In a number of cases, we have functions that return a Result<...>
and where the possible error case is simply ignored. This is a bit
unhealthy.
Add a `check!` macro that allows us to not ignore error values
that we want to log, while not interrupting the flow by returning
them. This is useful for low-level functions such as `signal::kill` or
`unistd::close` where an error is probably significant, but should not
necessarily interrupt the flow of the program (i.e. using `call()?` is
not the right answer.
The check! macro is then used on low-level calls. This addresses the
following warnings from #750:
This addresses the following warning:
warning: unused `std::result::Result` that must be used
--> /home/ddd/go/src/github.com/kata-containers-2.0/src/agent/rustjail/src/container.rs:903:17
|
903 | signal::kill(Pid::from_raw(p.pid), Some(Signal::SIGKILL));
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: `#[warn(unused_must_use)]` on by default
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> /home/ddd/go/src/github.com/kata-containers-2.0/src/agent/rustjail/src/container.rs:916:17
|
916 | signal::kill(Pid::from_raw(child.id() as i32), Some(Signal::SIGKILL));
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:340:13
|
340 | write_sync(cwfd, SYNC_FAILED, format!("{:?}", e).as_str());
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: `#[warn(unused_must_use)]` on by default
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:554:13
|
554 | / write_sync(
555 | | cwfd,
556 | | SYNC_FAILED,
557 | | format!("setgroups failed: {:?}", e).as_str(),
558 | | );
| |______________^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:340:13
|
340 | write_sync(cwfd, SYNC_FAILED, format!("{:?}", e).as_str());
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:340:13
|
340 | write_sync(cwfd, SYNC_FAILED, format!("{:?}", e).as_str());
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: `#[warn(unused_must_use)]` on by default
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:554:13
|
554 | / write_sync(
555 | | cwfd,
556 | | SYNC_FAILED,
557 | | format!("setgroups failed: {:?}", e).as_str(),
558 | | );
| |______________^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:626:5
|
626 | unistd::close(cfd_log);
| ^^^^^^^^^^^^^^^^^^^^^^^
|
= note: `#[warn(unused_must_use)]` on by default
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:627:5
|
627 | unistd::close(crfd);
| ^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:628:5
|
628 | unistd::close(cwfd);
| ^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:770:9
|
770 | fcntl::fcntl(pfd_log, FcntlArg::F_SETFD(FdFlag::FD_CLOEXEC));
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: `#[warn(unused_must_use)]` on by default
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:799:9
|
799 | fcntl::fcntl(prfd, FcntlArg::F_SETFD(FdFlag::FD_CLOEXEC));
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:800:9
|
800 | fcntl::fcntl(pwfd, FcntlArg::F_SETFD(FdFlag::FD_CLOEXEC));
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:803:13
|
803 | unistd::close(prfd);
| ^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:930:9
|
930 | log_handler.join();
| ^^^^^^^^^^^^^^^^^^^
|
= note: `#[warn(unused_must_use)]` on by default
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:803:13
|
803 | unistd::close(prfd);
| ^^^^^^^^^^^^^^^^^^^^
|
= note: `#[warn(unused_must_use)]` on by default
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:804:13
|
804 | unistd::close(pwfd);
| ^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:842:13
|
842 | sched::setns(old_pid_ns, CloneFlags::CLONE_NEWPID);
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/container.rs:843:13
|
843 | unistd::close(old_pid_ns);
| ^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
Fixes: #844Fixes: #750
Suggested-by: Tim Zhang <tim@hyper.sh>
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
Various recently added error-causing calls
This addresses the following warning:
warning: unused `std::result::Result` that must be used
--> rustjail/src/cgroups/fs/mod.rs:93:9
|
93 | cg.add_task(CgroupPid::from(pid as u64));
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: `#[warn(unused_must_use)]` on by default
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/cgroups/fs/mod.rs:196:17
|
196 | freezer_controller.thaw();
| ^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/cgroups/fs/mod.rs:199:17
|
199 | freezer_controller.freeze();
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/cgroups/fs/mod.rs:365:9
|
365 | cpuset_controller.set_cpus(&cpu.cpus);
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/cgroups/fs/mod.rs:369:9
|
369 | cpuset_controller.set_mems(&cpu.mems);
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/cgroups/fs/mod.rs:381:13
|
381 | cpu_controller.set_shares(shares);
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/cgroups/fs/mod.rs:385:5
|
385 | cpu_controller.set_cfs_quota_and_period(cpu.quota, cpu.period);
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
warning: unused `std::result::Result` that must be used
--> rustjail/src/cgroups/fs/mod.rs:1061:13
|
1061 | cpuset_controller.set_cpus(cpuset_cpus);
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: this `Result` may be an `Err` variant, which should be handled
The specific case of cpu_controller.set_cfs_quota_and_period is
addressed in a way that changes the logic following a suggestion by
Liu Bin, who had just added the code.
Fixes: #750
Suggested-by: Liu Bin <bin@hyper.sh>
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
When we are writing to the logs and there is an error doing so, there
is not much we can do. Chances are that a panic would make things
worse. So let it go through.
warning: unused `std::result::Result` that must be used
--> rustjail/src/sync.rs:26:9
|
26 | write_count(lfd, log_str.as_bytes(), log_str.len());
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
::: rustjail/src/container.rs:339:13
|
339 | log_child!(cfd_log, "child exit: {:?}", e);
| ------------------------------------------- in this macro invocation
|
= note: this `Result` may be an `Err` variant, which should be handled
= note: this warning originates in a macro (in Nightly builds, run with -Z macro-backtrace for more info)
Fixes: #750
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
Some functions have undefined behavior and are not actually used.
This addresses the following warning:
warning: the type `oci::User` does not permit zero-initialization
--> rustjail/src/lib.rs:99:18
|
99 | unsafe { MaybeUninit::zeroed().assume_init() }
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
| |
| this code causes undefined behavior when executed
| help: use `MaybeUninit<T>` instead, and only call `assume_init` after initialization is done
|
= note: `#[warn(invalid_value)]` on by default
note: `std::ptr::Unique<u32>` must be non-null (in this struct field)
warning: the type `protocols::oci::Process` does not permit zero-initialization
--> rustjail/src/lib.rs:146:14
|
146 | unsafe { MaybeUninit::zeroed().assume_init() }
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
| |
| this code causes undefined behavior when executed
| help: use `MaybeUninit<T>` instead, and only call `assume_init` after initialization is done
|
note: `std::ptr::Unique<std::string::String>` must be non-null (in this struct field)
Fixes: #750
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
Addresses the following warning (and a few similar ones):
warning: variable does not need to be mutable
--> rustjail/src/container.rs:369:9
|
369 | let mut oci_process: oci::Process = serde_json::from_str(process_str)?;
| ----^^^^^^^^^^^
| |
| help: remove this `mut`
|
= note: `#[warn(unused_mut)]` on by default
Fixes: #750
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
This addresses the following:
warning: use of deprecated item 'std::error::Error::description': use the Display impl or to_string()
--> rustjail/src/container.rs:1598:31
|
1598 | ... e.description(),
| ^^^^^^^^^^^
|
= note: `#[warn(deprecated)]` on by default
Fixes: #750
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
Parameters that are never used were removed.
Parameters that are unused, but necessary because of some common
interface were renamed with a _ prefix.
In one case, consume the parameter by adding an info! call, and fix a
minor typo in a message in the same function.
This addresses the following warning:
warning: unused variable: `child`
--> rustjail/src/container.rs:1128:5
|
1128 | child: &mut Child,
| ^^^^^ help: if this is intentional, prefix it with an underscore: `_child`
warning: unused variable: `logger`
--> rustjail/src/container.rs:1049:22
|
1049 | fn update_namespaces(logger: &Logger, spec: &mut Spec, init_pid: RawFd) -> Result<()> {
| ^^^^^^ help: if this is intentional, prefix it with an underscore: `_logger`
Fixes: #750
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
Remove variables that are simply not used.
Rename as _ variables where only initialization matters.
This addresses the following warnings:
warning: unused variable: `writer`
--> src/main.rs:130:9
|
130 | let writer = unsafe { File::from_raw_fd(wfd) };
| ^^^^^^ help: if this is intentional, prefix it with an underscore: `_writer`
|
= note: `#[warn(unused_variables)]` on by default
warning: unused variable: `ctx`
--> src/rpc.rs:782:9
|
782 | ctx: &ttrpc::TtrpcContext,
| ^^^ help: if this is intentional, prefix it with an underscore: `_ctx`
warning: unused variable: `ctx`
--> src/rpc.rs:808:9
|
808 | ctx: &ttrpc::TtrpcContext,
| ^^^ help: if this is intentional, prefix it with an underscore: `_ctx`
warning: unused variable: `dns_list`
--> src/rpc.rs:1152:16
|
1152 | Ok(dns_list) => {
| ^^^^^^^^ help: if this is intentional, prefix it with an underscore: `_dns_list`
warning: value assigned to `child_stdin` is never read
--> rustjail/src/container.rs:807:13
|
807 | let mut child_stdin = std::process::Stdio::null();
| ^^^^^^^^^^^^^^^
|
= note: `#[warn(unused_assignments)]` on by default
= help: maybe it is overwritten before being read?
warning: value assigned to `child_stdout` is never read
--> rustjail/src/container.rs:808:13
|
808 | let mut child_stdout = std::process::Stdio::null();
| ^^^^^^^^^^^^^^^^
|
= help: maybe it is overwritten before being read?
warning: value assigned to `child_stderr` is never read
--> rustjail/src/container.rs:809:13
|
809 | let mut child_stderr = std::process::Stdio::null();
| ^^^^^^^^^^^^^^^^
|
= help: maybe it is overwritten before being read?
warning: value assigned to `stdin` is never read
--> rustjail/src/container.rs:810:13
|
810 | let mut stdin = -1;
| ^^^^^^^^^
|
= help: maybe it is overwritten before being read?
warning: value assigned to `stdout` is never read
--> rustjail/src/container.rs:811:13
|
811 | let mut stdout = -1;
| ^^^^^^^^^^
|
= help: maybe it is overwritten before being read?
warning: value assigned to `stderr` is never read
--> rustjail/src/container.rs:812:13
|
812 | let mut stderr = -1;
| ^^^^^^^^^^
|
= help: maybe it is overwritten before being read?
Fixes: #750
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
This addresses the following warning:
warning: unnecessary braces around assigned value
--> src/rpc.rs:1411:26
|
1411 | detail.init_daemon = { unistd::getpid() == Pid::from_raw(1) };
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ help: remove these braces
|
= note: `#[warn(unused_braces)]` on by default
Fixes: #750
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
We can rely on the error handling of the actual HTTP API calls to catch
errors, and don't need to call VmmPing explicitly in advance.
Signed-off-by: Bo Chen <chen.bo@intel.com>
The cloud-hypervisor commit `6d30fe05` introduced a fix on its API for
VFIO device hotplug (`VmAddDevice`), which is required for supporting
VFIO unplug through openAPI calls in kata.
Signed-off-by: Bo Chen <chen.bo@intel.com>
Tag openapi-generator-cli container to v4.3.1 that is the latest
stable, this way we can have reproducible builds and the same
generated code in all the systems
Signed-off-by: Julio Montes <julio.montes@intel.com>
k8s.io/apimachinery/pkg/api/resource is a memory quantities parser,
we use it to parse the SGX EPC size defined by the `sgx.intel.com/epc`
annotation
Signed-off-by: Julio Montes <julio.montes@intel.com>
Support the `sgx.intel.com/epc` annotation that is defined by the intel
k8s plugin. This annotation enables SGX. Hardware-based isolation and
memory encryption.
For example, use `sgx.intel.com/epc = "64Mi"` to create a container
with 1 EPC section with pre-allocated memory.
At the time of writing this patch, SGX patches have not landed on the
linux kernel project.
The following github kernel fork contains all the SGX patches for the
host and guest: https://github.com/intel/kvm-sgxfixes#483
Signed-off-by: Julio Montes <julio.montes@intel.com>
rust agent does not use grpc as submodule for a while, update README
to reflect the change.
Fixes: #196
Signed-off-by: Yang Bo <bo@hyper.sh>
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
The code in the end of init_child is unreachable and need to be removed.
The code after do_exec is unreachable and need to be removed.
Signed-off-by: Tim Zhang <tim@hyper.sh>
Firecracker expose metrics through fifo file
and using a JSON format. This PR will parse the
Firecracker's metrics and convert to Prometheus metrics.
Fixes: #472
Signed-off-by: bin liu <bin@hyper.sh>
Current working directory is a process level resource. We cannot call
chdir in parallel from multiple threads, which would cause cwd confusion
and result in UT failures.
The agent code itself is correct that chdir is only called from spawned
child init process. Well, there is one exception that it is also called
in do_create_container() but it is safe to assume that containers are
never created in parallel (at least for now).
Fixes: #782
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Somehow we are not running static checks for a long time.
And that ended up with a lot for errors.
* Ensure debug options are valid is dropped
* fix snap links
* drop extra CONTRIBUTING.md
* reference kata-pkgsync
* move CODEOWNERS to proper place
* remove extra CODE_OF_CONDUCT.md.
* fix spell checker error on Developer-Guide.md
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Set enable_debug_console=true in Kata's congiguration file,
runtime will pass `agent.debug_console`
and `agent.debug_console_vport=1026` to agent.
Fixes: #245
Signed-off-by: bin liu <bin@hyper.sh>
Create "class" and "config" file in temporary device BDF dir,
and remove dir created by ioutil.TempDir() when test finished.
fixes: #746
Signed-off-by: zhanghj <zhanghj.lc@inspur.com>
The code used `match` as a switch with variable patterns `ev_fd` and
`cf_fd`, but the way Rust interprets the code is that the first
pattern matches all values. The code does not perform as expected.
This addresses the following warning:
warning: unreachable pattern
--> rustjail/src/cgroups/notifier.rs:114:21
|
107 | ev_fd => {
| ----- matches any value
...
114 | cg_fd => {
| ^^^^^ unreachable pattern
|
= note: `#[warn(unreachable_patterns)]` on by default
Fixes: #750Fixes: #793
Signed-off-by: Christophe de Dinechin <dinechin@redhat.com>
This only allows some whitelists files bind mounted under proc
and prevent other malicious mount to procfs.
Fixes: #807
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
