aljaz/kata-containers
1
0
Fork 0
mirror of https://github.com/aljazceru/kata-containers.git synced 2026-02-20 05:54:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,119 Commits 30 Branches 115 Tags
d2f17ee55aabcafa1ba01318d85e82c4966bcba2
Commit Graph

278 Commits

Author SHA1 Message Date
Georgina Kinge
9d524b29ad CCv0: Merge main into CCv0 branch 
Merge remote-tracking branch 'upstream/main' into CCv0

Fixes: #4602
Signed-off-by: Georgina Kinge <georgina.kinge@ibm.com>
 2022-07-06 14:27:15 +01:00
Bin Liu
0189738283 Merge pull request #4576 from ManaSugi/fix/oci-poststart-hook 
agent: Run OCI poststart hooks after a container is launched
 2022-07-05 11:08:49 +08:00
Manabu Sugimoto
fbb2e9bce9 agent: Replace some libc functions with nix ones 
Replace `libc::setgroups()`, `libc::fchown()`, and `libc::sethostname()`
functions with nix crate ones for safety and maintainability.

Fixes: #4579

Signed-off-by: Manabu Sugimoto <Manabu.Sugimoto@sony.com>
 2022-07-04 14:49:38 +09:00
Manabu Sugimoto
acd3302bef agent: Run OCI poststart hooks after a container is launched 
Run the OCI `poststart` hooks must be called after the
user-specified process is executed but before the `start`
operation returns in accordance with OCI runtime spec.

Fixes: #4575

Signed-off-by: Manabu Sugimoto <Manabu.Sugimoto@sony.com>
 2022-07-03 18:03:51 +09:00
Megan Wright
eeff63375f CCv0: Merge main into CCv0 branch 
Merge in snap fix

Signed-off-by: Megan Wright <megan.wright@ibm.com>
 2022-06-16 10:55:42 +01:00
Megan Wright
aa9d875a8d CCv0: Merge main into CCv0 branch 
Merge remote-tracking branch 'upstream/main' into CCv0

Fixes: #4424
Signed-off-by: Megan Wright <megan.wright@ibm.com>
 2022-06-08 15:51:18 +01:00
dependabot[bot]
e9ada165ff build(deps): bump regex from 1.5.4 to 1.5.5 in /src/agent 
Bumps [regex](https://github.com/rust-lang/regex) from 1.5.4 to 1.5.5.
- [Release notes](https://github.com/rust-lang/regex/releases)
- [Changelog](https://github.com/rust-lang/regex/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-lang/regex/compare/1.5.4...1.5.5)

---
updated-dependencies:
- dependency-name: regex
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-08 10:47:58 +03:00
Bin Liu
a238d8c6bd Merge pull request #4300 from justxuewei/fix/rustjail/home-env 
rustjail: get home dir using nix crate
 2022-06-06 11:03:46 +08:00
Feng Wang
9d27c1fced agent: ignore ESRCH error when destroying containers 
destroy() method should ignore the ESRCH error from signal::kill
and continue the operation as ESRCH is often considered harmless.

Fixes: #4359

Signed-off-by: Feng Wang <feng.wang@databricks.com>
 2022-06-02 08:19:48 -07:00
Manabu Sugimoto
5903815746 agent: Pass standard I/O to container launched by runk 
The `kata-agent` passes its standard I/O file descriptors
through to the container process that will be launched
by `runk` without manipulation or modification in order to
allow the container process can handle its I/O operations.

Fixes: #4327

Signed-off-by: Manabu Sugimoto <Manabu.Sugimoto@sony.com>
 2022-06-01 10:19:57 +09:00
Manabu Sugimoto
6dbce7c3de agent: Remove unused import in console test 
Remove some unused imports in console test module
used by runk's test.

Fixes: #4351

Signed-off-by: Manabu Sugimoto <Manabu.Sugimoto@sony.com>
 2022-05-31 21:54:02 +09:00
Xuewei Niu
6ecea84bc5 rustjail: get home dir using nix crate 
Get user's home dir using `nix::unistd` crate instead of `utils` crate,
and remove useless code from agent.

Fixes: #4209

Signed-off-by: Xuewei Niu <justxuewei@apache.org>
 2022-05-31 15:04:33 +08:00
Tim Zhang
5eb109c6da runk: merge oci-kata-agent into runk 
Merge two bins into one.

Fixes: #4291

Signed-off-by: Tim Zhang <tim@hyper.sh>
 2022-05-30 16:02:29 +02:00
Tim Zhang
35619b45aa runk: merge oci-kata-agent into runk 
Merge two bins into one.

Fixes: #4291

Signed-off-by: Tim Zhang <tim@hyper.sh>
 2022-05-23 16:54:09 +08:00
Georgina Kinge
a259b1360d CCv0: Merge main into CCv0 branch 
Merge remote-tracking branch 'upstream/main' into CCv0

Fixes: #4235
Signed-off-by: Georgina Kinge <georgina.kinge@ibm.com>
 2022-05-12 09:45:01 +01:00
Megan Wright
ef1ae5bc93 CCv0: Merge main into CCv0 branch 
Merge remote-tracking branch 'upstream/main' into CCv0

Fixes: #4200
Signed-off-by: Megan Wright <megan.wright@.ibm.com>
 2022-05-04 11:26:50 +01:00
Garrett Mahin
4a1e13bd8f rustjail: Add tests for hook_grpc_to_oci 
Add test coverage for hook_grpc_to_oci in rustjail/src/lib.rs

Fixes: #4125

Signed-off-by: Garrett Mahin <garrett.mahin@gmail.com>
 2022-05-02 23:59:33 +02:00
James O. D. Hunt
cc839772d3 Merge pull request #2785 from ManaSugi/standard-container-runtime 
tools: Add a Rust-based standard OCI container runtime based on Kata agent
 2022-04-29 13:20:59 +01:00
James O. D. Hunt
2d5f11501c Merge pull request #4083 from bradenrayhorn/test-parse-mount-table 
rustjail: add tests for parse_mount_table
 2022-04-29 11:34:22 +01:00
Braden Rayhorn
b0e439cb66 rustjail: add tests for parse_mount_table 
Add tests for parse_mount_table function in rustjail/src/mount.rs.
Includes some minor refactoring improve the testability of the
function and improve its error values.

Fixes: #4082

Signed-off-by: Braden Rayhorn <bradenrayhorn@fastmail.com>
 2022-04-27 20:06:01 -05:00
Manabu Sugimoto
2c218a07b9 agent: Modify Kata agent for runk 
Generate an oci-kata-agent which is a customized agent to be
called from runk which is a Rust-based standard OCI container
runtime based on Kata agent.

Fixes: #2784

Signed-off-by: Manabu Sugimoto <Manabu.Sugimoto@sony.com>
 2022-04-28 00:48:57 +09:00
Georgina Kinge
67015ac1d7 CCv0: Merge main into CCv0 branch 
Merge remote-tracking branch 'upstream/main' into CCv0

Fixes: #4157
Signed-off-by: Georgina Kinge <georgina.kinge@ibm.com>
 2022-04-27 10:39:08 +01:00
Garrett Mahin
4b9e78b837 rustjail: Add tests for mount_grpc_to_oci 
Add test coverage for mount_grpc_to_oci in rustjail/src/lib.rs

Fixes: #4106

Signed-off-by: Garrett Mahin <garrett.mahin@gmail.com>
 2022-04-25 08:37:17 -05:00
James O. D. Hunt
bc919cc54c Merge pull request #4122 from bradenrayhorn/test-mount-from 
rustjail: add tests for mount_from function
 2022-04-25 11:55:21 +01:00
James O. D. Hunt
cb8dd0f4fc Merge pull request #4143 from garrettmahin/test-hooks-grpc-to-oci 
rustjail: Add tests for hooks_grpc_to_oci
 2022-04-25 10:50:52 +01:00
Garrett Mahin
96bc3ec2e9 rustjail: Add tests for hooks_grpc_to_oci 
Add test coverage for hooks_grpc_to_oci in rustjail/src/lib.rs

Fixes: #4142

Signed-off-by: Garrett Mahin <garrett.mahin@gmail.com>
 2022-04-22 19:20:04 -05:00
holyfei
0239502781 agent: modify the type of swappiness to u64 
The type of MemorySwappiness in runtime is uint64, and the type of swappiness in agent is int64,
if we set max uint64 in runtime and pass it to agent, the value will be equal to -1. We should
modify the type of swappiness to u64

Fixes: #4123

Signed-off-by: holyfei <yangfeiyu20092010@163.com>
 2022-04-22 16:55:37 +08:00
Braden Rayhorn
f385b21b05 rustjail: add tests for mount_from function 
Add tests for the mount_from function in rustjail mount.rs file.

Fixes: #4121

Signed-off-by: Braden Rayhorn <bradenrayhorn@fastmail.com>
 2022-04-20 20:04:57 -05:00
Megan Wright
738ae8c60e CCv0: Merge main into CCv0 branch 
Merge remote-tracking branch 'upstream/main' into CCv0

Fixes: #4115
Signed-off-by: Megan-Wright <megan.wright.ibm.com>
 2022-04-20 11:32:31 +01:00
Fabiano Fidêncio
604a795073 Merge pull request #4096 from garrettmahin/test-root-grpc-to-oci 
rustjail: Add tests for root_grpc_to_oci
 2022-04-19 21:38:58 +02:00
Garrett Mahin
2256bcb6ab rustjail: Add tests for root_grpc_to_oci 
Add test coverage for root_grpc_to_oci in rustjail/src/lib.rs

Fixes: #4095

Signed-off-by: Garrett Mahin <garrett.mahin@gmail.com>
 2022-04-15 11:09:18 -05:00
Megan Wright
a36e9ba87f CCv0: Merge main into CCv0 branch 
Merge remote-tracking branch 'upstream/main' into CCv0

Fixes: #4090
Signed-off-by: Megan Wright <megan.wright@ibm.com>
 2022-04-13 09:54:32 +01:00
Fabiano Fidêncio
78f30c33c6 agent: Avoid agent panic when reading empty stats 
This was seen in an issue report, where we'd try to unwrap a None value,
leading to a panic.

Fixes: #4077
Related: #4043

Full backtrace:
```
"thread 'tokio-runtime-worker' panicked at 'called `Option::unwrap()` on a `None` value', rustjail/src/cgroups/fs/mod.rs:593:31"
"stack backtrace:"
"   0:     0x7f0390edcc3a - std::backtrace_rs::backtrace::libunwind::trace::hd5eff4de16dbdd15"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/../../backtrace/src/backtrace/libunwind.rs:93:5"
"   1:     0x7f0390edcc3a - std::backtrace_rs::backtrace::trace_unsynchronized::h04a775b4c6ab90d6"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/../../backtrace/src/backtrace/mod.rs:66:5"
"   2:     0x7f0390edcc3a - std::sys_common::backtrace::_print_fmt::h3253c3db9f17d826"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:67:5"
"   3:     0x7f0390edcc3a - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::h02bfc712fc868664"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:46:22"
"   4:     0x7f0390a91fbc - core::fmt::write::hfd5090d1132106d8"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/fmt/mod.rs:1149:17"
"   5:     0x7f0390edb804 - std::io::Write::write_fmt::h34acb699c6d6f5a9"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/io/mod.rs:1697:15"
"   6:     0x7f0390edbee0 - std::sys_common::backtrace::_print::hfca761479e3d91ed"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:49:5"
"   7:     0x7f0390edbee0 - std::sys_common::backtrace::print::hf666af0b87d2b5ba"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:36:9"
"   8:     0x7f0390edbee0 - std::panicking::default_hook::{{closure}}::hb4617bd1d4a09097"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:211:50"
"   9:     0x7f0390edb2da - std::panicking::default_hook::h84f684d9eff1eede"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:228:9"
"  10:     0x7f0390edb2da - std::panicking::rust_panic_with_hook::h8e784f5c39f46346"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:606:17"
"  11:     0x7f0390f0c416 - std::panicking::begin_panic_handler::{{closure}}::hef496869aa926670"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:500:13"
"  12:     0x7f0390f0c3b6 - std::sys_common::backtrace::__rust_end_short_backtrace::h8e9b039b8ed3e70f"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys_common/backtrace.rs:139:18"
"  13:     0x7f0390f0c372 - rust_begin_unwind"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/panicking.rs:498:5"
"  14:     0x7f03909062c0 - core::panicking::panic_fmt::h568976b83a33ae59"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/panicking.rs:107:14"
"  15:     0x7f039090641c - core::panicking::panic::he2e71cfa6548cc2c"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/core/src/panicking.rs:48:5"
"  16:     0x7f0390eb443f - <rustjail::cgroups::fs::Manager as rustjail::cgroups::Manager>::get_stats::h85031fc1c59c53d9"
"  17:     0x7f03909c0138 - <core::future::from_generator::GenFuture<T> as core::future::future::Future>::poll::hfa6e6cd7516f8d11"
"  18:     0x7f0390d697e5 - <core::future::from_generator::GenFuture<T> as core::future::future::Future>::poll::hffbaa534cfa97d44"
"  19:     0x7f039099c0b3 - <core::future::from_generator::GenFuture<T> as core::future::future::Future>::poll::hae3ab083a06d0b4b"
"  20:     0x7f0390af9e1e - std::panic::catch_unwind::h1fdd25c8ebba32e1"
"  21:     0x7f0390b7c4e6 - tokio::runtime::task::raw::poll::hd3ebbd0717dac808"
"  22:     0x7f0390f49f3f - tokio::runtime::thread_pool::worker::Context::run_task::hfdd63cd1e0b17abf"
"  23:     0x7f0390f3a599 - tokio::runtime::task::raw::poll::h62954f6369b1d210"
"  24:     0x7f0390f37863 - std::sys_common::backtrace::__rust_begin_short_backtrace::h1c58f232c078bfe9"
"  25:     0x7f0390f4f3dd - core::ops::function::FnOnce::call_once{{vtable.shim}}::h2d329a84c0feed57"
"  26:     0x7f0390f0e535 - <alloc::boxed::Box<F,A> as core::ops::function::FnOnce<Args>>::call_once::h137e5243c6233a3b"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/alloc/src/boxed.rs:1694:9"
"  27:     0x7f0390f0e535 - <alloc::boxed::Box<F,A> as core::ops::function::FnOnce<Args>>::call_once::h7331c46863d912b7"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/alloc/src/boxed.rs:1694:9"
"  28:     0x7f0390f0e535 - std::sys::unix:🧵:Thread:🆕:thread_start::h1fb20b966cb927ab"
"                               at /rustc/db9d1b20bba1968c1ec1fc49616d4742c1725b4b/library/std/src/sys/unix/thread.rs:106:17"
```

Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
 2022-04-12 11:19:08 +02:00
Peng Tao
a83a16e32c Merge pull request #4059 from garrettmahin/test-process-grpc-to-oci 
rustjail: add test coverage for process_grpc_to_oci function
 2022-04-08 15:39:28 +08:00
garrettmahin
c31cd0e81a rustjail: add test coverage for process_grpc_to_oci function 
Add test coverage for the process_grpc_to_oci function in src/rustjail/lib.rs

Fixes #4058

Signed-off-by: Garrett Mahin <garrett.mahin@gmail.com>
 2022-04-07 20:50:48 -05:00
Georgina Kinge
8add48d759 CCv0: Merge main into CCv0 branch 
Merge remote-tracking branch 'upstream/main' into CCv0

Fixes: #4047
Signed-off-by: Georgina Kinge <georgina.kinge@ibm.com>
 2022-04-07 10:58:17 +01:00
Wang Xingxing
0d765bd082 agent: fix container stop error with signal SIGRTMIN+3 
The nix::sys::signal::Signal package api cannot deal with SIGRTMIN+3,
directly use libc function to send the signal.

Fixes: #3990

Signed-off-by: Wang Xingxing <stellarwxx@163.com>
 2022-03-31 10:49:45 +08:00
Dan Middleton
32131cb8ba Agent: fix unneeded late initialization lint 
Clippy v1.58 added needless_late_init

Fixes #3933

Signed-off-by: Dan Middleton <dan.middleton@intel.com>
 2022-03-22 10:17:24 -05:00
Jack Hance
a5b72720d2 rustjail: optimization, merged several writelns into one 
Optimized several writelns by merging them into one in src/utils.rs

Fixes: #3772

Signed-off-by: Jack Hance <jack.hance@ndsu.edu>
 2022-03-17 15:11:20 +01:00
Arron Wang
deee3cf4a2 oci: Make device type optional in LinuxDeviceCgroup 
Follow the oci spec to compatiable with config file generated
by other implementation:
6969a0a09a/specs-go/config.go (L401)

Fixes: #3860

Signed-off-by: Arron Wang <arron.wang@intel.com>
 2022-03-15 20:36:16 +08:00
Jack Hance
92ce5e2dc4 rustjail: optimization, merged several writelns into one 
Optimized several writelns by merging them into one in src/utils.rs

Fixes: #3772

Signed-off-by: Jack Hance <jack.hance@ndsu.edu>
 2022-03-11 13:18:58 -06:00
bin
b257e0e5ab rustjail: delete function signal in BaseContainer 
Function signal in BaseContainer is not used anymore.

Fixes: #3835

Signed-off-by: bin <bin@hyper.sh>
 2022-03-05 10:33:15 +08:00
sailorvii
8edca8bbd1 kata-agent: Fix mismatching error of cgroup and mountinfo. 
The content about systemd in "/proc/self/cgroup" is as:
1:name=systemd:/kubepods/pod1815643d-3789-4e4e-aaf4-00de024912e1/0e15a65bd5f7b30a0b818d90706212354d8b3f0998a1495473c3be9a24706ccf

and in "/prol/self/mountinfo" is as:
30 29 0:26 / /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime shared:6 - cgroup cgroup rw,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd

The keys extracted from the two files are the same as "name=systemd". So no need to rename the key to "systemd".

Fixes: #3385

Signed-off-by: sailorvii <challengingway@hotmail.com>
 2022-02-28 10:03:09 +08:00
bin
72bf5496fd agent: handle hook process result 
Current hook process is handled by just calling
unwrap() on it, sometime it will cause panic.

By handling all Result type and check the error can
avoid panic.

Fixes: #3649

Signed-off-by: bin <bin@hyper.sh>
 2022-02-15 19:01:54 +01:00
bin
80e8dbf1f5 agent: valid envs for hooks 
Envs contain null-byte will cause running hooks to panic,
this commit will filter envs and only pass valid envs to hooks.

Fixes: #3667

Signed-off-by: bin <bin@hyper.sh>
 2022-02-15 19:01:54 +01:00
Fabiano Fidêncio
6d6748afd7 Merge pull request #3351 from Bevisy/main-2610-fix-args 
agent: Fix execute_hook() args error
 2022-02-02 09:45:25 +01:00
bin
bcce1a1911 versions: update Rust to 1.58.1 
Update Rust to 1.58.1 to fix CVE-2022-21658.

Fixes: #3570

Signed-off-by: bin <bin@hyper.sh>
 2022-01-29 11:35:56 +08:00
Binbin Zhang
4fc4c76b87 agent: Fix execute_hook() args error 
1. The hook.args[0] is the hook binary name which shouldn't be included
in the Command.args.
2. Add new unit tests

Fixes: #2610

Signed-off-by: Binbin Zhang <binbin36520@gmail.com>
 2022-01-24 14:13:24 +08:00
Eric Ernst
9277317098 agent: resolve unused variables in tests 
A few tests have unused or unread variables. Let's clean these up...

Fixes: #3530
Signed-off-by: Eric Ernst <eric_ernst@apple.com>
 2022-01-16 14:09:03 -08:00
Fupan Li
615224e993 agent: move the protocols to upper libs 
move the protocols to upper libs thus it can
be shared between agent and other rust runtime.

Depends-on: github.com/kata-containers/tests#4306

Fixes: #3348

Signed-off-by: Fupan Li <fupan.lfp@antgroup.com>
 2022-01-05 16:58:06 +08:00