Commit 81607e34 updated src/agent/rustjail/Cargo.toml, to remove an
unneeded dependency. That causes cargo to update src/agent/Cargo.lock
on each build. However, the change to Cargo.lock wasn't checked in
meaning anyone working on the agent code will get bogus diffs with every
build. Check in the missing file to fix this.
fixes#1505
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Since the crate dirs::home_dir function depends on the
libc's api: getpwuid_r, but this api function wouldn't
be static linked on glibc, thus we'd better to figure
out an alternative way to get the home dir from /etc/passwd.
For much more info about this glibc's issue, please see:
https://sourceware.org/bugzilla/show_bug.cgi?id=19341.
This commit read and parse the "/etc/passwd" directly and
fetch the corresponding uid's home dir.
Fixes: #675
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
Add target to run codecov report locally.
Useful to identify what are the missing lines
to be covered by unit test.
Fixes: #1487
Signed-off-by: Carlos Venegas <jos.c.venegas.munoz@intel.com>
When do pass guest device files to container, the source
file wouldn't be a regular file, but we also need to create
a corresponding destination file to bind mount source file
to it. Thus it's better to check whether the source file
was a directory instead of regular file.
Fixes: #1477
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
Agent sends -1 PID when invoking OCI hooks.
OCI state struct is initialized before obtaining PID, so this PR moves
`oci_state` call down, right after we get the id.
Fixes: #1458
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Port kata-containers/agent#883 to the Rust Agent.
In the event that the virtiofs device is already mounted at the
requested destination, don't error out. We'll check before attempting to
mount to see if the destination is already a mount point. If so, skip
doing the mount in the agent.
This facilitates mounting the sharedfs automatically in the guest before
the agent service starts.
Signed-off-by: Eric Ernst eric.g.ernst@gmail.comFixes: #1398
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
If the container has exited, the sender in notifier watching OOM events
will be dropped after the loop exited, and recv() from the according
receiver will get None.
This will lead two problems for get_oom_event rpc all from agent:
- return an wrong OOM event.
- continuously return OOM events.
Fixes: #1369
Signed-off-by: bin <bin@hyper.sh>
Currently pcipath_to_sysfs() generates the path to the root bus node in
sysfs via create_pci_root_bus_path(). This is inconvenient for testing,
though, so instead make it take this as a parameter and generate the path
in the (single) caller. As a bonus this will make life a bit easier when
we want to support machines with multiple PCI roots.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
pcipath_to_sysfs takes a PCI path, with a particular format. A number of
places implicitly need strings in that format, many of them repeat the
description. To make things safer and briefer use the pci::Path type for
the purpose more widely, and just describe the string formatting of it at
the type definition.
Then, update variable names and comments throughout to call things in
this format "PCI path", rather than "PCI identifier", which is vague,
or "PCI address" which is just plain wrong. Likewise we change names and
comments which incorrectly refer to sysfs paths as a "PCI address".
This changes the grpc proto definitions, but because it's just
changing the name of a field without changing the field number, it
shouldn't change the actual protocol.
A loose forward port of
da4bc1d184
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Currently pcipath_to_sysfs(), which translates PCI paths into sysfs paths
accepts only pci paths with exactly 2 components; which represents PCI
devices separated from the root bus by exactly one PCI to PCI bridge (which
could be a virtual P2P bridge, such as a PCI-E root port).
There are cases we might reasonably want to support which have devices
either plugged directly into the root bus (zero bridges), or under
multiple layers of P2P bridge (a PCI-E switch would require at least 2
layers).
So, generalize pcipath_to_sysfs to support any number of components in the
PCI path. We also make it use the new type for PCI paths internally rather
than plain strings.
This is a loose forward port of
9804b1e55dfixes#1040
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
get_pci_device_address() has pretty confusing semantics. Both its input
and output are in other parts of the code described as a "PCI address", but
neither is *actually* a PCI address (in the standard DDDD:BB:DD.F format).
What it's really about is resolving a "PCI path" - that is way to locate a
PCI device by using it's slot number and the slot number of the bridge
leading to it - into a sysfs path.
Rename the function, and change a bunch of variable names to make those
semantics clearer.
Forward port of
https://github.com/kata-containers/agent/pull/855/commits/0eb612f06484
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Now that we have types to represent PCI paths on both the agent and
runtime sides, we can update the protocol definitionto use clearer
terminology.
Note that this doesn't actually change the agent protocol, because it just
renames a field without changing its field ID or type.
While we're there fix a trivial rustfmt error in
src/agent/protocols/build.rs
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Introduce a Rust type to represent a "PCI path" - that is a way of
locating a PCI device from a given root by listing the slots of all
the bridges leading to it and finally the slot of the device itself.
It's implemented as a vector of the previously added pci::Slot type,
and includes the necessary validation and conversions to/from strings.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Add a Rust type for representing a PCI slot on a single bus. This is
essentially just an integer from 0..31 (inclusive), but includes the
code for converting from integers with appropriate validation and
formatting back to a string.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This PR fixes wrong serialization of OCI state object.
OCI hooks end up with a JSON string with double quotes in `state` field.
This happens because of confusion `Debug` and `Display` traits. Debug trait
returns a string representation with double quotes.
Ideally we should not use Debug as a part of serialization process, so a bit
more safer fix would be to move container states to `oci` crate and simply
disallow wrong values in that field.
`ContainerState` in go spec: https://github.com/opencontainers/runtime-spec/blob/master/specs-go/state.go#L4Fixes: #1404
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
The unit test for list_interfaces() checks that the hardware address
returned for each interface has non-zero length. However, that need not be
the case. Point-to-point devices, such as ppp, or tun devices in certain
configurations may not have a hardware address, which is represented as
a zero length address here.
This happens on my machine with a tun0 device created by OpenVPN.
fixes#1377
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The current implementation of rustjail uses the specific setrlimit.
This patch uses rlimit crate for maintainability.
Fixes: #1372
Signed-off-by: Manabu Sugimoto <Manabu.Sugimoto@sony.com>
Add a bit to the agent README about installing protoc manually for Power (ppc64le)
Fixes: #1068
Signed-off-by: Christy Norman <christy@linux.vnet.ibm.com>
Since there is no Rust target for musl on s390x, builds on s390x should
use glibc. This commit makes glibc the default on s390x as per the agent
Makefile.
Fixes: #1262
Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
test_process has a assertion that waitpid(-1) will fail
because there is no child process in most cases.
But if there is any child process forked by other unit test,
the test test_process will fail.
Because waitpid(-1) will wait for any child process including the
process created by other unit tests.
Signed-off-by: Tim Zhang <tim@hyper.sh>
