The code in the end of init_child is unreachable and need to be removed.
The code after do_exec is unreachable and need to be removed.
Signed-off-by: Tim Zhang <tim@hyper.sh>
Current working directory is a process level resource. We cannot call
chdir in parallel from multiple threads, which would cause cwd confusion
and result in UT failures.
The agent code itself is correct that chdir is only called from spawned
child init process. Well, there is one exception that it is also called
in do_create_container() but it is safe to assume that containers are
never created in parallel (at least for now).
Fixes: #782
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Set enable_debug_console=true in Kata's congiguration file,
runtime will pass `agent.debug_console`
and `agent.debug_console_vport=1026` to agent.
Fixes: #245
Signed-off-by: bin liu <bin@hyper.sh>
The code used `match` as a switch with variable patterns `ev_fd` and
`cf_fd`, but the way Rust interprets the code is that the first
pattern matches all values. The code does not perform as expected.
This addresses the following warning:
warning: unreachable pattern
--> rustjail/src/cgroups/notifier.rs:114:21
|
107 | ev_fd => {
| ----- matches any value
...
114 | cg_fd => {
| ^^^^^ unreachable pattern
|
= note: `#[warn(unreachable_patterns)]` on by default
Fixes: #750Fixes: #793
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
This only allows some whitelists files bind mounted under proc
and prevent other malicious mount to procfs.
Fixes: #807
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
Add unit tests for finish_root, read_only_path and mknod_dev
increasing code coverage of mount.rs
fixes#284
Signed-off-by: Julio Montes <julio.montes@intel.com>
Use conditional compilation (#[cfg]) to change chroot behaviour
at compilation time. For example, such function will just return
`Ok(())` when the unit tests are being compiled, otherwise real
chroot operation is performed.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Use conditional compilation (#[cfg]) to change pivot_root behaviour
at compilation time. For example, such function will just return
`Ok(())` when the unit tests are being compiled, otherwise real
pivot_root operation is performed.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Don't use unwrap in `init_rootfs` instead return an Error, this way
we can write unit tests that don't panic.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Add tempfile crate as depedency, it will be used in the following
commits to create temporary directories for unit testing.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Use conditional compilation (#[cfg]) to change mount and umount
behaviours at compilation time. For example, such functions will just
return `Ok(())` when the unit tests are being compiled, otherwise real
mount and umount operations are performed.
Signed-off-by: Julio Montes <julio.montes@intel.com>
The version.rs file is now generated to contain up-to-date information
from the makefile, including git commit and the full binary path.
The makefile has also been modified to make it easier to add changes
in generated files based on makefile variables.
Fixes: #740
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
Fix the bug where the version string generated by the `Makefile` was not
being passed to the agent, resulting in a "unknown" version.
Fixes: #725.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
Until a container is deleted, agent should allow runtime to wait for
a process in parallel, as being supported by the go agent.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
The cgroup_parent path is expected to be absolute path,
add an '/' prefix to the passed cgroup_parent path to make
sure it's an absolute path.
Fixes: #336
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
Sometimes runtime will fail in onlining CPU process,
because when the runtime calls to QMP
`device_add`, QEMU doesn't allocate all vCPUs inmediatelly.
Fixes: #665
Signed-off-by: bin liu <bin@hyper.sh>
`rustjail::erros` was removed in a previous commit, hence some external crates
like `error_chain` are no longger required, update Cargo.toml and Cargo.lock
to reflect these changes.
Signed-off-by: Julio Montes <julio.montes@intel.com>
Don't use `rustjail::errors` for error handling, since it's not
thread safe and there are better alternatives like `anyhow`.
`anyhow` attaches context to help the person troubleshooting
the error understand where things went wrong, for example:
Current error messages:
```
No such file or directory (os error 2)
```
With `anyhow`:
```
Error: Failed to read config.json
Caused by:
No such file or directory (os error 2)
```
fixes#641
Signed-off-by: Julio Montes <julio.montes@intel.com>
anyhow provides `anyhow::Error`, a trait object based error type for
easy idiomatic error handling in Rust applications
Signed-off-by: Julio Montes <julio.montes@intel.com>
