!(None, env); + + let env = valid_env("a="); + assert_eq!(Some(("a", "")), env); + + let env = valid_env("a=="); + assert_eq!(Some(("a", "=")), env); + + let env = valid_env("a"); + assert_eq!(None, env); + + let invalid_str = vec![97, b'\0', 98]; + let invalid_string = std::str::from_utf8(&invalid_str).unwrap(); + + let invalid_env = format!("{}=value", invalid_string); + let env = valid_env(&invalid_env); + assert_eq!(None, env); + + let invalid_env = format!("key={}", invalid_string); + let env = valid_env(&invalid_env); + assert_eq!(None, env); + } } diff --git a/src/tools/runk/Cargo.lock b/src/tools/runk/Cargo.lock index fb22c2845..6c498c328 100644 --- a/src/tools/runk/Cargo.lock +++ b/src/tools/runk/Cargo.lock @@ -139,6 +139,12 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" +[[package]] +name = "base64" +version = "0.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" + [[package]] name = "bit-vec" version = "0.6.3" @@ -151,6 +157,22 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +[[package]] +name = "bitmask-enum" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd9e32d7420c85055e8107e5b2463c4eeefeaac18b52359fe9f9c08a18f342b2" +dependencies = [ + "quote", + "syn", +] + +[[package]] +name = "byte-unit" +version = "3.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "415301c9de11005d4b92193c0eb7ac7adc37e5a49e0ac9bed0a42343512744b8" + [[package]] name = "byteorder" version = "1.4.3" @@ -274,6 +296,12 @@ dependencies = [ "os_str_bytes", ] +[[package]] +name = "common-path" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2382f75942f4b3be3690fe4f86365e9c853c1587d6ee58212cebf6e2a9ccd101" + [[package]] name = "concurrent-queue" version = "1.2.4" @@ -474,6 +502,17 @@ version = "2.5.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0206175f82b8d6bf6652ff7d71a1e27fd2e4efde587fd368662814d6ec1d9ce0" +[[package]] +name = "fail" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fe5e43d0f78a42ad591453aedb1d7ae631ce7ee445c7643691055a9ed8d3b01c" +dependencies = [ + "log", + "once_cell", + "rand 0.8.5", +] + [[package]] name = "fastrand" version = "1.7.0" @@ -609,6 +648,17 @@ dependencies = [ "slab", ] +[[package]] +name = "getrandom" +version = "0.1.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce" +dependencies = [ + "cfg-if 1.0.0", + "libc", + "wasi 0.9.0+wasi-snapshot-preview1", +] + [[package]] name = "getrandom" version = "0.2.7" @@ -620,6 +670,12 @@ dependencies = [ "wasi 0.11.0+wasi-snapshot-preview1", ] +[[package]] +name = "glob" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" + [[package]] name = "hashbrown" version = "0.11.2" @@ -724,6 +780,50 @@ version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1aab8fc367588b89dcee83ab0fd66b72b50b72fa1904d7095045ace2b0c81c35" +[[package]] +name = "kata-sys-util" +version = "0.1.0" +dependencies = [ + "byteorder", + "cgroups-rs", + "chrono", + "common-path", + "fail", + "kata-types", + "lazy_static", + "libc", + "nix 0.24.2", + "oci", + "once_cell", + "rand 0.7.3", + "serde_json", + "slog", + "slog-scope", + "subprocess", + "thiserror", +] + +[[package]] +name = "kata-types" +version = "0.1.0" +dependencies = [ + "anyhow", + "base64", + "bitmask-enum", + "byte-unit", + "glob", + "lazy_static", + "num_cpus", + "oci", + "regex", + "serde", + "serde_json", + "slog", + "slog-scope", + "thiserror", + "toml", +] + [[package]] name = "lazy_static" version = "1.4.0" @@ -744,6 +844,7 @@ dependencies = [ "cgroups-rs", "chrono", "derive_builder", + "kata-sys-util", "libc", "logging", "nix 0.23.1", @@ -1232,6 +1333,19 @@ dependencies = [ "proc-macro2", ] +[[package]] +name = "rand" +version = "0.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" +dependencies = [ + "getrandom 0.1.16", + "libc", + "rand_chacha 0.2.2", + "rand_core 0.5.1", + "rand_hc", +] + [[package]] name = "rand" version = "0.8.5" @@ -1239,8 +1353,18 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" dependencies = [ "libc", - "rand_chacha", - "rand_core", + "rand_chacha 0.3.1", + "rand_core 0.6.3", +] + +[[package]] +name = "rand_chacha" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" +dependencies = [ + "ppv-lite86", + "rand_core 0.5.1", ] [[package]] @@ -1250,7 +1374,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" dependencies = [ "ppv-lite86", - "rand_core", + "rand_core 0.6.3", +] + +[[package]] +name = "rand_core" +version = "0.5.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" +dependencies = [ + "getrandom 0.1.16", ] [[package]] @@ -1259,7 +1392,16 @@ version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" dependencies = [ - "getrandom", + "getrandom 0.2.7", +] + +[[package]] +name = "rand_hc" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" +dependencies = [ + "rand_core 0.5.1", ] [[package]] @@ -1277,7 +1419,7 @@ version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b033d837a7cf162d7993aded9304e30a83213c648b6e389db233191f891e5c2b" dependencies = [ - "getrandom", + "getrandom 0.2.7", "redox_syscall", "thiserror", ] @@ -1368,6 +1510,7 @@ dependencies = [ "cgroups-rs", "futures", "inotify", + "kata-sys-util", "lazy_static", "libc", "libseccomp", @@ -1557,6 +1700,16 @@ version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" +[[package]] +name = "subprocess" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c2e86926081dda636c546d8c5e641661049d7562a68f5488be4a1f7f66f6086" +dependencies = [ + "libc", + "winapi", +] + [[package]] name = "syn" version = "1.0.91" @@ -1834,6 +1987,12 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9d5b2c62b4012a3e1eca5a7e077d13b3bf498c4073e33ccd58626607748ceeca" +[[package]] +name = "wasi" +version = "0.9.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" + [[package]] name = "wasi" version = "0.10.0+wasi-snapshot-preview1" @@ -2010,7 +2169,7 @@ dependencies = [ "nix 0.23.1", "once_cell", "ordered-stream", - "rand", + "rand 0.8.5", "serde", "serde_repr", "sha1", diff --git a/src/tools/runk/libcontainer/Cargo.toml b/src/tools/runk/libcontainer/Cargo.toml index 0db70d3d1..5c92a5b97 100644 --- a/src/tools/runk/libcontainer/Cargo.toml +++ b/src/tools/runk/libcontainer/Cargo.toml @@ -9,6 +9,7 @@ edition = "2018" [dependencies] rustjail = { path = "../../../agent/rustjail", features = ["standard-oci-runtime"] } oci = { path = "../../../libs/oci" } +kata-sys-util = { path = "../../../libs/kata-sys-util" } logging = { path = "../../../libs/logging" } derive_builder = "0.10.2" libc = "0.2.108" diff --git a/src/tools/runk/libcontainer/src/container.rs b/src/tools/runk/libcontainer/src/container.rs index 20bad5d82..1bc8307cf 100644 --- a/src/tools/runk/libcontainer/src/container.rs +++ b/src/tools/runk/libcontainer/src/container.rs @@ -19,18 +19,20 @@ use oci::{ContainerState, State as OCIState}; use procfs; use rustjail::cgroups::fs::Manager as CgroupManager; use rustjail::{ - container::{self, BaseContainer, LinuxContainer, EXEC_FIFO_FILENAME}, + container::{BaseContainer, LinuxContainer, EXEC_FIFO_FILENAME}, process::{Process, ProcessOperations}, specconv::CreateOpts, }; use scopeguard::defer; -use slog::{debug, Logger}; +use slog::{debug, info, Logger}; use std::{ env::current_dir, fs, path::{Path, PathBuf}, }; +use kata_sys_util::hooks::HookStates; + pub const CONFIG_FILE_NAME: &str = "config.json"; #[derive(Debug, Copy, Clone, PartialEq)] @@ -139,14 +141,10 @@ impl Container { annotations: spec.annotations.clone(), }; - if spec.hooks.is_some() { - let hooks = spec - .hooks - .as_ref() - .ok_or_else(|| anyhow!("hooks config was not present"))?; - for h in hooks.poststop.iter() { - container::execute_hook(logger, h, &oci_state).await?; - } + if let Some(hooks) = spec.hooks.as_ref() { + info!(&logger, "Poststop Hooks"); + let mut poststop_hookstates = HookStates::new(); + poststop_hookstates.execute_hooks(&hooks.poststop, Some(oci_state.clone()))?; } match oci_state.status { From 2b02e0a9bf3e76250fb31c369960377303f18ad8 Mon Sep 17 00:00:00 2001 From: wllenyj Date: Wed, 18 May 2022 00:21:46 +0800 Subject: [PATCH 15/62] dragonball: add more unit test for vcpu manager Added more unit tests for Vcpu Manager. Fixes: #4899 Signed-off-by: wllenyj --- src/dragonball/src/vcpu/vcpu_manager.rs | 375 ++++++++++++++++++++++++ 1 file changed, 375 insertions(+) diff --git a/src/dragonball/src/vcpu/vcpu_manager.rs b/src/dragonball/src/vcpu/vcpu_manager.rs index 51a790c4d..22c90f2e2 100644 --- a/src/dragonball/src/vcpu/vcpu_manager.rs +++ b/src/dragonball/src/vcpu/vcpu_manager.rs @@ -1041,3 +1041,378 @@ impl MutEventSubscriber for VcpuEpollHandler { ops.add(Events::new(&self.eventfd, EventSet::IN)).unwrap(); } } + +#[cfg(test)] +mod tests { + use std::os::unix::io::AsRawFd; + use std::sync::{Arc, RwLock}; + + use dbs_utils::epoll_manager::EpollManager; + #[cfg(feature = "hotplug")] + use dbs_virtio_devices::vsock::backend::VsockInnerBackend; + use seccompiler::BpfProgram; + use test_utils::skip_if_not_root; + use vmm_sys_util::eventfd::EventFd; + + use super::*; + use crate::api::v1::InstanceInfo; + use crate::vcpu::vcpu_impl::tests::{EmulationCase, EMULATE_RES}; + use crate::vm::{CpuTopology, Vm, VmConfigInfo}; + + fn get_vm() -> Vm { + let instance_info = Arc::new(RwLock::new(InstanceInfo::default())); + let epoll_manager = EpollManager::default(); + std::thread::sleep(std::time::Duration::from_millis(200)); + let mut vm = Vm::new(None, instance_info, epoll_manager).unwrap(); + let vm_config = VmConfigInfo { + vcpu_count: 1, + max_vcpu_count: 3, + cpu_pm: "off".to_string(), + mem_type: "shmem".to_string(), + mem_file_path: "".to_string(), + mem_size_mib: 100, + serial_path: None, + cpu_topology: CpuTopology { + threads_per_core: 1, + cores_per_die: 3, + dies_per_socket: 1, + sockets: 1, + }, + vpmu_feature: 0, + }; + vm.set_vm_config(vm_config); + vm.init_guest_memory().unwrap(); + + vm.init_vcpu_manager(vm.vm_as().unwrap().clone(), BpfProgram::default()) + .unwrap(); + + vm.vcpu_manager() + .unwrap() + .set_reset_event_fd(EventFd::new(libc::EFD_NONBLOCK).unwrap()) + .unwrap(); + + #[cfg(any(target_arch = "x86", target_arch = "x86_64"))] + { + vm.setup_interrupt_controller().unwrap(); + } + + vm + } + + fn get_present_unstart_vcpus(vcpu_manager: &std::sync::MutexGuard<'_, VcpuManager>) -> u8 { + vcpu_manager + .vcpu_infos + .iter() + .fold(0, |sum, info| sum + info.vcpu.is_some() as u8) + } + + #[test] + fn test_vcpu_manager_config() { + skip_if_not_root!(); + let instance_info = Arc::new(RwLock::new(InstanceInfo::default())); + let epoll_manager = EpollManager::default(); + std::thread::sleep(std::time::Duration::from_millis(200)); + let mut vm = Vm::new(None, instance_info, epoll_manager).unwrap(); + let vm_config = VmConfigInfo { + vcpu_count: 1, + max_vcpu_count: 2, + cpu_pm: "off".to_string(), + mem_type: "shmem".to_string(), + mem_file_path: "".to_string(), + mem_size_mib: 1, + serial_path: None, + cpu_topology: CpuTopology { + threads_per_core: 1, + cores_per_die: 2, + dies_per_socket: 1, + sockets: 1, + }, + vpmu_feature: 0, + }; + vm.set_vm_config(vm_config.clone()); + vm.init_guest_memory().unwrap(); + + vm.init_vcpu_manager(vm.vm_as().unwrap().clone(), BpfProgram::default()) + .unwrap(); + + let mut vcpu_manager = vm.vcpu_manager().unwrap(); + + // test the vcpu_config + assert_eq!( + vcpu_manager.vcpu_infos.len(), + vm_config.max_vcpu_count as usize + ); + assert_eq!( + vcpu_manager.vcpu_config.boot_vcpu_count, + vm_config.vcpu_count + ); + assert_eq!( + vcpu_manager.vcpu_config.max_vcpu_count, + vm_config.max_vcpu_count + ); + + let reset_event_fd = EventFd::new(libc::EFD_NONBLOCK).unwrap(); + let reset_event_fd_raw = reset_event_fd.as_raw_fd(); + vcpu_manager.set_reset_event_fd(reset_event_fd).unwrap(); + + // test the reset_event_fd + assert_eq!( + vcpu_manager.reset_event_fd.as_ref().unwrap().as_raw_fd(), + reset_event_fd_raw + ); + } + + #[test] + fn test_vcpu_manager_boot_vcpus() { + skip_if_not_root!(); + let vm = get_vm(); + let mut vcpu_manager = vm.vcpu_manager().unwrap(); + + // test create boot vcpu + assert!(vcpu_manager + .create_boot_vcpus(TimestampUs::default(), GuestAddress(0)) + .is_ok()); + assert_eq!(get_present_unstart_vcpus(&vcpu_manager), 1); + + // test start boot vcpus + assert!(vcpu_manager.start_boot_vcpus(BpfProgram::default()).is_ok()); + } + + #[test] + fn test_vcpu_manager_operate_vcpus() { + skip_if_not_root!(); + let vm = get_vm(); + let mut vcpu_manager = vm.vcpu_manager().unwrap(); + + // test create vcpu more than max + let res = vcpu_manager.create_vcpus(20, None, None); + assert!(matches!(res, Err(VcpuManagerError::ExpectedVcpuExceedMax))); + + // test create vcpus + assert!(vcpu_manager.create_vcpus(2, None, None).is_ok()); + assert_eq!(vcpu_manager.present_vcpus_count(), 0); + assert_eq!(get_present_unstart_vcpus(&vcpu_manager), 2); + assert_eq!(vcpu_manager.vcpus().len(), 2); + assert_eq!(vcpu_manager.vcpus_mut().len(), 2); + + // test start vcpus + assert!(vcpu_manager + .start_vcpus(1, BpfProgram::default(), false) + .is_ok()); + assert_eq!(vcpu_manager.present_vcpus_count(), 1); + assert_eq!(vcpu_manager.present_vcpus(), vec![0]); + assert!(vcpu_manager + .start_vcpus(2, BpfProgram::default(), false) + .is_ok()); + assert_eq!(vcpu_manager.present_vcpus_count(), 2); + assert_eq!(vcpu_manager.present_vcpus(), vec![0, 1]); + + // test start vcpus more than created + let res = vcpu_manager.start_vcpus(3, BpfProgram::default(), false); + assert!(matches!(res, Err(VcpuManagerError::VcpuNotCreate))); + + // test start vcpus less than started + assert!(vcpu_manager + .start_vcpus(1, BpfProgram::default(), false) + .is_ok()); + } + #[test] + fn test_vcpu_manager_pause_resume_vcpus() { + skip_if_not_root!(); + *(EMULATE_RES.lock().unwrap()) = EmulationCase::Error(libc::EINTR); + + let vm = get_vm(); + let mut vcpu_manager = vm.vcpu_manager().unwrap(); + assert!(vcpu_manager + .create_boot_vcpus(TimestampUs::default(), GuestAddress(0)) + .is_ok()); + assert_eq!(get_present_unstart_vcpus(&vcpu_manager), 1); + assert!(vcpu_manager.start_boot_vcpus(BpfProgram::default()).is_ok()); + + // invalid cpuid for pause + let cpu_indexes = vec![2]; + let res = vcpu_manager.pause_vcpus(&cpu_indexes); + assert!(matches!(res, Err(VcpuManagerError::VcpuNotFound(_)))); + + // pause success + let cpu_indexes = vec![0]; + assert!(vcpu_manager.pause_vcpus(&cpu_indexes).is_ok()); + + // invalid cpuid for resume + let cpu_indexes = vec![2]; + let res = vcpu_manager.resume_vcpus(&cpu_indexes); + assert!(matches!(res, Err(VcpuManagerError::VcpuNotFound(_)))); + + // success resume + let cpu_indexes = vec![0]; + assert!(vcpu_manager.resume_vcpus(&cpu_indexes).is_ok()); + + // pause and resume all + assert!(vcpu_manager.pause_all_vcpus().is_ok()); + assert!(vcpu_manager.resume_all_vcpus().is_ok()); + } + + #[test] + fn test_vcpu_manager_exit_vcpus() { + skip_if_not_root!(); + *(EMULATE_RES.lock().unwrap()) = EmulationCase::Error(libc::EINTR); + + let vm = get_vm(); + let mut vcpu_manager = vm.vcpu_manager().unwrap(); + + assert!(vcpu_manager + .create_boot_vcpus(TimestampUs::default(), GuestAddress(0)) + .is_ok()); + assert_eq!(get_present_unstart_vcpus(&vcpu_manager), 1); + + assert!(vcpu_manager.start_boot_vcpus(BpfProgram::default()).is_ok()); + + // invalid cpuid for exit + let cpu_indexes = vec![2]; + + let res = vcpu_manager.exit_vcpus(&cpu_indexes); + assert!(matches!(res, Err(VcpuManagerError::VcpuNotFound(_)))); + + // exit success + let cpu_indexes = vec![0]; + assert!(vcpu_manager.exit_vcpus(&cpu_indexes).is_ok()); + } + + #[test] + fn test_vcpu_manager_exit_all_vcpus() { + skip_if_not_root!(); + *(EMULATE_RES.lock().unwrap()) = EmulationCase::Error(libc::EINTR); + + let vm = get_vm(); + let mut vcpu_manager = vm.vcpu_manager().unwrap(); + + assert!(vcpu_manager + .create_boot_vcpus(TimestampUs::default(), GuestAddress(0)) + .is_ok()); + assert_eq!(get_present_unstart_vcpus(&vcpu_manager), 1); + + assert!(vcpu_manager.start_boot_vcpus(BpfProgram::default()).is_ok()); + + // exit all success + assert!(vcpu_manager.exit_all_vcpus().is_ok()); + assert_eq!(vcpu_manager.vcpu_infos.len(), 0); + assert!(vcpu_manager.io_manager.is_none()); + } + + #[test] + fn test_vcpu_manager_revalidate_vcpus_cache() { + skip_if_not_root!(); + *(EMULATE_RES.lock().unwrap()) = EmulationCase::Error(libc::EINTR); + + let vm = get_vm(); + let mut vcpu_manager = vm.vcpu_manager().unwrap(); + + assert!(vcpu_manager + .create_boot_vcpus(TimestampUs::default(), GuestAddress(0)) + .is_ok()); + assert_eq!(get_present_unstart_vcpus(&vcpu_manager), 1); + + assert!(vcpu_manager.start_boot_vcpus(BpfProgram::default()).is_ok()); + + // invalid cpuid for exit + let cpu_indexes = vec![2]; + + let res = vcpu_manager.revalidate_vcpus_cache(&cpu_indexes); + assert!(matches!(res, Err(VcpuManagerError::VcpuNotFound(_)))); + + // revalidate success + let cpu_indexes = vec![0]; + assert!(vcpu_manager.revalidate_vcpus_cache(&cpu_indexes).is_ok()); + } + + #[test] + fn test_vcpu_manager_revalidate_all_vcpus_cache() { + skip_if_not_root!(); + *(EMULATE_RES.lock().unwrap()) = EmulationCase::Error(libc::EINTR); + + let vm = get_vm(); + let mut vcpu_manager = vm.vcpu_manager().unwrap(); + + assert!(vcpu_manager + .create_boot_vcpus(TimestampUs::default(), GuestAddress(0)) + .is_ok()); + assert_eq!(get_present_unstart_vcpus(&vcpu_manager), 1); + + assert!(vcpu_manager.start_boot_vcpus(BpfProgram::default()).is_ok()); + + // revalidate all success + assert!(vcpu_manager.revalidate_all_vcpus_cache().is_ok()); + } + + #[test] + #[cfg(feature = "hotplug")] + fn test_vcpu_manager_resize_cpu() { + skip_if_not_root!(); + let vm = get_vm(); + let mut vcpu_manager = vm.vcpu_manager().unwrap(); + + assert!(vcpu_manager + .create_boot_vcpus(TimestampUs::default(), GuestAddress(0)) + .is_ok()); + assert_eq!(get_present_unstart_vcpus(&vcpu_manager), 1); + + assert!(vcpu_manager.start_boot_vcpus(BpfProgram::default()).is_ok()); + + // set vcpus in hotplug action + let cpu_ids = vec![0]; + vcpu_manager.set_vcpus_action(VcpuAction::Hotplug, cpu_ids); + + // vcpu is already in hotplug process + let res = vcpu_manager.resize_vcpu(1, None); + assert!(matches!( + res, + Err(VcpuManagerError::VcpuResize( + VcpuResizeError::VcpuIsHotplugging + )) + )); + + // clear vcpus action + let cpu_ids = vec![0]; + vcpu_manager.set_vcpus_action(VcpuAction::None, cpu_ids); + + // no upcall channel + let res = vcpu_manager.resize_vcpu(1, None); + assert!(matches!( + res, + Err(VcpuManagerError::VcpuResize( + VcpuResizeError::UpdateNotAllowedPostBoot + )) + )); + + // init upcall channel + let dev_mgr_service = DevMgrService {}; + let vsock_backend = VsockInnerBackend::new().unwrap(); + let connector = vsock_backend.get_connector(); + let epoll_manager = EpollManager::default(); + let mut upcall_client = + UpcallClient::new(connector, epoll_manager, dev_mgr_service).unwrap(); + assert!(upcall_client.connect().is_ok()); + vcpu_manager.set_upcall_channel(Some(Arc::new(upcall_client))); + + // success: no need to resize + vcpu_manager.resize_vcpu(1, None).unwrap(); + + // exceeed max vcpu count + let res = vcpu_manager.resize_vcpu(4, None); + assert!(matches!( + res, + Err(VcpuManagerError::VcpuResize( + VcpuResizeError::ExpectedVcpuExceedMax + )) + )); + + // remove vcpu 0 + let res = vcpu_manager.resize_vcpu(0, None); + assert!(matches!( + res, + Err(VcpuManagerError::VcpuResize( + VcpuResizeError::Vcpu0CanNotBeRemoved + )) + )); + } +} From 31591d791568bf1e8c4368279b6d7bb81cdd1050 Mon Sep 17 00:00:00 2001 From: wllenyj Date: Wed, 18 May 2022 18:32:33 +0800 Subject: [PATCH 16/62] dragonball: fix unit test failure case about Kvm. Due to the wrong use of as_raw_fd, Kvm was dropped twice. Signed-off-by: wllenyj --- src/dragonball/src/kvm_context.rs | 2 +- src/dragonball/src/vcpu/vcpu_impl.rs | 10 ++-------- src/dragonball/src/vcpu/vcpu_manager.rs | 2 -- 3 files changed, 3 insertions(+), 11 deletions(-) diff --git a/src/dragonball/src/kvm_context.rs b/src/dragonball/src/kvm_context.rs index f4a840860..ce4583458 100644 --- a/src/dragonball/src/kvm_context.rs +++ b/src/dragonball/src/kvm_context.rs @@ -228,7 +228,7 @@ mod tests { assert!(c.max_memslots >= 32); let kvm = Kvm::new().unwrap(); - let f = unsafe { File::from_raw_fd(kvm.as_raw_fd()) }; + let f = std::mem::ManuallyDrop::new(unsafe { File::from_raw_fd(kvm.as_raw_fd()) }); let m1 = f.metadata().unwrap(); let m2 = File::open("/dev/kvm").unwrap().metadata().unwrap(); diff --git a/src/dragonball/src/vcpu/vcpu_impl.rs b/src/dragonball/src/vcpu/vcpu_impl.rs index ff3f9e44f..f6c1c2d4c 100644 --- a/src/dragonball/src/vcpu/vcpu_impl.rs +++ b/src/dragonball/src/vcpu/vcpu_impl.rs @@ -758,13 +758,11 @@ impl Drop for Vcpu { #[cfg(test)] pub mod tests { - use std::os::unix::io::AsRawFd; use std::sync::mpsc::{channel, Receiver}; use std::sync::Mutex; use arc_swap::ArcSwap; use dbs_device::device_manager::IoManager; - use kvm_ioctls::Kvm; use lazy_static::lazy_static; use test_utils::skip_if_not_root; @@ -812,12 +810,8 @@ pub mod tests { #[cfg(target_arch = "x86_64")] fn create_vcpu() -> (Vcpu, Receiver) { - // Call for kvm too frequently would cause error in some host kernel. - std::thread::sleep(std::time::Duration::from_millis(5)); - - let kvm = Kvm::new().unwrap(); - let vm = Arc::new(kvm.create_vm().unwrap()); - let kvm_context = KvmContext::new(Some(kvm.as_raw_fd())).unwrap(); + let kvm_context = KvmContext::new(None).unwrap(); + let vm = kvm_context.kvm().create_vm().unwrap(); let vcpu_fd = Arc::new(vm.create_vcpu(0).unwrap()); let io_manager = IoManagerCached::new(Arc::new(ArcSwap::new(Arc::new(IoManager::new())))); let supported_cpuid = kvm_context diff --git a/src/dragonball/src/vcpu/vcpu_manager.rs b/src/dragonball/src/vcpu/vcpu_manager.rs index 22c90f2e2..2b076cd5b 100644 --- a/src/dragonball/src/vcpu/vcpu_manager.rs +++ b/src/dragonball/src/vcpu/vcpu_manager.rs @@ -1062,7 +1062,6 @@ mod tests { fn get_vm() -> Vm { let instance_info = Arc::new(RwLock::new(InstanceInfo::default())); let epoll_manager = EpollManager::default(); - std::thread::sleep(std::time::Duration::from_millis(200)); let mut vm = Vm::new(None, instance_info, epoll_manager).unwrap(); let vm_config = VmConfigInfo { vcpu_count: 1, @@ -1111,7 +1110,6 @@ mod tests { skip_if_not_root!(); let instance_info = Arc::new(RwLock::new(InstanceInfo::default())); let epoll_manager = EpollManager::default(); - std::thread::sleep(std::time::Duration::from_millis(200)); let mut vm = Vm::new(None, instance_info, epoll_manager).unwrap(); let vm_config = VmConfigInfo { vcpu_count: 1, From a2e3715e01bf5f8ecba3818914365ed28a08f6f4 Mon Sep 17 00:00:00 2001 From: Chao Wu Date: Wed, 28 Dec 2022 20:23:39 +0800 Subject: [PATCH 17/62] upcall: remove upcall client when stopping vm In order to avoid resource leak, we need to remove upcall client in vm and vcpu manager when stopping vm. Signed-off-by: Chao Wu --- src/dragonball/src/vm/mod.rs | 7 +++++++ src/dragonball/src/vmm.rs | 7 +++++++ 2 files changed, 14 insertions(+) diff --git a/src/dragonball/src/vm/mod.rs b/src/dragonball/src/vm/mod.rs index 21935faa6..d573080ae 100644 --- a/src/dragonball/src/vm/mod.rs +++ b/src/dragonball/src/vm/mod.rs @@ -492,6 +492,13 @@ impl Vm { .map_err(StopMicrovmError::DeviceManager) } + /// Remove upcall client when the VM is destoryed. + #[cfg(feature = "dbs-upcall")] + pub fn remove_upcall(&mut self) -> std::result::Result<(), StopMicrovmError> { + self.upcall_client = None; + Ok(()) + } + /// Reset the console into canonical mode. pub fn reset_console(&self) -> std::result::Result<(), DeviceMgrError> { self.device_manager.reset_console() diff --git a/src/dragonball/src/vmm.rs b/src/dragonball/src/vmm.rs index 1cfbfac58..b15e66fef 100644 --- a/src/dragonball/src/vmm.rs +++ b/src/dragonball/src/vmm.rs @@ -162,6 +162,11 @@ impl Vmm { warn!("failed to remove devices: {:?}", e); } + #[cfg(feature = "dbs-upcall")] + if let Err(e) = vm.remove_upcall() { + warn!("failed to remove upcall: {:?}", e); + } + if let Err(e) = vm.reset_console() { warn!("Cannot set canonical mode for the terminal. {:?}", e); } @@ -174,6 +179,8 @@ impl Vmm { if let Err(e) = mgr.exit_all_vcpus() { warn!("Failed to exit vcpu thread. {:?}", e); } + #[cfg(feature = "dbs-upcall")] + mgr.set_upcall_channel(None); } Err(e) => warn!("Failed to get vcpu manager {:?}", e), } From dae6670628b4484c4994037706f7dac7dbd9cb75 Mon Sep 17 00:00:00 2001 From: Zhongtao Hu Date: Fri, 30 Dec 2022 13:34:24 +0800 Subject: [PATCH 18/62] kata-runtime: add rust runtime path for kata-runtime exec add rust runtime path for kata-runtime exec Fixes:#5963 Signed-off-by: Zhongtao Hu --- .../pkg/containerd-shim-v2/shim_management.go | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/runtime/pkg/containerd-shim-v2/shim_management.go b/src/runtime/pkg/containerd-shim-v2/shim_management.go index cfb300460..7b59caef3 100644 --- a/src/runtime/pkg/containerd-shim-v2/shim_management.go +++ b/src/runtime/pkg/containerd-shim-v2/shim_management.go @@ -14,6 +14,7 @@ import ( "net/http" "net/http/pprof" "net/url" + "os" "path/filepath" "strconv" "strings" @@ -306,8 +307,19 @@ func GetSandboxesStoragePath() string { return "/run/vc/sbs" } +// GetSandboxesStoragePath returns the storage path where sandboxes info are stored in runtime-rs +func GetSandboxesStoragePathRust() string { + return "/run/kata" +} + // SocketAddress returns the address of the unix domain socket for communicating with the // shim management endpoint func SocketAddress(id string) string { - return fmt.Sprintf("unix://%s", filepath.Join(string(filepath.Separator), GetSandboxesStoragePath(), id, "shim-monitor.sock")) + socketAddress := fmt.Sprintf("unix://%s", filepath.Join(string(filepath.Separator), GetSandboxesStoragePath(), id, "shim-monitor.sock")) + _, err := os.Stat(socketAddress) + // if the path not exist, check the rust runtime path + if err != nil { + return fmt.Sprintf("unix://%s", filepath.Join(string(filepath.Separator), GetSandboxesStoragePathRust(), id, "shim-monitor.sock")) + } + return socketAddress } From 86ee24b33c52f2e2abf5d7e8eb10e7788d5b9f63 Mon Sep 17 00:00:00 2001 From: Danny Canter Date: Thu, 22 Dec 2022 05:25:06 -0500 Subject: [PATCH 19/62] Runtime: Clarify mutability of global var Was about to change `urandomdev` to a constant when I realized it's intentionally mutable so it can be mocked in tests. There's other comments to the same effect so clarify here as well. Fixes: #5965 Signed-off-by: Danny Canter --- src/runtime/virtcontainers/vm.go | 1 + 1 file changed, 1 insertion(+) diff --git a/src/runtime/virtcontainers/vm.go b/src/runtime/virtcontainers/vm.go index a96661d43..b5dec9912 100644 --- a/src/runtime/virtcontainers/vm.go +++ b/src/runtime/virtcontainers/vm.go @@ -19,6 +19,7 @@ import ( "github.com/sirupsen/logrus" ) +// Mutable and not constant so we can mock in tests var urandomDev = "/dev/urandom" // VM is abstraction of a virtual machine. From dfea6c7d217f0d11eb85d50abf3928145651bc91 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 10:21:59 +0100 Subject: [PATCH 20/62] versions: Update the rust toolchain to 1.66.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We're doing the bump on main, as we'll need this as part of the CCv0 branch due to the dependencies we have there. Link to the 1.66.0 release: https://github.com/rust-lang/rust/blob/master/RELEASES.md#version-1660-2022-12-15 Fixes: #5966 Signed-off-by: Fabiano FidĂȘncio --- versions.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/versions.yaml b/versions.yaml index 8c0b2bf6d..ea79869a3 100644 --- a/versions.yaml +++ b/versions.yaml @@ -316,12 +316,12 @@ languages: rust: description: "Rust language" notes: "'version' is the default minimum version used by this project." - version: "1.62.0" + version: "1.66.0" meta: description: | 'newest-version' is the latest version known to work when building Kata - newest-version: "1.62.0" + newest-version: "1.66.0" golangci-lint: description: "golangci-lint" From 0bbeb34b4cd02317eacbd858f70ea01c42cc26bb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 12:31:54 +0100 Subject: [PATCH 21/62] protocols: Fix needless_borrow warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to needless_borrow. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow Signed-off-by: Fabiano FidĂȘncio --- src/libs/protocols/build.rs | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/libs/protocols/build.rs b/src/libs/protocols/build.rs index ebb6ef126..8c0341762 100644 --- a/src/libs/protocols/build.rs +++ b/src/libs/protocols/build.rs @@ -17,7 +17,7 @@ fn replace_text_in_file(file_name: &str, from: &str, to: &str) -> Result<(), std let new_contents = contents.replace(from, to); - let mut dst = File::create(&file_name)?; + let mut dst = File::create(file_name)?; dst.write_all(new_contents.as_bytes())?; Ok(()) @@ -67,7 +67,7 @@ fn handle_file(autogen_comment: &str, rust_filename: &str) -> Result<(), std::io let pattern = "//! Generated file from"; - if line.starts_with(&pattern) { + if line.starts_with(pattern) { new_contents.push(autogen_comment.into()); } @@ -76,14 +76,14 @@ fn handle_file(autogen_comment: &str, rust_filename: &str) -> Result<(), std::io // Although we've requested serde support via `Customize`, to // allow the `kata-agent-ctl` tool to partially deserialise structures // specified in JSON, we need this bit of additional magic. - if line.starts_with(&struct_pattern) { + if line.starts_with(struct_pattern) { new_contents.insert(new_contents.len() - 1, serde_default_code.trim().into()); } } let data = new_contents.join("\n"); - let mut dst = File::create(&rust_filename)?; + let mut dst = File::create(rust_filename)?; dst.write_all(data.as_bytes())?; From 56e7b5d0fdbcce44287ba64958125ebda5d99a01 Mon Sep 17 00:00:00 2001 From: Danny Canter Date: Thu, 22 Dec 2022 05:00:08 -0500 Subject: [PATCH 22/62] runtime/Makefile: Get some bits happy on darwin Substitution in the yq install script doesn't like zsh, and additionally the version of yq we're using doesn't have a darwin/arm64 build so grab the amd64 version and let rosetta work its magic. Additionally swap to abspath from readlink -m for the printing of what binaries to install, as the -m flag doesn't exist on the BSD variant, and this should be the same behavior. Fixes: #5970 Signed-off-by: Danny Canter --- ci/install_yq.sh | 12 +++++++++++- src/runtime/Makefile | 10 +++++----- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/ci/install_yq.sh b/ci/install_yq.sh index 56ad7d669..cc3e988b7 100755 --- a/ci/install_yq.sh +++ b/ci/install_yq.sh @@ -43,6 +43,16 @@ function install_yq() { "aarch64") goarch=arm64 ;; + "arm64") + # If we're on an apple silicon machine, just assign amd64. + # The version of yq we use doesn't have a darwin arm build, + # but Rosetta can come to the rescue here. + if [ $goos == "Darwin" ]; then + goarch=amd64 + else + goarch=arm64 + fi + ;; "ppc64le") goarch=ppc64le ;; @@ -64,7 +74,7 @@ function install_yq() { fi ## NOTE: ${var,,} => gives lowercase value of var - local yq_url="https://${yq_pkg}/releases/download/${yq_version}/yq_${goos,,}_${goarch}" + local yq_url="https://${yq_pkg}/releases/download/${yq_version}/yq_${goos}_${goarch}" curl -o "${yq_path}" -LSsf "${yq_url}" [ $? -ne 0 ] && die "Download ${yq_url} failed" chmod +x "${yq_path}" diff --git a/src/runtime/Makefile b/src/runtime/Makefile index 852b4d579..6eaf8b335 100644 --- a/src/runtime/Makefile +++ b/src/runtime/Makefile @@ -776,15 +776,15 @@ endif @printf "\tbinary installation path (BINDIR) : %s\n" $(abspath $(BINDIR)) @printf "\tbinaries to install :\n" @printf \ - "$(foreach b,$(sort $(BINLIST)),$(shell printf "\\t - $(shell readlink -m $(DESTDIR)/$(BINDIR)/$(b))\\\n"))" + "$(foreach b,$(sort $(BINLIST)),$(shell printf "\\t - $(abspath $(DESTDIR)/$(BINDIR)/$(b))\\\n"))" @printf \ - "$(foreach b,$(sort $(SHIMV2)),$(shell printf "\\t - $(shell readlink -m $(DESTDIR)/$(BINDIR)/$(b))\\\n"))" + "$(foreach b,$(sort $(SHIMV2)),$(shell printf "\\t - $(abspath $(DESTDIR)/$(BINDIR)/$(b))\\\n"))" @printf \ - "$(foreach b,$(sort $(MONITOR)),$(shell printf "\\t - $(shell readlink -m $(DESTDIR)/$(BINDIR)/$(b))\\\n"))" + "$(foreach b,$(sort $(MONITOR)),$(shell printf "\\t - $(abspath $(DESTDIR)/$(BINDIR)/$(b))\\\n"))" @printf \ - "$(foreach b,$(sort $(BINLIBEXECLIST)),$(shell printf "\\t - $(shell readlink -m $(DESTDIR)/$(PKGLIBEXECDIR)/$(b))\\\n"))" + "$(foreach b,$(sort $(BINLIBEXECLIST)),$(shell printf "\\t - $(abspath $(DESTDIR)/$(PKGLIBEXECDIR)/$(b))\\\n"))" @printf \ - "$(foreach s,$(sort $(SCRIPTS)),$(shell printf "\\t - $(shell readlink -m $(DESTDIR)/$(BINDIR)/$(s))\\\n"))" + "$(foreach s,$(sort $(SCRIPTS)),$(shell printf "\\t - $(abspath $(DESTDIR)/$(BINDIR)/$(s))\\\n"))" @printf "\tconfigs to install (CONFIGS) :\n" @printf \ "$(foreach c,$(sort $(CONFIGS)),$(shell printf "\\t - $(c)\\\n"))" From 60df30015bf48a6e5575050828958b78128609c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 14:17:11 +0100 Subject: [PATCH 23/62] protocols: Fix unnecessary_cast warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to unnecessary_cast. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#unnecessary_cast Signed-off-by: Fabiano FidĂȘncio --- src/libs/protocols/src/trans.rs | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/libs/protocols/src/trans.rs b/src/libs/protocols/src/trans.rs index e9ecfe785..c6f0c64f0 100644 --- a/src/libs/protocols/src/trans.rs +++ b/src/libs/protocols/src/trans.rs @@ -106,8 +106,8 @@ impl From for crate::oci::LinuxDeviceCgroup { crate::oci::LinuxDeviceCgroup { Allow: from.allow, Type: from.r#type, - Major: from.major.map_or(0, |t| t as i64), - Minor: from.minor.map_or(0, |t| t as i64), + Major: from.major.map_or(0, |t| t), + Minor: from.minor.map_or(0, |t| t), Access: from.access, unknown_fields: Default::default(), cached_size: Default::default(), @@ -123,7 +123,7 @@ impl From for crate::oci::LinuxMemory { Swap: from.swap.map_or(0, |t| t), Kernel: from.kernel.map_or(0, |t| t), KernelTCP: from.kernel_tcp.map_or(0, |t| t), - Swappiness: from.swappiness.map_or(0, |t| t as u64), + Swappiness: from.swappiness.map_or(0, |t| t), DisableOOMKiller: from.disable_oom_killer.map_or(false, |t| t), unknown_fields: Default::default(), cached_size: Default::default(), @@ -332,7 +332,7 @@ impl From for crate::oci::LinuxDevice { Type: from.r#type, Major: from.major, Minor: from.minor, - FileMode: from.file_mode.map_or(0, |v| v as u32), + FileMode: from.file_mode.map_or(0, |v| v), UID: from.uid.map_or(0, |v| v), GID: from.gid.map_or(0, |v| v), unknown_fields: Default::default(), @@ -468,12 +468,12 @@ impl From for oci::LinuxDeviceCgroup { fn from(mut from: crate::oci::LinuxDeviceCgroup) -> Self { let mut major = None; if from.get_Major() > 0 { - major = Some(from.get_Major() as i64); + major = Some(from.get_Major()); } let mut minor = None; if from.get_Minor() > 0 { - minor = Some(from.get_Minor() as i64) + minor = Some(from.get_Minor()) } oci::LinuxDeviceCgroup { From ffd6fbb6b65340c95e0654ffad2adb63cab57aad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 13:21:27 +0100 Subject: [PATCH 24/62] logging: Fix needless_borrow warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to needless_borrow. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow Signed-off-by: Fabiano FidĂȘncio --- src/libs/logging/src/file_rotate.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libs/logging/src/file_rotate.rs b/src/libs/logging/src/file_rotate.rs index 444297e53..3cc8f5715 100644 --- a/src/libs/logging/src/file_rotate.rs +++ b/src/libs/logging/src/file_rotate.rs @@ -168,12 +168,12 @@ impl FileRotator { #[cfg(test)] if !self.fail_rename && self.path.exists() { let rotated_path = self.rotated_path(1); - let _ = fs::rename(&self.path, &rotated_path); + let _ = fs::rename(&self.path, rotated_path); } #[cfg(not(test))] if self.path.exists() { let rotated_path = self.rotated_path(1); - let _ = fs::rename(&self.path, &rotated_path); + let _ = fs::rename(&self.path, rotated_path); } let delete_path = self.rotated_path(self.rotate_keep + 1); From c9c38e6d01178bd464418d8b191cb43f6b772c18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 14:25:47 +0100 Subject: [PATCH 25/62] logging: Allow clippy::type-complexity warning MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As the rust toolchain version bump to its 1.66.0 release raised a warning about the type complexity used for the closure, and that's something we don't want to change, let's ignore such warning in this very specific case. See: https://rust-lang.github.io/rust-clippy/master/index.html#type_complexity Signed-off-by: Fabiano FidĂȘncio --- src/libs/logging/src/lib.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/src/libs/logging/src/lib.rs b/src/libs/logging/src/lib.rs index d72292a2c..29325c6bd 100644 --- a/src/libs/logging/src/lib.rs +++ b/src/libs/logging/src/lib.rs @@ -499,6 +499,7 @@ mod tests { let error_closure = |logger: &Logger, msg: String| error!(logger, "{}", msg); let critical_closure = |logger: &Logger, msg: String| crit!(logger, "{}", msg); + #[allow(clippy::type_complexity)] struct TestData<'a> { slog_level: slog::Level, slog_level_tag: &'a str, From c1a8d89a72aab69abe59dd2fd547c78ea0d37505 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 13:25:14 +0100 Subject: [PATCH 26/62] kata-sys-util: Fix needless_borrow warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to needless_borrow. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow Signed-off-by: Fabiano FidĂȘncio --- src/libs/kata-sys-util/src/fs.rs | 2 +- src/libs/kata-sys-util/src/mount.rs | 6 +++--- src/libs/kata-sys-util/src/numa.rs | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/libs/kata-sys-util/src/fs.rs b/src/libs/kata-sys-util/src/fs.rs index 32bfafee9..bec806c46 100644 --- a/src/libs/kata-sys-util/src/fs.rs +++ b/src/libs/kata-sys-util/src/fs.rs @@ -145,7 +145,7 @@ pub fn reflink_copy, D: AsRef>(src: S, dst: D) -> Result<() // Copy file using cp command, which handles sparse file copy. fn do_regular_copy(src: &str, dst: &str) -> Result<()> { let mut cmd = Command::new("/bin/cp"); - cmd.args(&["--sparse=auto", src, dst]); + cmd.args(["--sparse=auto", src, dst]); match cmd.output() { Ok(output) => match output.status.success() { diff --git a/src/libs/kata-sys-util/src/mount.rs b/src/libs/kata-sys-util/src/mount.rs index 58613f3a7..efbcf6a4f 100644 --- a/src/libs/kata-sys-util/src/mount.rs +++ b/src/libs/kata-sys-util/src/mount.rs @@ -820,11 +820,11 @@ mod tests { let tmpdir2 = tempfile::tempdir().unwrap(); assert!(matches!( - bind_remount(&PathBuf::from(""), true), + bind_remount(PathBuf::from(""), true), Err(Error::NullMountPointPath) )); assert!(matches!( - bind_remount(&PathBuf::from("../______doesn't____exist____nnn"), true), + bind_remount(PathBuf::from("../______doesn't____exist____nnn"), true), Err(Error::InvalidPath(_)) )); @@ -1066,7 +1066,7 @@ mod tests { .unwrap_err(); let src = path.join("src"); - fs::write(&src, "test").unwrap(); + fs::write(src, "test").unwrap(); let dst = path.join("dst"); fs::write(&dst, "test1").unwrap(); mount_at( diff --git a/src/libs/kata-sys-util/src/numa.rs b/src/libs/kata-sys-util/src/numa.rs index ece5cd8e7..4a6b2e576 100644 --- a/src/libs/kata-sys-util/src/numa.rs +++ b/src/libs/kata-sys-util/src/numa.rs @@ -37,9 +37,9 @@ pub type Result = std::result::Result; lazy_static! { static ref SYS_FS_PREFIX: PathBuf = PathBuf::from(env!("CARGO_MANIFEST_DIR")).join("test/texture"); // numa node file for UT, we can mock data - static ref NUMA_NODE_PATH: PathBuf = (&*SYS_FS_PREFIX).join("sys/devices/system/node"); + static ref NUMA_NODE_PATH: PathBuf = (*SYS_FS_PREFIX).join("sys/devices/system/node"); // sysfs directory for CPU devices - static ref NUMA_CPU_PATH: PathBuf = (&*SYS_FS_PREFIX).join("sys/devices/system/cpu"); + static ref NUMA_CPU_PATH: PathBuf = (*SYS_FS_PREFIX).join("sys/devices/system/cpu"); } // global config in release From 668e6524010e034ad99a7f0846207b5c1151227a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 13:27:57 +0100 Subject: [PATCH 27/62] kata-sys-util: Fix unnecessary_cast warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to unnecessary_cast. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#unnecessary_cast Signed-off-by: Fabiano FidĂȘncio --- src/libs/kata-sys-util/src/mount.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/libs/kata-sys-util/src/mount.rs b/src/libs/kata-sys-util/src/mount.rs index efbcf6a4f..3c6f5f261 100644 --- a/src/libs/kata-sys-util/src/mount.rs +++ b/src/libs/kata-sys-util/src/mount.rs @@ -592,7 +592,7 @@ fn compact_lowerdir_option(opts: &[String]) -> (Option, Vec) { } }; - let idx = idx as usize; + let idx = idx; let common_dir = match get_longest_common_prefix(&lower_opts) { None => return (None, n_opts), Some(v) => { @@ -620,7 +620,7 @@ fn compact_lowerdir_option(opts: &[String]) -> (Option, Vec) { .iter() .map(|c| c.replace(&common_prefix, "")) .collect(); - n_opts[idx as usize] = format!("lowerdir={}", lower.join(":")); + n_opts[idx] = format!("lowerdir={}", lower.join(":")); (Some(common_dir), n_opts) } From bb78d35db8f29fd46055e178ce17e0348dc1f96c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 13:31:06 +0100 Subject: [PATCH 28/62] kata-sys-util: Fix "match-like-matches-macro" warning MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to "match-like-matches-macro". Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#match_like_matches_macro Signed-off-by: Fabiano FidĂȘncio --- src/libs/kata-sys-util/src/validate.rs | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/src/libs/kata-sys-util/src/validate.rs b/src/libs/kata-sys-util/src/validate.rs index 0847398ce..13902a674 100644 --- a/src/libs/kata-sys-util/src/validate.rs +++ b/src/libs/kata-sys-util/src/validate.rs @@ -17,16 +17,9 @@ pub enum Error { pub fn verify_id(id: &str) -> Result<(), Error> { let mut chars = id.chars(); - let valid = match chars.next() { - Some(first) - if first.is_alphanumeric() + let valid = matches!(chars.next(), Some(first) if first.is_alphanumeric() && id.len() > 1 - && chars.all(|c| c.is_alphanumeric() || ['.', '-', '_'].contains(&c)) => - { - true - } - _ => false, - }; + && chars.all(|c| c.is_alphanumeric() || ['.', '-', '_'].contains(&c))); match valid { true => Ok(()), From 126187e8145a70b642ca18fe062756bbd5741aef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 14:07:42 +0100 Subject: [PATCH 29/62] safe-path: Fix needless_borrow warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to needless_borrow. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow Signed-off-by: Fabiano FidĂȘncio --- src/libs/safe-path/src/pinned_path_buf.rs | 4 +-- src/libs/safe-path/src/scoped_dir_builder.rs | 8 ++--- .../safe-path/src/scoped_path_resolver.rs | 32 +++++++++---------- 3 files changed, 22 insertions(+), 22 deletions(-) diff --git a/src/libs/safe-path/src/pinned_path_buf.rs b/src/libs/safe-path/src/pinned_path_buf.rs index d1816f450..15c80f4ce 100644 --- a/src/libs/safe-path/src/pinned_path_buf.rs +++ b/src/libs/safe-path/src/pinned_path_buf.rs @@ -295,7 +295,7 @@ mod tests { barrier2.wait(); }); - let path = scoped_join(&root_path, "s").unwrap(); + let path = scoped_join(root_path, "s").unwrap(); let data = fs::read_to_string(&path).unwrap(); assert_eq!(&data, "a"); assert!(path.is_file()); @@ -306,7 +306,7 @@ mod tests { assert_eq!(&data, "b"); PinnedPathBuf::from_path(&path).unwrap_err(); - let pinned_path = PinnedPathBuf::new(&root_path, "s").unwrap(); + let pinned_path = PinnedPathBuf::new(root_path, "s").unwrap(); let data = fs::read_to_string(&pinned_path).unwrap(); assert_eq!(&data, "b"); diff --git a/src/libs/safe-path/src/scoped_dir_builder.rs b/src/libs/safe-path/src/scoped_dir_builder.rs index 1a4ba189f..2d231c62f 100644 --- a/src/libs/safe-path/src/scoped_dir_builder.rs +++ b/src/libs/safe-path/src/scoped_dir_builder.rs @@ -173,7 +173,7 @@ mod tests { fs::write(rootfs_path.join("txt"), "test").unwrap(); ScopedDirBuilder::new(rootfs_path.join("txt")).unwrap_err(); - let mut builder = ScopedDirBuilder::new(&rootfs_path).unwrap(); + let mut builder = ScopedDirBuilder::new(rootfs_path).unwrap(); // file with the same name already exists. builder @@ -268,7 +268,7 @@ mod tests { symlink(rootfs_dir.path().join("b"), rootfs_dir.path().join("a")).unwrap(); let rootfs_path = &rootfs_dir.path().join("a"); - let mut builder = ScopedDirBuilder::new(&rootfs_path).unwrap(); + let mut builder = ScopedDirBuilder::new(rootfs_path).unwrap(); builder.create_with_unscoped_path("/").unwrap_err(); builder .create_with_unscoped_path(rootfs_path.join("../__xxxx___xxx__")) @@ -278,13 +278,13 @@ mod tests { .unwrap_err(); // Return `AlreadyExist` when recursive is false - builder.create_with_unscoped_path(&rootfs_path).unwrap_err(); + builder.create_with_unscoped_path(rootfs_path).unwrap_err(); builder .create_with_unscoped_path(rootfs_path.join(".")) .unwrap_err(); builder.recursive(true); - builder.create_with_unscoped_path(&rootfs_path).unwrap(); + builder.create_with_unscoped_path(rootfs_path).unwrap(); builder .create_with_unscoped_path(rootfs_path.join(".")) .unwrap(); diff --git a/src/libs/safe-path/src/scoped_path_resolver.rs b/src/libs/safe-path/src/scoped_path_resolver.rs index 59b06bfe7..4d06f0062 100644 --- a/src/libs/safe-path/src/scoped_path_resolver.rs +++ b/src/libs/safe-path/src/scoped_path_resolver.rs @@ -329,31 +329,31 @@ mod tests { let rootfs_path = &rootfs_dir.path(); assert_eq!( - scoped_join(&rootfs_path, "a").unwrap(), + scoped_join(rootfs_path, "a").unwrap(), rootfs_path.join("a") ); assert_eq!( - scoped_join(&rootfs_path, "./a").unwrap(), + scoped_join(rootfs_path, "./a").unwrap(), rootfs_path.join("a") ); assert_eq!( - scoped_join(&rootfs_path, "././a").unwrap(), + scoped_join(rootfs_path, "././a").unwrap(), rootfs_path.join("a") ); assert_eq!( - scoped_join(&rootfs_path, "c/d/../../a").unwrap(), + scoped_join(rootfs_path, "c/d/../../a").unwrap(), rootfs_path.join("a") ); assert_eq!( - scoped_join(&rootfs_path, "c/d/../../../.././a").unwrap(), + scoped_join(rootfs_path, "c/d/../../../.././a").unwrap(), rootfs_path.join("a") ); assert_eq!( - scoped_join(&rootfs_path, "../../a").unwrap(), + scoped_join(rootfs_path, "../../a").unwrap(), rootfs_path.join("a") ); assert_eq!( - scoped_join(&rootfs_path, "./../a").unwrap(), + scoped_join(rootfs_path, "./../a").unwrap(), rootfs_path.join("a") ); } @@ -370,18 +370,18 @@ mod tests { fs::symlink("b/c", rootfs_dir.path().join("a")).unwrap(); let target = rootfs_path.join("b/c"); - assert_eq!(scoped_join(&rootfs_path, "a").unwrap(), target); - assert_eq!(scoped_join(&rootfs_path, "./a").unwrap(), target); - assert_eq!(scoped_join(&rootfs_path, "././a").unwrap(), target); - assert_eq!(scoped_join(&rootfs_path, "b/c/../../a").unwrap(), target); + assert_eq!(scoped_join(rootfs_path, "a").unwrap(), target); + assert_eq!(scoped_join(rootfs_path, "./a").unwrap(), target); + assert_eq!(scoped_join(rootfs_path, "././a").unwrap(), target); + assert_eq!(scoped_join(rootfs_path, "b/c/../../a").unwrap(), target); assert_eq!( - scoped_join(&rootfs_path, "b/c/../../../.././a").unwrap(), + scoped_join(rootfs_path, "b/c/../../../.././a").unwrap(), target ); - assert_eq!(scoped_join(&rootfs_path, "../../a").unwrap(), target); - assert_eq!(scoped_join(&rootfs_path, "./../a").unwrap(), target); - assert_eq!(scoped_join(&rootfs_path, "a/../../../a").unwrap(), target); - assert_eq!(scoped_join(&rootfs_path, "a/../../../b/c").unwrap(), target); + assert_eq!(scoped_join(rootfs_path, "../../a").unwrap(), target); + assert_eq!(scoped_join(rootfs_path, "./../a").unwrap(), target); + assert_eq!(scoped_join(rootfs_path, "a/../../../a").unwrap(), target); + assert_eq!(scoped_join(rootfs_path, "a/../../../b/c").unwrap(), target); } #[test] From cf9ef1833cf9897a17c7749827c4dad49960a3fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 12:54:51 +0100 Subject: [PATCH 30/62] kata-types: Fix needless_borrow warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to needless_borrow. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow Signed-off-by: Fabiano FidĂȘncio --- src/libs/kata-types/src/config/drop_in.rs | 6 +++--- src/libs/kata-types/tests/test_config.rs | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/src/libs/kata-types/src/config/drop_in.rs b/src/libs/kata-types/src/config/drop_in.rs index 015e284b6..208ea72fd 100644 --- a/src/libs/kata-types/src/config/drop_in.rs +++ b/src/libs/kata-types/src/config/drop_in.rs @@ -240,7 +240,7 @@ mod drop_in_directory_handling { "drop-in cfg file can only be a regular file or a symlink", )); } - let dropin_contents = fs::read_to_string(&dropin_file.path())?; + let dropin_contents = fs::read_to_string(dropin_file.path())?; let dropin_config: toml::Value = toml::from_str(&dropin_contents)?; super::toml_tree_ops::merge(base_config, dropin_config); Ok(()) @@ -267,7 +267,7 @@ mod drop_in_directory_handling { } pub fn load(base_cfg_file_path: &Path) -> Result { - let base_toml_str = fs::read_to_string(&base_cfg_file_path)?; + let base_toml_str = fs::read_to_string(base_cfg_file_path)?; let mut base_config: toml::Value = toml::from_str(&base_toml_str)?; let dropin_dir = get_dropin_dir_path(base_cfg_file_path)?; @@ -324,7 +324,7 @@ mod drop_in_directory_handling { create_file(&config_path, BASE_CONFIG_DATA.as_bytes()).unwrap(); let dropin_dir = tmpdir.path().join("config.d"); - fs::create_dir(&dropin_dir).unwrap(); + fs::create_dir(dropin_dir).unwrap(); let config = load(&config_path).unwrap(); check_base_config(&config); diff --git a/src/libs/kata-types/tests/test_config.rs b/src/libs/kata-types/tests/test_config.rs index b7d5f953b..800a05f70 100644 --- a/src/libs/kata-types/tests/test_config.rs +++ b/src/libs/kata-types/tests/test_config.rs @@ -340,7 +340,7 @@ mod tests { let path = env!("CARGO_MANIFEST_DIR"); let path = Path::new(path).join("tests/texture/configuration-anno-0.toml"); - let content = fs::read_to_string(&path).unwrap(); + let content = fs::read_to_string(path).unwrap(); let mut config = TomlConfig::load(&content).unwrap(); assert!(anno.update_config_by_annotation(&mut config).is_err()); } @@ -349,7 +349,7 @@ mod tests { fn test_fail_to_change_kernel_path_because_of_invalid_path() { let path = env!("CARGO_MANIFEST_DIR"); let path = Path::new(path).join("tests/texture/configuration-anno-0.toml"); - let content = fs::read_to_string(&path).unwrap(); + let content = fs::read_to_string(path).unwrap(); let qemu = QemuConfig::new(); qemu.register(); From 2a73e057db017db04a3759bd1325bbecd6c6accc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 14:17:47 +0100 Subject: [PATCH 31/62] kata-types: Fix unnecessary_cast warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to unnecessary_cast. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#unnecessary_cast Signed-off-by: Fabiano FidĂȘncio --- src/libs/kata-types/src/config/hypervisor/mod.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libs/kata-types/src/config/hypervisor/mod.rs b/src/libs/kata-types/src/config/hypervisor/mod.rs index d87916938..b7dd9f68c 100644 --- a/src/libs/kata-types/src/config/hypervisor/mod.rs +++ b/src/libs/kata-types/src/config/hypervisor/mod.rs @@ -1133,7 +1133,7 @@ mod tests { }, output: CpuInfo { cpu_features: "".to_string(), - default_vcpus: default_vcpus as i32, + default_vcpus, default_maxvcpus: node_cpus, }, }, From 41d7dbaaea797aa3696d6a7e06136f125b45e7e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 14:42:25 +0100 Subject: [PATCH 32/62] rustjail: Fix needless_borrow warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to needless_borrow. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow Signed-off-by: Fabiano FidĂȘncio --- src/agent/rustjail/src/mount.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/agent/rustjail/src/mount.rs b/src/agent/rustjail/src/mount.rs index a6418a343..76922024d 100644 --- a/src/agent/rustjail/src/mount.rs +++ b/src/agent/rustjail/src/mount.rs @@ -782,7 +782,7 @@ fn mount_from( Path::new(&dest).parent().unwrap() }; - fs::create_dir_all(&dir).map_err(|e| { + fs::create_dir_all(dir).map_err(|e| { log_child!( cfd_log, "create dir {}: {}", From 7bcdc9049a24d3d7b0e7c13da373ffe18c5500e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 14:42:58 +0100 Subject: [PATCH 33/62] rustjail: Fix unnecessary_cast warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to unnecessary_cast. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#unnecessary_cast Signed-off-by: Fabiano FidĂȘncio --- src/agent/rustjail/src/seccomp.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/agent/rustjail/src/seccomp.rs b/src/agent/rustjail/src/seccomp.rs index d8edbcd00..4b0c89515 100644 --- a/src/agent/rustjail/src/seccomp.rs +++ b/src/agent/rustjail/src/seccomp.rs @@ -63,7 +63,7 @@ pub fn get_unknown_syscalls(scmp: &LinuxSeccomp) -> Option> { // init_seccomp creates a seccomp filter and loads it for the current process // including all the child processes. pub fn init_seccomp(scmp: &LinuxSeccomp) -> Result<()> { - let def_action = ScmpAction::from_str(scmp.default_action.as_str(), Some(libc::EPERM as i32))?; + let def_action = ScmpAction::from_str(scmp.default_action.as_str(), Some(libc::EPERM))?; // Create a new filter context let mut filter = ScmpFilterContext::new_filter(def_action)?; From f77220490e70aaadacd55655a84ab630d4368c16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 14:49:10 +0100 Subject: [PATCH 34/62] agent: Fix needless_borrow warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to needless_borrow. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow Signed-off-by: Fabiano FidĂȘncio --- src/agent/src/device.rs | 12 ++++++------ src/agent/src/mount.rs | 6 +++--- src/agent/src/namespace.rs | 4 ++-- src/agent/src/netlink.rs | 12 ++++++------ src/agent/src/network.rs | 2 +- src/agent/src/sandbox.rs | 2 +- src/agent/src/watcher.rs | 10 +++++----- 7 files changed, 24 insertions(+), 24 deletions(-) diff --git a/src/agent/src/device.rs b/src/agent/src/device.rs index 7d89d0124..ec277f78e 100644 --- a/src/agent/src/device.rs +++ b/src/agent/src/device.rs @@ -414,7 +414,7 @@ fn scan_scsi_bus(scsi_addr: &str) -> Result<()> { // Scan scsi host passing in the channel, SCSI id and LUN. // Channel is always 0 because we have only one SCSI controller. - let scan_data = format!("0 {} {}", tokens[0], tokens[1]); + let scan_data = &format!("0 {} {}", tokens[0], tokens[1]); for entry in fs::read_dir(SYSFS_SCSI_HOST_PATH)? { let host = entry?.file_name(); @@ -428,7 +428,7 @@ fn scan_scsi_bus(scsi_addr: &str) -> Result<()> { let scan_path = PathBuf::from(&format!("{}/{}/{}", SYSFS_SCSI_HOST_PATH, host_str, "scan")); - fs::write(scan_path, &scan_data)?; + fs::write(scan_path, scan_data)?; } Ok(()) @@ -1531,7 +1531,7 @@ mod tests { pci_driver_override(syspci, dev0, "drv_b").unwrap(); assert_eq!(fs::read_to_string(&dev0override).unwrap(), "drv_b"); assert_eq!(fs::read_to_string(&probepath).unwrap(), dev0.to_string()); - assert_eq!(fs::read_to_string(&drvaunbind).unwrap(), dev0.to_string()); + assert_eq!(fs::read_to_string(drvaunbind).unwrap(), dev0.to_string()); } #[test] @@ -1543,7 +1543,7 @@ mod tests { let dev0 = pci::Address::new(0, 0, pci::SlotFn::new(0, 0).unwrap()); let dev0path = syspci.join("devices").join(dev0.to_string()); - fs::create_dir_all(&dev0path).unwrap(); + fs::create_dir_all(dev0path).unwrap(); // Test dev0 assert!(pci_iommu_group(&syspci, dev0).unwrap().is_none()); @@ -1554,7 +1554,7 @@ mod tests { let dev1group = dev1path.join("iommu_group"); fs::create_dir_all(&dev1path).unwrap(); - std::os::unix::fs::symlink("../../../kernel/iommu_groups/12", &dev1group).unwrap(); + std::os::unix::fs::symlink("../../../kernel/iommu_groups/12", dev1group).unwrap(); // Test dev1 assert_eq!( @@ -1567,7 +1567,7 @@ mod tests { let dev2path = syspci.join("devices").join(dev2.to_string()); let dev2group = dev2path.join("iommu_group"); - fs::create_dir_all(&dev2group).unwrap(); + fs::create_dir_all(dev2group).unwrap(); // Test dev2 assert!(pci_iommu_group(&syspci, dev2).is_err()); diff --git a/src/agent/src/mount.rs b/src/agent/src/mount.rs index 1db16343e..17ea3859c 100644 --- a/src/agent/src/mount.rs +++ b/src/agent/src/mount.rs @@ -648,7 +648,7 @@ pub fn recursive_ownership_change( ) -> Result<()> { let mut mask = if read_only { RO_MASK } else { RW_MASK }; if path.is_dir() { - for entry in fs::read_dir(&path)? { + for entry in fs::read_dir(path)? { recursive_ownership_change(entry?.path().as_path(), uid, gid, read_only)?; } mask |= EXEC_MASK; @@ -894,7 +894,7 @@ pub fn get_cgroup_mounts( }]); } - let file = File::open(&cg_path)?; + let file = File::open(cg_path)?; let reader = BufReader::new(file); let mut has_device_cgroup = false; @@ -1777,7 +1777,7 @@ mod tests { let tempdir = tempdir().unwrap(); let src = if d.mask_src { - tempdir.path().join(&d.src) + tempdir.path().join(d.src) } else { Path::new(d.src).to_path_buf() }; diff --git a/src/agent/src/namespace.rs b/src/agent/src/namespace.rs index 876e3d6fd..70fa519fa 100644 --- a/src/agent/src/namespace.rs +++ b/src/agent/src/namespace.rs @@ -88,7 +88,7 @@ impl Namespace { } let logger = self.logger.clone(); - let new_ns_path = ns_path.join(&ns_type.get()); + let new_ns_path = ns_path.join(ns_type.get()); File::create(new_ns_path.as_path())?; @@ -102,7 +102,7 @@ impl Namespace { let source = Path::new(&origin_ns_path); let destination = new_ns_path.as_path(); - File::open(&source)?; + File::open(source)?; // Create a new netns on the current thread. let cf = ns_type.get_flags(); diff --git a/src/agent/src/netlink.rs b/src/agent/src/netlink.rs index ef926f515..29785fc43 100644 --- a/src/agent/src/netlink.rs +++ b/src/agent/src/netlink.rs @@ -946,13 +946,13 @@ mod tests { fn clean_env_for_test_add_one_arp_neighbor(dummy_name: &str, ip: &str) { // ip link delete dummy Command::new("ip") - .args(&["link", "delete", dummy_name]) + .args(["link", "delete", dummy_name]) .output() .expect("prepare: failed to delete dummy"); // ip neigh del dev dummy ip Command::new("ip") - .args(&["neigh", "del", dummy_name, ip]) + .args(["neigh", "del", dummy_name, ip]) .output() .expect("prepare: failed to delete neigh"); } @@ -967,19 +967,19 @@ mod tests { // ip link add dummy type dummy Command::new("ip") - .args(&["link", "add", dummy_name, "type", "dummy"]) + .args(["link", "add", dummy_name, "type", "dummy"]) .output() .expect("failed to add dummy interface"); // ip addr add 192.168.0.2/16 dev dummy Command::new("ip") - .args(&["addr", "add", "192.168.0.2/16", "dev", dummy_name]) + .args(["addr", "add", "192.168.0.2/16", "dev", dummy_name]) .output() .expect("failed to add ip for dummy"); // ip link set dummy up; Command::new("ip") - .args(&["link", "set", dummy_name, "up"]) + .args(["link", "set", dummy_name, "up"]) .output() .expect("failed to up dummy"); } @@ -1011,7 +1011,7 @@ mod tests { // ip neigh show dev dummy ip let stdout = Command::new("ip") - .args(&["neigh", "show", "dev", dummy_name, to_ip]) + .args(["neigh", "show", "dev", dummy_name, to_ip]) .output() .expect("failed to show neigh") .stdout; diff --git a/src/agent/src/network.rs b/src/agent/src/network.rs index 194795a6f..451b5064d 100644 --- a/src/agent/src/network.rs +++ b/src/agent/src/network.rs @@ -64,7 +64,7 @@ fn do_setup_guest_dns(logger: Logger, dns_list: Vec, src: &str, dst: &st .map(|x| x.trim()) .collect::>() .join("\n"); - fs::write(src, &content)?; + fs::write(src, content)?; // bind mount to /etc/resolv.conf mount::mount(Some(src), dst, Some("bind"), MsFlags::MS_BIND, None::<&str>) diff --git a/src/agent/src/sandbox.rs b/src/agent/src/sandbox.rs index 384a8e523..34275cc41 100644 --- a/src/agent/src/sandbox.rs +++ b/src/agent/src/sandbox.rs @@ -1072,7 +1072,7 @@ mod tests { fs::create_dir(&subdir_path).unwrap(); for file in j.files { let subfile_path = format!("{}/{}", subdir_path, file.name); - let mut subfile = File::create(&subfile_path).unwrap(); + let mut subfile = File::create(subfile_path).unwrap(); subfile.write_all(file.content.as_bytes()).unwrap(); } } diff --git a/src/agent/src/watcher.rs b/src/agent/src/watcher.rs index dd944d812..468684a43 100644 --- a/src/agent/src/watcher.rs +++ b/src/agent/src/watcher.rs @@ -124,7 +124,7 @@ impl Storage { // if we are creating a directory: just create it, nothing more to do if metadata.file_type().is_dir() { - let dest_file_path = self.make_target_path(&source_file_path)?; + let dest_file_path = self.make_target_path(source_file_path)?; fs::create_dir_all(&dest_file_path) .await @@ -152,7 +152,7 @@ impl Storage { // Assume target mount is a file path self.target_mount_point.clone() } else { - let dest_file_path = self.make_target_path(&source_file_path)?; + let dest_file_path = self.make_target_path(source_file_path)?; if let Some(path) = dest_file_path.parent() { debug!(logger, "Creating destination directory: {}", path.display()); @@ -778,7 +778,7 @@ mod tests { 22 ); assert_eq!( - fs::read_to_string(&entries.0[0].target_mount_point.as_path().join("1.txt")).unwrap(), + fs::read_to_string(entries.0[0].target_mount_point.as_path().join("1.txt")).unwrap(), "updated" ); @@ -823,7 +823,7 @@ mod tests { 2 ); assert_eq!( - fs::read_to_string(&entries.0[1].target_mount_point.as_path().join("foo.txt")).unwrap(), + fs::read_to_string(entries.0[1].target_mount_point.as_path().join("foo.txt")).unwrap(), "updated" ); @@ -1000,7 +1000,7 @@ mod tests { // create a path we'll remove later fs::create_dir_all(source_dir.path().join("tmp")).unwrap(); - fs::write(&source_dir.path().join("tmp/test-file"), "foo").unwrap(); + fs::write(source_dir.path().join("tmp/test-file"), "foo").unwrap(); assert_eq!(entry.scan(&logger).await.unwrap(), 3); // root, ./tmp, test-file // Verify expected directory, file: From 9ced34dd225fd1811e732925f71144e7c67608c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 14:59:50 +0100 Subject: [PATCH 35/62] agent: Fix explicit_auto_deref warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to explicit_auto_deref. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#explicit_auto_deref Signed-off-by: Fabiano FidĂȘncio --- src/agent/src/rpc.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/agent/src/rpc.rs b/src/agent/src/rpc.rs index 3b0b0ab65..c52d866d6 100644 --- a/src/agent/src/rpc.rs +++ b/src/agent/src/rpc.rs @@ -2903,7 +2903,7 @@ COMMIT .unwrap(); assert!(!result.data.is_empty(), "we should have non-zero output:"); assert!( - std::str::from_utf8(&*result.data).unwrap().contains( + std::str::from_utf8(&result.data).unwrap().contains( "PREROUTING -d 192.168.103.153/32 -j DNAT --to-destination 192.168.188.153" ), "We should see the resulting rule" @@ -2941,7 +2941,7 @@ COMMIT .unwrap(); assert!(!result.data.is_empty(), "we should have non-zero output:"); assert!( - std::str::from_utf8(&*result.data) + std::str::from_utf8(&result.data) .unwrap() .contains("INPUT -s 2001:db8:100::1/128 -i sit+ -p tcp -m tcp --sport 512:65535"), "We should see the resulting rule" From a545a65934bf217d909995c0012ba98ab79269c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 15:22:20 +0100 Subject: [PATCH 36/62] agent: Allow clippy::question_mark warning in Namespace{} MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As the rust toolchain version bump to its 1.66.0 release raised a warning about the code being able to be refactored to use `?`. For now that's something we don't need to change, so let's ignore such warning in this very specific case. See: https://rust-lang.github.io/rust-clippy/master/index.html#question_mark Signed-off-by: Fabiano FidĂȘncio --- src/agent/src/namespace.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/src/agent/src/namespace.rs b/src/agent/src/namespace.rs index 70fa519fa..a3ad26616 100644 --- a/src/agent/src/namespace.rs +++ b/src/agent/src/namespace.rs @@ -78,6 +78,7 @@ impl Namespace { // setup creates persistent namespace without switching to it. // Note, pid namespaces cannot be persisted. #[instrument] + #[allow(clippy::question_mark)] pub async fn setup(mut self) -> Result { fs::create_dir_all(&self.persistent_ns_dir)?; From 0b2f060bf3ab5f7aff5db18558ea60e5a2b8213e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 15:53:35 +0100 Subject: [PATCH 37/62] dragonball: Fix unnecessary_cast warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to unnecessary_cast. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#unnecessary_cast Signed-off-by: Fabiano FidĂȘncio --- src/dragonball/src/address_space_manager.rs | 6 +++--- src/dragonball/src/resource_manager.rs | 5 +---- src/dragonball/src/signal_handler.rs | 2 +- src/dragonball/src/vcpu/x86_64.rs | 6 +++--- src/dragonball/src/vm/x86_64.rs | 6 +++--- 5 files changed, 11 insertions(+), 14 deletions(-) diff --git a/src/dragonball/src/address_space_manager.rs b/src/dragonball/src/address_space_manager.rs index 6e4144618..0e9ac91d7 100644 --- a/src/dragonball/src/address_space_manager.rs +++ b/src/dragonball/src/address_space_manager.rs @@ -401,9 +401,9 @@ impl AddressSpaceMgr { let flags = 0u32; let mem_region = kvm_userspace_memory_region { - slot: slot as u32, + slot, guest_phys_addr: reg.start_addr().raw_value(), - memory_size: reg.len() as u64, + memory_size: reg.len(), userspace_addr: host_addr as u64, flags, }; @@ -421,7 +421,7 @@ impl AddressSpaceMgr { self.base_to_slot .lock() .unwrap() - .insert(reg.start_addr().raw_value(), slot as u32); + .insert(reg.start_addr().raw_value(), slot); Ok(()) } diff --git a/src/dragonball/src/resource_manager.rs b/src/dragonball/src/resource_manager.rs index 456534482..ce199918b 100644 --- a/src/dragonball/src/resource_manager.rs +++ b/src/dragonball/src/resource_manager.rs @@ -435,10 +435,7 @@ impl ResourceManager { constraint.max = r.1 as u64; } match self.allocate_pio_address(&constraint) { - Some(base) => Resource::PioAddressRange { - base: base as u16, - size: *size, - }, + Some(base) => Resource::PioAddressRange { base, size: *size }, None => { if let Err(e) = self.free_device_resources(&resources) { return Err(e); diff --git a/src/dragonball/src/signal_handler.rs b/src/dragonball/src/signal_handler.rs index 23e9ff397..f6b7bfe46 100644 --- a/src/dragonball/src/signal_handler.rs +++ b/src/dragonball/src/signal_handler.rs @@ -41,7 +41,7 @@ extern "C" fn sigsys_handler(num: c_int, info: *mut siginfo_t, _unused: *mut c_v let si_code = unsafe { (*info).si_code }; // Sanity check. The condition should never be true. - if num != si_signo || num != SIGSYS || si_code != SYS_SECCOMP_CODE as i32 { + if num != si_signo || num != SIGSYS || si_code != SYS_SECCOMP_CODE { // Safe because we're terminating the process anyway. unsafe { _exit(i32::from(super::EXIT_CODE_UNEXPECTED_ERROR)) }; } diff --git a/src/dragonball/src/vcpu/x86_64.rs b/src/dragonball/src/vcpu/x86_64.rs index 738d574bb..f5616066c 100644 --- a/src/dragonball/src/vcpu/x86_64.rs +++ b/src/dragonball/src/vcpu/x86_64.rs @@ -96,14 +96,14 @@ impl Vcpu { if let Some(start_addr) = kernel_start_addr { dbs_arch::regs::setup_regs( &self.fd, - start_addr.raw_value() as u64, + start_addr.raw_value(), dbs_boot::layout::BOOT_STACK_POINTER, dbs_boot::layout::BOOT_STACK_POINTER, dbs_boot::layout::ZERO_PAGE_START, ) .map_err(VcpuError::REGSConfiguration)?; dbs_arch::regs::setup_fpu(&self.fd).map_err(VcpuError::FPUConfiguration)?; - let gdt_table: [u64; dbs_boot::layout::BOOT_GDT_MAX as usize] = [ + let gdt_table: [u64; dbs_boot::layout::BOOT_GDT_MAX] = [ gdt_entry(0, 0, 0), // NULL gdt_entry(0xa09b, 0, 0xfffff), // CODE gdt_entry(0xc093, 0, 0xfffff), // DATA @@ -129,7 +129,7 @@ impl Vcpu { fn set_cpuid(&mut self, vcpu_config: &VcpuConfig) -> Result<()> { let cpuid_vm_spec = VmSpec::new( self.id, - vcpu_config.max_vcpu_count as u8, + vcpu_config.max_vcpu_count, vcpu_config.threads_per_core, vcpu_config.cores_per_die, vcpu_config.dies_per_socket, diff --git a/src/dragonball/src/vm/x86_64.rs b/src/dragonball/src/vm/x86_64.rs index d2e084947..04cf4605c 100644 --- a/src/dragonball/src/vm/x86_64.rs +++ b/src/dragonball/src/vm/x86_64.rs @@ -81,10 +81,10 @@ fn configure_system( if mem_end < mmio_start { add_e820_entry( &mut params.0, - himem_start.raw_value() as u64, + himem_start.raw_value(), // it's safe to use unchecked_offset_from because // mem_end > himem_start - mem_end.unchecked_offset_from(himem_start) as u64 + 1, + mem_end.unchecked_offset_from(himem_start) + 1, bootparam::E820_RAM, ) .map_err(Error::BootSystem)?; @@ -103,7 +103,7 @@ fn configure_system( &mut params.0, mmio_end.raw_value() + 1, // it's safe to use unchecked_offset_from because mem_end > mmio_end - mem_end.unchecked_offset_from(mmio_end) as u64, + mem_end.unchecked_offset_from(mmio_end), bootparam::E820_RAM, ) .map_err(Error::BootSystem)?; From b95364a1401aeea959ebc2d4825b59ad7df2ebee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 15:55:49 +0100 Subject: [PATCH 38/62] dragonball: Allow question_mark warning in allocate_device_resources() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As the rust toolchain version bump to its 1.66.0 release raised a warning about the code being able to be refactored to use `?`. For now that's something we don't need to change, so let's ignore such warning in this very specific case. See: https://rust-lang.github.io/rust-clippy/master/index.html#question_mark Signed-off-by: Fabiano FidĂȘncio --- src/dragonball/src/resource_manager.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/src/dragonball/src/resource_manager.rs b/src/dragonball/src/resource_manager.rs index ce199918b..b0f96e252 100644 --- a/src/dragonball/src/resource_manager.rs +++ b/src/dragonball/src/resource_manager.rs @@ -420,6 +420,7 @@ impl ResourceManager { } /// Allocate requested resources for a device. + #[allow(clippy::question_mark)] pub fn allocate_device_resources( &self, requests: &[ResourceConstraint], From 20121fcda7ec431d736ad369af9883c0b36bcc7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 16:16:39 +0100 Subject: [PATCH 39/62] runtime-rs: Fix unnecessary_cast warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to unnecessary_cast. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#unnecessary_cast Signed-off-by: Fabiano FidĂȘncio --- .../crates/hypervisor/src/dragonball/inner_hypervisor.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/runtime-rs/crates/hypervisor/src/dragonball/inner_hypervisor.rs b/src/runtime-rs/crates/hypervisor/src/dragonball/inner_hypervisor.rs index f3cb4d587..d4d75e6ef 100644 --- a/src/runtime-rs/crates/hypervisor/src/dragonball/inner_hypervisor.rs +++ b/src/runtime-rs/crates/hypervisor/src/dragonball/inner_hypervisor.rs @@ -98,7 +98,7 @@ impl DragonballInner { }; for tid in self.vmm_instance.get_vcpu_tids() { - vcpu_thread_ids.vcpus.insert(tid.0 as u32, tid.1 as u32); + vcpu_thread_ids.vcpus.insert(tid.0 as u32, tid.1); } info!(sl!(), "get thread ids {:?}", vcpu_thread_ids); Ok(vcpu_thread_ids) From 4fb163d570fac9fef0bbbf6866337d8bc593ef0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 16:18:54 +0100 Subject: [PATCH 40/62] runtime-rs: Allow clippy:box_default warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As the rust toolchain version bump to its 1.66.0 release raised a warning about using Box::default() instead of specifying a type. For now that's something we don't need to change, so let's ignore such warning in this very specific case. See: https://rust-lang.github.io/rust-clippy/master/index.html#box_default Signed-off-by: Fabiano FidĂȘncio --- .../crates/resource/src/network/utils/link/manager.rs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/runtime-rs/crates/resource/src/network/utils/link/manager.rs b/src/runtime-rs/crates/resource/src/network/utils/link/manager.rs index 6e8850cc0..f628ec03f 100644 --- a/src/runtime-rs/crates/resource/src/network/utils/link/manager.rs +++ b/src/runtime-rs/crates/resource/src/network/utils/link/manager.rs @@ -11,6 +11,7 @@ use netlink_packet_route::{ use super::{Link, LinkAttrs}; +#[allow(clippy::box_default)] pub fn get_link_from_message(mut msg: LinkMessage) -> Box { let mut base = LinkAttrs { index: msg.header.index, @@ -83,6 +84,7 @@ pub fn get_link_from_message(mut msg: LinkMessage) -> Box { ret } +#[allow(clippy::box_default)] fn link_info(mut infos: Vec) -> Box { let mut link: Option> = None; while let Some(info) = infos.pop() { From 025e78341e1d43df638e3b5109893e6cb190d0da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 16:22:07 +0100 Subject: [PATCH 41/62] runtime-rs: Fix needless_borrow warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to needless_borrow. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow Signed-off-by: Fabiano FidĂȘncio --- .../crates/resource/src/network/utils/link/create.rs | 2 +- src/runtime-rs/crates/resource/src/network/utils/netns.rs | 2 +- src/runtime-rs/crates/resource/src/share_fs/utils.rs | 2 +- .../crates/resource/src/share_fs/virtio_fs_share_mount.rs | 8 ++++---- src/runtime-rs/crates/service/src/manager.rs | 2 +- src/runtime-rs/crates/shim/src/shim_delete.rs | 2 +- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/runtime-rs/crates/resource/src/network/utils/link/create.rs b/src/runtime-rs/crates/resource/src/network/utils/link/create.rs index 58b2016aa..10c7c7942 100644 --- a/src/runtime-rs/crates/resource/src/network/utils/link/create.rs +++ b/src/runtime-rs/crates/resource/src/network/utils/link/create.rs @@ -119,7 +119,7 @@ pub fn create_link(name: &str, link_type: LinkType, queues: usize) -> Result<()> fn create_queue(name: &str, flags: libc::c_int) -> Result<(File, String)> { let path = Path::new(DEVICE_PATH); - let file = OpenOptions::new().read(true).write(true).open(&path)?; + let file = OpenOptions::new().read(true).write(true).open(path)?; let mut req = CreateLinkReq::from_name(name)?; unsafe { req.set_raw_flags(flags as libc::c_short); diff --git a/src/runtime-rs/crates/resource/src/network/utils/netns.rs b/src/runtime-rs/crates/resource/src/network/utils/netns.rs index c0d0306fe..07584c641 100644 --- a/src/runtime-rs/crates/resource/src/network/utils/netns.rs +++ b/src/runtime-rs/crates/resource/src/network/utils/netns.rs @@ -20,7 +20,7 @@ impl NetnsGuard { let current_netns_path = format!("/proc/{}/task/{}/ns/{}", getpid(), gettid(), "net"); let old_netns = File::open(¤t_netns_path) .with_context(|| format!("open current netns path {}", ¤t_netns_path))?; - let new_netns = File::open(&new_netns_path) + let new_netns = File::open(new_netns_path) .with_context(|| format!("open new netns path {}", &new_netns_path))?; setns(new_netns.as_raw_fd(), CloneFlags::CLONE_NEWNET) .with_context(|| "set netns to new netns")?; diff --git a/src/runtime-rs/crates/resource/src/share_fs/utils.rs b/src/runtime-rs/crates/resource/src/share_fs/utils.rs index 115bdd146..6288e860e 100644 --- a/src/runtime-rs/crates/resource/src/share_fs/utils.rs +++ b/src/runtime-rs/crates/resource/src/share_fs/utils.rs @@ -38,7 +38,7 @@ pub(crate) fn share_to_guest( // to remount the read only dir mount point directly. if readonly { let dst = do_get_host_path(target, sid, cid, is_volume, true); - mount::bind_remount(&dst, readonly).context("bind remount readonly")?; + mount::bind_remount(dst, readonly).context("bind remount readonly")?; } Ok(do_get_guest_path(target, cid, is_volume, is_rafs)) diff --git a/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs b/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs index c29fee31f..27fb47972 100644 --- a/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs +++ b/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs @@ -173,11 +173,11 @@ impl ShareFsMount for VirtiofsShareMount { async fn upgrade_to_rw(&self, file_name: &str) -> Result<()> { // Remount readonly directory with readwrite permission let host_dest = do_get_host_path(file_name, &self.id, "", true, true); - bind_remount(&host_dest, false) + bind_remount(host_dest, false) .context("remount readonly directory with readwrite permission")?; // Remount readwrite directory with readwrite permission let host_dest = do_get_host_path(file_name, &self.id, "", true, false); - bind_remount(&host_dest, false) + bind_remount(host_dest, false) .context("remount readwrite directory with readwrite permission")?; Ok(()) } @@ -185,11 +185,11 @@ impl ShareFsMount for VirtiofsShareMount { async fn downgrade_to_ro(&self, file_name: &str) -> Result<()> { // Remount readwrite directory with readonly permission let host_dest = do_get_host_path(file_name, &self.id, "", true, false); - bind_remount(&host_dest, true) + bind_remount(host_dest, true) .context("remount readwrite directory with readonly permission")?; // Remount readonly directory with readonly permission let host_dest = do_get_host_path(file_name, &self.id, "", true, true); - bind_remount(&host_dest, true) + bind_remount(host_dest, true) .context("remount readonly directory with readonly permission")?; Ok(()) } diff --git a/src/runtime-rs/crates/service/src/manager.rs b/src/runtime-rs/crates/service/src/manager.rs index a8ca80fa5..fe31c179b 100644 --- a/src/runtime-rs/crates/service/src/manager.rs +++ b/src/runtime-rs/crates/service/src/manager.rs @@ -55,7 +55,7 @@ async fn send_event( .stdin(Stdio::piped()) .stdout(Stdio::piped()) .stderr(Stdio::piped()) - .args(&[ + .args([ "--address", &address, "publish", diff --git a/src/runtime-rs/crates/shim/src/shim_delete.rs b/src/runtime-rs/crates/shim/src/shim_delete.rs index 89d65b610..e1053927f 100644 --- a/src/runtime-rs/crates/shim/src/shim_delete.rs +++ b/src/runtime-rs/crates/shim/src/shim_delete.rs @@ -40,7 +40,7 @@ impl ShimExecutor { let trim_path = address.strip_prefix("unix://").context("trim path")?; let file_path = Path::new("/").join(trim_path); let file_path = file_path.as_path(); - if std::fs::metadata(&file_path).is_ok() { + if std::fs::metadata(file_path).is_ok() { info!(sl!(), "remote socket path: {:?}", &file_path); fs::remove_file(file_path).ok(); } From 2c24fcf34c69bd54b8d069f75ae1e250ace70852 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 16:25:43 +0100 Subject: [PATCH 42/62] runtime-rs: Fix clippy::bool-to-int-with-if warnings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to boolean to int conversion using if. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#bool_to_int_with_if Signed-off-by: Fabiano FidĂȘncio --- src/runtime-rs/crates/resource/src/share_fs/mod.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/runtime-rs/crates/resource/src/share_fs/mod.rs b/src/runtime-rs/crates/resource/src/share_fs/mod.rs index 5dc1d9358..739fa0459 100644 --- a/src/runtime-rs/crates/resource/src/share_fs/mod.rs +++ b/src/runtime-rs/crates/resource/src/share_fs/mod.rs @@ -89,8 +89,8 @@ impl MountedInfo { pub fn new(guest_path: PathBuf, readonly: bool) -> Self { Self { guest_path, - ro_ref_count: if readonly { 1 } else { 0 }, - rw_ref_count: if readonly { 0 } else { 1 }, + ro_ref_count: readonly.into(), + rw_ref_count: (!readonly).into(), } } From 079462d2eb509b4777d6a92e12b64fd1d13334d2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Mon, 2 Jan 2023 17:10:25 +0100 Subject: [PATCH 43/62] runk: Fix needless_borrow warning MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As we bumped the rust toolchain to 1.66.0, some new warnings have been raised due to needless_borrow. Let's fix them all here. For more info about the warnings, please, take a look at: https://rust-lang.github.io/rust-clippy/master/index.html#needless_borrow Signed-off-by: Fabiano FidĂȘncio --- src/tools/runk/src/main.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tools/runk/src/main.rs b/src/tools/runk/src/main.rs index ce300ca69..6b282ed0b 100644 --- a/src/tools/runk/src/main.rs +++ b/src/tools/runk/src/main.rs @@ -105,7 +105,7 @@ fn setup_logger( .read(true) .create(true) .truncate(true) - .open(&file)?; + .open(file)?; // TODO: Support 'text' log format. let (logger_local, logger_async_guard_local) = From cb84b0fb02ce4f118b9c7f4ee6b8af7ef798fb33 Mon Sep 17 00:00:00 2001 From: Peng Tao Date: Tue, 3 Jan 2023 09:03:39 +0000 Subject: [PATCH 44/62] katautils: run prestart hooks after starting VM So that we can pass the hypervisor pid to the hook instead of the runtime process's. Signed-off-by: Peng Tao --- src/runtime/pkg/katautils/create.go | 30 ++++++++++++++++++++--------- src/runtime/pkg/katautils/hook.go | 12 +++++++++++- 2 files changed, 32 insertions(+), 10 deletions(-) diff --git a/src/runtime/pkg/katautils/create.go b/src/runtime/pkg/katautils/create.go index ffcaa0715..d2c9c69cf 100644 --- a/src/runtime/pkg/katautils/create.go +++ b/src/runtime/pkg/katautils/create.go @@ -162,6 +162,21 @@ func CreateSandbox(ctx context.Context, vci vc.VC, ociSpec specs.Spec, runtimeCo ociSpec.Annotations["nerdctl/network-namespace"] = sandboxConfig.NetworkConfig.NetworkID sandboxConfig.Annotations["nerdctl/network-namespace"] = ociSpec.Annotations["nerdctl/network-namespace"] + sandbox, err := vci.CreateSandbox(ctx, sandboxConfig) + if err != nil { + return nil, vc.Process{}, err + } + + hid, err := sandbox.GetHypervisorPid() + if err != nil { + return nil, vc.Process{}, err + } + ctx = context.WithValue(ctx, "hypervisor-pid", hid) + + sid := sandbox.ID() + kataUtilsLogger = kataUtilsLogger.WithField("sandbox", sid) + katatrace.AddTags(span, "sandbox_id", sid) + // Run pre-start OCI hooks, in the runtime namespace. if err := PreStartHooks(ctx, ociSpec, containerID, bundlePath); err != nil { return nil, vc.Process{}, err @@ -172,15 +187,6 @@ func CreateSandbox(ctx context.Context, vci vc.VC, ociSpec specs.Spec, runtimeCo return nil, vc.Process{}, err } - sandbox, err := vci.CreateSandbox(ctx, sandboxConfig) - if err != nil { - return nil, vc.Process{}, err - } - - sid := sandbox.ID() - kataUtilsLogger = kataUtilsLogger.WithField("sandbox", sid) - katatrace.AddTags(span, "sandbox_id", sid) - containers := sandbox.GetAllContainers() if len(containers) != 1 { return nil, vc.Process{}, fmt.Errorf("BUG: Container list from sandbox is wrong, expecting only one container, found %d containers", len(containers)) @@ -255,6 +261,12 @@ func CreateContainer(ctx context.Context, sandbox vc.VCSandbox, ociSpec specs.Sp return vc.Process{}, err } + hid, err := sandbox.GetHypervisorPid() + if err != nil { + return vc.Process{}, err + } + ctx = context.WithValue(ctx, HypervisorPidKey{}, hid) + // Run pre-start OCI hooks. err = EnterNetNS(sandbox.GetNetNs(), func() error { return PreStartHooks(ctx, ociSpec, containerID, bundlePath) diff --git a/src/runtime/pkg/katautils/hook.go b/src/runtime/pkg/katautils/hook.go index 50ac95cb8..02a4f7597 100644 --- a/src/runtime/pkg/katautils/hook.go +++ b/src/runtime/pkg/katautils/hook.go @@ -28,6 +28,8 @@ var hookTracingTags = map[string]string{ "subsystem": "hook", } +type HypervisorPidKey struct{} + // Logger returns a logrus logger appropriate for logging hook messages func hookLogger() *logrus.Entry { return kataUtilsLogger.WithField("subsystem", "hook") @@ -38,8 +40,16 @@ func runHook(ctx context.Context, spec specs.Spec, hook specs.Hook, cid, bundleP defer span.End() katatrace.AddTags(span, "path", hook.Path, "args", hook.Args) + pid, ok := ctx.Value(HypervisorPidKey{}).(int) + if !ok || pid == 0 { + hookLogger().Info("no hypervisor pid") + + pid = syscallWrapper.Gettid() + } + hookLogger().Infof("hypervisor pid %v", pid) + state := specs.State{ - Pid: syscallWrapper.Gettid(), + Pid: pid, Bundle: bundlePath, ID: cid, Annotations: spec.Annotations, From 578a9c25f05c53525319a968f379ca718e8c9db7 Mon Sep 17 00:00:00 2001 From: Peng Tao Date: Tue, 3 Jan 2023 09:43:45 +0000 Subject: [PATCH 45/62] vc: rescan network endpoints after running prestart hooks Moby relies on the prestart hooks to configure network endpoints. We should rescan the netns after running them so that the newly added endpoints can be found and plugged to the guest. Fixes: #5941 Signed-off-by: Peng Tao --- src/runtime/pkg/katautils/create.go | 30 +++++++++----------- src/runtime/pkg/katautils/hook.go | 5 ++-- src/runtime/virtcontainers/api.go | 8 +++--- src/runtime/virtcontainers/implementation.go | 4 +-- src/runtime/virtcontainers/interfaces.go | 2 +- src/runtime/virtcontainers/sandbox.go | 22 ++++++++++++-- 6 files changed, 42 insertions(+), 29 deletions(-) diff --git a/src/runtime/pkg/katautils/create.go b/src/runtime/pkg/katautils/create.go index d2c9c69cf..3c3bf05c8 100644 --- a/src/runtime/pkg/katautils/create.go +++ b/src/runtime/pkg/katautils/create.go @@ -162,31 +162,27 @@ func CreateSandbox(ctx context.Context, vci vc.VC, ociSpec specs.Spec, runtimeCo ociSpec.Annotations["nerdctl/network-namespace"] = sandboxConfig.NetworkConfig.NetworkID sandboxConfig.Annotations["nerdctl/network-namespace"] = ociSpec.Annotations["nerdctl/network-namespace"] - sandbox, err := vci.CreateSandbox(ctx, sandboxConfig) - if err != nil { - return nil, vc.Process{}, err - } + sandbox, err := vci.CreateSandbox(ctx, sandboxConfig, func(ctx context.Context) error { + // Run pre-start OCI hooks, in the runtime namespace. + if err := PreStartHooks(ctx, ociSpec, containerID, bundlePath); err != nil { + return err + } - hid, err := sandbox.GetHypervisorPid() + // Run create runtime OCI hooks, in the runtime namespace. + if err := CreateRuntimeHooks(ctx, ociSpec, containerID, bundlePath); err != nil { + return err + } + + return nil + }) if err != nil { return nil, vc.Process{}, err } - ctx = context.WithValue(ctx, "hypervisor-pid", hid) sid := sandbox.ID() kataUtilsLogger = kataUtilsLogger.WithField("sandbox", sid) katatrace.AddTags(span, "sandbox_id", sid) - // Run pre-start OCI hooks, in the runtime namespace. - if err := PreStartHooks(ctx, ociSpec, containerID, bundlePath); err != nil { - return nil, vc.Process{}, err - } - - // Run create runtime OCI hooks, in the runtime namespace. - if err := CreateRuntimeHooks(ctx, ociSpec, containerID, bundlePath); err != nil { - return nil, vc.Process{}, err - } - containers := sandbox.GetAllContainers() if len(containers) != 1 { return nil, vc.Process{}, fmt.Errorf("BUG: Container list from sandbox is wrong, expecting only one container, found %d containers", len(containers)) @@ -265,7 +261,7 @@ func CreateContainer(ctx context.Context, sandbox vc.VCSandbox, ociSpec specs.Sp if err != nil { return vc.Process{}, err } - ctx = context.WithValue(ctx, HypervisorPidKey{}, hid) + ctx = context.WithValue(ctx, vc.HypervisorPidKey{}, hid) // Run pre-start OCI hooks. err = EnterNetNS(sandbox.GetNetNs(), func() error { diff --git a/src/runtime/pkg/katautils/hook.go b/src/runtime/pkg/katautils/hook.go index 02a4f7597..8ed6361ae 100644 --- a/src/runtime/pkg/katautils/hook.go +++ b/src/runtime/pkg/katautils/hook.go @@ -17,6 +17,7 @@ import ( "github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace" syscallWrapper "github.com/kata-containers/kata-containers/src/runtime/pkg/syscall" + vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers" "github.com/opencontainers/runtime-spec/specs-go" "github.com/sirupsen/logrus" ) @@ -28,8 +29,6 @@ var hookTracingTags = map[string]string{ "subsystem": "hook", } -type HypervisorPidKey struct{} - // Logger returns a logrus logger appropriate for logging hook messages func hookLogger() *logrus.Entry { return kataUtilsLogger.WithField("subsystem", "hook") @@ -40,7 +39,7 @@ func runHook(ctx context.Context, spec specs.Spec, hook specs.Hook, cid, bundleP defer span.End() katatrace.AddTags(span, "path", hook.Path, "args", hook.Args) - pid, ok := ctx.Value(HypervisorPidKey{}).(int) + pid, ok := ctx.Value(vc.HypervisorPidKey{}).(int) if !ok || pid == 0 { hookLogger().Info("no hypervisor pid") diff --git a/src/runtime/virtcontainers/api.go b/src/runtime/virtcontainers/api.go index 437c926a7..1927d4d07 100644 --- a/src/runtime/virtcontainers/api.go +++ b/src/runtime/virtcontainers/api.go @@ -44,16 +44,16 @@ func SetLogger(ctx context.Context, logger *logrus.Entry) { // CreateSandbox is the virtcontainers sandbox creation entry point. // CreateSandbox creates a sandbox and its containers. It does not start them. -func CreateSandbox(ctx context.Context, sandboxConfig SandboxConfig, factory Factory) (VCSandbox, error) { +func CreateSandbox(ctx context.Context, sandboxConfig SandboxConfig, factory Factory, prestartHookFunc func(context.Context) error) (VCSandbox, error) { span, ctx := katatrace.Trace(ctx, virtLog, "CreateSandbox", apiTracingTags) defer span.End() - s, err := createSandboxFromConfig(ctx, sandboxConfig, factory) + s, err := createSandboxFromConfig(ctx, sandboxConfig, factory, prestartHookFunc) return s, err } -func createSandboxFromConfig(ctx context.Context, sandboxConfig SandboxConfig, factory Factory) (_ *Sandbox, err error) { +func createSandboxFromConfig(ctx context.Context, sandboxConfig SandboxConfig, factory Factory, prestartHookFunc func(context.Context) error) (_ *Sandbox, err error) { span, ctx := katatrace.Trace(ctx, virtLog, "createSandboxFromConfig", apiTracingTags) defer span.End() @@ -88,7 +88,7 @@ func createSandboxFromConfig(ctx context.Context, sandboxConfig SandboxConfig, f } // Start the VM - if err = s.startVM(ctx); err != nil { + if err = s.startVM(ctx, prestartHookFunc); err != nil { return nil, err } diff --git a/src/runtime/virtcontainers/implementation.go b/src/runtime/virtcontainers/implementation.go index 177797ebd..f48e939e4 100644 --- a/src/runtime/virtcontainers/implementation.go +++ b/src/runtime/virtcontainers/implementation.go @@ -31,8 +31,8 @@ func (impl *VCImpl) SetFactory(ctx context.Context, factory Factory) { } // CreateSandbox implements the VC function of the same name. -func (impl *VCImpl) CreateSandbox(ctx context.Context, sandboxConfig SandboxConfig) (VCSandbox, error) { - return CreateSandbox(ctx, sandboxConfig, impl.factory) +func (impl *VCImpl) CreateSandbox(ctx context.Context, sandboxConfig SandboxConfig, hookFunc func(context.Context) error) (VCSandbox, error) { + return CreateSandbox(ctx, sandboxConfig, impl.factory, hookFunc) } // CleanupContainer is used by shimv2 to stop and delete a container exclusively, once there is no container diff --git a/src/runtime/virtcontainers/interfaces.go b/src/runtime/virtcontainers/interfaces.go index 7664f0281..492d3f35a 100644 --- a/src/runtime/virtcontainers/interfaces.go +++ b/src/runtime/virtcontainers/interfaces.go @@ -23,7 +23,7 @@ type VC interface { SetLogger(ctx context.Context, logger *logrus.Entry) SetFactory(ctx context.Context, factory Factory) - CreateSandbox(ctx context.Context, sandboxConfig SandboxConfig) (VCSandbox, error) + CreateSandbox(ctx context.Context, sandboxConfig SandboxConfig, hookFunc func(context.Context) error) (VCSandbox, error) CleanupContainer(ctx context.Context, sandboxID, containerID string, force bool) error } diff --git a/src/runtime/virtcontainers/sandbox.go b/src/runtime/virtcontainers/sandbox.go index 025537fed..9f87cc2ff 100644 --- a/src/runtime/virtcontainers/sandbox.go +++ b/src/runtime/virtcontainers/sandbox.go @@ -92,6 +92,9 @@ var ( errSandboxNotRunning = errors.New("Sandbox not running") ) +// HypervisorPidKey is the context key for hypervisor pid +type HypervisorPidKey struct{} + // SandboxStatus describes a sandbox status. type SandboxStatus struct { ContainersStatus []ContainerStatus @@ -1194,7 +1197,7 @@ func (s *Sandbox) cleanSwap(ctx context.Context) { } // startVM starts the VM. -func (s *Sandbox) startVM(ctx context.Context) (err error) { +func (s *Sandbox) startVM(ctx context.Context, prestartHookFunc func(context.Context) error) (err error) { span, ctx := katatrace.Trace(ctx, s.Logger(), "startVM", sandboxTracingTags, map[string]string{"sandbox_id": s.id}) defer span.End() @@ -1234,9 +1237,24 @@ func (s *Sandbox) startVM(ctx context.Context) (err error) { return err } + if prestartHookFunc != nil { + hid, err := s.GetHypervisorPid() + if err != nil { + return err + } + s.Logger().Infof("hypervisor pid is %v", hid) + ctx = context.WithValue(ctx, HypervisorPidKey{}, hid) + + if err := prestartHookFunc(ctx); err != nil { + return err + } + } + // In case of vm factory, network interfaces are hotplugged // after vm is started. - if s.factory != nil { + // In case of prestartHookFunc, network config might have been changed. + // We need to rescan and handle the change. + if s.factory != nil || prestartHookFunc != nil { if _, err := s.network.AddEndpoints(ctx, s, nil, true); err != nil { return err } From d085389127d08aa840a1fd6c3731ad928e9335d4 Mon Sep 17 00:00:00 2001 From: Peng Tao Date: Tue, 3 Jan 2023 10:13:20 +0000 Subject: [PATCH 46/62] vc: fix up UT for CreateSandbox API change Need to adapt the UT as well. Signed-off-by: Peng Tao --- src/runtime/pkg/containerd-shim-v2/create_test.go | 2 +- src/runtime/pkg/katautils/create_test.go | 2 +- src/runtime/virtcontainers/api_test.go | 10 +++++----- src/runtime/virtcontainers/example_pod_run_test.go | 2 +- src/runtime/virtcontainers/pkg/vcmock/mock.go | 4 ++-- src/runtime/virtcontainers/pkg/vcmock/mock_test.go | 8 ++++---- src/runtime/virtcontainers/pkg/vcmock/types.go | 2 +- src/runtime/virtcontainers/sandbox_test.go | 2 +- 8 files changed, 16 insertions(+), 16 deletions(-) diff --git a/src/runtime/pkg/containerd-shim-v2/create_test.go b/src/runtime/pkg/containerd-shim-v2/create_test.go index 121d5ea4d..75638b518 100644 --- a/src/runtime/pkg/containerd-shim-v2/create_test.go +++ b/src/runtime/pkg/containerd-shim-v2/create_test.go @@ -41,7 +41,7 @@ func TestCreateSandboxSuccess(t *testing.T) { }, } - testingImpl.CreateSandboxFunc = func(ctx context.Context, sandboxConfig vc.SandboxConfig) (vc.VCSandbox, error) { + testingImpl.CreateSandboxFunc = func(ctx context.Context, sandboxConfig vc.SandboxConfig, hookFunc func(context.Context) error) (vc.VCSandbox, error) { return sandbox, nil } diff --git a/src/runtime/pkg/katautils/create_test.go b/src/runtime/pkg/katautils/create_test.go index b1e4cf2a9..260800378 100644 --- a/src/runtime/pkg/katautils/create_test.go +++ b/src/runtime/pkg/katautils/create_test.go @@ -274,7 +274,7 @@ func TestCreateSandboxAnnotations(t *testing.T) { rootFs := vc.RootFs{Mounted: true} - testingImpl.CreateSandboxFunc = func(ctx context.Context, sandboxConfig vc.SandboxConfig) (vc.VCSandbox, error) { + testingImpl.CreateSandboxFunc = func(ctx context.Context, sandboxConfig vc.SandboxConfig, hookFunc func(context.Context) error) (vc.VCSandbox, error) { return &vcmock.Sandbox{ MockID: testSandboxID, MockContainers: []*vcmock.Container{ diff --git a/src/runtime/virtcontainers/api_test.go b/src/runtime/virtcontainers/api_test.go index 0268ab125..0af9aec5d 100644 --- a/src/runtime/virtcontainers/api_test.go +++ b/src/runtime/virtcontainers/api_test.go @@ -145,7 +145,7 @@ func TestCreateSandboxNoopAgentSuccessful(t *testing.T) { config := newTestSandboxConfigNoop() ctx := WithNewAgentFunc(context.Background(), newMockAgent) - p, err := CreateSandbox(ctx, config, nil) + p, err := CreateSandbox(ctx, config, nil, nil) assert.NoError(err) assert.NotNil(p) @@ -178,7 +178,7 @@ func TestCreateSandboxKataAgentSuccessful(t *testing.T) { defer hybridVSockTTRPCMock.Stop() ctx := WithNewAgentFunc(context.Background(), newMockAgent) - p, err := CreateSandbox(ctx, config, nil) + p, err := CreateSandbox(ctx, config, nil, nil) assert.NoError(err) assert.NotNil(p) @@ -199,7 +199,7 @@ func TestCreateSandboxFailing(t *testing.T) { config := SandboxConfig{} ctx := WithNewAgentFunc(context.Background(), newMockAgent) - p, err := CreateSandbox(ctx, config, nil) + p, err := CreateSandbox(ctx, config, nil, nil) assert.Error(err) assert.Nil(p.(*Sandbox)) } @@ -227,7 +227,7 @@ func createAndStartSandbox(ctx context.Context, config SandboxConfig) (sandbox V err error) { // Create sandbox - sandbox, err = CreateSandbox(ctx, config, nil) + sandbox, err = CreateSandbox(ctx, config, nil, nil) if sandbox == nil || err != nil { return nil, "", err } @@ -260,7 +260,7 @@ func TestReleaseSandbox(t *testing.T) { config := newTestSandboxConfigNoop() ctx := WithNewAgentFunc(context.Background(), newMockAgent) - s, err := CreateSandbox(ctx, config, nil) + s, err := CreateSandbox(ctx, config, nil, nil) assert.NoError(t, err) assert.NotNil(t, s) diff --git a/src/runtime/virtcontainers/example_pod_run_test.go b/src/runtime/virtcontainers/example_pod_run_test.go index cc12ddaed..79706b0a2 100644 --- a/src/runtime/virtcontainers/example_pod_run_test.go +++ b/src/runtime/virtcontainers/example_pod_run_test.go @@ -64,7 +64,7 @@ func Example_createAndStartSandbox() { } // Create the sandbox - s, err := vc.CreateSandbox(context.Background(), sandboxConfig, nil) + s, err := vc.CreateSandbox(context.Background(), sandboxConfig, nil, nil) if err != nil { fmt.Printf("Could not create sandbox: %s", err) return diff --git a/src/runtime/virtcontainers/pkg/vcmock/mock.go b/src/runtime/virtcontainers/pkg/vcmock/mock.go index 3b1815166..39305e244 100644 --- a/src/runtime/virtcontainers/pkg/vcmock/mock.go +++ b/src/runtime/virtcontainers/pkg/vcmock/mock.go @@ -42,9 +42,9 @@ func (m *VCMock) SetFactory(ctx context.Context, factory vc.Factory) { } // CreateSandbox implements the VC function of the same name. -func (m *VCMock) CreateSandbox(ctx context.Context, sandboxConfig vc.SandboxConfig) (vc.VCSandbox, error) { +func (m *VCMock) CreateSandbox(ctx context.Context, sandboxConfig vc.SandboxConfig, hookFunc func(context.Context) error) (vc.VCSandbox, error) { if m.CreateSandboxFunc != nil { - return m.CreateSandboxFunc(ctx, sandboxConfig) + return m.CreateSandboxFunc(ctx, sandboxConfig, hookFunc) } return nil, fmt.Errorf("%s: %s (%+v): sandboxConfig: %v", mockErrorPrefix, getSelf(), m, sandboxConfig) diff --git a/src/runtime/virtcontainers/pkg/vcmock/mock_test.go b/src/runtime/virtcontainers/pkg/vcmock/mock_test.go index 9043b168d..7558b8d1b 100644 --- a/src/runtime/virtcontainers/pkg/vcmock/mock_test.go +++ b/src/runtime/virtcontainers/pkg/vcmock/mock_test.go @@ -120,22 +120,22 @@ func TestVCMockCreateSandbox(t *testing.T) { assert.Nil(m.CreateSandboxFunc) ctx := context.Background() - _, err := m.CreateSandbox(ctx, vc.SandboxConfig{}) + _, err := m.CreateSandbox(ctx, vc.SandboxConfig{}, nil) assert.Error(err) assert.True(IsMockError(err)) - m.CreateSandboxFunc = func(ctx context.Context, sandboxConfig vc.SandboxConfig) (vc.VCSandbox, error) { + m.CreateSandboxFunc = func(ctx context.Context, sandboxConfig vc.SandboxConfig, hookFunc func(context.Context) error) (vc.VCSandbox, error) { return &Sandbox{}, nil } - sandbox, err := m.CreateSandbox(ctx, vc.SandboxConfig{}) + sandbox, err := m.CreateSandbox(ctx, vc.SandboxConfig{}, nil) assert.NoError(err) assert.Equal(sandbox, &Sandbox{}) // reset m.CreateSandboxFunc = nil - _, err = m.CreateSandbox(ctx, vc.SandboxConfig{}) + _, err = m.CreateSandbox(ctx, vc.SandboxConfig{}, nil) assert.Error(err) assert.True(IsMockError(err)) } diff --git a/src/runtime/virtcontainers/pkg/vcmock/types.go b/src/runtime/virtcontainers/pkg/vcmock/types.go index 05a0a9859..16b811cd5 100644 --- a/src/runtime/virtcontainers/pkg/vcmock/types.go +++ b/src/runtime/virtcontainers/pkg/vcmock/types.go @@ -88,6 +88,6 @@ type VCMock struct { SetLoggerFunc func(ctx context.Context, logger *logrus.Entry) SetFactoryFunc func(ctx context.Context, factory vc.Factory) - CreateSandboxFunc func(ctx context.Context, sandboxConfig vc.SandboxConfig) (vc.VCSandbox, error) + CreateSandboxFunc func(ctx context.Context, sandboxConfig vc.SandboxConfig, hookFunc func(context.Context) error) (vc.VCSandbox, error) CleanupContainerFunc func(ctx context.Context, sandboxID, containerID string, force bool) error } diff --git a/src/runtime/virtcontainers/sandbox_test.go b/src/runtime/virtcontainers/sandbox_test.go index 59ed24c1a..3d5154eae 100644 --- a/src/runtime/virtcontainers/sandbox_test.go +++ b/src/runtime/virtcontainers/sandbox_test.go @@ -1348,7 +1348,7 @@ func TestSandboxCreationFromConfigRollbackFromCreateSandbox(t *testing.T) { // Ensure hypervisor doesn't exist assert.NoError(os.Remove(hConf.HypervisorPath)) - _, err := createSandboxFromConfig(ctx, sConf, nil) + _, err := createSandboxFromConfig(ctx, sConf, nil, nil) // Fail at createSandbox: QEMU path does not exist, it is expected. Then rollback is called assert.Error(err) From 652021ad95dbe943db9b9b247c29ea9bdefef893 Mon Sep 17 00:00:00 2001 From: Bo Chen Date: Tue, 3 Jan 2023 14:09:44 -0800 Subject: [PATCH 47/62] versions: Upgrade to Cloud Hypervisor v28.1 This patch upgrade Cloud Hypervisor to its latest bug release v28.1: https://github.com/cloud-hypervisor/cloud-hypervisor/releases/tag/v28.1 Fixes: #5973 Signed-off-by: Bo Chen --- versions.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/versions.yaml b/versions.yaml index ea79869a3..078fdc584 100644 --- a/versions.yaml +++ b/versions.yaml @@ -75,7 +75,7 @@ assets: url: "https://github.com/cloud-hypervisor/cloud-hypervisor" uscan-url: >- https://github.com/cloud-hypervisor/cloud-hypervisor/tags.*/v?(\d\S+)\.tar\.gz - version: "v28.0" + version: "v28.1" firecracker: description: "Firecracker micro-VMM" From cae78a685122f00f974023b38532d61d3df2c4a1 Mon Sep 17 00:00:00 2001 From: Tingzhou Yuan Date: Tue, 6 Dec 2022 05:54:04 +0000 Subject: [PATCH 48/62] kata-ctl: add constants for direct-volume commands added direct-volume mountinfo struct and constant path strings to kata-types Fixes #5341 Signed-off-by: Tingzhou Yuan --- src/libs/kata-types/src/mount.rs | 24 +- src/tools/kata-ctl/Cargo.lock | 2453 +----------------------------- src/tools/kata-ctl/Cargo.toml | 3 +- 3 files changed, 52 insertions(+), 2428 deletions(-) diff --git a/src/libs/kata-types/src/mount.rs b/src/libs/kata-types/src/mount.rs index 339cce05f..f66e828bd 100644 --- a/src/libs/kata-types/src/mount.rs +++ b/src/libs/kata-types/src/mount.rs @@ -5,7 +5,7 @@ // use anyhow::{anyhow, Context, Result}; -use std::path::PathBuf; +use std::{collections::HashMap, path::PathBuf}; /// Prefix to mark a volume as Kata special. pub const KATA_VOLUME_TYPE_PREFIX: &str = "kata:"; @@ -19,6 +19,12 @@ pub const KATA_EPHEMERAL_VOLUME_TYPE: &str = "ephemeral"; /// KATA_HOST_DIR_TYPE use for host empty dir pub const KATA_HOST_DIR_VOLUME_TYPE: &str = "kata:hostdir"; +/// KATA_MOUNT_INFO_FILE_NAME is used for the file that holds direct-volume mount info +pub const KATA_MOUNT_INFO_FILE_NAME: &str = "mountInfo.json"; + +/// KATA_DIRECT_VOLUME_ROOT_PATH is the root path used for concatenating with the direct-volume mount info file path +pub const KATA_DIRECT_VOLUME_ROOT_PATH: &str = "/run/kata-containers/shared/direct-volumes"; + /// Information about a mount. #[derive(Debug, Clone, Default, serde::Serialize, serde::Deserialize)] pub struct Mount { @@ -49,6 +55,22 @@ impl Mount { } } +/// DirectVolumeMountInfo contains the information needed by Kata +/// to consume a host block device and mount it as a filesystem inside the guest VM. +#[derive(Debug, Clone, Default, serde::Serialize, serde::Deserialize)] +pub struct DirectVolumeMountInfo { + /// The type of the volume (ie. block) + pub volume_type: String, + /// The device backing the volume. + pub device: String, + /// The filesystem type to be mounted on the volume. + pub fs_type: String, + /// Additional metadata to pass to the agent regarding this volume. + pub metadata: HashMap, + /// Additional mount options. + pub options: Vec, +} + /// Check whether a mount type is a marker for Kata specific volume. pub fn is_kata_special_volume(ty: &str) -> bool { ty.len() > KATA_VOLUME_TYPE_PREFIX.len() && ty.starts_with(KATA_VOLUME_TYPE_PREFIX) diff --git a/src/tools/kata-ctl/Cargo.lock b/src/tools/kata-ctl/Cargo.lock index e1c794294..f52fd36cc 100644 --- a/src/tools/kata-ctl/Cargo.lock +++ b/src/tools/kata-ctl/Cargo.lock @@ -2,225 +2,12 @@ # It is not intended for manual editing. version = 3 -[[package]] -name = "actix-macros" -version = "0.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "465a6172cf69b960917811022d8f29bc0b7fa1398bc4f78b3c466673db1213b6" -dependencies = [ - "quote", - "syn", -] - -[[package]] -name = "actix-rt" -version = "2.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ea16c295198e958ef31930a6ef37d0fb64e9ca3b6116e6b93a8bdae96ee1000" -dependencies = [ - "actix-macros", - "futures-core", - "tokio", -] - -[[package]] -name = "addr2line" -version = "0.17.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b9ecd88a8c8378ca913a680cd98f0f13ac67383d35993f86c90a70e3f137816b" -dependencies = [ - "gimli", -] - -[[package]] -name = "adler" -version = "1.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f26201604c87b1e01bd3d98f8d5d9a8fcbb815e8cedb41ffccbeb4bf593a35fe" - -[[package]] -name = "agent" -version = "0.1.0" -dependencies = [ - "anyhow", - "async-trait", - "kata-types", - "log", - "logging", - "nix 0.24.2", - "oci", - "protobuf", - "protocols", - "serde", - "serde_json", - "slog", - "slog-scope", - "tokio", - "ttrpc", - "url", -] - -[[package]] -name = "aho-corasick" -version = "0.7.20" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc936419f96fa211c1b9166887b38e5e40b19958e5b895be7c1f93adec7071ac" -dependencies = [ - "memchr", -] - -[[package]] -name = "android_system_properties" -version = "0.1.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311" -dependencies = [ - "libc", -] - [[package]] name = "anyhow" version = "1.0.65" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "98161a4e3e2184da77bb14f02184cdd111e83bbbcc9979dfee3c44b9a85f5602" -[[package]] -name = "arc-swap" -version = "1.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "983cd8b9d4b02a6dc6ffa557262eb5858a27a0038ffffe21a0f133eaa819a164" - -[[package]] -name = "arrayref" -version = "0.3.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4c527152e37cf757a3f78aae5a06fbeefdb07ccc535c980a3208ee3060dd544" - -[[package]] -name = "arrayvec" -version = "0.7.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8da52d66c7071e2e3fa2a1e5c6d088fec47b593032b254f5e980de8ea54454d6" - -[[package]] -name = "async-channel" -version = "1.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e14485364214912d3b19cc3435dde4df66065127f05fa0d75c712f36f12c2f28" -dependencies = [ - "concurrent-queue 1.2.4", - "event-listener", - "futures-core", -] - -[[package]] -name = "async-executor" -version = "1.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "17adb73da160dfb475c183343c8cccd80721ea5a605d3eb57125f0a7b7a92d0b" -dependencies = [ - "async-lock", - "async-task", - "concurrent-queue 2.0.0", - "fastrand", - "futures-lite", - "slab", -] - -[[package]] -name = "async-global-executor" -version = "2.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f1b6f5d7df27bd294849f8eec66ecfc63d11814df7a4f5d74168a2394467b776" -dependencies = [ - "async-channel", - "async-executor", - "async-io", - "async-lock", - "blocking", - "futures-lite", - "once_cell", -] - -[[package]] -name = "async-io" -version = "1.12.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8c374dda1ed3e7d8f0d9ba58715f924862c63eae6849c92d3a18e7fbde9e2794" -dependencies = [ - "async-lock", - "autocfg", - "concurrent-queue 2.0.0", - "futures-lite", - "libc", - "log", - "parking", - "polling", - "slab", - "socket2", - "waker-fn", - "windows-sys 0.42.0", -] - -[[package]] -name = "async-lock" -version = "2.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8101efe8695a6c17e02911402145357e718ac92d3ff88ae8419e84b1707b685" -dependencies = [ - "event-listener", - "futures-lite", -] - -[[package]] -name = "async-std" -version = "1.12.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62565bb4402e926b29953c785397c6dc0391b7b446e45008b0049eb43cec6f5d" -dependencies = [ - "async-channel", - "async-global-executor", - "async-io", - "async-lock", - "crossbeam-utils", - "futures-channel", - "futures-core", - "futures-io", - "futures-lite", - "gloo-timers", - "kv-log-macro", - "log", - "memchr", - "once_cell", - "pin-project-lite", - "pin-utils", - "slab", - "wasm-bindgen-futures", -] - -[[package]] -name = "async-task" -version = "4.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a40729d2133846d9ed0ea60a8b9541bccddab49cd30f0715a1da672fe9a2524" - -[[package]] -name = "async-trait" -version = "0.1.58" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e805d94e6b5001b651426cf4cd446b1ab5f319d27bab5c644f61de0a804360c" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "atomic-waker" -version = "1.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "065374052e7df7ee4047b1160cca5e1467a12351a40b3da123c870ba0b8eda2a" - [[package]] name = "atty" version = "0.2.14" @@ -238,27 +25,6 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" -[[package]] -name = "awaitgroup" -version = "0.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc17ab023b4091c10ff099f9deebaeeb59b5189df07e554c4fef042b70745d68" - -[[package]] -name = "backtrace" -version = "0.3.66" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cab84319d616cfb654d03394f38ab7e6f0919e181b1b57e1fd15e7fb4077d9a7" -dependencies = [ - "addr2line", - "cc", - "cfg-if 1.0.0", - "libc", - "miniz_oxide 0.5.4", - "object", - "rustc-demangle", -] - [[package]] name = "base64" version = "0.13.0" @@ -271,117 +37,23 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" -[[package]] -name = "bitmask-enum" -version = "2.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd9e32d7420c85055e8107e5b2463c4eeefeaac18b52359fe9f9c08a18f342b2" -dependencies = [ - "quote", - "syn", -] - -[[package]] -name = "blake3" -version = "1.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "42ae2468a89544a466886840aa467a25b766499f4f04bf7d9fcd10ecee9fccef" -dependencies = [ - "arrayref", - "arrayvec", - "cc", - "cfg-if 1.0.0", - "constant_time_eq", - "digest", -] - -[[package]] -name = "block-buffer" -version = "0.10.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "69cce20737498f97b993470a6e536b8523f0af7892a4f928cceb1ac5e52ebe7e" -dependencies = [ - "generic-array", -] - -[[package]] -name = "blocking" -version = "1.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c67b173a56acffd6d2326fb7ab938ba0b00a71480e14902b2591c87bc5741e8" -dependencies = [ - "async-channel", - "async-lock", - "async-task", - "atomic-waker", - "fastrand", - "futures-lite", -] - [[package]] name = "bumpalo" version = "3.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c1ad822118d20d2c234f427000d5acc36eabe1e29a348c89b63dd60b13f28e5d" -[[package]] -name = "byte-unit" -version = "3.1.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "415301c9de11005d4b92193c0eb7ac7adc37e5a49e0ac9bed0a42343512744b8" - -[[package]] -name = "byteorder" -version = "1.4.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" - -[[package]] -name = "bytes" -version = "0.4.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "206fdffcfa2df7cbe15601ef46c813fce0965eb3286db6b56c583b814b51c81c" -dependencies = [ - "byteorder", - "iovec", -] - [[package]] name = "bytes" version = "1.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec8a7b6a70fde80372154c65702f00a0f56f3e1c36abbc6c440484be248856db" -[[package]] -name = "cache-padded" -version = "1.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c1db59621ec70f09c5e9b597b220c7a2b43611f4710dc03ceb8748637775692c" - -[[package]] -name = "caps" -version = "0.5.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "190baaad529bcfbde9e1a19022c42781bdb6ff9de25721abdb8fd98c0807730b" -dependencies = [ - "libc", - "thiserror", -] - [[package]] name = "cc" version = "1.0.73" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11" -dependencies = [ - "jobserver", -] - -[[package]] -name = "cfg-if" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4785bdd1c96b2a846b2bd7cc02e86b6b3dbf14e7e53446c4f54c92a361040822" [[package]] name = "cfg-if" @@ -389,33 +61,6 @@ version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" -[[package]] -name = "cgroups-rs" -version = "0.2.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3845d8ddaca63e9975f07b7a32262afe284561c2f0f620aa968913a65f671fd2" -dependencies = [ - "libc", - "log", - "nix 0.24.2", - "regex", -] - -[[package]] -name = "chrono" -version = "0.4.23" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "16b0a3d9ed01224b22057780a37bb8c5dbfe1be8ba48678e7bf57ec4b385411f" -dependencies = [ - "iana-time-zone", - "js-sys", - "num-integer", - "num-traits", - "time 0.1.43", - "wasm-bindgen", - "winapi", -] - [[package]] name = "clap" version = "3.2.22" @@ -439,7 +84,7 @@ version = "3.2.18" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ea0c8bce528c4be4da13ea6fead8965e95b6073585a2f05204bd8f4119f82a65" dependencies = [ - "heck 0.4.0", + "heck", "proc-macro-error", "proc-macro2", "quote", @@ -455,81 +100,6 @@ dependencies = [ "os_str_bytes", ] -[[package]] -name = "codespan-reporting" -version = "0.11.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3538270d33cc669650c4b093848450d380def10c331d38c768e34cac80576e6e" -dependencies = [ - "termcolor", - "unicode-width", -] - -[[package]] -name = "common" -version = "0.1.0" -dependencies = [ - "agent", - "anyhow", - "async-trait", - "containerd-shim-protos", - "kata-sys-util", - "kata-types", - "lazy_static", - "nix 0.24.2", - "oci", - "persist", - "protobuf", - "serde_json", - "slog", - "slog-scope", - "strum", - "thiserror", - "tokio", - "ttrpc", -] - -[[package]] -name = "common-path" -version = "1.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2382f75942f4b3be3690fe4f86365e9c853c1587d6ee58212cebf6e2a9ccd101" - -[[package]] -name = "concurrent-queue" -version = "1.2.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af4780a44ab5696ea9e28294517f1fffb421a83a25af521333c838635509db9c" -dependencies = [ - "cache-padded", -] - -[[package]] -name = "concurrent-queue" -version = "2.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bd7bef69dc86e3c610e4e7aed41035e2a7ed12e72dd7530f61327a6579a4390b" -dependencies = [ - "crossbeam-utils", -] - -[[package]] -name = "constant_time_eq" -version = "0.2.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f3ad85c1f65dc7b37604eb0e89748faf0b9653065f2a8ef69f96a687ec1e9279" - -[[package]] -name = "containerd-shim-protos" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "077ec778a0835d9d85502e8535362130187759b69eddabe2bdb3a68ffb575bd0" -dependencies = [ - "async-trait", - "protobuf", - "ttrpc", -] - [[package]] name = "core-foundation" version = "0.9.3" @@ -546,391 +116,13 @@ version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc" -[[package]] -name = "cpufeatures" -version = "0.2.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "28d997bd5e24a5928dd43e46dc529867e207907fe0b239c3477d924f7f2ca320" -dependencies = [ - "libc", -] - -[[package]] -name = "crc32fast" -version = "1.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b540bd8bc810d3885c6ea91e2018302f68baba2129ab3e88f32389ee9370880d" -dependencies = [ - "cfg-if 1.0.0", -] - -[[package]] -name = "crossbeam-channel" -version = "0.5.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2dd04ddaf88237dc3b8d8f9a3c1004b506b54b3313403944054d23c0870c521" -dependencies = [ - "cfg-if 1.0.0", - "crossbeam-utils", -] - -[[package]] -name = "crossbeam-utils" -version = "0.8.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4fb766fa798726286dbbb842f174001dab8abc7b627a1dd86e0b7222a95d929f" -dependencies = [ - "cfg-if 1.0.0", -] - -[[package]] -name = "crypto-common" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" -dependencies = [ - "generic-array", - "typenum", -] - -[[package]] -name = "ctor" -version = "0.1.26" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6d2301688392eb071b0bf1a37be05c469d3cc4dbbd95df672fe28ab021e6a096" -dependencies = [ - "quote", - "syn", -] - -[[package]] -name = "cxx" -version = "1.0.82" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4a41a86530d0fe7f5d9ea779916b7cadd2d4f9add748b99c2c029cbbdfaf453" -dependencies = [ - "cc", - "cxxbridge-flags", - "cxxbridge-macro", - "link-cplusplus", -] - -[[package]] -name = "cxx-build" -version = "1.0.82" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "06416d667ff3e3ad2df1cd8cd8afae5da26cf9cec4d0825040f88b5ca659a2f0" -dependencies = [ - "cc", - "codespan-reporting", - "once_cell", - "proc-macro2", - "quote", - "scratch", - "syn", -] - -[[package]] -name = "cxxbridge-flags" -version = "1.0.82" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "820a9a2af1669deeef27cb271f476ffd196a2c4b6731336011e0ba63e2c7cf71" - -[[package]] -name = "cxxbridge-macro" -version = "1.0.82" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a08a6e2fcc370a089ad3b4aaf54db3b1b4cee38ddabce5896b33eb693275f470" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "dashmap" -version = "4.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e77a43b28d0668df09411cb0bc9a8c2adc40f9a048afe863e05fd43251e8e39c" -dependencies = [ - "cfg-if 1.0.0", - "num_cpus", -] - -[[package]] -name = "dbs-address-space" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6bcc37dc0b8ffae1c5911d13ae630dc7a9020fa0de0edd178d6ab71daf56c8fc" -dependencies = [ - "arc-swap", - "libc", - "nix 0.23.1", - "thiserror", - "vm-memory", - "vmm-sys-util 0.11.0", -] - -[[package]] -name = "dbs-allocator" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "543711b94b4bc1437d2ebb45f856452e96a45a67ab39f8dcf8c887c2a3701004" -dependencies = [ - "thiserror", -] - -[[package]] -name = "dbs-arch" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0f89357fc97fb3608473073be037ea0b22787b1fa4c68b8eb3dd51f3c5fd6b41" -dependencies = [ - "kvm-bindings", - "kvm-ioctls", - "libc", - "memoffset", - "vm-memory", - "vmm-sys-util 0.11.0", -] - -[[package]] -name = "dbs-boot" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8e6930547e688d8527705d1b7c4163c090c8535b8dd526d8251aa4dfdcbf2f82" -dependencies = [ - "dbs-arch", - "kvm-bindings", - "kvm-ioctls", - "lazy_static", - "libc", - "thiserror", - "vm-fdt", - "vm-memory", -] - -[[package]] -name = "dbs-device" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14ecea44b4bc861c0c2ccb51868bea781286dc70e40ae46b54d4511e690a654a" -dependencies = [ - "thiserror", -] - -[[package]] -name = "dbs-interrupt" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "15f217820329cea9d8d2870f9cdda426c5ca4379e33283c39338841a86bdc36c" -dependencies = [ - "dbs-device", - "kvm-bindings", - "kvm-ioctls", - "libc", - "vmm-sys-util 0.11.0", -] - -[[package]] -name = "dbs-legacy-devices" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c4d089ac1c4d186c8133be59de09462e9793f7add10017c5b040318a3a7f431f" -dependencies = [ - "dbs-device", - "dbs-utils", - "log", - "serde", - "vm-superio", - "vmm-sys-util 0.11.0", -] - -[[package]] -name = "dbs-uhttp" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bcab9b457bf9cac784c38ad87a37eb15dad06e72751acdd556e442b3aa4b7248" -dependencies = [ - "libc", - "mio", -] - -[[package]] -name = "dbs-utils" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0cb6ff873451b76e22789af7fbe1d0478c42c717f817e66908be7a3a2288068c" -dependencies = [ - "anyhow", - "event-manager", - "libc", - "log", - "serde", - "thiserror", - "timerfd", - "vmm-sys-util 0.11.0", -] - -[[package]] -name = "dbs-virtio-devices" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f70cc3a62fa1c169beca6921ef0d3cf38fdfe7cd732ac76c8517bc8a3df9338" -dependencies = [ - "byteorder", - "caps", - "dbs-device", - "dbs-interrupt", - "dbs-utils", - "epoll", - "fuse-backend-rs", - "io-uring", - "kvm-bindings", - "kvm-ioctls", - "libc", - "log", - "nix 0.23.1", - "nydus-blobfs", - "nydus-rafs", - "rlimit", - "serde", - "serde_json", - "thiserror", - "threadpool", - "virtio-bindings", - "virtio-queue", - "vm-memory", - "vmm-sys-util 0.11.0", -] - -[[package]] -name = "derive-new" -version = "0.5.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3418329ca0ad70234b9735dc4ceed10af4df60eff9c8e7b06cb5e520d92c3535" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "digest" -version = "0.10.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f" -dependencies = [ - "block-buffer", - "crypto-common", - "subtle", -] - -[[package]] -name = "dragonball" -version = "0.1.0" -dependencies = [ - "arc-swap", - "bytes 1.2.1", - "dbs-address-space", - "dbs-allocator", - "dbs-arch", - "dbs-boot", - "dbs-device", - "dbs-interrupt", - "dbs-legacy-devices", - "dbs-utils", - "dbs-virtio-devices", - "kvm-bindings", - "kvm-ioctls", - "lazy_static", - "libc", - "linux-loader", - "log", - "nix 0.24.2", - "seccompiler", - "serde", - "serde_derive", - "serde_json", - "slog", - "slog-scope", - "thiserror", - "virtio-queue", - "vm-memory", - "vmm-sys-util 0.11.0", -] - -[[package]] -name = "either" -version = "1.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90e5c1c8368803113bf0c9584fc495a58b86dc8a29edbf8fe877d21d9507e797" - [[package]] name = "encoding_rs" version = "0.8.31" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9852635589dc9f9ea1b6fe9f05b50ef208c85c834a562f0c6abb1c475736ec2b" dependencies = [ - "cfg-if 1.0.0", -] - -[[package]] -name = "epoll" -version = "4.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "20df693c700404f7e19d4d6fae6b15215d2913c27955d2b9d6f2c0f537511cd0" -dependencies = [ - "bitflags", - "libc", -] - -[[package]] -name = "errno" -version = "0.2.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f639046355ee4f37944e44f60642c6f3a7efa3cf6b78c78a0d989a8ce6c396a1" -dependencies = [ - "errno-dragonfly", - "libc", - "winapi", -] - -[[package]] -name = "errno-dragonfly" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa68f1b12764fab894d2755d2518754e71b4fd80ecfb822714a1206c2aab39bf" -dependencies = [ - "cc", - "libc", -] - -[[package]] -name = "event-listener" -version = "2.5.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0206175f82b8d6bf6652ff7d71a1e27fd2e4efde587fd368662814d6ec1d9ce0" - -[[package]] -name = "event-manager" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "377fa591135fbe23396a18e2655a6d5481bf7c5823cdfa3cc81b01a229cbe640" -dependencies = [ - "libc", - "vmm-sys-util 0.11.0", -] - -[[package]] -name = "fail" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe5e43d0f78a42ad591453aedb1d7ae631ce7ee445c7643691055a9ed8d3b01c" -dependencies = [ - "log", - "once_cell", - "rand 0.8.5", + "cfg-if", ] [[package]] @@ -942,22 +134,6 @@ dependencies = [ "instant", ] -[[package]] -name = "fixedbitset" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37ab347416e802de484e4d03c7316c48f1ecb56574dfd4a46a80f173ce1de04d" - -[[package]] -name = "flate2" -version = "1.0.25" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a8a2db397cb1c8772f31494cb8917e48cd1e64f0fa7efac59fbd741a0a8ce841" -dependencies = [ - "crc32fast", - "miniz_oxide 0.6.2", -] - [[package]] name = "fnv" version = "1.0.7" @@ -988,52 +164,6 @@ dependencies = [ "percent-encoding", ] -[[package]] -name = "fuchsia-cprng" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a06f77d526c1a601b7c4cdd98f54b5eaabffc14d5f2f0296febdc7f357c6d3ba" - -[[package]] -name = "fuse-backend-rs" -version = "0.9.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "994a3bfb694ee52bf8f3bca80d784b723f150810998219337e429cc5dbe92717" -dependencies = [ - "arc-swap", - "bitflags", - "caps", - "core-foundation-sys", - "io-uring", - "lazy_static", - "libc", - "log", - "mio", - "nix 0.24.2", - "scoped-tls", - "slab", - "socket2", - "tokio-uring", - "virtio-queue", - "vm-memory", - "vmm-sys-util 0.10.0", -] - -[[package]] -name = "futures" -version = "0.3.25" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38390104763dc37a5145a53c29c63c1290b5d316d6086ec32c293f6736051bb0" -dependencies = [ - "futures-channel", - "futures-core", - "futures-executor", - "futures-io", - "futures-sink", - "futures-task", - "futures-util", -] - [[package]] name = "futures-channel" version = "0.3.25" @@ -1041,7 +171,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "52ba265a92256105f45b719605a571ffe2d1f0fea3807304b522c1d778f79eed" dependencies = [ "futures-core", - "futures-sink", ] [[package]] @@ -1050,49 +179,12 @@ version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "04909a7a7e4633ae6c4a9ab280aeb86da1236243a77b694a49eacd659a4bd3ac" -[[package]] -name = "futures-executor" -version = "0.3.25" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7acc85df6714c176ab5edf386123fafe217be88c0840ec11f199441134a074e2" -dependencies = [ - "futures-core", - "futures-task", - "futures-util", -] - [[package]] name = "futures-io" version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "00f5fb52a06bdcadeb54e8d3671f8888a39697dcb0b81b23b55174030427f4eb" -[[package]] -name = "futures-lite" -version = "1.12.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7694489acd39452c77daa48516b894c153f192c3578d5a839b62c58099fcbf48" -dependencies = [ - "fastrand", - "futures-core", - "futures-io", - "memchr", - "parking", - "pin-project-lite", - "waker-fn", -] - -[[package]] -name = "futures-macro" -version = "0.3.25" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bdfb8ce053d86b91919aad980c220b1fb8401a9394410e1c289ed7e66b61835d" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - [[package]] name = "futures-sink" version = "0.3.25" @@ -1105,23 +197,14 @@ version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2ffb393ac5d9a6eaa9d3fdf37ae2776656b706e200c8e16b1bdb227f5198e6ea" -[[package]] -name = "futures-timer" -version = "3.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e64b03909df88034c26dc1547e8970b91f98bdb65165d6a4e9110d94263dbb2c" - [[package]] name = "futures-util" version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "197676987abd2f9cadff84926f410af1c183608d36641465df73ae8211dc65d6" dependencies = [ - "futures-channel", "futures-core", "futures-io", - "futures-macro", - "futures-sink", "futures-task", "memchr", "pin-project-lite", @@ -1129,95 +212,13 @@ dependencies = [ "slab", ] -[[package]] -name = "generic-array" -version = "0.14.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9" -dependencies = [ - "typenum", - "version_check", -] - -[[package]] -name = "getrandom" -version = "0.1.16" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce" -dependencies = [ - "cfg-if 1.0.0", - "libc", - "wasi 0.9.0+wasi-snapshot-preview1", -] - -[[package]] -name = "getrandom" -version = "0.2.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c05aeb6a22b8f62540c194aac980f2115af067bfe15a0734d7277a768d396b31" -dependencies = [ - "cfg-if 1.0.0", - "libc", - "wasi 0.11.0+wasi-snapshot-preview1", -] - -[[package]] -name = "gimli" -version = "0.26.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22030e2c5a68ec659fde1e949a745124b48e6fa8b045b7ed5bd1fe4ccc5c4e5d" - -[[package]] -name = "glob" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" - -[[package]] -name = "gloo-timers" -version = "0.2.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5fb7d06c1c8cc2a29bee7ec961009a0b2caa0793ee4900c2ffb348734ba1c8f9" -dependencies = [ - "futures-channel", - "futures-core", - "js-sys", - "wasm-bindgen", -] - -[[package]] -name = "go-flag" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6b4a40c9ca507513f573aabaf6a8558173a1ac9aa1363d8de30c7f89b34f8d2b" -dependencies = [ - "cfg-if 0.1.10", -] - -[[package]] -name = "governor" -version = "0.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7df0ee4b237afb71e99f7e2fbd840ffec2d6c4bb569f69b2af18aa1f63077d38" -dependencies = [ - "dashmap", - "futures", - "futures-timer", - "no-std-compat", - "nonzero_ext", - "parking_lot 0.11.2", - "quanta", - "rand 0.8.5", - "smallvec", -] - [[package]] name = "h2" version = "0.3.14" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5ca32592cf21ac7ccab1825cd87f6c9b3d9022c44d086172ed0966bec8af30be" dependencies = [ - "bytes 1.2.1", + "bytes", "fnv", "futures-core", "futures-sink", @@ -1236,15 +237,6 @@ version = "0.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" -[[package]] -name = "heck" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6d621efb26863f0e9924c6ac577e8275e5e6b77455db64ffa6c65c904e9e132c" -dependencies = [ - "unicode-segmentation", -] - [[package]] name = "heck" version = "0.4.0" @@ -1260,19 +252,13 @@ dependencies = [ "libc", ] -[[package]] -name = "hex" -version = "0.4.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" - [[package]] name = "http" version = "0.2.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "75f43d41e26995c17e71ee126451dd3941010b0514a81a9d11f3b341debc2399" dependencies = [ - "bytes 1.2.1", + "bytes", "fnv", "itoa", ] @@ -1283,7 +269,7 @@ version = "0.4.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d5f38f16d184e36f2408a55281cd658ecbd3ca05cce6d6510a176eca393e26d1" dependencies = [ - "bytes 1.2.1", + "bytes", "http", "pin-project-lite", ] @@ -1306,7 +292,7 @@ version = "0.14.20" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "02c929dc5c39e335a03c405292728118860721b10190d98c2a0f0efd5baafbac" dependencies = [ - "bytes 1.2.1", + "bytes", "futures-channel", "futures-core", "futures-util", @@ -1343,7 +329,7 @@ version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905" dependencies = [ - "bytes 1.2.1", + "bytes", "hyper", "native-tls", "tokio", @@ -1440,32 +426,7 @@ version = "0.1.12" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" dependencies = [ - "cfg-if 1.0.0", -] - -[[package]] -name = "io-lifetimes" -version = "0.6.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9448015e586b611e5d322f6703812bbca2f1e709d5773ecd38ddb4e3bb649504" - -[[package]] -name = "io-uring" -version = "0.5.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ba34abb5175052fc1a2227a10d2275b7386c9990167de9786c0b88d8b062330" -dependencies = [ - "bitflags", - "libc", -] - -[[package]] -name = "iovec" -version = "0.1.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b2b3ea6ff95e175473f8ffe6a7eb7c00d054240321b84c57051175fe3c1e075e" -dependencies = [ - "libc", + "cfg-if", ] [[package]] @@ -1474,30 +435,12 @@ version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "879d54834c8c76457ef4293a689b2a8c59b076067ad77b15efafbb05f92a592b" -[[package]] -name = "itertools" -version = "0.10.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b0fd2260e829bddf4cb6ea802289de2f86d6a7a690192fbe91b3f46e0f2c8473" -dependencies = [ - "either", -] - [[package]] name = "itoa" version = "1.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4217ad341ebadf8d8e724e264f13e593e0648f5b3e94b3896a5df283be015ecc" -[[package]] -name = "jobserver" -version = "0.1.25" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "068b1ee6743e4d11fb9c6a1e6064b3693a1b600e7f5f5988047d98b3dc9fb90b" -dependencies = [ - "libc", -] - [[package]] name = "js-sys" version = "0.3.60" @@ -1516,7 +459,6 @@ dependencies = [ "nix 0.25.0", "privdrop", "reqwest", - "runtimes", "semver", "serde", "serde_json", @@ -1526,79 +468,6 @@ dependencies = [ "thiserror", ] -[[package]] -name = "kata-sys-util" -version = "0.1.0" -dependencies = [ - "byteorder", - "cgroups-rs", - "chrono", - "common-path", - "fail", - "kata-types", - "lazy_static", - "libc", - "nix 0.24.2", - "oci", - "once_cell", - "rand 0.7.3", - "serde_json", - "slog", - "slog-scope", - "subprocess", - "thiserror", -] - -[[package]] -name = "kata-types" -version = "0.1.0" -dependencies = [ - "anyhow", - "base64", - "bitmask-enum", - "byte-unit", - "glob", - "lazy_static", - "num_cpus", - "oci", - "regex", - "serde", - "serde_json", - "slog", - "slog-scope", - "thiserror", - "toml 0.5.9", -] - -[[package]] -name = "kv-log-macro" -version = "1.0.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0de8b303297635ad57c9f5059fd9cee7a47f8e8daa09df0fcd07dd39fb22977f" -dependencies = [ - "log", -] - -[[package]] -name = "kvm-bindings" -version = "0.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a78c049190826fff959994b7c1d8a2930d0a348f1b8f3aa4f9bb34cd5d7f2952" -dependencies = [ - "vmm-sys-util 0.11.0", -] - -[[package]] -name = "kvm-ioctls" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97422ba48d7ffb66fd4d18130f72ab66f9bbbf791fb7a87b9291cdcfec437593" -dependencies = [ - "kvm-bindings", - "libc", - "vmm-sys-util 0.11.0", -] - [[package]] name = "lazy_static" version = "1.4.0" @@ -1611,78 +480,13 @@ version = "0.2.135" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "68783febc7782c6c5cb401fbda4de5a9898be1762314da0bb2c10ced61f18b0c" -[[package]] -name = "link-cplusplus" -version = "1.0.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9272ab7b96c9046fbc5bc56c06c117cb639fe2d509df0c421cad82d2915cf369" -dependencies = [ - "cc", -] - -[[package]] -name = "linux-loader" -version = "0.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62a2f912deca034ec34b0a43a390059ea98daac40e440ebe8bea88f3315fe168" -dependencies = [ - "vm-memory", -] - -[[package]] -name = "linux-raw-sys" -version = "0.0.46" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d4d2456c373231a208ad294c33dc5bff30051eafd954cd4caae83a712b12854d" - -[[package]] -name = "lock_api" -version = "0.4.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df" -dependencies = [ - "autocfg", - "scopeguard", -] - [[package]] name = "log" version = "0.4.17" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" dependencies = [ - "cfg-if 1.0.0", - "value-bag", -] - -[[package]] -name = "logging" -version = "0.1.0" -dependencies = [ - "serde_json", - "slog", - "slog-async", - "slog-json", - "slog-scope", -] - -[[package]] -name = "lz4-sys" -version = "1.9.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57d27b317e207b10f69f5e75494119e391a96f48861ae870d1da6edac98ca900" -dependencies = [ - "cc", - "libc", -] - -[[package]] -name = "mach" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b823e83b2affd8f40a9ee8c29dbc56404c1e34cd2710921f2801e2cf29527afa" -dependencies = [ - "libc", + "cfg-if", ] [[package]] @@ -1706,24 +510,6 @@ version = "0.3.16" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2a60c7ce501c71e03a9c9c0d35b861413ae925bd979cc7a4e30d060069aaac8d" -[[package]] -name = "miniz_oxide" -version = "0.5.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "96590ba8f175222643a85693f33d26e9c8a015f599c216509b1a6894af675d34" -dependencies = [ - "adler", -] - -[[package]] -name = "miniz_oxide" -version = "0.6.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b275950c28b37e794e8c55d88aeb5e139d0ce23fdbbeda68f8d7174abdf9e8fa" -dependencies = [ - "adler", -] - [[package]] name = "mio" version = "0.8.4" @@ -1732,16 +518,10 @@ checksum = "57ee1c23c7c63b0c9250c339ffdc69255f110b298b901b9f6c82547b7b87caaf" dependencies = [ "libc", "log", - "wasi 0.11.0+wasi-snapshot-preview1", - "windows-sys 0.36.1", + "wasi", + "windows-sys", ] -[[package]] -name = "multimap" -version = "0.8.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e5ce46fe64a9d73be07dcbe690a38ce1b293be448fd8ce1e6c1b8062c9f72c6a" - [[package]] name = "native-tls" version = "0.2.10" @@ -1760,85 +540,6 @@ dependencies = [ "tempfile", ] -[[package]] -name = "netlink-packet-core" -version = "0.4.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "345b8ab5bd4e71a2986663e88c56856699d060e78e152e6e9d7966fcd5491297" -dependencies = [ - "anyhow", - "byteorder", - "libc", - "netlink-packet-utils", -] - -[[package]] -name = "netlink-packet-route" -version = "0.13.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f5dee5ed749373c298237fe694eb0a51887f4cc1a27370c8464bac4382348f1a" -dependencies = [ - "anyhow", - "bitflags", - "byteorder", - "libc", - "netlink-packet-core", - "netlink-packet-utils", -] - -[[package]] -name = "netlink-packet-utils" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "25af9cf0dc55498b7bd94a1508af7a78706aa0ab715a73c5169273e03c84845e" -dependencies = [ - "anyhow", - "byteorder", - "paste", - "thiserror", -] - -[[package]] -name = "netlink-proto" -version = "0.10.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "65b4b14489ab424703c092062176d52ba55485a89c076b4f9db05092b7223aa6" -dependencies = [ - "bytes 1.2.1", - "futures", - "log", - "netlink-packet-core", - "netlink-sys", - "thiserror", - "tokio", -] - -[[package]] -name = "netlink-sys" -version = "0.8.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "92b654097027250401127914afb37cb1f311df6610a9891ff07a757e94199027" -dependencies = [ - "bytes 1.2.1", - "futures", - "libc", - "log", - "tokio", -] - -[[package]] -name = "nix" -version = "0.23.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f866317acbd3a240710c63f065ffb1e4fd466259045ccb504130b7f668f35c6" -dependencies = [ - "bitflags", - "cc", - "cfg-if 1.0.0", - "libc", - "memoffset", -] - [[package]] name = "nix" version = "0.24.2" @@ -1846,7 +547,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "195cdbc1741b8134346d515b3a56a1c94b0912758009cfd53f99ea0f57b065fc" dependencies = [ "bitflags", - "cfg-if 1.0.0", + "cfg-if", "libc", "memoffset", ] @@ -1859,43 +560,12 @@ checksum = "e322c04a9e3440c327fca7b6c8a63e6890a32fa2ad689db972425f07e0d22abb" dependencies = [ "autocfg", "bitflags", - "cfg-if 1.0.0", + "cfg-if", "libc", "memoffset", "pin-utils", ] -[[package]] -name = "no-std-compat" -version = "0.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b93853da6d84c2e3c7d730d6473e8817692dd89be387eb01b94d7f108ecb5b8c" - -[[package]] -name = "nonzero_ext" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38bf9645c8b145698bb0b18a4637dcacbc421ea49bef2317e4fd8065a387cf21" - -[[package]] -name = "num-integer" -version = "0.1.45" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9" -dependencies = [ - "autocfg", - "num-traits", -] - -[[package]] -name = "num-traits" -version = "0.2.15" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" -dependencies = [ - "autocfg", -] - [[package]] name = "num_cpus" version = "1.13.1" @@ -1906,154 +576,6 @@ dependencies = [ "libc", ] -[[package]] -name = "nydus-api" -version = "0.1.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "61fbfbdb58ff07bed50b412d4315b3c5808979bb5decb56706ac66d53daf2cf3" -dependencies = [ - "dbs-uhttp", - "http", - "lazy_static", - "libc", - "log", - "mio", - "nydus-error", - "nydus-utils", - "serde", - "serde_derive", - "serde_json", - "url", - "vmm-sys-util 0.10.0", -] - -[[package]] -name = "nydus-blobfs" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9ef818ecadc217f49ce8d48506b885d8d26f877d26b0108d90d8b82547663d95" -dependencies = [ - "fuse-backend-rs", - "libc", - "log", - "nydus-error", - "nydus-rafs", - "nydus-storage", - "serde", - "serde_json", - "vm-memory", -] - -[[package]] -name = "nydus-error" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90960fb7268286328d11f18e747bed58d8e3bbea6f401bd316e91fe39f4f7213" -dependencies = [ - "backtrace", - "httpdate", - "libc", - "log", - "serde", - "serde_json", -] - -[[package]] -name = "nydus-rafs" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4a06e8b0b4a90acc2d128d2f3b1ab6ae5d325116f1f69754bd3628dbd4499f4" -dependencies = [ - "anyhow", - "arc-swap", - "bitflags", - "blake3", - "fuse-backend-rs", - "futures", - "lazy_static", - "libc", - "log", - "lz4-sys", - "nix 0.24.2", - "nydus-api", - "nydus-error", - "nydus-storage", - "nydus-utils", - "serde", - "serde_json", - "sha2", - "spmc", - "vm-memory", -] - -[[package]] -name = "nydus-storage" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b5dd10c443f47a0ac7d71021f7658a605c2be5b46576a91f3238babbaf3f459e" -dependencies = [ - "anyhow", - "arc-swap", - "bitflags", - "dbs-uhttp", - "fuse-backend-rs", - "futures", - "governor", - "lazy_static", - "libc", - "log", - "nix 0.24.2", - "nydus-api", - "nydus-error", - "nydus-utils", - "serde", - "serde_json", - "sha2", - "tokio", - "vm-memory", - "vmm-sys-util 0.10.0", -] - -[[package]] -name = "nydus-utils" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9b7e976c67052c3ff63372e2a07701923796d25a77eac605824b26d406ab0918" -dependencies = [ - "blake3", - "flate2", - "lazy_static", - "libc", - "log", - "lz4-sys", - "nix 0.24.2", - "nydus-error", - "serde", - "serde_json", - "sha2", - "tokio", - "zstd", -] - -[[package]] -name = "object" -version = "0.29.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21158b2c33aa6d4561f1c0a6ea283ca92bc54802a93b263e910746d679a7eb53" -dependencies = [ - "memchr", -] - -[[package]] -name = "oci" -version = "0.1.0" -dependencies = [ - "libc", - "serde", - "serde_derive", - "serde_json", -] - [[package]] name = "once_cell" version = "1.15.0" @@ -2067,7 +589,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "12fc0523e3bd51a692c8850d075d74dc062ccf251c0110668cbd921917118a13" dependencies = [ "bitflags", - "cfg-if 1.0.0", + "cfg-if", "foreign-types", "libc", "once_cell", @@ -2111,66 +633,6 @@ version = "6.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9ff7415e9ae3fff1225851df9e0d9e4e5479f947619774677a63572e55e80eff" -[[package]] -name = "parking" -version = "2.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "427c3892f9e783d91cc128285287e70a59e206ca452770ece88a76f7a3eddd72" - -[[package]] -name = "parking_lot" -version = "0.11.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7d17b78036a60663b797adeaee46f5c9dfebb86948d1255007a1d6be0271ff99" -dependencies = [ - "instant", - "lock_api", - "parking_lot_core 0.8.5", -] - -[[package]] -name = "parking_lot" -version = "0.12.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" -dependencies = [ - "lock_api", - "parking_lot_core 0.9.4", -] - -[[package]] -name = "parking_lot_core" -version = "0.8.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d76e8e1493bcac0d2766c42737f34458f1c8c50c0d23bcb24ea953affb273216" -dependencies = [ - "cfg-if 1.0.0", - "instant", - "libc", - "redox_syscall", - "smallvec", - "winapi", -] - -[[package]] -name = "parking_lot_core" -version = "0.9.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4dc9e0dc2adc1c69d09143aff38d3d30c5c3f0df0dad82e6d25547af174ebec0" -dependencies = [ - "cfg-if 1.0.0", - "libc", - "redox_syscall", - "smallvec", - "windows-sys 0.42.0", -] - -[[package]] -name = "paste" -version = "1.0.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1de2e551fb905ac83f73f7aedf2f0cb4a0da7e35efa24a202a936269f1f18e1" - [[package]] name = "percent-encoding" version = "2.2.0" @@ -2240,26 +702,6 @@ version = "0.3.26" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6ac9a59f73473f1b8d852421e59e64809f025994837ef743615c6d0c5b305160" -[[package]] -name = "polling" -version = "2.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f7d73f1eaed1ca1fb37b54dcc9b38e3b17d6c7b8ecb7abfffcac8d0351f17d4" -dependencies = [ - "autocfg", - "cfg-if 1.0.0", - "libc", - "log", - "wepoll-ffi", - "windows-sys 0.42.0", -] - -[[package]] -name = "ppv-lite86" -version = "0.2.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de" - [[package]] name = "privdrop" version = "0.5.2" @@ -2303,123 +745,6 @@ dependencies = [ "unicode-ident", ] -[[package]] -name = "prost" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "de5e2533f59d08fcf364fd374ebda0692a70bd6d7e66ef97f306f45c6c5d8020" -dependencies = [ - "bytes 1.2.1", - "prost-derive", -] - -[[package]] -name = "prost-build" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "355f634b43cdd80724ee7848f95770e7e70eefa6dcf14fea676216573b8fd603" -dependencies = [ - "bytes 1.2.1", - "heck 0.3.3", - "itertools", - "log", - "multimap", - "petgraph", - "prost", - "prost-types", - "tempfile", - "which", -] - -[[package]] -name = "prost-derive" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "600d2f334aa05acb02a755e217ef1ab6dea4d51b58b7846588b747edec04efba" -dependencies = [ - "anyhow", - "itertools", - "proc-macro2", - "quote", - "syn", -] - -[[package]] -name = "prost-types" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "603bbd6394701d13f3f25aada59c7de9d35a6a5887cfc156181234a44002771b" -dependencies = [ - "bytes 1.2.1", - "prost", -] - -[[package]] -name = "protobuf" -version = "2.28.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "106dd99e98437432fed6519dedecfade6a06a73bb7b2a1e019fdd2bee5778d94" -dependencies = [ - "serde", - "serde_derive", -] - -[[package]] -name = "protobuf-codegen" -version = "2.28.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "033460afb75cf755fcfc16dfaed20b86468082a2ea24e05ac35ab4a099a017d6" -dependencies = [ - "protobuf", -] - -[[package]] -name = "protobuf-codegen-pure" -version = "2.28.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "95a29399fc94bcd3eeaa951c715f7bea69409b2445356b00519740bcd6ddd865" -dependencies = [ - "protobuf", - "protobuf-codegen", -] - -[[package]] -name = "protobuf-codegen-pure3" -version = "2.28.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b0a3cf0a7de7570cb67bfb9a9a585b5841b49790a1be0ef104340a2110b91135" -dependencies = [ - "protobuf", - "protobuf-codegen", -] - -[[package]] -name = "protocols" -version = "0.1.0" -dependencies = [ - "async-trait", - "oci", - "protobuf", - "ttrpc", - "ttrpc-codegen", -] - -[[package]] -name = "quanta" -version = "0.9.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "20afe714292d5e879d8b12740aa223c6a88f118af41870e8b6196e39a02238a8" -dependencies = [ - "crossbeam-utils", - "libc", - "mach", - "once_cell", - "raw-cpuid", - "wasi 0.10.2+wasi-snapshot-preview1", - "web-sys", - "winapi", -] - [[package]] name = "quote" version = "1.0.21" @@ -2429,133 +754,6 @@ dependencies = [ "proc-macro2", ] -[[package]] -name = "rand" -version = "0.3.23" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "64ac302d8f83c0c1974bf758f6b041c6c8ada916fbb44a609158ca8b064cc76c" -dependencies = [ - "libc", - "rand 0.4.6", -] - -[[package]] -name = "rand" -version = "0.4.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "552840b97013b1a26992c11eac34bdd778e464601a4c2054b5f0bff7c6761293" -dependencies = [ - "fuchsia-cprng", - "libc", - "rand_core 0.3.1", - "rdrand", - "winapi", -] - -[[package]] -name = "rand" -version = "0.7.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" -dependencies = [ - "getrandom 0.1.16", - "libc", - "rand_chacha 0.2.2", - "rand_core 0.5.1", - "rand_hc", -] - -[[package]] -name = "rand" -version = "0.8.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" -dependencies = [ - "libc", - "rand_chacha 0.3.1", - "rand_core 0.6.4", -] - -[[package]] -name = "rand_chacha" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" -dependencies = [ - "ppv-lite86", - "rand_core 0.5.1", -] - -[[package]] -name = "rand_chacha" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" -dependencies = [ - "ppv-lite86", - "rand_core 0.6.4", -] - -[[package]] -name = "rand_core" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a6fdeb83b075e8266dcc8762c22776f6877a63111121f5f8c7411e5be7eed4b" -dependencies = [ - "rand_core 0.4.2", -] - -[[package]] -name = "rand_core" -version = "0.4.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c33a3c44ca05fa6f1807d8e6743f3824e8509beca625669633be0acbdf509dc" - -[[package]] -name = "rand_core" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" -dependencies = [ - "getrandom 0.1.16", -] - -[[package]] -name = "rand_core" -version = "0.6.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" -dependencies = [ - "getrandom 0.2.8", -] - -[[package]] -name = "rand_hc" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" -dependencies = [ - "rand_core 0.5.1", -] - -[[package]] -name = "raw-cpuid" -version = "10.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a6823ea29436221176fe662da99998ad3b4db2c7f31e7b6f5fe43adccd6320bb" -dependencies = [ - "bitflags", -] - -[[package]] -name = "rdrand" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "678054eb77286b51581ba43620cc911abf02758c91f93f479767aed0f90458b2" -dependencies = [ - "rand_core 0.3.1", -] - [[package]] name = "redox_syscall" version = "0.2.16" @@ -2565,23 +763,6 @@ dependencies = [ "bitflags", ] -[[package]] -name = "regex" -version = "1.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e076559ef8e241f2ae3479e36f97bd5741c0330689e217ad51ce2c76808b868a" -dependencies = [ - "aho-corasick", - "memchr", - "regex-syntax", -] - -[[package]] -name = "regex-syntax" -version = "0.6.28" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "456c603be3e8d448b072f410900c09faf164fbce2d480456f50eea6e25f9c848" - [[package]] name = "remove_dir_all" version = "0.5.3" @@ -2598,7 +779,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "431949c384f4e2ae07605ccaa56d1d9d2ecdb5cadd4f9577ccfab29f2e5149fc" dependencies = [ "base64", - "bytes 1.2.1", + "bytes", "encoding_rs", "futures-core", "futures-util", @@ -2633,39 +814,6 @@ dependencies = [ "winreg", ] -[[package]] -name = "resource" -version = "0.1.0" -dependencies = [ - "actix-rt", - "agent", - "anyhow", - "async-trait", - "bitflags", - "cgroups-rs", - "futures", - "hypervisor", - "kata-sys-util", - "kata-types", - "lazy_static", - "libc", - "logging", - "netlink-packet-route", - "netlink-sys", - "nix 0.24.2", - "oci", - "persist", - "rand 0.7.3", - "rtnetlink", - "scopeguard", - "serde", - "serde_json", - "slog", - "slog-scope", - "tokio", - "uuid", -] - [[package]] name = "ring" version = "0.16.20" @@ -2779,13 +927,6 @@ version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4501abdff3ae82a1c1b477a17252eb69cee9e66eb915c1abaa4f44d873df9f09" -[[package]] -name = "safe-path" -version = "0.1.0" -dependencies = [ - "libc", -] - [[package]] name = "schannel" version = "0.1.20" @@ -2793,27 +934,9 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "88d6731146462ea25d9244b2ed5fd1d716d25c52e4d54aa4fb0f3c4e9854dbe2" dependencies = [ "lazy_static", - "windows-sys 0.36.1", + "windows-sys", ] -[[package]] -name = "scoped-tls" -version = "1.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e1cf6437eb19a8f4a6cc0f7dca544973b0b78843adbfeb3683d1a94a0024a294" - -[[package]] -name = "scopeguard" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" - -[[package]] -name = "scratch" -version = "1.0.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c8132065adcfd6e02db789d9285a0deb2f3fcb04002865ab67d5fb103533898" - [[package]] name = "sct" version = "0.7.0" @@ -2824,15 +947,6 @@ dependencies = [ "untrusted", ] -[[package]] -name = "seccompiler" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e01d1292a1131b22ccea49f30bd106f1238b5ddeec1a98d39268dcc31d540e68" -dependencies = [ - "libc", -] - [[package]] name = "security-framework" version = "2.7.0" @@ -2944,53 +1058,6 @@ dependencies = [ "autocfg", ] -[[package]] -name = "slog" -version = "2.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8347046d4ebd943127157b94d63abb990fcf729dc4e9978927fdf4ac3c998d06" - -[[package]] -name = "slog-async" -version = "2.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "766c59b252e62a34651412870ff55d8c4e6d04df19b43eecb2703e417b097ffe" -dependencies = [ - "crossbeam-channel", - "slog", - "take_mut", - "thread_local", -] - -[[package]] -name = "slog-json" -version = "2.6.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e1e53f61af1e3c8b852eef0a9dee29008f55d6dd63794f3f12cef786cf0f219" -dependencies = [ - "serde", - "serde_json", - "slog", - "time 0.3.17", -] - -[[package]] -name = "slog-scope" -version = "4.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f95a4b4c3274cd2869549da82b57ccc930859bdbf5bcea0424bc5f140b3c786" -dependencies = [ - "arc-swap", - "lazy_static", - "slog", -] - -[[package]] -name = "smallvec" -version = "1.10.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" - [[package]] name = "socket2" version = "0.4.7" @@ -3007,12 +1074,6 @@ version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" -[[package]] -name = "spmc" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "02a8428da277a8e3a15271d79943e80ccc2ef254e78813a166a08d65e4c3ece5" - [[package]] name = "strsim" version = "0.10.0" @@ -3024,9 +1085,6 @@ name = "strum" version = "0.24.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "063e6045c0e62079840579a7e47a355ae92f60eb74daaf156fb1e84ba164e63f" -dependencies = [ - "strum_macros", -] [[package]] name = "strum_macros" @@ -3034,29 +1092,13 @@ version = "0.24.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1e385be0d24f186b4ce2f9982191e7101bb737312ad61c1f2f984f34bcf85d59" dependencies = [ - "heck 0.4.0", + "heck", "proc-macro2", "quote", "rustversion", "syn", ] -[[package]] -name = "subprocess" -version = "0.2.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0c2e86926081dda636c546d8c5e641661049d7562a68f5488be4a1f7f66f6086" -dependencies = [ - "libc", - "winapi", -] - -[[package]] -name = "subtle" -version = "2.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" - [[package]] name = "syn" version = "1.0.105" @@ -3068,19 +1110,13 @@ dependencies = [ "unicode-ident", ] -[[package]] -name = "take_mut" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f764005d11ee5f36500a149ace24e00e3da98b0158b3e2d53a7495660d3f4d60" - [[package]] name = "tempfile" version = "3.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5cdb1ef4eaeeaddc8fbd371e5017057064af0911902ef36b39801f67cc6d79e4" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "fastrand", "libc", "redox_syscall", @@ -3123,70 +1159,6 @@ dependencies = [ "syn", ] -[[package]] -name = "thread_local" -version = "1.1.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5516c27b78311c50bf42c071425c560ac799b11c30b31f87e3081965fe5e0180" -dependencies = [ - "once_cell", -] - -[[package]] -name = "threadpool" -version = "1.8.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d050e60b33d41c19108b32cea32164033a9013fe3b46cbd4457559bfbf77afaa" -dependencies = [ - "num_cpus", -] - -[[package]] -name = "time" -version = "0.1.43" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ca8a50ef2360fbd1eeb0ecd46795a87a19024eb4b53c5dc916ca1fd95fe62438" -dependencies = [ - "libc", - "winapi", -] - -[[package]] -name = "time" -version = "0.3.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a561bf4617eebd33bca6434b988f39ed798e527f51a1e797d0ee4f61c0a38376" -dependencies = [ - "itoa", - "serde", - "time-core", - "time-macros", -] - -[[package]] -name = "time-core" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2e153e1f1acaef8acc537e68b44906d2db6436e2b35ac2c6b42640fff91f00fd" - -[[package]] -name = "time-macros" -version = "0.2.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d967f99f534ca7e495c575c62638eebc2898a8c84c119b89e250477bc4ba16b2" -dependencies = [ - "time-core", -] - -[[package]] -name = "timerfd" -version = "1.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "29f85a7c965b8e7136952f59f2a359694c78f105b2d2ff99cf6c2c404bf7e33f" -dependencies = [ - "rustix", -] - [[package]] name = "tinyvec" version = "1.6.0" @@ -3209,30 +1181,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a9e03c497dc955702ba729190dc4aac6f2a0ce97f913e5b1b5912fc5039d9099" dependencies = [ "autocfg", - "bytes 1.2.1", + "bytes", "libc", "memchr", "mio", "num_cpus", - "parking_lot 0.12.1", "pin-project-lite", - "signal-hook-registry", "socket2", - "tokio-macros", "winapi", ] -[[package]] -name = "tokio-macros" -version = "1.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9724f9a975fb987ef7a3cd9be0350edcbe130698af5b8f7a631e23d42d052484" -dependencies = [ - "proc-macro2", - "quote", - "syn", -] - [[package]] name = "tokio-native-tls" version = "0.3.0" @@ -3254,27 +1212,13 @@ dependencies = [ "webpki", ] -[[package]] -name = "tokio-uring" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3ad494f39874984d990ade7f6319dafbcd3301ff0b1841f8a55a1ebb3e742c8" -dependencies = [ - "io-uring", - "libc", - "scoped-tls", - "slab", - "socket2", - "tokio", -] - [[package]] name = "tokio-util" version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0bb2e075f03b3d66d8d8785356224ba688d2906a371015e225beeb65ca92c740" dependencies = [ - "bytes 1.2.1", + "bytes", "futures-core", "futures-sink", "pin-project-lite", @@ -3282,37 +1226,6 @@ dependencies = [ "tracing", ] -[[package]] -name = "tokio-vsock" -version = "0.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d2ad075b54bbb450ae2e3770211d7954362a488fcd386085c9fbb6d787ade8b" -dependencies = [ - "bytes 0.4.12", - "futures", - "libc", - "tokio", - "vsock", -] - -[[package]] -name = "toml" -version = "0.4.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "758664fc71a3a69038656bee8b6be6477d2a6c315a6b81f7081f591bffa4111f" -dependencies = [ - "serde", -] - -[[package]] -name = "toml" -version = "0.5.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d82e1a7758622a465f8cee077614c73484dac5b836c02ff6a40d5d1010324d7" -dependencies = [ - "serde", -] - [[package]] name = "tower-service" version = "0.3.2" @@ -3325,7 +1238,7 @@ version = "0.1.37" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8ce8c33a8d48bd45d624a6e523445fd21ec13d3653cd51f681abf67418f54eb8" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "pin-project-lite", "tracing-core", ] @@ -3345,58 +1258,6 @@ version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "59547bce71d9c38b83d9c0e92b6066c4253371f15005def0c30d9657f50c7642" -[[package]] -name = "ttrpc" -version = "0.6.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2ecfff459a859c6ba6668ff72b34c2f1d94d9d58f7088414c2674ad0f31cc7d8" -dependencies = [ - "async-trait", - "byteorder", - "futures", - "libc", - "log", - "nix 0.23.1", - "protobuf", - "protobuf-codegen-pure", - "thiserror", - "tokio", - "tokio-vsock", -] - -[[package]] -name = "ttrpc-codegen" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df80affc2cf8c589172b05ba2b8e8a88722ebf4e28b86604615497a8b6fb78c0" -dependencies = [ - "protobuf", - "protobuf-codegen", - "protobuf-codegen-pure3", - "ttrpc-compiler", -] - -[[package]] -name = "ttrpc-compiler" -version = "0.4.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8db19ce6af25713061dd805d6733b6f0c45904bd63526ce5d2568c858b7edc71" -dependencies = [ - "derive-new", - "prost", - "prost-build", - "prost-types", - "protobuf", - "protobuf-codegen", - "tempfile", -] - -[[package]] -name = "typenum" -version = "1.15.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987" - [[package]] name = "unicode-bidi" version = "0.3.8" @@ -3418,18 +1279,6 @@ dependencies = [ "tinyvec", ] -[[package]] -name = "unicode-segmentation" -version = "1.10.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0fdbf052a0783de01e944a6ce7a8cb939e295b1e7be835a1112c3b9a7f047a5a" - -[[package]] -name = "unicode-width" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c0edd1e5b14653f783770bce4a4dabb4a5108a5370a5f5d8cfe8710c361f6c8b" - [[package]] name = "untrusted" version = "0.7.1" @@ -3447,25 +1296,6 @@ dependencies = [ "percent-encoding", ] -[[package]] -name = "uuid" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7cfec50b0842181ba6e713151b72f4ec84a6a7e2c9c8a8a3ffc37bb1cd16b231" -dependencies = [ - "rand 0.3.23", -] - -[[package]] -name = "value-bag" -version = "1.0.0-alpha.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2209b78d1249f7e6f3293657c9779fe31ced465df091bbd433a1cf88e916ec55" -dependencies = [ - "ctor", - "version_check", -] - [[package]] name = "vcpkg" version = "0.2.15" @@ -3478,115 +1308,6 @@ version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" -[[package]] -name = "virt_container" -version = "0.1.0" -dependencies = [ - "agent", - "anyhow", - "async-std", - "async-trait", - "awaitgroup", - "common", - "containerd-shim-protos", - "futures", - "hypervisor", - "kata-sys-util", - "kata-types", - "lazy_static", - "libc", - "logging", - "nix 0.24.2", - "oci", - "persist", - "protobuf", - "resource", - "serde", - "serde_derive", - "serde_json", - "slog", - "slog-scope", - "tokio", - "toml 0.4.10", - "url", -] - -[[package]] -name = "virtio-bindings" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ff512178285488516ed85f15b5d0113a7cdb89e9e8a760b269ae4f02b84bd6b" - -[[package]] -name = "virtio-queue" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "519c0a333c871650269cba303bc108075d52a0c0d64f9b91fae61829b53725af" -dependencies = [ - "log", - "vm-memory", - "vmm-sys-util 0.11.0", -] - -[[package]] -name = "vm-fdt" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f43fb5a6bd1a7d423ad72802801036719b7546cf847a103f8fe4575f5b0d45a6" - -[[package]] -name = "vm-memory" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "583f213899e8a5eea23d9c507252d4bed5bc88f0ecbe0783262f80034630744b" -dependencies = [ - "arc-swap", - "libc", - "winapi", -] - -[[package]] -name = "vm-superio" -version = "0.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4b5231d334edbc03b22704caa1a022e4c07491d6df736593f26094df8b04a51" - -[[package]] -name = "vmm-sys-util" -version = "0.10.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08604d7be03eb26e33b3cee3ed4aef2bf550b305d1cca60e84da5d28d3790b62" -dependencies = [ - "bitflags", - "libc", -] - -[[package]] -name = "vmm-sys-util" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc06a16ee8ebf0d9269aed304030b0d20a866b8b3dd3d4ce532596ac567a0d24" -dependencies = [ - "bitflags", - "libc", -] - -[[package]] -name = "vsock" -version = "0.2.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e32675ee2b3ce5df274c0ab52d19b28789632406277ca26bffee79a8e27dc133" -dependencies = [ - "libc", - "nix 0.23.1", -] - -[[package]] -name = "waker-fn" -version = "1.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9d5b2c62b4012a3e1eca5a7e077d13b3bf498c4073e33ccd58626607748ceeca" - [[package]] name = "want" version = "0.3.0" @@ -3597,18 +1318,6 @@ dependencies = [ "try-lock", ] -[[package]] -name = "wasi" -version = "0.9.0+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" - -[[package]] -name = "wasi" -version = "0.10.2+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd6fbd9a79829dd1ad0cc20627bf1ed606756a7f77edff7b66b7064f9cb327c6" - [[package]] name = "wasi" version = "0.11.0+wasi-snapshot-preview1" @@ -3621,7 +1330,7 @@ version = "0.2.83" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "eaf9f5aceeec8be17c128b2e93e031fb8a4d469bb9c4ae2d7dc1888b26887268" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "wasm-bindgen-macro", ] @@ -3646,7 +1355,7 @@ version = "0.4.33" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "23639446165ca5a5de86ae1d8896b737ae80319560fbaa4c2887b7da6e7ebd7d" dependencies = [ - "cfg-if 1.0.0", + "cfg-if", "js-sys", "wasm-bindgen", "web-sys", @@ -3710,26 +1419,6 @@ dependencies = [ "webpki", ] -[[package]] -name = "wepoll-ffi" -version = "0.1.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d743fdedc5c64377b5fc2bc036b01c7fd642205a0d96356034ae3404d49eb7fb" -dependencies = [ - "cc", -] - -[[package]] -name = "which" -version = "4.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c831fbbee9e129a8cf93e7747a82da9d95ba8e16621cae60ec2cdc849bacb7b" -dependencies = [ - "either", - "libc", - "once_cell", -] - [[package]] name = "winapi" version = "0.3.9" @@ -3767,100 +1456,43 @@ version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2" dependencies = [ - "windows_aarch64_msvc 0.36.1", - "windows_i686_gnu 0.36.1", - "windows_i686_msvc 0.36.1", - "windows_x86_64_gnu 0.36.1", - "windows_x86_64_msvc 0.36.1", + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_msvc", ] -[[package]] -name = "windows-sys" -version = "0.42.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a3e1820f08b8513f676f7ab6c1f99ff312fb97b553d30ff4dd86f9f15728aa7" -dependencies = [ - "windows_aarch64_gnullvm", - "windows_aarch64_msvc 0.42.0", - "windows_i686_gnu 0.42.0", - "windows_i686_msvc 0.42.0", - "windows_x86_64_gnu 0.42.0", - "windows_x86_64_gnullvm", - "windows_x86_64_msvc 0.42.0", -] - -[[package]] -name = "windows_aarch64_gnullvm" -version = "0.42.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "41d2aa71f6f0cbe00ae5167d90ef3cfe66527d6f613ca78ac8024c3ccab9a19e" - [[package]] name = "windows_aarch64_msvc" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47" -[[package]] -name = "windows_aarch64_msvc" -version = "0.42.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd0f252f5a35cac83d6311b2e795981f5ee6e67eb1f9a7f64eb4500fbc4dcdb4" - [[package]] name = "windows_i686_gnu" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6" -[[package]] -name = "windows_i686_gnu" -version = "0.42.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fbeae19f6716841636c28d695375df17562ca208b2b7d0dc47635a50ae6c5de7" - [[package]] name = "windows_i686_msvc" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024" -[[package]] -name = "windows_i686_msvc" -version = "0.42.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "84c12f65daa39dd2babe6e442988fc329d6243fdce47d7d2d155b8d874862246" - [[package]] name = "windows_x86_64_gnu" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1" -[[package]] -name = "windows_x86_64_gnu" -version = "0.42.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf7b1b21b5362cbc318f686150e5bcea75ecedc74dd157d874d754a2ca44b0ed" - -[[package]] -name = "windows_x86_64_gnullvm" -version = "0.42.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09d525d2ba30eeb3297665bd434a54297e4170c7f1a44cad4ef58095b4cd2028" - [[package]] name = "windows_x86_64_msvc" version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" -[[package]] -name = "windows_x86_64_msvc" -version = "0.42.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f40009d85759725a34da6d89a94e63d7bdc50a862acf0dbc7c8e488f1edcb6f5" - [[package]] name = "winreg" version = "0.10.1" @@ -3869,32 +1501,3 @@ checksum = "80d0f4e272c85def139476380b12f9ac60926689dd2e01d4923222f40580869d" dependencies = [ "winapi", ] - -[[package]] -name = "zstd" -version = "0.11.2+zstd.1.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "20cc960326ece64f010d2d2107537f26dc589a6573a316bd5b1dba685fa5fde4" -dependencies = [ - "zstd-safe", -] - -[[package]] -name = "zstd-safe" -version = "5.0.2+zstd.1.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1d2a5585e04f9eea4b2a3d1eca508c4dee9592a89ef6f450c11719da0726f4db" -dependencies = [ - "libc", - "zstd-sys", -] - -[[package]] -name = "zstd-sys" -version = "2.0.4+zstd.1.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4fa202f2ef00074143e219d15b62ffc317d17cc33909feac471c044087cad7b0" -dependencies = [ - "cc", - "libc", -] diff --git a/src/tools/kata-ctl/Cargo.toml b/src/tools/kata-ctl/Cargo.toml index 31c230f33..ccda3520d 100644 --- a/src/tools/kata-ctl/Cargo.toml +++ b/src/tools/kata-ctl/Cargo.toml @@ -22,8 +22,7 @@ nix = "0.25.0" strum = "0.24.1" strum_macros = "0.24.3" -runtimes = { path = "../../runtime-rs/crates/runtimes" } -serde = "1.0.149" +serde = { version = "1.0.149", features = ["derive"] } [target.'cfg(target_arch = "s390x")'.dependencies] reqwest = { version = "0.11", default-features = false, features = ["json", "blocking", "native-tls"] } From 2d4b2cf72caaf67dc3e730b1ac5a128ce2ec7e3d Mon Sep 17 00:00:00 2001 From: Tingzhou Yuan Date: Tue, 6 Dec 2022 05:59:18 +0000 Subject: [PATCH 49/62] runtime-rs: add POST method to shim-client partly refactored shim-client to reuse code, added POST method support, and made path string constants public for client imports. Fixes #5341 Signed-off-by: Tingzhou Yuan --- .../shim-interface/src/shim_mgmt/client.rs | 54 +++++++++++++------ 1 file changed, 37 insertions(+), 17 deletions(-) diff --git a/src/libs/shim-interface/src/shim_mgmt/client.rs b/src/libs/shim-interface/src/shim_mgmt/client.rs index 5c6a67f10..ace72c1d6 100644 --- a/src/libs/shim-interface/src/shim_mgmt/client.rs +++ b/src/libs/shim-interface/src/shim_mgmt/client.rs @@ -35,7 +35,7 @@ impl MgmtClient { let unix_socket_path = mgmt_socket_addr(sid).context("Failed to get unix socket path")?; let s_addr = unix_socket_path .strip_prefix("unix:") - .context("failed to strix prefix")?; + .context("failed to strip prefix")?; let sock_path = Path::new("/").join(s_addr).as_path().to_owned(); let client = Client::unix(); Ok(Self { @@ -49,32 +49,52 @@ impl MgmtClient { /// Parameter uri should be like "/agent-url" etc. pub async fn get(&self, uri: &str) -> Result> { let url: hyper::Uri = Uri::new(&self.sock_path, uri).into(); - let work = self.client.get(url); - match self.timeout { - Some(timeout) => match tokio::time::timeout(timeout, work).await { - Ok(result) => result.map_err(|e| anyhow!(e)), - Err(_) => Err(anyhow!("TIMEOUT")), - }, - // if timeout not set, work executes directly - None => work.await.context("failed to GET"), - } + let req = Request::builder() + .method(Method::GET) + .uri(url) + .body(Body::empty())?; + return self.send_request(req).await; + } + + /// The HTTP Post method for client + pub async fn post( + &self, + uri: &str, + content_type: &str, + content: &str, + ) -> Result> { + let url: hyper::Uri = Uri::new(&self.sock_path, uri).into(); + + // build body from content + let body = Body::from(content.to_string()); + let req = Request::builder() + .method(Method::POST) + .uri(url) + .header("content-type", content_type) + .body(body)?; + return self.send_request(req).await; } /// The http PUT method for client pub async fn put(&self, uri: &str, data: Vec) -> Result> { let url: hyper::Uri = Uri::new(&self.sock_path, uri).into(); - let request = Request::builder() + let req = Request::builder() .method(Method::PUT) .uri(url) - .body(Body::from(data)) - .unwrap(); - let work = self.client.request(request); + .body(Body::from(data))?; + return self.send_request(req).await; + } + + async fn send_request(&self, req: Request) -> Result> { + let msg = format!("Request ({:?}) to uri {:?}", req.method(), req.uri()); + let resp = self.client.request(req); match self.timeout { - Some(timeout) => match tokio::time::timeout(timeout, work).await { + Some(timeout) => match tokio::time::timeout(timeout, resp).await { Ok(result) => result.map_err(|e| anyhow!(e)), - Err(_) => Err(anyhow!("TIMEOUT")), + Err(_) => Err(anyhow!("{:?} timeout after {:?}", msg, self.timeout)), }, - None => work.await.context("failed to PUT"), + // if client timeout is not set, request waits with no deadline + None => resp.await.context(format!("{:?} failed", msg)), } } } From 8451db7c0c7868481c481260dfe89db4ee33030f Mon Sep 17 00:00:00 2001 From: Tingzhou Yuan Date: Tue, 6 Dec 2022 06:15:50 +0000 Subject: [PATCH 50/62] kata-ctl: direct-volume: add Add and Remove handlers This commit adds direct-volume command handlers for kata-ctl, including add, remove, stats and resize. Stats and resize makes HTTP over UDS calls to runtime-rs while add and remove runs locally on the host. Fixes #5341 Signed-off-by: Tingzhou Yuan kata-ctl: direct-volume: add Add and Remove handlers This commit adds direct-volume command handlers for kata-ctl, including add, remove, stats and resize. Stats and resize makes HTTP over UDS calls to runtime-rs while add and remove runs locally on the host. Fixes #5341 Signed-off-by: Tingzhou Yuan --- src/runtime-rs/crates/agent/src/lib.rs | 4 +- src/runtime-rs/crates/agent/src/types.rs | 10 +- src/tools/kata-ctl/Cargo.lock | 613 ++++++++++++++++++++++- src/tools/kata-ctl/Cargo.toml | 10 +- src/tools/kata-ctl/src/args.rs | 45 +- src/tools/kata-ctl/src/check.rs | 4 +- src/tools/kata-ctl/src/main.rs | 7 +- src/tools/kata-ctl/src/ops.rs | 1 + src/tools/kata-ctl/src/ops/check_ops.rs | 4 - src/tools/kata-ctl/src/ops/volume_ops.rs | 166 ++++++ 10 files changed, 840 insertions(+), 24 deletions(-) create mode 100644 src/tools/kata-ctl/src/ops/volume_ops.rs diff --git a/src/runtime-rs/crates/agent/src/lib.rs b/src/runtime-rs/crates/agent/src/lib.rs index 8ef76ebbe..a3d1da72a 100644 --- a/src/runtime-rs/crates/agent/src/lib.rs +++ b/src/runtime-rs/crates/agent/src/lib.rs @@ -20,8 +20,8 @@ pub use types::{ GetIPTablesResponse, GuestDetailsResponse, HealthCheckResponse, IPAddress, IPFamily, Interface, Interfaces, ListProcessesRequest, MemHotplugByProbeRequest, OnlineCPUMemRequest, OomEventResponse, ReadStreamRequest, ReadStreamResponse, RemoveContainerRequest, - ReseedRandomDevRequest, Route, Routes, SetGuestDateTimeRequest, SetIPTablesRequest, - SetIPTablesResponse, SignalProcessRequest, StatsContainerResponse, Storage, + ReseedRandomDevRequest, ResizeVolumeRequest, Route, Routes, SetGuestDateTimeRequest, + SetIPTablesRequest, SetIPTablesResponse, SignalProcessRequest, StatsContainerResponse, Storage, TtyWinResizeRequest, UpdateContainerRequest, UpdateInterfaceRequest, UpdateRoutesRequest, VersionCheckResponse, WaitProcessRequest, WaitProcessResponse, WriteStreamRequest, WriteStreamResponse, diff --git a/src/runtime-rs/crates/agent/src/types.rs b/src/runtime-rs/crates/agent/src/types.rs index 4c71534ec..b8e79589a 100644 --- a/src/runtime-rs/crates/agent/src/types.rs +++ b/src/runtime-rs/crates/agent/src/types.rs @@ -7,7 +7,7 @@ use anyhow::{anyhow, Result}; use std::convert::TryFrom; -use serde::Deserialize; +use serde::{Deserialize, Serialize}; #[derive(PartialEq, Clone, Default)] pub struct Empty {} @@ -561,6 +561,14 @@ pub struct OomEventResponse { pub container_id: String, } +// ResizeVolumeRequest is also the common struct for serialization and deserialization with json +// between shim-client HTTP calls to the shim-mgmt-server +#[derive(Serialize, Deserialize, PartialEq, Clone, Default, Debug)] +pub struct ResizeVolumeRequest { + pub volume_guest_path: String, + pub size: u64, +} + #[cfg(test)] mod test { use std::convert::TryFrom; diff --git a/src/tools/kata-ctl/Cargo.lock b/src/tools/kata-ctl/Cargo.lock index f52fd36cc..0db5779e9 100644 --- a/src/tools/kata-ctl/Cargo.lock +++ b/src/tools/kata-ctl/Cargo.lock @@ -2,12 +2,60 @@ # It is not intended for manual editing. version = 3 +[[package]] +name = "agent" +version = "0.1.0" +dependencies = [ + "anyhow", + "async-trait", + "kata-types", + "log", + "logging", + "nix 0.24.2", + "oci", + "protobuf", + "protocols", + "serde", + "serde_json", + "slog", + "slog-scope", + "tokio", + "ttrpc", + "url", +] + +[[package]] +name = "aho-corasick" +version = "0.7.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cc936419f96fa211c1b9166887b38e5e40b19958e5b895be7c1f93adec7071ac" +dependencies = [ + "memchr", +] + [[package]] name = "anyhow" version = "1.0.65" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "98161a4e3e2184da77bb14f02184cdd111e83bbbcc9979dfee3c44b9a85f5602" +[[package]] +name = "arc-swap" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bddcadddf5e9015d310179a59bb28c4d4b9920ad0f11e8e14dbadf654890c9a6" + +[[package]] +name = "async-trait" +version = "0.1.60" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "677d1d8ab452a3936018a687b20e6f7cf5363d713b732b8884001317b0e48aa3" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "atty" version = "0.2.14" @@ -37,12 +85,44 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +[[package]] +name = "bitmask-enum" +version = "2.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fd9e32d7420c85055e8107e5b2463c4eeefeaac18b52359fe9f9c08a18f342b2" +dependencies = [ + "quote", + "syn", +] + [[package]] name = "bumpalo" version = "3.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c1ad822118d20d2c234f427000d5acc36eabe1e29a348c89b63dd60b13f28e5d" +[[package]] +name = "byte-unit" +version = "3.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "415301c9de11005d4b92193c0eb7ac7adc37e5a49e0ac9bed0a42343512744b8" + +[[package]] +name = "byteorder" +version = "1.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" + +[[package]] +name = "bytes" +version = "0.4.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "206fdffcfa2df7cbe15601ef46c813fce0965eb3286db6b56c583b814b51c81c" +dependencies = [ + "byteorder", + "iovec", +] + [[package]] name = "bytes" version = "1.2.1" @@ -84,7 +164,7 @@ version = "3.2.18" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ea0c8bce528c4be4da13ea6fead8965e95b6073585a2f05204bd8f4119f82a65" dependencies = [ - "heck", + "heck 0.4.0", "proc-macro-error", "proc-macro2", "quote", @@ -116,6 +196,42 @@ version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc" +[[package]] +name = "crossbeam-channel" +version = "0.5.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c2dd04ddaf88237dc3b8d8f9a3c1004b506b54b3313403944054d23c0870c521" +dependencies = [ + "cfg-if", + "crossbeam-utils", +] + +[[package]] +name = "crossbeam-utils" +version = "0.8.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4fb766fa798726286dbbb842f174001dab8abc7b627a1dd86e0b7222a95d929f" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "derive-new" +version = "0.5.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3418329ca0ad70234b9735dc4ceed10af4df60eff9c8e7b06cb5e520d92c3535" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "either" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "90e5c1c8368803113bf0c9584fc495a58b86dc8a29edbf8fe877d21d9507e797" + [[package]] name = "encoding_rs" version = "0.8.31" @@ -134,6 +250,12 @@ dependencies = [ "instant", ] +[[package]] +name = "fixedbitset" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "37ab347416e802de484e4d03c7316c48f1ecb56574dfd4a46a80f173ce1de04d" + [[package]] name = "fnv" version = "1.0.7" @@ -164,6 +286,21 @@ dependencies = [ "percent-encoding", ] +[[package]] +name = "futures" +version = "0.3.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38390104763dc37a5145a53c29c63c1290b5d316d6086ec32c293f6736051bb0" +dependencies = [ + "futures-channel", + "futures-core", + "futures-executor", + "futures-io", + "futures-sink", + "futures-task", + "futures-util", +] + [[package]] name = "futures-channel" version = "0.3.25" @@ -171,6 +308,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "52ba265a92256105f45b719605a571ffe2d1f0fea3807304b522c1d778f79eed" dependencies = [ "futures-core", + "futures-sink", ] [[package]] @@ -179,12 +317,34 @@ version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "04909a7a7e4633ae6c4a9ab280aeb86da1236243a77b694a49eacd659a4bd3ac" +[[package]] +name = "futures-executor" +version = "0.3.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7acc85df6714c176ab5edf386123fafe217be88c0840ec11f199441134a074e2" +dependencies = [ + "futures-core", + "futures-task", + "futures-util", +] + [[package]] name = "futures-io" version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "00f5fb52a06bdcadeb54e8d3671f8888a39697dcb0b81b23b55174030427f4eb" +[[package]] +name = "futures-macro" +version = "0.3.25" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bdfb8ce053d86b91919aad980c220b1fb8401a9394410e1c289ed7e66b61835d" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "futures-sink" version = "0.3.25" @@ -203,8 +363,11 @@ version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "197676987abd2f9cadff84926f410af1c183608d36641465df73ae8211dc65d6" dependencies = [ + "futures-channel", "futures-core", "futures-io", + "futures-macro", + "futures-sink", "futures-task", "memchr", "pin-project-lite", @@ -212,13 +375,19 @@ dependencies = [ "slab", ] +[[package]] +name = "glob" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" + [[package]] name = "h2" version = "0.3.14" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5ca32592cf21ac7ccab1825cd87f6c9b3d9022c44d086172ed0966bec8af30be" dependencies = [ - "bytes", + "bytes 1.2.1", "fnv", "futures-core", "futures-sink", @@ -237,6 +406,15 @@ version = "0.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" +[[package]] +name = "heck" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d621efb26863f0e9924c6ac577e8275e5e6b77455db64ffa6c65c904e9e132c" +dependencies = [ + "unicode-segmentation", +] + [[package]] name = "heck" version = "0.4.0" @@ -252,13 +430,19 @@ dependencies = [ "libc", ] +[[package]] +name = "hex" +version = "0.4.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" + [[package]] name = "http" version = "0.2.8" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "75f43d41e26995c17e71ee126451dd3941010b0514a81a9d11f3b341debc2399" dependencies = [ - "bytes", + "bytes 1.2.1", "fnv", "itoa", ] @@ -269,7 +453,7 @@ version = "0.4.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d5f38f16d184e36f2408a55281cd658ecbd3ca05cce6d6510a176eca393e26d1" dependencies = [ - "bytes", + "bytes 1.2.1", "http", "pin-project-lite", ] @@ -292,7 +476,7 @@ version = "0.14.20" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "02c929dc5c39e335a03c405292728118860721b10190d98c2a0f0efd5baafbac" dependencies = [ - "bytes", + "bytes 1.2.1", "futures-channel", "futures-core", "futures-util", @@ -329,7 +513,7 @@ version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d6183ddfa99b85da61a140bea0efc93fdf56ceaa041b37d553518030827f9905" dependencies = [ - "bytes", + "bytes 1.2.1", "hyper", "native-tls", "tokio", @@ -429,12 +613,30 @@ dependencies = [ "cfg-if", ] +[[package]] +name = "iovec" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b2b3ea6ff95e175473f8ffe6a7eb7c00d054240321b84c57051175fe3c1e075e" +dependencies = [ + "libc", +] + [[package]] name = "ipnet" version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "879d54834c8c76457ef4293a689b2a8c59b076067ad77b15efafbb05f92a592b" +[[package]] +name = "itertools" +version = "0.10.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0fd2260e829bddf4cb6ea802289de2f86d6a7a690192fbe91b3f46e0f2c8473" +dependencies = [ + "either", +] + [[package]] name = "itoa" version = "1.0.4" @@ -454,18 +656,47 @@ dependencies = [ name = "kata-ctl" version = "0.0.1" dependencies = [ + "agent", "anyhow", + "base64", "clap", + "futures", + "kata-types", "nix 0.25.0", "privdrop", "reqwest", + "safe-path", "semver", "serde", "serde_json", + "shim-interface", "strum", "strum_macros", "tempfile", + "test-utils", "thiserror", + "url", +] + +[[package]] +name = "kata-types" +version = "0.1.0" +dependencies = [ + "anyhow", + "base64", + "bitmask-enum", + "byte-unit", + "glob", + "lazy_static", + "num_cpus", + "oci", + "regex", + "serde", + "serde_json", + "slog", + "slog-scope", + "thiserror", + "toml", ] [[package]] @@ -489,6 +720,17 @@ dependencies = [ "cfg-if", ] +[[package]] +name = "logging" +version = "0.1.0" +dependencies = [ + "serde_json", + "slog", + "slog-async", + "slog-json", + "slog-scope", +] + [[package]] name = "memchr" version = "2.5.0" @@ -522,6 +764,12 @@ dependencies = [ "windows-sys", ] +[[package]] +name = "multimap" +version = "0.8.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e5ce46fe64a9d73be07dcbe690a38ce1b293be448fd8ce1e6c1b8062c9f72c6a" + [[package]] name = "native-tls" version = "0.2.10" @@ -540,6 +788,19 @@ dependencies = [ "tempfile", ] +[[package]] +name = "nix" +version = "0.23.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8f3790c00a0150112de0f4cd161e3d7fc4b2d8a5542ffc35f099a2562aecb35c" +dependencies = [ + "bitflags", + "cc", + "cfg-if", + "libc", + "memoffset", +] + [[package]] name = "nix" version = "0.24.2" @@ -576,6 +837,16 @@ dependencies = [ "libc", ] +[[package]] +name = "oci" +version = "0.1.0" +dependencies = [ + "libc", + "serde", + "serde_derive", + "serde_json", +] + [[package]] name = "once_cell" version = "1.15.0" @@ -745,6 +1016,107 @@ dependencies = [ "unicode-ident", ] +[[package]] +name = "prost" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de5e2533f59d08fcf364fd374ebda0692a70bd6d7e66ef97f306f45c6c5d8020" +dependencies = [ + "bytes 1.2.1", + "prost-derive", +] + +[[package]] +name = "prost-build" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "355f634b43cdd80724ee7848f95770e7e70eefa6dcf14fea676216573b8fd603" +dependencies = [ + "bytes 1.2.1", + "heck 0.3.3", + "itertools", + "log", + "multimap", + "petgraph", + "prost", + "prost-types", + "tempfile", + "which", +] + +[[package]] +name = "prost-derive" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "600d2f334aa05acb02a755e217ef1ab6dea4d51b58b7846588b747edec04efba" +dependencies = [ + "anyhow", + "itertools", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "prost-types" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "603bbd6394701d13f3f25aada59c7de9d35a6a5887cfc156181234a44002771b" +dependencies = [ + "bytes 1.2.1", + "prost", +] + +[[package]] +name = "protobuf" +version = "2.28.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "106dd99e98437432fed6519dedecfade6a06a73bb7b2a1e019fdd2bee5778d94" +dependencies = [ + "serde", + "serde_derive", +] + +[[package]] +name = "protobuf-codegen" +version = "2.28.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "033460afb75cf755fcfc16dfaed20b86468082a2ea24e05ac35ab4a099a017d6" +dependencies = [ + "protobuf", +] + +[[package]] +name = "protobuf-codegen-pure" +version = "2.28.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "95a29399fc94bcd3eeaa951c715f7bea69409b2445356b00519740bcd6ddd865" +dependencies = [ + "protobuf", + "protobuf-codegen", +] + +[[package]] +name = "protobuf-codegen-pure3" +version = "2.28.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b0a3cf0a7de7570cb67bfb9a9a585b5841b49790a1be0ef104340a2110b91135" +dependencies = [ + "protobuf", + "protobuf-codegen", +] + +[[package]] +name = "protocols" +version = "0.1.0" +dependencies = [ + "async-trait", + "oci", + "protobuf", + "ttrpc", + "ttrpc-codegen", +] + [[package]] name = "quote" version = "1.0.21" @@ -763,6 +1135,23 @@ dependencies = [ "bitflags", ] +[[package]] +name = "regex" +version = "1.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e076559ef8e241f2ae3479e36f97bd5741c0330689e217ad51ce2c76808b868a" +dependencies = [ + "aho-corasick", + "memchr", + "regex-syntax", +] + +[[package]] +name = "regex-syntax" +version = "0.6.28" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "456c603be3e8d448b072f410900c09faf164fbce2d480456f50eea6e25f9c848" + [[package]] name = "remove_dir_all" version = "0.5.3" @@ -779,7 +1168,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "431949c384f4e2ae07605ccaa56d1d9d2ecdb5cadd4f9577ccfab29f2e5149fc" dependencies = [ "base64", - "bytes", + "bytes 1.2.1", "encoding_rs", "futures-core", "futures-util", @@ -927,6 +1316,13 @@ version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4501abdff3ae82a1c1b477a17252eb69cee9e66eb915c1abaa4f44d873df9f09" +[[package]] +name = "safe-path" +version = "0.1.0" +dependencies = [ + "libc", +] + [[package]] name = "schannel" version = "0.1.20" @@ -1058,6 +1454,47 @@ dependencies = [ "autocfg", ] +[[package]] +name = "slog" +version = "2.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8347046d4ebd943127157b94d63abb990fcf729dc4e9978927fdf4ac3c998d06" + +[[package]] +name = "slog-async" +version = "2.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "766c59b252e62a34651412870ff55d8c4e6d04df19b43eecb2703e417b097ffe" +dependencies = [ + "crossbeam-channel", + "slog", + "take_mut", + "thread_local", +] + +[[package]] +name = "slog-json" +version = "2.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3e1e53f61af1e3c8b852eef0a9dee29008f55d6dd63794f3f12cef786cf0f219" +dependencies = [ + "serde", + "serde_json", + "slog", + "time", +] + +[[package]] +name = "slog-scope" +version = "4.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2f95a4b4c3274cd2869549da82b57ccc930859bdbf5bcea0424bc5f140b3c786" +dependencies = [ + "arc-swap", + "lazy_static", + "slog", +] + [[package]] name = "socket2" version = "0.4.7" @@ -1092,7 +1529,7 @@ version = "0.24.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1e385be0d24f186b4ce2f9982191e7101bb737312ad61c1f2f984f34bcf85d59" dependencies = [ - "heck", + "heck 0.4.0", "proc-macro2", "quote", "rustversion", @@ -1110,6 +1547,12 @@ dependencies = [ "unicode-ident", ] +[[package]] +name = "take_mut" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f764005d11ee5f36500a149ace24e00e3da98b0158b3e2d53a7495660d3f4d60" + [[package]] name = "tempfile" version = "3.3.0" @@ -1133,6 +1576,13 @@ dependencies = [ "winapi-util", ] +[[package]] +name = "test-utils" +version = "0.1.0" +dependencies = [ + "nix 0.24.2", +] + [[package]] name = "textwrap" version = "0.15.1" @@ -1159,6 +1609,42 @@ dependencies = [ "syn", ] +[[package]] +name = "thread_local" +version = "1.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5516c27b78311c50bf42c071425c560ac799b11c30b31f87e3081965fe5e0180" +dependencies = [ + "once_cell", +] + +[[package]] +name = "time" +version = "0.3.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a561bf4617eebd33bca6434b988f39ed798e527f51a1e797d0ee4f61c0a38376" +dependencies = [ + "itoa", + "serde", + "time-core", + "time-macros", +] + +[[package]] +name = "time-core" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2e153e1f1acaef8acc537e68b44906d2db6436e2b35ac2c6b42640fff91f00fd" + +[[package]] +name = "time-macros" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d967f99f534ca7e495c575c62638eebc2898a8c84c119b89e250477bc4ba16b2" +dependencies = [ + "time-core", +] + [[package]] name = "tinyvec" version = "1.6.0" @@ -1181,16 +1667,28 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a9e03c497dc955702ba729190dc4aac6f2a0ce97f913e5b1b5912fc5039d9099" dependencies = [ "autocfg", - "bytes", + "bytes 1.2.1", "libc", "memchr", "mio", "num_cpus", "pin-project-lite", "socket2", + "tokio-macros", "winapi", ] +[[package]] +name = "tokio-macros" +version = "1.8.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d266c00fde287f55d3f1c3e96c500c362a2b8c695076ec180f27918820bc6df8" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + [[package]] name = "tokio-native-tls" version = "0.3.0" @@ -1218,7 +1716,7 @@ version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0bb2e075f03b3d66d8d8785356224ba688d2906a371015e225beeb65ca92c740" dependencies = [ - "bytes", + "bytes 1.2.1", "futures-core", "futures-sink", "pin-project-lite", @@ -1226,6 +1724,28 @@ dependencies = [ "tracing", ] +[[package]] +name = "tokio-vsock" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3d2ad075b54bbb450ae2e3770211d7954362a488fcd386085c9fbb6d787ade8b" +dependencies = [ + "bytes 0.4.12", + "futures", + "libc", + "tokio", + "vsock", +] + +[[package]] +name = "toml" +version = "0.5.10" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1333c76748e868a4d9d1017b5ab53171dfd095f70c712fdb4653a406547f598f" +dependencies = [ + "serde", +] + [[package]] name = "tower-service" version = "0.3.2" @@ -1258,6 +1778,52 @@ version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "59547bce71d9c38b83d9c0e92b6066c4253371f15005def0c30d9657f50c7642" +[[package]] +name = "ttrpc" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2ecfff459a859c6ba6668ff72b34c2f1d94d9d58f7088414c2674ad0f31cc7d8" +dependencies = [ + "async-trait", + "byteorder", + "futures", + "libc", + "log", + "nix 0.23.2", + "protobuf", + "protobuf-codegen-pure", + "thiserror", + "tokio", + "tokio-vsock", +] + +[[package]] +name = "ttrpc-codegen" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "df80affc2cf8c589172b05ba2b8e8a88722ebf4e28b86604615497a8b6fb78c0" +dependencies = [ + "protobuf", + "protobuf-codegen", + "protobuf-codegen-pure3", + "ttrpc-compiler", +] + +[[package]] +name = "ttrpc-compiler" +version = "0.4.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8db19ce6af25713061dd805d6733b6f0c45904bd63526ce5d2568c858b7edc71" +dependencies = [ + "derive-new", + "prost", + "prost-build", + "prost-types", + "protobuf", + "protobuf-codegen", + "tempfile", +] + [[package]] name = "unicode-bidi" version = "0.3.8" @@ -1279,6 +1845,12 @@ dependencies = [ "tinyvec", ] +[[package]] +name = "unicode-segmentation" +version = "1.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0fdbf052a0783de01e944a6ce7a8cb939e295b1e7be835a1112c3b9a7f047a5a" + [[package]] name = "untrusted" version = "0.7.1" @@ -1308,6 +1880,16 @@ version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" +[[package]] +name = "vsock" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e32675ee2b3ce5df274c0ab52d19b28789632406277ca26bffee79a8e27dc133" +dependencies = [ + "libc", + "nix 0.23.2", +] + [[package]] name = "want" version = "0.3.0" @@ -1419,6 +2001,17 @@ dependencies = [ "webpki", ] +[[package]] +name = "which" +version = "4.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c831fbbee9e129a8cf93e7747a82da9d95ba8e16621cae60ec2cdc849bacb7b" +dependencies = [ + "either", + "libc", + "once_cell", +] + [[package]] name = "winapi" version = "0.3.9" diff --git a/src/tools/kata-ctl/Cargo.toml b/src/tools/kata-ctl/Cargo.toml index ccda3520d..cc32054d2 100644 --- a/src/tools/kata-ctl/Cargo.toml +++ b/src/tools/kata-ctl/Cargo.toml @@ -21,8 +21,15 @@ privdrop = "0.5.2" nix = "0.25.0" strum = "0.24.1" strum_macros = "0.24.3" - serde = { version = "1.0.149", features = ["derive"] } +url = "2.3.1" +futures = "0.3.24" +base64 = "0.13.0" + +shim-interface = { path = "../../libs/shim-interface"} +kata-types = { path = "../../libs/kata-types" } +safe-path = { path = "../../libs/safe-path" } +agent = { path = "../../runtime-rs/crates/agent"} [target.'cfg(target_arch = "s390x")'.dependencies] reqwest = { version = "0.11", default-features = false, features = ["json", "blocking", "native-tls"] } @@ -33,3 +40,4 @@ reqwest = { version = "0.11", default-features = false, features = ["json", "blo [dev-dependencies] semver = "1.0.12" tempfile = "3.1.0" +test-utils = { path = "../../libs/test-utils" } diff --git a/src/tools/kata-ctl/src/args.rs b/src/tools/kata-ctl/src/args.rs index 86ffe0705..f5a1cd4f2 100644 --- a/src/tools/kata-ctl/src/args.rs +++ b/src/tools/kata-ctl/src/args.rs @@ -20,7 +20,7 @@ pub enum Commands { Check(CheckArgument), /// Directly assign a volume to Kata Containers to manage - DirectVolume, + DirectVolume(DirectVolumeCommand), /// Display settings Env, @@ -93,3 +93,46 @@ pub enum IpTablesArguments { /// Configure iptables Metrics, } + +#[derive(Debug, Args)] +pub struct DirectVolumeCommand { + #[clap(subcommand)] + pub directvol_cmd: DirectVolSubcommand, +} + +#[derive(Debug, Subcommand)] +pub enum DirectVolSubcommand { + /// Add a direct assigned block volume device to the Kata Containers runtime + Add(DirectVolAddArgs), + + /// Remove a direct assigned block volume device from the Kata Containers runtime + Remove(DirectVolRemoveArgs), + + /// Get the filesystem stat of a direct assigned volume + Stats(DirectVolStatsArgs), + + /// Resize a direct assigned block volume + Resize(DirectVolResizeArgs), +} + +#[derive(Debug, Args)] +pub struct DirectVolAddArgs { + pub volume_path: String, + pub mount_info: String, +} + +#[derive(Debug, Args)] +pub struct DirectVolRemoveArgs { + pub volume_path: String, +} + +#[derive(Debug, Args)] +pub struct DirectVolStatsArgs { + pub volume_path: String, +} + +#[derive(Debug, Args)] +pub struct DirectVolResizeArgs { + pub volume_path: String, + pub resize_size: u64, +} diff --git a/src/tools/kata-ctl/src/check.rs b/src/tools/kata-ctl/src/check.rs index 28499da10..9748bd52b 100644 --- a/src/tools/kata-ctl/src/check.rs +++ b/src/tools/kata-ctl/src/check.rs @@ -42,7 +42,7 @@ pub fn get_single_cpu_info(cpu_info_file: &str, substring: &str) -> Result = contents.split(substring).collect(); @@ -60,7 +60,7 @@ pub fn get_single_cpu_info(cpu_info_file: &str, substring: &str) -> Result Result { if cpu_info.is_empty() { - return Err(anyhow!("cpu_info string is empty"))?; + return Err(anyhow!("cpu_info string is empty")); } let subcontents: Vec<&str> = cpu_info.split('\n').collect(); diff --git a/src/tools/kata-ctl/src/main.rs b/src/tools/kata-ctl/src/main.rs index f283781b9..cb943e694 100644 --- a/src/tools/kata-ctl/src/main.rs +++ b/src/tools/kata-ctl/src/main.rs @@ -17,16 +17,17 @@ use std::process::exit; use args::{Commands, KataCtlCli}; use ops::check_ops::{ - handle_check, handle_check_volume, handle_env, handle_exec, handle_factory, handle_iptables, - handle_metrics, handle_version, + handle_check, handle_env, handle_exec, handle_factory, handle_iptables, handle_metrics, + handle_version, }; +use ops::volume_ops::handle_direct_volume; fn real_main() -> Result<()> { let args = KataCtlCli::parse(); match args.command { Commands::Check(args) => handle_check(args), - Commands::DirectVolume => handle_check_volume(), + Commands::DirectVolume(args) => handle_direct_volume(args), Commands::Env => handle_env(), Commands::Exec => handle_exec(), Commands::Factory => handle_factory(), diff --git a/src/tools/kata-ctl/src/ops.rs b/src/tools/kata-ctl/src/ops.rs index 3e0f9a4e3..e33539bce 100644 --- a/src/tools/kata-ctl/src/ops.rs +++ b/src/tools/kata-ctl/src/ops.rs @@ -5,3 +5,4 @@ pub mod check_ops; pub mod version; +pub mod volume_ops; diff --git a/src/tools/kata-ctl/src/ops/check_ops.rs b/src/tools/kata-ctl/src/ops/check_ops.rs index 414e499fc..1b4fd5992 100644 --- a/src/tools/kata-ctl/src/ops/check_ops.rs +++ b/src/tools/kata-ctl/src/ops/check_ops.rs @@ -114,10 +114,6 @@ pub fn handle_check(checkcmd: CheckArgument) -> Result<()> { Ok(()) } -pub fn handle_check_volume() -> Result<()> { - Ok(()) -} - pub fn handle_env() -> Result<()> { Ok(()) } diff --git a/src/tools/kata-ctl/src/ops/volume_ops.rs b/src/tools/kata-ctl/src/ops/volume_ops.rs new file mode 100644 index 000000000..cf362d2e0 --- /dev/null +++ b/src/tools/kata-ctl/src/ops/volume_ops.rs @@ -0,0 +1,166 @@ +// Copyright (c) 2022 Boston University +// +// SPDX-License-Identifier: Apache-2.0 +// + +use crate::args::{DirectVolSubcommand, DirectVolumeCommand}; + +use anyhow::{anyhow, Ok, Result}; +use futures::executor; +use kata_types::mount::{ + DirectVolumeMountInfo, KATA_DIRECT_VOLUME_ROOT_PATH, KATA_MOUNT_INFO_FILE_NAME, +}; +use nix; +use reqwest::StatusCode; +use safe_path; +use std::{fs, path::PathBuf, time::Duration}; +use url; + +use agent::ResizeVolumeRequest; +use shim_interface::shim_mgmt::client::MgmtClient; +use shim_interface::shim_mgmt::{ + DIRECT_VOLUME_PATH_KEY, DIRECT_VOLUME_RESIZE_URL, DIRECT_VOLUME_STATS_URL, +}; + +const TIMEOUT: Duration = Duration::from_millis(2000); +const CONTENT_TYPE_JSON: &str = "application/json"; + +pub fn handle_direct_volume(vol_cmd: DirectVolumeCommand) -> Result<()> { + if !nix::unistd::Uid::effective().is_root() { + return Err(anyhow!( + "super-user privileges are required for the direct-volume subcommand" + )); + } + let command = vol_cmd.directvol_cmd; + let cmd_result: Option = match command { + DirectVolSubcommand::Add(args) => add(&args.volume_path, &args.mount_info)?, + DirectVolSubcommand::Remove(args) => remove(&args.volume_path)?, + DirectVolSubcommand::Stats(args) => executor::block_on(stats(&args.volume_path))?, + DirectVolSubcommand::Resize(args) => { + executor::block_on(resize(&args.volume_path, args.resize_size))? + } + }; + if let Some(cmd_result) = cmd_result { + println!("{:?}", cmd_result); + } + + Ok(()) +} + +async fn resize(volume_path: &str, size: u64) -> Result> { + let sandbox_id = get_sandbox_id_for_volume(volume_path)?; + let mount_info = get_volume_mount_info(volume_path)?; + let resize_req = ResizeVolumeRequest { + size, + volume_guest_path: mount_info.device, + }; + let encoded = serde_json::to_string(&resize_req)?; + let shim_client = MgmtClient::new(&sandbox_id, Some(TIMEOUT))?; + + let url = DIRECT_VOLUME_RESIZE_URL; + let response = shim_client + .post(url, &String::from(CONTENT_TYPE_JSON), &encoded) + .await?; + let status = response.status(); + if status != StatusCode::OK { + let body = format!("{:?}", response.into_body()); + return Err(anyhow!( + "failed to resize volume ({:?}): {:?}", + status, + body + )); + } + + Ok(None) +} + +async fn stats(volume_path: &str) -> Result> { + let sandbox_id = get_sandbox_id_for_volume(volume_path)?; + let mount_info = get_volume_mount_info(volume_path)?; + + let req_url = url::form_urlencoded::Serializer::new(String::from(DIRECT_VOLUME_STATS_URL)) + .append_pair(DIRECT_VOLUME_PATH_KEY, &mount_info.device) + .finish(); + + let shim_client = MgmtClient::new(&sandbox_id, Some(TIMEOUT))?; + let response = shim_client.get(&req_url).await?; + // turn body into string + let body = format!("{:?}", response.into_body()); + + Ok(Some(body)) +} + +// join_path joins user provided volumepath with kata direct-volume root path +// the volume_path is base64-encoded and then safely joined to the end of path prefix +fn join_path(prefix: &str, volume_path: &str) -> Result { + if volume_path.is_empty() { + return Err(anyhow!("volume path must not be empty")); + } + let b64_encoded_path = base64::encode(volume_path.as_bytes()); + + Ok(safe_path::scoped_join(prefix, b64_encoded_path)?) +} + +// add writes the mount info (json string) of a direct volume into a filesystem path known to Kata Containers. +pub fn add(volume_path: &str, mount_info: &str) -> Result> { + let mount_info_dir_path = join_path(KATA_DIRECT_VOLUME_ROOT_PATH, volume_path)?; + + // create directory if missing + fs::create_dir_all(&mount_info_dir_path)?; + + // This behavior of deserializing and serializing comes from + // https://github.com/kata-containers/kata-containers/blob/cd27ad144e1a111cb606015c5c9671431535e644/src/runtime/pkg/direct-volume/utils.go#L57-L79 + // Assuming that this is for the purpose of validating the json schema. + let unserialized_mount_info: DirectVolumeMountInfo = serde_json::from_str(mount_info)?; + + let mount_info_file_path = mount_info_dir_path.join(KATA_MOUNT_INFO_FILE_NAME); + let serialized_mount_info = serde_json::to_string(&unserialized_mount_info)?; + fs::write(mount_info_file_path, serialized_mount_info)?; + + Ok(None) +} + +// remove deletes the direct volume path including all the files inside it. +pub fn remove(volume_path: &str) -> Result> { + let path = join_path(KATA_DIRECT_VOLUME_ROOT_PATH, volume_path)?; + // removes path and any children it contains. + fs::remove_dir_all(path)?; + + Ok(None) +} + +pub fn get_volume_mount_info(volume_path: &str) -> Result { + let mount_info_file_path = + join_path(KATA_DIRECT_VOLUME_ROOT_PATH, volume_path)?.join(KATA_MOUNT_INFO_FILE_NAME); + let mount_info_file = fs::read_to_string(mount_info_file_path)?; + let mount_info: DirectVolumeMountInfo = serde_json::from_str(&mount_info_file)?; + + Ok(mount_info) +} + +// get_sandbox_id_for_volume finds the id of the first sandbox found in the dir. +// We expect a direct-assigned volume is associated with only a sandbox at a time. +pub fn get_sandbox_id_for_volume(volume_path: &str) -> Result { + let dir_path = join_path(KATA_DIRECT_VOLUME_ROOT_PATH, volume_path)?; + let paths = fs::read_dir(dir_path)?; + for path in paths { + let path = path?; + // compare with MOUNT_INFO_FILE_NAME + if path.file_name() == KATA_MOUNT_INFO_FILE_NAME { + continue; + } + + let file_name = path.file_name(); + // turn file_name into String and return it + let file_name = file_name.to_str().ok_or_else(|| { + anyhow!( + "failed to convert file_name {:?} to string", + file_name.to_string_lossy() + ) + })?; + + return Ok(String::from(file_name)); + } + + return Err(anyhow!("no sandbox found for {}", volume_path)); +} From 937a41346e02ae666bd007eebfea9a33527dcd19 Mon Sep 17 00:00:00 2001 From: Tingzhou Yuan Date: Tue, 6 Dec 2022 06:17:41 +0000 Subject: [PATCH 51/62] kata-ctl: add unit tests for volume ops Added table driven unit tests and funcitionality test for functions in volume_ops. `join_path` relies on safe_path::scoped_join to validate the unsafe part of the input. Testcase also takes into account the possibility of specially constructed string that would get b64-encoded into path-like string. Fixes #5341 Signed-off-by: Tingzhou Yuan --- src/tools/kata-ctl/src/ops/volume_ops.rs | 127 +++++++++++++++++++++++ 1 file changed, 127 insertions(+) diff --git a/src/tools/kata-ctl/src/ops/volume_ops.rs b/src/tools/kata-ctl/src/ops/volume_ops.rs index cf362d2e0..a9df9ce78 100644 --- a/src/tools/kata-ctl/src/ops/volume_ops.rs +++ b/src/tools/kata-ctl/src/ops/volume_ops.rs @@ -164,3 +164,130 @@ pub fn get_sandbox_id_for_volume(volume_path: &str) -> Result { return Err(anyhow!("no sandbox found for {}", volume_path)); } + +#[cfg(test)] +mod tests { + use super::*; + use kata_types::mount::DirectVolumeMountInfo; + use std::{collections::HashMap, fs}; + use tempfile::tempdir; + use test_utils::skip_if_not_root; + + #[test] + fn test_get_sandbox_id_for_volume() { + // this test has to run as root, so has to manually cleanup afterwards + skip_if_not_root!(); + + // create KATA_DIRECT_VOLUME_ROOT_PATH first as safe_path::scoped_join + // requires prefix dir to exist + fs::create_dir_all(KATA_DIRECT_VOLUME_ROOT_PATH) + .expect("create kata direct volume root path failed"); + + let test_sandbox_id = "sandboxid_test_file"; + let test_volume_path = String::from("a/b/c"); + let joined_volume_path = + join_path(KATA_DIRECT_VOLUME_ROOT_PATH, &test_volume_path).unwrap(); + + let test_file_dir = joined_volume_path.join(test_sandbox_id); + fs::create_dir_all(&joined_volume_path).expect("failed to mkdir -p"); + fs::write(&test_file_dir, "teststring").expect("failed to write"); + + // test that get_sandbox_id gets the correct sandboxid it sees + let got = get_sandbox_id_for_volume(&test_volume_path).unwrap(); + assert!(got.eq(test_sandbox_id)); + + // test that get_sandbox_id returns error if no sandboxid found + fs::remove_file(&test_file_dir).expect("failed to remove"); + get_sandbox_id_for_volume(&test_volume_path).expect_err("error expected"); + + // cleanup test directory + fs::remove_dir_all(&joined_volume_path).expect("failed to cleanup test") + } + + #[test] + fn test_path_join() { + #[derive(Debug)] + struct TestData<'a> { + rootfs: &'a str, + volume_path: &'a str, + result: Result, + } + // the safe_path::scoped_join requires the prefix path to exist on testing machine + let root_fs = tempdir().expect("failed to create tmpdir").into_path(); + let root_fs_str = root_fs.to_str().unwrap(); + + let relative_secret_path = "../../etc/passwd"; + let b64_relative_secret_path = base64::encode(relative_secret_path); + + // this byte array b64encodes to "/abcdddd" + let b64_abs_path = vec![253, 166, 220, 117, 215, 93]; + let converted_relative_path = "abcdddd"; + + let tests = &[ + TestData { + rootfs: root_fs_str, + volume_path: "", + result: Err(anyhow!("volume path must not be empty")), + }, + TestData { + rootfs: root_fs_str, + volume_path: relative_secret_path, + result: Ok(root_fs.join(b64_relative_secret_path)), + }, + TestData { + rootfs: root_fs_str, + volume_path: unsafe { std::str::from_utf8_unchecked(&b64_abs_path) }, + result: Ok(root_fs.join(converted_relative_path)), + }, + ]; + for (i, d) in tests.iter().enumerate() { + let msg = format!("test[{}]: {:?}", i, d); + let result = join_path(d.rootfs, d.volume_path); + let msg = format!("{}, result: {:?}", msg, result); + if d.result.is_ok() { + assert!( + result.as_ref().unwrap() == d.result.as_ref().unwrap(), + "{}", + msg + ); + continue; + } + let expected_error = format!("{}", d.result.as_ref().unwrap_err()); + let actual_error = format!("{}", result.unwrap_err()); + assert!(actual_error == expected_error, "{}", msg); + } + } + + #[test] + fn test_add_remove() { + skip_if_not_root!(); + // example volume dir is a/b/c, note the behavior of join would take "/a" as absolute path. + // testing with isn't really viable here since the path is then b64 encoded, + // so this test had to run as root and call `remove()` to manully cleanup afterwards. + + fs::create_dir_all(KATA_DIRECT_VOLUME_ROOT_PATH) + .expect("create kata direct volume root path failed"); + + let base_dir = tempdir().expect("failed to create tmpdir"); + let dir_name = base_dir.path().join("a/b/c"); + let volume_path = String::from(dir_name.to_str().unwrap()); + let actual: DirectVolumeMountInfo = DirectVolumeMountInfo { + volume_type: String::from("block"), + device: String::from("/dev/sda"), + fs_type: String::from("ext4"), + metadata: HashMap::new(), + options: vec![String::from("journal_dev"), String::from("noload")], + }; + // serialize volumemountinfo into json string + let mount_info = serde_json::to_string(&actual).unwrap(); + add(&volume_path, &mount_info).expect("add failed"); + let expected_file_path = volume_path; + let expected: DirectVolumeMountInfo = get_volume_mount_info(&expected_file_path).unwrap(); + remove(&expected_file_path).expect("remove failed"); + assert_eq!(actual.device, expected.device); + assert_eq!(actual.fs_type, expected.fs_type); + assert_eq!(actual.metadata, expected.metadata); + assert_eq!(actual.options, expected.options); + assert_eq!(actual.volume_type, expected.volume_type); + } +} From e256903af25f2383f2b7fb2db21744d4f7ffcbdb Mon Sep 17 00:00:00 2001 From: yaoyinnan Date: Wed, 4 Jan 2023 22:36:39 +0800 Subject: [PATCH 52/62] runtime-rs: cleanup the run dir of hypervisor when shut down Cleanup the run dir of hypervisor when shut down. Fixes: #5825 Signed-off-by: yaoyinnan --- .../crates/runtimes/virt_container/src/sandbox.rs | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs b/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs index 478bf391c..469d5ea42 100644 --- a/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs +++ b/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs @@ -248,6 +248,12 @@ impl Sandbox for VirtSandbox { .await .context("delete cgroups")?; + info!(sl!(), "delete hypervisor"); + self.hypervisor + .cleanup() + .await + .context("delete hypervisor")?; + info!(sl!(), "stop monitor"); self.monitor.stop().await; From 3886aad1994e69b69ad560eb232aca8843cec6a2 Mon Sep 17 00:00:00 2001 From: Danny Canter Date: Thu, 5 Jan 2023 04:24:44 -0800 Subject: [PATCH 53/62] nydus: net-ns handling needs to be only executed on Linux hosts Fixes: #5985 With nydus not being its own pkg, it is challenging to implement cleanly in a virtcontainers package that isn't necesarily Linux-only. The existing code utilizes network namespace code in order to ensure nydus is launched in the host netns. This is very Linux specific - so let's make sure we only carry this out in a linux specific file. In the Darwin case, to allow for compilation at least, let's add a stub for doNetNS. Ideally the nydus and vc code can be refactored / decoupled. Signed-off-by: Eric Ernst Signed-off-by: Danny Canter --- src/runtime/virtcontainers/nydusd.go | 10 ---------- src/runtime/virtcontainers/nydusd_linux.go | 21 +++++++++++++++++++++ src/runtime/virtcontainers/nydusd_other.go | 15 +++++++++++++++ 3 files changed, 36 insertions(+), 10 deletions(-) create mode 100644 src/runtime/virtcontainers/nydusd_linux.go create mode 100644 src/runtime/virtcontainers/nydusd_other.go diff --git a/src/runtime/virtcontainers/nydusd.go b/src/runtime/virtcontainers/nydusd.go index 56cd263cf..9a2e1a638 100644 --- a/src/runtime/virtcontainers/nydusd.go +++ b/src/runtime/virtcontainers/nydusd.go @@ -23,7 +23,6 @@ import ( "syscall" "time" - "github.com/containernetworking/plugins/pkg/ns" "github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils/retry" @@ -54,8 +53,6 @@ const ( nydusPassthroughfs = "passthrough_fs" sharedPathInGuest = "/containers" - - shimNsPath = "/proc/self/ns/net" ) var ( @@ -85,13 +82,6 @@ type nydusd struct { debug bool } -func startInShimNS(cmd *exec.Cmd) error { - // Create nydusd in shim netns as it needs to access host network - return doNetNS(shimNsPath, func(_ ns.NetNS) error { - return cmd.Start() - }) -} - func (nd *nydusd) Start(ctx context.Context, onQuit onQuitFunc) (int, error) { span, _ := katatrace.Trace(ctx, nd.Logger(), "Start", nydusdTracingTags) defer span.End() diff --git a/src/runtime/virtcontainers/nydusd_linux.go b/src/runtime/virtcontainers/nydusd_linux.go new file mode 100644 index 000000000..cfb20da72 --- /dev/null +++ b/src/runtime/virtcontainers/nydusd_linux.go @@ -0,0 +1,21 @@ +// Copyright (c) 2017 Intel Corporation +// +// SPDX-License-Identifier: Apache-2.0 +// + +package virtcontainers + +import ( + "os/exec" + + "github.com/containernetworking/plugins/pkg/ns" +) + +const shimNsPath = "/proc/self/ns/net" + +func startInShimNS(cmd *exec.Cmd) error { + // Create nydusd in shim netns as it needs to access host network + return doNetNS(shimNsPath, func(_ ns.NetNS) error { + return cmd.Start() + }) +} diff --git a/src/runtime/virtcontainers/nydusd_other.go b/src/runtime/virtcontainers/nydusd_other.go new file mode 100644 index 000000000..a50772ff7 --- /dev/null +++ b/src/runtime/virtcontainers/nydusd_other.go @@ -0,0 +1,15 @@ +// Copyright (c) 2023 Apple Inc. +// +// SPDX-License-Identifier: Apache-2.0 +// + +//go:build !linux + +package virtcontainers + +import "os/exec" + +// No-op on net namespace join on other platforms. +func startInShimNS(cmd *exec.Cmd) error { + return cmd.Start() +} From 24b05a99b60bad5c0c567ccf3b682eaa00515577 Mon Sep 17 00:00:00 2001 From: Danny Canter Date: Thu, 5 Jan 2023 02:53:22 -0800 Subject: [PATCH 54/62] schedcore: Make buildable on !linux Fixes: #5983 sched-core only makes sense on Linux hosts. Let's add stub/error for other platforms. Signed-off-by: Eric Ernst Signed-off-by: Danny Canter --- src/runtime/pkg/utils/schedcore.go | 14 -------------- src/runtime/pkg/utils/schedcore_linux.go | 20 ++++++++++++++++++++ src/runtime/pkg/utils/schedcore_other.go | 22 ++++++++++++++++++++++ 3 files changed, 42 insertions(+), 14 deletions(-) create mode 100644 src/runtime/pkg/utils/schedcore_linux.go create mode 100644 src/runtime/pkg/utils/schedcore_other.go diff --git a/src/runtime/pkg/utils/schedcore.go b/src/runtime/pkg/utils/schedcore.go index c35fecef4..c395b2bd4 100644 --- a/src/runtime/pkg/utils/schedcore.go +++ b/src/runtime/pkg/utils/schedcore.go @@ -5,10 +5,6 @@ package utils -import ( - "golang.org/x/sys/unix" -) - // PidType is the type of provided pid value and how it should be treated type PidType int @@ -24,13 +20,3 @@ const ( // ProcessGroup affects all processes in the group ProcessGroup PidType = pidTypeProcessGroupId ) - -// Create a new sched core domain -func Create(t PidType) error { - return unix.Prctl(unix.PR_SCHED_CORE, unix.PR_SCHED_CORE_CREATE, 0, uintptr(t), 0) -} - -// ShareFrom shares the sched core domain from the provided pid -func ShareFrom(pid uint64, t PidType) error { - return unix.Prctl(unix.PR_SCHED_CORE, unix.PR_SCHED_CORE_SHARE_FROM, uintptr(pid), uintptr(t), 0) -} diff --git a/src/runtime/pkg/utils/schedcore_linux.go b/src/runtime/pkg/utils/schedcore_linux.go new file mode 100644 index 000000000..73c4d8f55 --- /dev/null +++ b/src/runtime/pkg/utils/schedcore_linux.go @@ -0,0 +1,20 @@ +// Copyright (c) 2023 Apple Inc. +// +// SPDX-License-Identifier: Apache-2.0 +// + +package utils + +import ( + "golang.org/x/sys/unix" +) + +// Create a new sched core domain +func Create(t PidType) error { + return unix.Prctl(unix.PR_SCHED_CORE, unix.PR_SCHED_CORE_CREATE, 0, uintptr(t), 0) +} + +// ShareFrom shares the sched core domain from the provided pid +func ShareFrom(pid uint64, t PidType) error { + return unix.Prctl(unix.PR_SCHED_CORE, unix.PR_SCHED_CORE_SHARE_FROM, uintptr(pid), uintptr(t), 0) +} diff --git a/src/runtime/pkg/utils/schedcore_other.go b/src/runtime/pkg/utils/schedcore_other.go new file mode 100644 index 000000000..d19c70dee --- /dev/null +++ b/src/runtime/pkg/utils/schedcore_other.go @@ -0,0 +1,22 @@ +// Copyright (c) 2023 Apple Inc. +// +// SPDX-License-Identifier: Apache-2.0 +// + +//go:build !linux + +package utils + +import ( + "errors" +) + +// Create a new sched core domain +func Create(t PidType) error { + return errors.New("schedcore not available on non-Linux platforms") +} + +// ShareFrom shares the sched core domain from the provided pid +func ShareFrom(pid uint64, t PidType) error { + return errors.New("schedcore not available on non-Linux platforms") +} From 3b4420eb8e9f7fcde62c785052284eb813e70bda Mon Sep 17 00:00:00 2001 From: Samuel Ortiz Date: Fri, 26 Nov 2021 19:16:46 +0100 Subject: [PATCH 55/62] runtime: Define Darwin handled signals list Fixes: #5990 Some signals may not be defined on non Linux host OSes, like SIGSTKFLT for example. It's also not defined on certain architectures, but irrelevant for this. Signed-off-by: Samuel Ortiz Signed-off-by: Danny Canter --- src/runtime/pkg/signals/signals.go | 15 --------------- src/runtime/pkg/signals/signals_darwin.go | 22 ++++++++++++++++++++++ src/runtime/pkg/signals/signals_linux.go | 23 +++++++++++++++++++++++ 3 files changed, 45 insertions(+), 15 deletions(-) create mode 100644 src/runtime/pkg/signals/signals_darwin.go create mode 100644 src/runtime/pkg/signals/signals_linux.go diff --git a/src/runtime/pkg/signals/signals.go b/src/runtime/pkg/signals/signals.go index a405ad09d..f9dd18c97 100644 --- a/src/runtime/pkg/signals/signals.go +++ b/src/runtime/pkg/signals/signals.go @@ -23,21 +23,6 @@ var signalLog = logrus.WithField("default-signal-logger", true) // or a fatal signal is received. var CrashOnError = false -// List of handled signals. -// -// The value is true if receiving the signal should be fatal. -var handledSignalsMap = map[syscall.Signal]bool{ - syscall.SIGABRT: true, - syscall.SIGBUS: true, - syscall.SIGILL: true, - syscall.SIGQUIT: true, - syscall.SIGSEGV: true, - syscall.SIGSTKFLT: true, - syscall.SIGSYS: true, - syscall.SIGTRAP: true, - syscall.SIGUSR1: false, -} - // DieCb is the callback function type that needs to be defined for every call // into the Die() function. This callback will be run as the first function of // the Die() implementation. diff --git a/src/runtime/pkg/signals/signals_darwin.go b/src/runtime/pkg/signals/signals_darwin.go new file mode 100644 index 000000000..d6143bb91 --- /dev/null +++ b/src/runtime/pkg/signals/signals_darwin.go @@ -0,0 +1,22 @@ +// Copyright (c) 2023 Apple Inc. +// +// SPDX-License-Identifier: Apache-2.0 +// + +package signals + +import "syscall" + +// List of handled signals. +// +// The value is true if receiving the signal should be fatal. +var handledSignalsMap = map[syscall.Signal]bool{ + syscall.SIGABRT: true, + syscall.SIGBUS: true, + syscall.SIGILL: true, + syscall.SIGQUIT: true, + syscall.SIGSEGV: true, + syscall.SIGSYS: true, + syscall.SIGTRAP: true, + syscall.SIGUSR1: false, +} diff --git a/src/runtime/pkg/signals/signals_linux.go b/src/runtime/pkg/signals/signals_linux.go new file mode 100644 index 000000000..1d4fae5fb --- /dev/null +++ b/src/runtime/pkg/signals/signals_linux.go @@ -0,0 +1,23 @@ +// Copyright 2018 Intel Corporation. +// +// SPDX-License-Identifier: Apache-2.0 +// + +package signals + +import "syscall" + +// List of handled signals. +// +// The value is true if receiving the signal should be fatal. +var handledSignalsMap = map[syscall.Signal]bool{ + syscall.SIGABRT: true, + syscall.SIGBUS: true, + syscall.SIGILL: true, + syscall.SIGQUIT: true, + syscall.SIGSEGV: true, + syscall.SIGSTKFLT: true, + syscall.SIGSYS: true, + syscall.SIGTRAP: true, + syscall.SIGUSR1: false, +} From c21a8d5ff898cbd903dafee20426051fff38256c Mon Sep 17 00:00:00 2001 From: Bin Liu Date: Fri, 6 Jan 2023 11:15:47 +0800 Subject: [PATCH 56/62] kata-ctl: fix build error on s390x Some type is not imported in s390x's mod file. Fixes: #5987 Signed-off-by: Bin Liu --- src/tools/kata-ctl/src/arch/s390x/mod.rs | 3 ++- src/tools/kata-ctl/src/check.rs | 6 ------ src/tools/kata-ctl/src/ops/check_ops.rs | 10 ---------- 3 files changed, 2 insertions(+), 17 deletions(-) diff --git a/src/tools/kata-ctl/src/arch/s390x/mod.rs b/src/tools/kata-ctl/src/arch/s390x/mod.rs index 2eca0fbee..ba022fdff 100644 --- a/src/tools/kata-ctl/src/arch/s390x/mod.rs +++ b/src/tools/kata-ctl/src/arch/s390x/mod.rs @@ -9,6 +9,7 @@ pub use arch_specific::*; mod arch_specific { use crate::check; + use crate::types::*; use anyhow::{anyhow, Result}; const PROC_CPUINFO: &str = "/proc/cpuinfo"; @@ -38,7 +39,7 @@ mod arch_specific { Ok(()) } - pub fn check() -> Result<()> { + pub fn check(_args: &str) -> Result<()> { println!("INFO: check: s390x"); let _cpu_result = check_cpu(); diff --git a/src/tools/kata-ctl/src/check.rs b/src/tools/kata-ctl/src/check.rs index 9748bd52b..8e5850083 100644 --- a/src/tools/kata-ctl/src/check.rs +++ b/src/tools/kata-ctl/src/check.rs @@ -16,12 +16,6 @@ struct Release { tarball_url: String, } -#[cfg(any( - target_arch = "aarch64", - target_arch = "powerpc64le", - target_arch = "x86_64" -))] - const KATA_GITHUB_RELEASE_URL: &str = "https://api.github.com/repos/kata-containers/kata-containers/releases"; diff --git a/src/tools/kata-ctl/src/ops/check_ops.rs b/src/tools/kata-ctl/src/ops/check_ops.rs index 1b4fd5992..bf3db94e3 100644 --- a/src/tools/kata-ctl/src/ops/check_ops.rs +++ b/src/tools/kata-ctl/src/ops/check_ops.rs @@ -93,20 +93,10 @@ pub fn handle_check(checkcmd: CheckArgument) -> Result<()> { } CheckSubCommand::OnlyListReleases => { // retrieve official release - #[cfg(any( - target_arch = "aarch64", - target_arch = "powerpc64le", - target_arch = "x86_64" - ))] check::check_official_releases()?; } CheckSubCommand::IncludeAllReleases => { // retrieve ALL releases including prerelease - #[cfg(any( - target_arch = "aarch64", - target_arch = "powerpc64le", - target_arch = "x86_64" - ))] check::check_all_releases()?; } } From 8bb68a9f280579dcbf5ff4244b272391d4a9070e Mon Sep 17 00:00:00 2001 From: Peng Tao Date: Wed, 4 Jan 2023 06:08:10 +0000 Subject: [PATCH 57/62] vc/network: skip existing endpoints when scanning for new ones So that addAllEndpoints() becomes re-entrant and we can use it to scan netns changes. Signed-off-by: Peng Tao --- src/runtime/virtcontainers/network_linux.go | 22 +++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/src/runtime/virtcontainers/network_linux.go b/src/runtime/virtcontainers/network_linux.go index 3d9f7b7d2..30819bb30 100644 --- a/src/runtime/virtcontainers/network_linux.go +++ b/src/runtime/virtcontainers/network_linux.go @@ -252,6 +252,22 @@ func (n *LinuxNetwork) removeSingleEndpoint(ctx context.Context, s *Sandbox, idx return nil } +func (n *LinuxNetwork) endpointAlreadyAdded(netInfo *NetworkInfo) bool { + for _, ep := range n.eps { + // Existing endpoint + if ep.Name() == netInfo.Iface.Name { + return true + } + pair := ep.NetworkPair() + // Existing virtual endpoints + if pair != nil && (pair.TapInterface.Name == netInfo.Iface.Name || pair.TapInterface.TAPIface.Name == netInfo.Iface.Name || pair.VirtIface.Name == netInfo.Iface.Name) { + return true + } + } + + return false +} + // Scan the networking namespace through netlink and then: // 1. Create the endpoints for the relevant interfaces found there. // 2. Attach them to the VM. @@ -292,6 +308,12 @@ func (n *LinuxNetwork) addAllEndpoints(ctx context.Context, s *Sandbox, hotplug continue } + // Skip any interfaces that are already added + if n.endpointAlreadyAdded(&netInfo) { + networkLogger().WithField("endpoint", netInfo.Iface.Name).Info("already added") + continue + } + if err := doNetNS(n.netNSPath, func(_ ns.NetNS) error { _, err = n.addSingleEndpoint(ctx, s, netInfo, hotplug) return err From 9ec8a13985063d57652f22895de804586ff0b586 Mon Sep 17 00:00:00 2001 From: Eric Ernst Date: Thu, 12 May 2022 13:39:33 -0700 Subject: [PATCH 58/62] virtcontainers: introduce hypervisor_darwin Fixes: #5995 Placeholder skeleton at this point - implementation will be added after basic build refactoring lands. Signed-off-by: Eric Ernst Signed-off-by: Danny Canter --- src/runtime/virtcontainers/hypervisor.go | 8 ++++++ .../virtcontainers/hypervisor_darwin.go | 26 +++++++++++++++++++ .../virtcontainers/hypervisor_linux.go | 1 - 3 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 src/runtime/virtcontainers/hypervisor_darwin.go diff --git a/src/runtime/virtcontainers/hypervisor.go b/src/runtime/virtcontainers/hypervisor.go index 955da7d10..b8482e7b4 100644 --- a/src/runtime/virtcontainers/hypervisor.go +++ b/src/runtime/virtcontainers/hypervisor.go @@ -49,6 +49,9 @@ const ( // DragonballHypervisor is the Dragonball hypervisor. DragonballHypervisor HypervisorType = "dragonball" + // VirtFrameworkHypervisor is the Darwin Virtualization.framework hypervisor + VirtframeworkHypervisor HypervisorType = "virtframework" + // MockHypervisor is a mock hypervisor for testing purposes MockHypervisor HypervisorType = "mock" @@ -84,6 +87,8 @@ var ( ) // In some architectures the maximum number of vCPUs depends on the number of physical cores. +// TODO (dcantah): Find a suitable value for darwin/vfw. Seems perf degrades if > number of host +// cores. var defaultMaxVCPUs = govmm.MaxVCPUs() // agnostic list of kernel root parameters for NVDIMM @@ -177,6 +182,9 @@ func (hType *HypervisorType) Set(value string) error { case "dragonball": *hType = DragonballHypervisor return nil + case "virtframework": + *hType = VirtframeworkHypervisor + return nil case "mock": *hType = MockHypervisor return nil diff --git a/src/runtime/virtcontainers/hypervisor_darwin.go b/src/runtime/virtcontainers/hypervisor_darwin.go new file mode 100644 index 000000000..26956eced --- /dev/null +++ b/src/runtime/virtcontainers/hypervisor_darwin.go @@ -0,0 +1,26 @@ +// Copyright (c) 2023 Apple Inc. +// +// SPDX-License-Identifier: Apache-2.0 +// + +package virtcontainers + +import ( + "fmt" +) + +// NewHypervisor returns a hypervisor from a hypervisor type. +func NewHypervisor(hType HypervisorType) (Hypervisor, error) { + switch hType { + case VirtframeworkHypervisor: + return &virtFramework{}, nil + case MockHypervisor: + return &mockHypervisor{}, nil + default: + return nil, fmt.Errorf("Unknown hypervisor type %s", hType) + } +} + +func availableGuestProtection() (guestProtection, error) { + return noneProtection, nil +} diff --git a/src/runtime/virtcontainers/hypervisor_linux.go b/src/runtime/virtcontainers/hypervisor_linux.go index 3d81c1ada..f419e0982 100644 --- a/src/runtime/virtcontainers/hypervisor_linux.go +++ b/src/runtime/virtcontainers/hypervisor_linux.go @@ -27,7 +27,6 @@ func generateVMSocket(id string, vmStogarePath string) (interface{}, error) { // NewHypervisor returns an hypervisor from a hypervisor type. func NewHypervisor(hType HypervisorType) (Hypervisor, error) { - switch hType { case QemuHypervisor: return &qemu{}, nil From 1074d2c1d3dd703acf7b2cc16615fb92c54922ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 6 Jan 2023 18:47:29 +0100 Subject: [PATCH 59/62] clh: Make vmAddNetPutRequest capable of doing hotplugs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit THe only bit needed for having the vmAddNetPutRequest() capable of dealing with hotplugs, instead of only coldplugs, is making sure it doesn't error out in case a `200` response is returned. The 200 response means: """ The new device was successfully added to the VM instance. """ Signed-off-by: Fabiano FidĂȘncio --- src/runtime/virtcontainers/clh.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/runtime/virtcontainers/clh.go b/src/runtime/virtcontainers/clh.go index 92089a537..cd7513d66 100644 --- a/src/runtime/virtcontainers/clh.go +++ b/src/runtime/virtcontainers/clh.go @@ -220,7 +220,7 @@ var vmAddNetPutRequest = func(clh *cloudHypervisor) error { resp.Body.Close() resp.Body = io.NopCloser(bytes.NewBuffer(respBody)) - if resp.StatusCode != 204 { + if resp.StatusCode != 200 && resp.StatusCode != 204 { clh.Logger().Errorf("vmAddNetPut failed with error '%d'. Response: %+v", resp.StatusCode, resp) return fmt.Errorf("Failed to add the network device '%+v' to Cloud Hypervisor: %v", netDevice, resp.StatusCode) } From efa4fc0b25e4ab934a497fdb2ba936511c154271 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 6 Jan 2023 18:53:36 +0100 Subject: [PATCH 60/62] clh: Add hotplug support for network devices MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is needed in order to have Moby / Docker working properly with Cloud Hypervisor, as Moby / Docker relies on hotplugging a network device to the VM as a preStartHook. Fixes: #5997 Signed-off-by: Fabiano FidĂȘncio --- src/runtime/virtcontainers/clh.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/runtime/virtcontainers/clh.go b/src/runtime/virtcontainers/clh.go index cd7513d66..75261c49c 100644 --- a/src/runtime/virtcontainers/clh.go +++ b/src/runtime/virtcontainers/clh.go @@ -886,6 +886,15 @@ func (clh *cloudHypervisor) hotPlugVFIODevice(device *config.VFIODev) error { return err } +func (clh *cloudHypervisor) hotplugAddNetDevice(e Endpoint) error { + err := clh.addNet(e) + if err != nil { + return err + } + + return clh.vmAddNetPut() +} + func (clh *cloudHypervisor) HotplugAddDevice(ctx context.Context, devInfo interface{}, devType DeviceType) (interface{}, error) { span, _ := katatrace.Trace(ctx, clh.Logger(), "HotplugAddDevice", clhTracingTags, map[string]string{"sandbox_id": clh.id}) defer span.End() @@ -897,6 +906,9 @@ func (clh *cloudHypervisor) HotplugAddDevice(ctx context.Context, devInfo interf case VfioDev: device := devInfo.(*config.VFIODev) return nil, clh.hotPlugVFIODevice(device) + case NetDev: + device := devInfo.(Endpoint) + return nil, clh.hotplugAddNetDevice(device) default: return nil, fmt.Errorf("cannot hotplug device: unsupported device type '%v'", devType) } From 03de5f41b27954ae82cba1f1110d816888b6f842 Mon Sep 17 00:00:00 2001 From: Bin Liu Date: Thu, 5 Jan 2023 15:59:35 +0800 Subject: [PATCH 61/62] kata-ctl: remove get_kata_version_by_url function In `src/tools/kata-ctl/src/check.rs`, there is a function `get_kata_version_by_url` in the tests mod, indeed we can use the `get_kata_all_releases_by_url` in the main mod to replace it. Fixes: #5981 Signed-off-by: Bin Liu --- src/tools/kata-ctl/Makefile | 2 +- src/tools/kata-ctl/src/check.rs | 56 +++++++++++++++------------------ 2 files changed, 27 insertions(+), 31 deletions(-) diff --git a/src/tools/kata-ctl/Makefile b/src/tools/kata-ctl/Makefile index 167f85c3e..abd7be325 100644 --- a/src/tools/kata-ctl/Makefile +++ b/src/tools/kata-ctl/Makefile @@ -50,7 +50,7 @@ vendor: cargo vendor test: - @RUSTFLAGS="$(EXTRA_RUSTFLAGS) --deny warnings" cargo test --target $(TRIPLE) $(if $(findstring release,$(BUILD_TYPE)),--release) $(EXTRA_RUSTFEATURES) + @RUSTFLAGS="$(EXTRA_RUSTFLAGS) --deny warnings" cargo test --target $(TRIPLE) $(if $(findstring release,$(BUILD_TYPE)),--release) $(EXTRA_RUSTFEATURES) -- --nocapture install: @RUSTFLAGS="$(EXTRA_RUSTFLAGS) --deny warnings" cargo install --target $(TRIPLE) --path . diff --git a/src/tools/kata-ctl/src/check.rs b/src/tools/kata-ctl/src/check.rs index 8e5850083..139606270 100644 --- a/src/tools/kata-ctl/src/check.rs +++ b/src/tools/kata-ctl/src/check.rs @@ -114,9 +114,9 @@ pub fn run_network_checks() -> Result<()> { Ok(()) } -fn get_kata_all_releases_by_url() -> std::result::Result, reqwest::Error> { +fn get_kata_all_releases_by_url(url: &str) -> std::result::Result, reqwest::Error> { let releases: Vec = reqwest::blocking::Client::new() - .get(KATA_GITHUB_RELEASE_URL) + .get(url) .header(CONTENT_TYPE, JSON_TYPE) .header(USER_AGENT, USER_AGT) .send()? @@ -146,7 +146,8 @@ fn handle_reqwest_error(e: reqwest::Error) -> anyhow::Error { } pub fn check_all_releases() -> Result<()> { - let releases: Vec = get_kata_all_releases_by_url().map_err(handle_reqwest_error)?; + let releases: Vec = + get_kata_all_releases_by_url(KATA_GITHUB_RELEASE_URL).map_err(handle_reqwest_error)?; for release in releases { if !release.prerelease { @@ -165,7 +166,8 @@ pub fn check_all_releases() -> Result<()> { } pub fn check_official_releases() -> Result<()> { - let releases: Vec = get_kata_all_releases_by_url().map_err(handle_reqwest_error)?; + let releases: Vec = + get_kata_all_releases_by_url(KATA_GITHUB_RELEASE_URL).map_err(handle_reqwest_error)?; println!("Official Releases..."); for release in releases { @@ -185,24 +187,6 @@ pub fn check_official_releases() -> Result<()> { mod tests { use super::*; use semver::Version; - use serde_json::Value; - use std::collections::HashMap; - - const KATA_GITHUB_URL: &str = - "https://api.github.com/repos/kata-containers/kata-containers/releases/latest"; - - fn get_kata_version_by_url(url: &str) -> std::result::Result { - let content = reqwest::blocking::Client::new() - .get(url) - .header(CONTENT_TYPE, JSON_TYPE) - .header(USER_AGENT, USER_AGT) - .send()? - .error_for_status()? - .json::>()?; - - let version = content["tag_name"].as_str().unwrap(); - Ok(version.to_string()) - } #[test] fn test_get_cpu_info_empty_input() { @@ -228,7 +212,10 @@ mod tests { fn check_version_by_empty_url() { const TEST_URL: &str = "http:"; let expected = "builder error: empty host"; - let actual = get_kata_version_by_url(TEST_URL).err().unwrap().to_string(); + let actual = get_kata_all_releases_by_url(TEST_URL) + .err() + .unwrap() + .to_string(); assert_eq!(expected, actual); } @@ -236,7 +223,10 @@ mod tests { fn check_version_by_garbage_url() { const TEST_URL: &str = "_localhost_"; let expected = "builder error: relative URL without a base"; - let actual = get_kata_version_by_url(TEST_URL).err().unwrap().to_string(); + let actual = get_kata_all_releases_by_url(TEST_URL) + .err() + .unwrap() + .to_string(); assert_eq!(expected, actual); } @@ -244,25 +234,31 @@ mod tests { fn check_version_by_invalid_url() { const TEST_URL: &str = "http://localhost :80"; let expected = "builder error: invalid domain character"; - let actual = get_kata_version_by_url(TEST_URL).err().unwrap().to_string(); + let actual = get_kata_all_releases_by_url(TEST_URL) + .err() + .unwrap() + .to_string(); assert_eq!(expected, actual); } #[test] fn check_latest_version() { - let version = get_kata_version_by_url(KATA_GITHUB_URL); + let releases = get_kata_all_releases_by_url(KATA_GITHUB_RELEASE_URL); // sometime in GitHub action accessing to github.com API may fail // we can skip this test to prevent the whole test fail. - if version.is_err() { + if releases.is_err() { println!( "WARNING!!!\nget kata version failed({:?}), this maybe a temporary error, just skip the test.", - version.unwrap_err() + releases.unwrap_err() ); return; } - let version = version.unwrap(); + let releases = releases.unwrap(); - let v = Version::parse(&version).unwrap(); + assert!(!releases.is_empty()); + let release = &releases[0]; + + let v = Version::parse(&release.tag_name).unwrap(); assert!(!v.major.to_string().is_empty()); assert!(!v.minor.to_string().is_empty()); assert!(!v.patch.to_string().is_empty()); From 73532eb4009ff2bc151c26d84839567e958d7358 Mon Sep 17 00:00:00 2001 From: Georgina Kinge Date: Mon, 9 Jan 2023 14:22:32 +0000 Subject: [PATCH 62/62] runtime: fixing merge conflicts Signed-off-by: Georgina Kinge --- .../crates/resource/src/share_fs/virtio_fs_share_mount.rs | 2 +- src/runtime/virtcontainers/hypervisor.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs b/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs index b0640c4bf..27fb47972 100644 --- a/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs +++ b/src/runtime-rs/crates/resource/src/share_fs/virtio_fs_share_mount.rs @@ -196,7 +196,7 @@ impl ShareFsMount for VirtiofsShareMount { async fn umount_volume(&self, file_name: &str) -> Result<()> { let host_dest = do_get_host_path(file_name, &self.id, "", true, false); - umount_timeout(host_dest, 0).context("umount volume")?; + umount_timeout(&host_dest, 0).context("umount volume")?; // Umount event will be propagated to ro directory // Remove the directory of mointpoint diff --git a/src/runtime/virtcontainers/hypervisor.go b/src/runtime/virtcontainers/hypervisor.go index 1ed0ba843..a39213dc1 100644 --- a/src/runtime/virtcontainers/hypervisor.go +++ b/src/runtime/virtcontainers/hypervisor.go @@ -51,7 +51,7 @@ const ( // RemoteHypervisor is the Remote hypervisor. RemoteHypervisor HypervisorType = "remote" - + // VirtFrameworkHypervisor is the Darwin Virtualization.framework hypervisor VirtframeworkHypervisor HypervisorType = "virtframework"