Add a bit to the agent README about installing protoc manually for Power (ppc64le)
Fixes: #1068
Signed-off-by: Christy Norman <christy@linux.vnet.ibm.com>
test_process has a assertion that waitpid(-1) will fail
because there is no child process in most cases.
But if there is any child process forked by other unit test,
the test test_process will fail.
Because waitpid(-1) will wait for any child process including the
process created by other unit tests.
Signed-off-by: Tim Zhang <tim@hyper.sh>
acpi is enabled for kata 1.x, port and rebase code for 2.x
including:
runtime: enable pflash;
agent: add acpi support for pci bus path;
packaging: enable CONFIG_RTC_DRV_EFI;
Fixes: #1317
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
We should create the container's cgroup under the system's
cgroup default path such as "/sys/fs/cgroup/<sub system>",
instead of under the kata-agnet's process's cgroup path,
which would under the systemd's cgroup such as
"/sys/fs/cgroup/systemd/system.slice/kata-agent.service"
Fixes: #1319
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
This patch fixed the security issue if the container images has
unsafe symlink to the container rootfs and hackers can be exploit
this symlink to hack the guest system. e.g. make directory or files
on guest.
CVE-2015-3629
Fixes: #1219
Signed-off-by: Qingyuan Hou <qingyuan.hou@linux.alibaba.com>
This patch integrates new netlink module routines with the agent (mainly
replaces calls to old netlink module with the new one).
Fixes: #1294
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
This PR adds new netlink module (based on `rtnetlink` crate), so we don’t have to
write a low level code to interact with netlink sockets, but use a high level API.
As a side effect, `rtnetlink` crate got full IPv6 support, so it fixes#1171Fixes: #1294
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Support pmem-csi[1] k8s pluging, unlike SCSI and virtio devices,
NVDIMM/PMEM devices support DAX, improving IO Read and Write
operations.
fixes#1289
Signed-off-by: Julio Montes <julio.montes@intel.com>
[1]: https://github.com/intel/pmem-csi
Got:
find . -type f -name "*.rs" | egrep -v "target/|grpc-rs/|protocols/" | xargs rustfmt --check
error[E0670]: `async fn` is not permitted in the 2015 edition
This commit fixes this issue.
Signed-off-by: Tim Zhang <tim@hyper.sh>
This commit includes minimal changes in order to switch to Tokio:
- Update protocol crate to generate async server code
- Adds async entry point to the Agent
- Updates agent services signatures in rpc.rs
Fixes: #1209
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Run static checks prior to building the agent.Checks
fail if run after since the compilation process
produces new rust code.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
It should check the read count and return an
error if read count didn't match the expected
number.
Fixes: #1233
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
In case the container rootfs's /dev was overrided
by binding mount from another directory, then there's
no need to create the default devices nodes and symlinks
in /dev.
Fixes: #692
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
Return SingularPtrField::none() instead of panic when getting stats
from cgroup failed caused by cgroup controller missing.
Signed-off-by: Tim Zhang <tim@hyper.sh>
Fixes: #1224
35ecd6f (origin/change-name, change-name) Update readme
eb6577e Change package name to cgroups-rs
8f6a7e0 Merge pull request #19 from Tim-Zhang/0.2.0
9baa065 (origin/0.2.0, 0.2.0) release: v0.2.0
e160df0 Make read_i64_from private and merge read_str_from to its caller
e1e05d3 Make new_with_relative_paths=new and load_with_relative_paths=new in v2
a89f4a0 Support set notify_on_release & release_agent
61a0957 Fix set_swappiness in cgroup v2
0592045 Ignore kmem in cgroup v2
c254fff Update readme
438d774 Fix test
42ee1ba Make Cgroup can be stored in struct
b6bb5ae docs: Hide Re-exports
d2882b1 Print cause when println!("{}")
abcb5ed Add more logs for create_dir error in controller.create
1f188be Detect subsystems and get root from /proc/self/mountinfo
fbd7164 Fix warnings in tests
f342254 Remove Box wrap of Cgroup.hire
cd998f3 Do not place cgroup under relative path read from cgroup by default
1ac76b6 Make function find_v1_mount pub
121f78d Expose deletion error
0f76570 Avoid exception caused by cgroup writeback feature
10650e2 Update tests to adapt new type of fields in resource
567cdb4 Use Option as resource fields, remove the update switch: update_values
0c18b08 Support customized attributes for CpuController and MemController
ca610bb add add_task_by_tgid
Signed-off-by: Tim Zhang <tim@hyper.sh>
get_bool_value() in src/agent/src/config.rs includes a Result::or_else()
call with a trivial closure which can be replaced by a Result::or. This
removes a clippy warning.
fixes#1201
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Wrong prefix on the created temp directory on the test_setup_persistent_ns
for uts namesmpace type test.
Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
An pid namespace cannot be persisted, so add a check-and-error on
Namespace::setup() for handling that case.
Fixes#1220
Signed-off-by: Wainer dos Santos Moschetta <wainersm@redhat.com>
