github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-06-25 15:02:45 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #1297 from mxpv/netlink

Browse Source 
Migrate to rtnetlink
This commit is contained in:
Fupan Li 2021-01-22 09:39:17 +08:00 committed by GitHub
commit 06d1dd2220
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 1402 additions and 3401 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

367
src/agent/Cargo.lock generated
View File

@ -2,9 +2,9 @@
# It is not intended for manual editing.
[[package]]
name = "addr2line"
version = "0.13.0"
version = "0.14.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1b6a2d3371669ab3ca9797670853d61402b03d0b4b9ebf33d677dfa720203072"
checksum = "7c0929d69e78dd9bf5408269919fcbcaeb2e35e5d43e5815517cdc6a8e11a423"
dependencies = [
"gimli",
]
@ -23,24 +23,24 @@ checksum = "aae1277d39aeec15cb388266ecc24b11c80469deae6067e17a1a7aa9e5c1f234"
[[package]]
name = "aho-corasick"
version = "0.7.14"
version = "0.7.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b476ce7103678b0c6d3d395dbbae31d48ff910bd28be979ba5d48c6351131d0d"
checksum = "7404febffaa47dac81aa44dba71523c9d069b1bdc50a77db41195149e17f68e5"
dependencies = [
"memchr",
]
[[package]]
name = "anyhow"
version = "1.0.33"
version = "1.0.36"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a1fd36ffbb1fb7c834eac128ea8d0e310c5aeb635548f9d58861e1308d46e71c"
checksum = "68803225a7b13e47191bab76f2687382b60d259e8cf37f6e1893658b84bb9479"
[[package]]
name = "arc-swap"
version = "0.4.7"
version = "0.4.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4d25d88fd6b8041580a654f9d0c581a047baee2b3efee13275f2fc392fc75034"
checksum = "dabe5a181f83789739c194cbe5a897dde195078fac08568d09221fd6137a7ba8"
[[package]]
name = "arrayref"
@ -50,9 +50,9 @@ checksum = "a4c527152e37cf757a3f78aae5a06fbeefdb07ccc535c980a3208ee3060dd544"
[[package]]
name = "arrayvec"
version = "0.5.1"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cff77d8686867eceff3105329d4698d96c2391c176d5d03adc90c7389162b5b8"
checksum = "23b62fc65de8e4e7f52534fb52b0f3ed04746ae267519eef2a83941e8085068b"
[[package]]
name = "async-trait"
@ -61,8 +61,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8d3a45e77e34375a7923b1e8febb049bb011f064714a8e17a1a616fef01da13d"
dependencies = [
"proc-macro2 1.0.24",
"quote 1.0.7",
"syn 1.0.45",
"quote 1.0.8",
"syn 1.0.55",
]
[[package]]
@ -73,9 +73,9 @@ checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a"
[[package]]
name = "backtrace"
version = "0.3.53"
version = "0.3.55"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "707b586e0e2f247cbde68cdd2c3ce69ea7b7be43e1c5b426e37c9319c4b9838e"
checksum = "ef5140344c85b01f9bbb4d4b7288a8aa4b3287ccef913a14bcc78a1063623598"
dependencies = [
"addr2line",
"cfg-if 1.0.0",
@ -87,9 +87,9 @@ dependencies = [
[[package]]
name = "base64"
version = "0.12.3"
version = "0.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3441f0f7b02788e948e47f457ca01f1d7e6d92c693bc132c22b087d3141c03ff"
checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd"
[[package]]
name = "bitflags"
@ -99,9 +99,9 @@ checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693"
[[package]]
name = "blake2b_simd"
version = "0.5.10"
version = "0.5.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d8fb2d74254a3a0b5cac33ac9f8ed0e44aa50378d9dbb2e5d83bd21ed1dc2c8a"
checksum = "afa748e348ad3be8263be728124b24a24f268266f6f5d58af9d75f6a40b5c587"
dependencies = [
"arrayref",
"arrayvec",
@ -114,6 +114,15 @@ version = "1.3.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "08c48aae112d48ed9f069b33538ea9e3e90aa263cfa3d1c24309612b1f7472de"
[[package]]
name = "byteordered"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "32687ee8ab498526e3ef07dfbede151650ce202dc83c53494645a24677d89b37"
dependencies = [
"byteorder",
]
[[package]]
name = "bytes"
version = "0.4.12"
@ -143,9 +152,9 @@ dependencies = [
[[package]]
name = "cc"
version = "1.0.61"
version = "1.0.66"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ed67cbde08356238e75fc4656be4749481eeffb09e19f320a25237d5221c985d"
checksum = "4c0496836a84f8d0495758516b8621a622beb77c0fed418570e50764093ced48"
[[package]]
name = "cfg-if"
@ -185,15 +194,6 @@ dependencies = [
"winapi 0.3.9",
]
[[package]]
name = "cloudabi"
version = "0.0.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ddfc5b9aa5d4507acaf872de71051dfd0e309860e88966e1051e462a077aac4f"
dependencies = [
"bitflags",
]
[[package]]
name = "constant_time_eq"
version = "0.1.5"
@ -202,11 +202,11 @@ checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc"
[[package]]
name = "crc32fast"
version = "1.2.0"
version = "1.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ba125de2af0df55319f41944744ad91c71113bf74a4646efff39afe1f6842db1"
checksum = "81156fece84ab6a9f2afdb109ce3ae577e42b1228441eded99bd77f627953b1a"
dependencies = [
"cfg-if 0.1.10",
"cfg-if 1.0.0",
]
[[package]]
@ -215,7 +215,7 @@ version = "0.4.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b153fe7cbef478c567df0f972e02e6d736db11affe43dfc9c56a9374d1adfb87"
dependencies = [
"crossbeam-utils",
"crossbeam-utils 0.7.2",
"maybe-uninit",
]
@ -230,6 +230,17 @@ dependencies = [
"lazy_static",
]
[[package]]
name = "crossbeam-utils"
version = "0.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "02d96d1e189ef58269ebe5b97953da3274d83a93af647c2ddd6f9dab28cedb8d"
dependencies = [
"autocfg",
"cfg-if 1.0.0",
"lazy_static",
]
[[package]]
name = "derive-new"
version = "0.5.8"
@ -237,8 +248,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "71f31892cd5c62e414316f2963c5689242c43d8e7bbcaaeca97e5e28c95d91d9"
dependencies = [
"proc-macro2 1.0.24",
"quote 1.0.7",
"syn 1.0.45",
"quote 1.0.8",
"syn 1.0.55",
]
[[package]]
@ -269,9 +280,9 @@ checksum = "e78d4f1cc4ae33bbfc157ed5d5a5ef3bc29227303d595861deb238fcec4e9457"
[[package]]
name = "errno"
version = "0.2.6"
version = "0.2.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6eab5ee3df98a279d9b316b1af6ac95422127b1290317e6d18c1743c99418b01"
checksum = "fa68f2fb9cae9d37c9b2b3584aba698a2e97f72d7aef7b9f7aa71d8b54ce46fe"
dependencies = [
"errno-dragonfly",
"libc",
@ -390,8 +401,8 @@ checksum = "77408a692f1f97bcc61dc001d752e00643408fbc922e4d634c655df50d595556"
dependencies = [
"proc-macro-hack",
"proc-macro2 1.0.24",
"quote 1.0.7",
"syn 1.0.45",
"quote 1.0.8",
"syn 1.0.55",
]
[[package]]
@ -448,15 +459,15 @@ dependencies = [
[[package]]
name = "gimli"
version = "0.22.0"
version = "0.23.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "aaf91faf136cb47367fa430cd46e37a788775e7fa104f8b4bcb3861dc389b724"
checksum = "f6503fe142514ca4799d4c26297c4248239fe8838d827db6bd6065c6ed29a6ce"
[[package]]
name = "heck"
version = "0.3.1"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "20564e78d53d2bb135c343b3f47714a56af2061f1c928fdb541dc7b9fdd94205"
checksum = "87cbf45460356b7deeb5e3415b5563308c0a9b057c85e12b06ad551f98d0a6ac"
dependencies = [
"unicode-segmentation",
]
@ -498,6 +509,15 @@ dependencies = [
"libc",
]
[[package]]
name = "instant"
version = "0.1.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "61124eeebbd69b8190558df225adf7e4caafce0d743919e5d6b19652314ec5ec"
dependencies = [
"cfg-if 1.0.0",
]
[[package]]
name = "iovec"
version = "0.1.4"
@ -507,6 +527,15 @@ dependencies = [
"libc",
]
[[package]]
name = "ipnetwork"
version = "0.17.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "02c3eaab3ac0ede60ffa41add21970a7df7d91772c03383aac6c2c3d53cc716b"
dependencies = [
"serde",
]
[[package]]
name = "itertools"
version = "0.8.2"
@ -530,12 +559,13 @@ dependencies = [
"async-trait",
"cgroups-rs",
"futures",
"ipnetwork",
"lazy_static",
"libc",
"log",
"logging",
"netlink",
"netlink-sys",
"netlink-packet-utils",
"netlink-sys 0.4.0",
"nix 0.17.0",
"oci",
"prctl",
@ -544,6 +574,7 @@ dependencies = [
"protobuf",
"protocols",
"regex",
"rtnetlink",
"rustjail",
"scan_fmt",
"scopeguard",
@ -576,15 +607,15 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
[[package]]
name = "libc"
version = "0.2.79"
version = "0.2.81"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2448f6066e80e3bfc792e9c98bf705b4b0fc6e8ef5b43e5889aff0eaa9c58743"
checksum = "1482821306169ec4d07f6aca392a4681f66c75c9918aa49641a2595db64053cb"
[[package]]
name = "libflate"
version = "1.0.2"
version = "1.0.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e9bac9023e1db29c084f9f8cd9d3852e5e8fddf98fb47c4964a0ea4663d95949"
checksum = "389de7875e06476365974da3e7ff85d55f1972188ccd9f6020dd7c8156e17914"
dependencies = [
"adler32",
"crc32fast",
@ -600,9 +631,9 @@ checksum = "3286f09f7d4926fc486334f28d8d2e6ebe4f7f9994494b6dab27ddfad2c9b11b"
[[package]]
name = "lock_api"
version = "0.3.4"
version = "0.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c4da24a77a3d8a6d4862d95f72e6fdb9c09a643ecdb402d754004a557f2bec75"
checksum = "dd96ffd135b2fd7b973ac026d28085defbe8983df057ced3eb4f2130b0831312"
dependencies = [
"scopeguard",
]
@ -635,9 +666,9 @@ checksum = "60302e4db3a61da70c0cb7991976248362f30319e88850c487b9b95bbf059e00"
[[package]]
name = "memchr"
version = "2.3.3"
version = "2.3.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3728d817d99e5ac407411fa471ff9800a778d88a24685968b36824eaf4bee400"
checksum = "0ee1c47aaa256ecabcaea351eae4a9b01ef39ed810004e298d2511ed284b1525"
[[package]]
name = "miniz_oxide"
@ -744,15 +775,56 @@ dependencies = [
]
[[package]]
name = "netlink"
version = "0.1.0"
name = "netlink-packet-core"
version = "0.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "559c08b3ea479ace788a8f75388e3db15210561a4c0f37c4ec7bdf40a3be564e"
dependencies = [
"anyhow",
"byteorder",
"libc",
"nix 0.17.0",
"protobuf",
"protocols",
"slog",
"slog-scope",
"netlink-packet-utils",
]
[[package]]
name = "netlink-packet-route"
version = "0.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2253105e60b35a3fb6cf342b56a45ee1c76ef4b1e68c59b08f813f24c3b7b469"
dependencies = [
"anyhow",
"bitflags",
"byteorder",
"libc",
"netlink-packet-core",
"netlink-packet-utils",
]
[[package]]
name = "netlink-packet-utils"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6c2afb159d0e3ac700e85f0df25b8438b99d43ed0c0b685242fcdf1b5673e54d"
dependencies = [
"anyhow",
"byteorder",
"paste",
"thiserror",
]
[[package]]
name = "netlink-proto"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "31dfd4f1653ba8e1e2410b3def2313f3399d9b9f7ec3a8a6a8f2f670c3e58d71"
dependencies = [
"bytes 0.5.6",
"futures",
"log",
"netlink-packet-core",
"netlink-sys 0.5.0",
"tokio 0.2.24",
"tokio-util",
]
[[package]]
@ -768,6 +840,19 @@ dependencies = [
"tokio 0.2.24",
]
[[package]]
name = "netlink-sys"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bf10c3ab67b9c09b42abb5a53ecb8ffdad160d6485b140a6f21f53ba5362042d"
dependencies = [
"futures",
"libc",
"log",
"mio 0.6.23",
"tokio 0.2.24",
]
[[package]]
name = "nix"
version = "0.16.1"
@ -808,13 +893,13 @@ dependencies = [
[[package]]
name = "nix"
version = "0.19.0"
version = "0.19.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "85db2feff6bf70ebc3a4793191517d5f0331100a2f10f9bf93b5e5214f32b7b7"
checksum = "b2ccba0cfe4fdf15982d1674c69b1fd80bad427d293849982668dfe454bd61f2"
dependencies = [
"bitflags",
"cc",
"cfg-if 0.1.10",
"cfg-if 1.0.0",
"libc",
]
@ -835,9 +920,9 @@ dependencies = [
[[package]]
name = "num-integer"
version = "0.1.43"
version = "0.1.44"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8d59457e662d541ba17869cf51cf177c0b5f0cbf476c66bdc90bf1edac4f875b"
checksum = "d2cc698a63b549a70bc047073d2949cce27cd1c7b0a4a862d08a8031bc2801db"
dependencies = [
"autocfg",
"num-traits",
@ -845,9 +930,9 @@ dependencies = [
[[package]]
name = "num-traits"
version = "0.2.12"
version = "0.2.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ac267bcc07f48ee5f8935ab0d24f316fb722d7a1292e2913f0cc196b29ffd611"
checksum = "9a64b1ec5cda2586e284722486d802acf1f7dbdc623e2bfc57e65ca1cd099290"
dependencies = [
"autocfg",
]
@ -864,9 +949,9 @@ dependencies = [
[[package]]
name = "object"
version = "0.21.1"
version = "0.22.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "37fd5004feb2ce328a52b0b3d01dbf4ffff72583493900ed15f22d4111c51693"
checksum = "8d3b63360ec3cb337817c2dbd47ab4a0f170d285d8e5a2064600f3def1402397"
[[package]]
name = "oci"
@ -886,28 +971,35 @@ checksum = "13bd41f508810a131401606d54ac32a467c97172d74ba7662562ebba5ad07fa0"
[[package]]
name = "parking_lot"
version = "0.10.2"
version = "0.11.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d3a704eb390aafdc107b0e392f56a82b668e3a71366993b5340f5833fd62505e"
checksum = "6d7744ac029df22dca6284efe4e898991d28e3085c706c972bcd7da4a27a15eb"
dependencies = [
"instant",
"lock_api",
"parking_lot_core",
]
[[package]]
name = "parking_lot_core"
version = "0.7.2"
version = "0.8.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d58c7c768d4ba344e3e8d72518ac13e259d7c7ade24167003b8488e10b6740a3"
checksum = "9ccb628cad4f84851442432c60ad8e1f607e29752d0bf072cbd0baf28aa34272"
dependencies = [
"cfg-if 0.1.10",
"cloudabi",
"cfg-if 1.0.0",
"instant",
"libc",
"redox_syscall",
"smallvec",
"winapi 0.3.9",
]
[[package]]
name = "paste"
version = "1.0.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c5d65c4d95931acda4498f675e332fcbdc9a06705cd07086c510e9b6009cd1c1"
[[package]]
name = "path-absolutize"
version = "1.2.1"
@ -952,8 +1044,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f8e8d2bf0b23038a4424865103a4df472855692821aab4e4f5c3312d461d9e5f"
dependencies = [
"proc-macro2 1.0.24",
"quote 1.0.7",
"syn 1.0.45",
"quote 1.0.8",
"syn 1.0.55",
]
[[package]]
@ -976,9 +1068,9 @@ checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184"
[[package]]
name = "ppv-lite86"
version = "0.2.9"
version = "0.2.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c36fa947111f5c62a733b652544dd0016a43ce89619538a8ef92724a6f501a20"
checksum = "ac74c624d6b2d21f425f752262f42188365d7b8ff1aff74c82e45136510a4857"
[[package]]
name = "prctl"
@ -987,7 +1079,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "059a34f111a9dee2ce1ac2826a68b24601c4298cfeb1a587c3cb493d5ab46f52"
dependencies = [
"libc",
"nix 0.19.0",
"nix 0.19.1",
]
[[package]]
@ -1161,9 +1253,9 @@ dependencies = [
[[package]]
name = "quote"
version = "1.0.7"
version = "1.0.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "aa563d17ecb180e500da1cfd2b028310ac758de548efdd203e18f283af693f37"
checksum = "991431c3519a3f36861882da93630ce66b52918dcf1b8e2fd66b397fc96f28df"
dependencies = [
"proc-macro2 1.0.24",
]
@ -1228,9 +1320,9 @@ dependencies = [
[[package]]
name = "regex"
version = "1.4.1"
version = "1.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8963b85b8ce3074fecffde43b4b0dded83ce2f367dc8d363afc56679f3ee820b"
checksum = "38cf2c13ed4745de91a5eb834e11c00bcc3709e773173b2ce4c56c9fbde04b9c"
dependencies = [
"aho-corasick",
"memchr",
@ -1240,9 +1332,9 @@ dependencies = [
[[package]]
name = "regex-syntax"
version = "0.6.20"
version = "0.6.21"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8cab7a364d15cde1e505267766a2d3c4e22a843e1a601f0fa7564c0f82ced11c"
checksum = "3b181ba2dcf07aaccad5448e8ead58db5b742cf85dfe035e2227f137a539a189"
[[package]]
name = "remove_dir_all"
@ -1260,15 +1352,29 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cabe4fa914dec5870285fa7f71f602645da47c486e68486d2b4ceb4a343e90ac"
[[package]]
name = "rust-argon2"
version = "0.8.2"
name = "rtnetlink"
version = "0.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9dab61250775933275e84053ac235621dfb739556d5c54a2f2e9313b7cf43a19"
checksum = "0c942df3c7725a0500971d857a080d6dc537e257e19ccb352f80b2c726ef7007"
dependencies = [
"byteordered",
"futures",
"log",
"netlink-packet-route",
"netlink-proto",
"thiserror",
]
[[package]]
name = "rust-argon2"
version = "0.8.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4b18820d944b33caa75a71378964ac46f58517c92b6ae5f762636247c09e78fb"
dependencies = [
"base64",
"blake2b_simd",
"constant_time_eq",
"crossbeam-utils",
"crossbeam-utils 0.8.1",
]
[[package]]
@ -1357,26 +1463,26 @@ checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3"
[[package]]
name = "serde"
version = "1.0.117"
version = "1.0.118"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b88fa983de7720629c9387e9f517353ed404164b1e482c970a90c1a4aaf7dc1a"
checksum = "06c64263859d87aa2eb554587e2d23183398d617427327cf2b3d0ed8c69e4800"
[[package]]
name = "serde_derive"
version = "1.0.117"
version = "1.0.118"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cbd1ae72adb44aab48f325a02444a5fc079349a8d804c1fc922aed3f7454c74e"
checksum = "c84d3526699cd55261af4b941e4e725444df67aa4f9e6a3564f18030d12672df"
dependencies = [
"proc-macro2 1.0.24",
"quote 1.0.7",
"syn 1.0.45",
"quote 1.0.8",
"syn 1.0.55",
]
[[package]]
name = "serde_json"
version = "1.0.59"
version = "1.0.60"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dcac07dbffa1c65e7f816ab9eba78eb142c6d44410f4eeba1e26e4f5dfa56b95"
checksum = "1500e84d27fe482ed1dc791a56eddc2f230046a040fa908c08bda1d9fb615779"
dependencies = [
"itoa",
"ryu",
@ -1385,9 +1491,9 @@ dependencies = [
[[package]]
name = "serial_test"
version = "0.5.0"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1b15f74add9a9d4a3eb2bf739c9a427d266d3895b53d992c3a7c234fec2ff1f1"
checksum = "e0bccbcf40c8938196944a3da0e133e031a33f4d6b72db3bda3cc556e361905d"
dependencies = [
"lazy_static",
"parking_lot",
@ -1396,13 +1502,13 @@ dependencies = [
[[package]]
name = "serial_test_derive"
version = "0.5.0"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "65f59259be9fc1bf677d06cc1456e97756004a1a5a577480f71430bd7c17ba33"
checksum = "b2acd6defeddb41eb60bb468f8825d0cfd0c2a76bc03bfd235b6a1dc4f6a1ad5"
dependencies = [
"proc-macro2 1.0.24",
"quote 1.0.7",
"syn 1.0.45",
"quote 1.0.8",
"syn 1.0.55",
]
[[package]]
@ -1417,11 +1523,10 @@ dependencies = [
[[package]]
name = "signal-hook-registry"
version = "1.2.1"
version = "1.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a3e12110bc539e657a646068aaf5eb5b63af9d0c1f7b29c97113fad80e15f035"
checksum = "ce32ea0c6c56d5eacaeb814fbed9960547021d3edd010ded1425f180536b20ab"
dependencies = [
"arc-swap",
"libc",
]
@ -1439,9 +1544,9 @@ checksum = "2f7fb98e76e2022054673f3ebc43a4e12890ec6272530629df6237cafbb70569"
[[package]]
name = "slog"
version = "2.5.2"
version = "2.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1cc9c640a4adbfbcc11ffb95efe5aa7af7309e002adab54b185507dbf2377b99"
checksum = "8347046d4ebd943127157b94d63abb990fcf729dc4e9978927fdf4ac3c998d06"
[[package]]
name = "slog-async"
@ -1491,9 +1596,9 @@ dependencies = [
[[package]]
name = "smallvec"
version = "1.4.2"
version = "1.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fbee7696b84bbf3d89a1c2eccff0850e3047ed46bfcd2e92c29a2d074d57e252"
checksum = "ae524f056d7d770e174287294f562e95044c68e88dec909a00d2094805db9d75"
[[package]]
name = "socket2"
@ -1525,12 +1630,12 @@ dependencies = [
[[package]]
name = "syn"
version = "1.0.45"
version = "1.0.55"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ea9c5432ff16d6152371f808fb5a871cd67368171b09bb21b43df8e4a47a3556"
checksum = "a571a711dddd09019ccc628e1b17fe87c59b09d513c06c026877aa708334f37a"
dependencies = [
"proc-macro2 1.0.24",
"quote 1.0.7",
"quote 1.0.8",
"unicode-xid 0.2.1",
]
@ -1556,22 +1661,22 @@ dependencies = [
[[package]]
name = "thiserror"
version = "1.0.21"
version = "1.0.22"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "318234ffa22e0920fe9a40d7b8369b5f649d490980cf7aadcf1eb91594869b42"
checksum = "0e9ae34b84616eedaaf1e9dd6026dbe00dcafa92aa0c8077cb69df1fcfe5e53e"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.21"
version = "1.0.22"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cae2447b6282786c3493999f40a9be2a6ad20cb8bd268b0a0dbf5a065535c0ab"
checksum = "9ba20f23e85b10754cd195504aebf6a27e2e6cbe28c17778a0c930724628dd56"
dependencies = [
"proc-macro2 1.0.24",
"quote 1.0.7",
"syn 1.0.45",
"quote 1.0.8",
"syn 1.0.55",
]
[[package]]
@ -1636,8 +1741,22 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e44da00bfc73a25f814cd8d7e57a68a5c31b74b3152a0a1d1f590c97ed06265a"
dependencies = [
"proc-macro2 1.0.24",
"quote 1.0.7",
"syn 1.0.45",
"quote 1.0.8",
"syn 1.0.55",
]
[[package]]
name = "tokio-util"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "571da51182ec208780505a32528fc5512a8fe1443ab960b3f2f3ef093cd16930"
dependencies = [
"bytes 0.5.6",
"futures-core",
"futures-sink",
"log",
"pin-project-lite 0.1.11",
"tokio 0.2.24",
]
[[package]]
@ -1704,9 +1823,9 @@ dependencies = [
[[package]]
name = "unicode-segmentation"
version = "1.6.0"
version = "1.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e83e153d1053cbb5a118eeff7fd5be06ed99153f00dbcd8ae310c5fb2b22edc0"
checksum = "bb0d2e7be6ae3a5fa87eed5fb451aff96f2573d2694942e40543ae0bbe19c796"
[[package]]
name = "unicode-xid"

5
src/agent/Cargo.toml
View File

@ -9,7 +9,6 @@ oci = { path = "oci" }
logging = { path = "../../pkg/logging" }
rustjail = { path = "rustjail" }
protocols = { path = "protocols" }
netlink = { path = "netlink", features = ["with-log", "with-agent-handler"] }
lazy_static = "1.3.0"
ttrpc = { version = "0.4.14", features = ["async", "protobuf-codec"], default-features = false }
protobuf = "=2.14.0"
@ -27,6 +26,9 @@ tokio = { version = "0.2", features = ["rt-core", "sync", "uds", "stream", "macr
futures = "0.3"
netlink-sys = { version = "0.4.0", features = ["tokio_socket",]}
tokio-vsock = "0.2.2"
rtnetlink = "0.6.0"
netlink-packet-utils = "0.4.0"
ipnetwork = "0.17.0"
# slog:
# - Dynamic keys required to allow HashMap keys to be slog::Serialized.
@ -48,7 +50,6 @@ cgroups = { package = "cgroups-rs", version = "0.2.1" }
[workspace]
members = [
"netlink",
"oci",
"protocols",
"rustjail",

20
src/agent/netlink/Cargo.toml
View File

@ -1,20 +0,0 @@
[package]
name = "netlink"
version = "0.1.0"
authors = ["The Kata Containers community <kata-dev@lists.katacontainers.io>"]
edition = "2018"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
libc = "0.2.58"
nix = "0.17.0"
protobuf = { version = "=2.14.0", optional = true }
protocols = { path = "../protocols", optional = true }
slog = { version = "2.5.2", features = ["dynamic-keys", "max_level_trace", "release_max_level_info"], optional = true }
slog-scope = { version = "4.1.2", optional = true }
[features]
with-log = ["slog", "slog-scope"]
with-agent-handler = ["protobuf", "protocols"]

572
src/agent/netlink/src/agent_handler.rs
View File

@ -1,572 +0,0 @@
// Copyright (c) 2020 Ant Financial
// Copyright (C) 2020 Alibaba Cloud. All rights reserved.
//
// SPDX-License-Identifier: Apache-2.0
//
//! Dedicated Netlink interfaces for Kata agent protocol handler.
use std::convert::TryFrom;
use protobuf::RepeatedField;
use protocols::types::{ARPNeighbor, IPAddress, IPFamily, Interface, Route};
use super::*;
#[cfg(feature = "with-log")]
// Convenience macro to obtain the scope logger
macro_rules! sl {
() => {
slog_scope::logger().new(o!("subsystem" => "netlink"))
};
}
impl super::RtnlHandle {
pub fn update_interface(&mut self, iface: &Interface) -> Result<Interface> {
// the reliable way to find link is using hardware address
// as filter. However, hardware filter might not be supported
// by netlink, we may have to dump link list and the find the
// target link. filter using name or family is supported, but
// we cannot use that to find target link.
// let's try if hardware address filter works. -_-
let ifinfo = self.find_link_by_hwaddr(iface.hwAddr.as_str())?;
// bring down interface if it is up
if ifinfo.ifi_flags & libc::IFF_UP as u32 != 0 {
self.set_link_status(&ifinfo, false)?;
}
// delete all addresses associated with the link
let del_addrs: Vec<RtIPAddr> = self.get_link_addresses(&ifinfo)?;
self.delete_all_addrs(&ifinfo, del_addrs.as_ref())?;
// add new ip addresses in request
for grpc_addr in &iface.IPAddresses {
let rtip = RtIPAddr::try_from(grpc_addr.clone())?;
self.add_one_address(&ifinfo, &rtip)?;
}
let mut v: Vec<u8> = vec![0; DEFAULT_NETLINK_BUF_SIZE];
// Safe because we have allocated enough buffer space.
let nlh = unsafe { &mut *(v.as_mut_ptr() as *mut nlmsghdr) };
let ifi = unsafe { &mut *(NLMSG_DATA!(nlh) as *mut ifinfomsg) };
// set name, set mtu, IFF_NOARP. in one rtnl_talk.
nlh.nlmsg_len = NLMSG_LENGTH!(mem::size_of::<ifinfomsg>() as u32) as __u32;
nlh.nlmsg_type = RTM_NEWLINK;
nlh.nlmsg_flags = NLM_F_REQUEST;
self.assign_seqnum(nlh);
ifi.ifi_family = ifinfo.ifi_family;
ifi.ifi_type = ifinfo.ifi_type;
ifi.ifi_index = ifinfo.ifi_index;
if iface.raw_flags & libc::IFF_NOARP as u32 != 0 {
ifi.ifi_change |= libc::IFF_NOARP as u32;
ifi.ifi_flags |= libc::IFF_NOARP as u32;
}
// Safe because we have allocated enough buffer space.
unsafe {
nlh.addattr32(IFLA_MTU, iface.mtu as u32);
// if str is null terminated, use addattr_var.
// otherwise, use addattr_str
nlh.addattr_var(IFLA_IFNAME, iface.name.as_ref());
}
self.rtnl_talk(v.as_mut_slice(), false)?;
// TODO: why the result is ignored here?
let _ = self.set_link_status(&ifinfo, true);
Ok(iface.clone())
}
/// Delete this interface/link per request
pub fn remove_interface(&mut self, iface: &Interface) -> Result<Interface> {
let ifinfo = self.find_link_by_hwaddr(iface.hwAddr.as_str())?;
self.set_link_status(&ifinfo, false)?;
let mut v: Vec<u8> = vec![0; DEFAULT_NETLINK_BUF_SIZE];
// Safe because we have allocated enough buffer space.
let nlh = unsafe { &mut *(v.as_mut_ptr() as *mut nlmsghdr) };
let ifi = unsafe { &mut *(NLMSG_DATA!(nlh) as *mut ifinfomsg) };
// No attributes needed?
nlh.nlmsg_len = NLMSG_LENGTH!(mem::size_of::<ifinfomsg>()) as __u32;
nlh.nlmsg_type = RTM_DELLINK;
nlh.nlmsg_flags = NLM_F_REQUEST;
self.assign_seqnum(nlh);
ifi.ifi_family = ifinfo.ifi_family;
ifi.ifi_index = ifinfo.ifi_index;
ifi.ifi_type = ifinfo.ifi_type;
self.rtnl_talk(v.as_mut_slice(), false)?;
Ok(iface.clone())
}
pub fn list_interfaces(&mut self) -> Result<Vec<Interface>> {
let mut ifaces: Vec<Interface> = Vec::new();
let (_slv, lv) = self.dump_all_links()?;
let (_sav, av) = self.dump_all_addresses(0)?;
for link in &lv {
// Safe because dump_all_links() returns valid pointers.
let nlh = unsafe { &**link };
if nlh.nlmsg_type != RTM_NEWLINK && nlh.nlmsg_type != RTM_DELLINK {
continue;
}
if nlh.nlmsg_len < NLMSG_SPACE!(mem::size_of::<ifinfomsg>()) {
info!(
sl!(),
"invalid nlmsg! nlmsg_len: {}, nlmsg_space: {}",
nlh.nlmsg_len,
NLMSG_SPACE!(mem::size_of::<ifinfomsg>())
);
break;
}
// Safe because we have just validated available buffer space above.
let ifi = unsafe { &*(NLMSG_DATA!(nlh) as *const ifinfomsg) };
let rta: *mut rtattr = IFLA_RTA!(ifi as *const ifinfomsg) as *mut rtattr;
let rtalen = IFLA_PAYLOAD!(nlh) as u32;
let attrs = unsafe { parse_attrs(rta, rtalen, (IFLA_MAX + 1) as usize)? };
// fill out some fields of Interface,
let mut iface: Interface = Interface::default();
// Safe because parse_attrs() returns valid pointers.
unsafe {
if !attrs[IFLA_IFNAME as usize].is_null() {
let t = attrs[IFLA_IFNAME as usize];
iface.name = String::from_utf8(getattr_var(t as *const rtattr))?;
}
if !attrs[IFLA_MTU as usize].is_null() {
let t = attrs[IFLA_MTU as usize];
iface.mtu = getattr32(t) as u64;
}
if !attrs[IFLA_ADDRESS as usize].is_null() {
let alen = RTA_PAYLOAD!(attrs[IFLA_ADDRESS as usize]);
let a: *const u8 = RTA_DATA!(attrs[IFLA_ADDRESS as usize]) as *const u8;
iface.hwAddr = parser::format_address(a, alen as u32)?;
}
}
// get ip address info from av
let mut ads: Vec<IPAddress> = Vec::new();
for address in &av {
// Safe because dump_all_addresses() returns valid pointers.
let alh = unsafe { &**address };
if alh.nlmsg_type != RTM_NEWADDR {
continue;
}
let tlen = NLMSG_SPACE!(mem::size_of::<ifaddrmsg>());
if alh.nlmsg_len < tlen {
info!(
sl!(),
"invalid nlmsg! nlmsg_len: {}, nlmsg_space: {}", alh.nlmsg_len, tlen
);
break;
}
// Safe becahse we have checked avialable buffer space by NLMSG_SPACE above.
let ifa = unsafe { &*(NLMSG_DATA!(alh) as *const ifaddrmsg) };
let arta: *mut rtattr = IFA_RTA!(ifa) as *mut rtattr;
let artalen = IFA_PAYLOAD!(alh) as u32;
if ifa.ifa_index as u32 == ifi.ifi_index as u32 {
// found target addresses, parse attributes and fill out Interface
let addrs = unsafe { parse_attrs(arta, artalen, (IFA_MAX + 1) as usize)? };
// fill address field of Interface
let mut one: IPAddress = IPAddress::default();
let tattr: *const rtattr = if !addrs[IFA_ADDRESS as usize].is_null() {
addrs[IFA_ADDRESS as usize]
} else {
addrs[IFA_LOCAL as usize]
};
one.mask = format!("{}", ifa.ifa_prefixlen);
one.family = IPFamily::v4;
if ifa.ifa_family == libc::AF_INET6 as u8 {
one.family = IPFamily::v6;
}
// Safe because parse_attrs() returns valid pointers.
unsafe {
let a: *const u8 = RTA_DATA!(tattr) as *const u8;
let alen = RTA_PAYLOAD!(tattr);
one.address = parser::format_address(a, alen as u32)?;
}
ads.push(one);
}
}
iface.IPAddresses = RepeatedField::from_vec(ads);
ifaces.push(iface);
}
Ok(ifaces)
}
pub fn update_routes(&mut self, rt: &[Route]) -> Result<Vec<Route>> {
let rs = self.get_all_routes()?;
self.delete_all_routes(&rs)?;
for grpcroute in rt {
if grpcroute.gateway.as_str() == "" {
let r = RtRoute::try_from(grpcroute.clone())?;
if r.index == -1 {
continue;
}
self.add_one_route(&r)?;
}
}
for grpcroute in rt {
if grpcroute.gateway.as_str() != "" {
let r = RtRoute::try_from(grpcroute.clone())?;
if r.index == -1 {
continue;
}
self.add_one_route(&r)?;
}
}
Ok(rt.to_owned())
}
pub fn list_routes(&mut self) -> Result<Vec<Route>> {
// currently, only dump routes from main table for ipv4
// ie, rtmsg.rtmsg_family = AF_INET, set RT_TABLE_MAIN
// attribute in dump request
// Fix Me: think about othe tables, ipv6..
let mut rs: Vec<Route> = Vec::new();
let (_srv, rv) = self.dump_all_routes()?;
// parse out routes and store in rs
for r in &rv {
// Safe because dump_all_routes() returns valid pointers.
let nlh = unsafe { &**r };
if nlh.nlmsg_type != RTM_NEWROUTE && nlh.nlmsg_type != RTM_DELROUTE {
info!(sl!(), "not route message!");
continue;
}
let tlen = NLMSG_SPACE!(mem::size_of::<rtmsg>());
if nlh.nlmsg_len < tlen {
info!(
sl!(),
"invalid nlmsg! nlmsg_len: {}, nlmsg_spae: {}", nlh.nlmsg_len, tlen
);
break;
}
// Safe because we have just validated available buffer space above.
let rtm = unsafe { &mut *(NLMSG_DATA!(nlh) as *mut rtmsg) };
if rtm.rtm_table != RT_TABLE_MAIN as u8 {
continue;
}
let rta: *mut rtattr = RTM_RTA!(rtm) as *mut rtattr;
let rtalen = RTM_PAYLOAD!(nlh) as u32;
let attrs = unsafe { parse_attrs(rta, rtalen, (RTA_MAX + 1) as usize)? };
let t = attrs[RTA_TABLE as usize];
if !t.is_null() {
// Safe because parse_attrs() returns valid pointers
let table = unsafe { getattr32(t) };
if table != RT_TABLE_MAIN {
continue;
}
}
// find source, destination, gateway, scope, and and device name
let mut t = attrs[RTA_DST as usize];
let mut rte: Route = Route::default();
// Safe because parse_attrs() returns valid pointers
unsafe {
// destination
if !t.is_null() {
let data: *const u8 = RTA_DATA!(t) as *const u8;
let len = RTA_PAYLOAD!(t) as u32;
rte.dest =
format!("{}/{}", parser::format_address(data, len)?, rtm.rtm_dst_len);
}
// gateway
t = attrs[RTA_GATEWAY as usize];
if !t.is_null() {
let data: *const u8 = RTA_DATA!(t) as *const u8;
let len = RTA_PAYLOAD!(t) as u32;
rte.gateway = parser::format_address(data, len)?;
// for gateway, destination is 0.0.0.0
rte.dest = "0.0.0.0".to_string();
}
// source
t = attrs[RTA_SRC as usize];
if t.is_null() {
t = attrs[RTA_PREFSRC as usize];
}
if !t.is_null() {
let data: *const u8 = RTA_DATA!(t) as *const u8;
let len = RTA_PAYLOAD!(t) as u32;
rte.source = parser::format_address(data, len)?;
if rtm.rtm_src_len != 0 {
rte.source = format!("{}/{}", rte.source.as_str(), rtm.rtm_src_len);
}
}
// scope
rte.scope = rtm.rtm_scope as u32;
// oif
t = attrs[RTA_OIF as usize];
if !t.is_null() {
let data = &*(RTA_DATA!(t) as *const i32);
assert_eq!(RTA_PAYLOAD!(t), 4);
rte.device = self
.get_name_by_index(*data)
.unwrap_or_else(|_| "unknown".to_string());
}
}
rs.push(rte);
}
Ok(rs)
}
pub fn add_arp_neighbors(&mut self, neighs: &[ARPNeighbor]) -> Result<()> {
for neigh in neighs {
self.add_one_arp_neighbor(&neigh)?;
}
Ok(())
}
pub fn add_one_arp_neighbor(&mut self, neigh: &ARPNeighbor) -> Result<()> {
let to_ip = match neigh.toIPAddress.as_ref() {
None => return nix_errno(Errno::EINVAL),
Some(v) => {
if v.address.is_empty() {
return nix_errno(Errno::EINVAL);
}
v.address.as_ref()
}
};
let dev = self.find_link_by_name(&neigh.device)?;
let mut v: Vec<u8> = vec![0; DEFAULT_NETLINK_BUF_SIZE];
// Safe because we have allocated enough buffer space.
let nlh = unsafe { &mut *(v.as_mut_ptr() as *mut nlmsghdr) };
let ndm = unsafe { &mut *(NLMSG_DATA!(nlh) as *mut ndmsg) };
nlh.nlmsg_len = NLMSG_LENGTH!(std::mem::size_of::<ndmsg>()) as u32;
nlh.nlmsg_type = RTM_NEWNEIGH;
nlh.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE | NLM_F_EXCL;
self.assign_seqnum(nlh);
ndm.ndm_family = libc::AF_UNSPEC as __u8;
ndm.ndm_state = IFA_F_PERMANENT as __u16;
// process lladdr
if neigh.lladdr != "" {
let llabuf = parser::parse_mac_addr(&neigh.lladdr)?;
// Safe because we have allocated enough buffer space.
unsafe { nlh.addattr_var(NDA_LLADDR, llabuf.as_ref()) };
}
let (family, ip_data) = parser::parse_ip_addr_with_family(&to_ip)?;
ndm.ndm_family = family;
// Safe because we have allocated enough buffer space.
unsafe { nlh.addattr_var(NDA_DST, ip_data.as_ref()) };
// process state
if neigh.state != 0 {
ndm.ndm_state = neigh.state as __u16;
}
// process flags
ndm.ndm_flags = (*ndm).ndm_flags | neigh.flags as __u8;
// process dev
ndm.ndm_ifindex = dev.ifi_index;
// send
self.rtnl_talk(v.as_mut_slice(), false)?;
Ok(())
}
}
impl TryFrom<IPAddress> for RtIPAddr {
type Error = nix::Error;
fn try_from(ipi: IPAddress) -> std::result::Result<Self, Self::Error> {
let ip_family = if ipi.family == IPFamily::v4 {
libc::AF_INET
} else {
libc::AF_INET6
} as __u8;
let ip_mask = parser::parse_u8(ipi.mask.as_str(), 10)?;
let addr = parser::parse_ip_addr(ipi.address.as_ref())?;
Ok(Self {
ip_family,
ip_mask,
addr,
})
}
}
impl TryFrom<Route> for RtRoute {
type Error = nix::Error;
fn try_from(r: Route) -> std::result::Result<Self, Self::Error> {
// only handle ipv4
let index = {
let mut rh = RtnlHandle::new(NETLINK_ROUTE, 0)?;
match rh.find_link_by_name(r.device.as_str()) {
Ok(ifi) => ifi.ifi_index,
Err(_) => -1,
}
};
let (dest, dst_len) = if r.dest.is_empty() {
(Some(vec![0 as u8; 4]), 0)
} else {
let (dst, mask) = parser::parse_cidr(r.dest.as_str())?;
(Some(dst), mask)
};
let (source, src_len) = if r.source.is_empty() {
(None, 0)
} else {
let (src, mask) = parser::parse_cidr(r.source.as_str())?;
(Some(src), mask)
};
let gateway = if r.gateway.is_empty() {
None
} else {
Some(parser::parse_ip_addr(r.gateway.as_str())?)
};
Ok(Self {
dest,
source,
src_len,
dst_len,
index,
gateway,
scope: r.scope as u8,
protocol: RTPROTO_UNSPEC,
})
}
}
#[cfg(test)]
mod tests {
use super::*;
use crate::{RtnlHandle, NETLINK_ROUTE};
use protocols::types::IPAddress;
use std::process::Command;
fn clean_env_for_test_add_one_arp_neighbor(dummy_name: &str, ip: &str) {
// ip link delete dummy
Command::new("ip")
.args(&["link", "delete", dummy_name])
.output()
.expect("prepare: failed to delete dummy");
// ip neigh del dev dummy ip
Command::new("ip")
.args(&["neigh", "del", dummy_name, ip])
.output()
.expect("prepare: failed to delete neigh");
}
fn prepare_env_for_test_add_one_arp_neighbor(dummy_name: &str, ip: &str) {
clean_env_for_test_add_one_arp_neighbor(dummy_name, ip);
// modprobe dummy
Command::new("modprobe")
.arg("dummy")
.output()
.expect("failed to run modprobe dummy");
// ip link add dummy type dummy
Command::new("ip")
.args(&["link", "add", dummy_name, "type", "dummy"])
.output()
.expect("failed to add dummy interface");
// ip addr add 192.168.0.2/16 dev dummy
Command::new("ip")
.args(&["addr", "add", "192.168.0.2/16", "dev", dummy_name])
.output()
.expect("failed to add ip for dummy");
// ip link set dummy up;
Command::new("ip")
.args(&["link", "set", dummy_name, "up"])
.output()
.expect("failed to up dummy");
}
#[test]
fn test_add_one_arp_neighbor() {
// skip_if_not_root
if !nix::unistd::Uid::effective().is_root() {
println!("INFO: skipping {} which needs root", module_path!());
return;
}
let mac = "6a:92:3a:59:70:aa";
let to_ip = "169.254.1.1";
let dummy_name = "dummy_for_arp";
prepare_env_for_test_add_one_arp_neighbor(dummy_name, to_ip);
let mut ip_address = IPAddress::new();
ip_address.set_address(to_ip.to_string());
let mut neigh = ARPNeighbor::new();
neigh.set_toIPAddress(ip_address);
neigh.set_device(dummy_name.to_string());
neigh.set_lladdr(mac.to_string());
neigh.set_state(0x80);
let mut rtnl = RtnlHandle::new(NETLINK_ROUTE, 0).unwrap();
rtnl.add_one_arp_neighbor(&neigh).unwrap();
// ip neigh show dev dummy ip
let stdout = Command::new("ip")
.args(&["neigh", "show", "dev", dummy_name, to_ip])
.output()
.expect("failed to show neigh")
.stdout;
let stdout = std::str::from_utf8(&stdout).expect("failed to conveert stdout");
assert_eq!(stdout, format!("{} lladdr {} PERMANENT\n", to_ip, mac));
clean_env_for_test_add_one_arp_neighbor(dummy_name, to_ip);
}
}

2354
src/agent/netlink/src/lib.rs
View File

File diff suppressed because it is too large Load Diff

201
src/agent/netlink/src/parser.rs
View File

@ -1,201 +0,0 @@
// Copyright (c) 2019 Ant Financial
//
// SPDX-License-Identifier: Apache-2.0
//! Parser for IPv4/IPv6/MAC addresses.
use std::net::{Ipv4Addr, Ipv6Addr};
use std::str::FromStr;
use super::{Errno, Result, __u8, nix_errno};
#[inline]
pub(crate) fn parse_u8(s: &str, radix: u32) -> Result<u8> {
if radix >= 2 && radix <= 36 {
u8::from_str_radix(s, radix).map_err(|_| nix::Error::Sys(Errno::EINVAL))
} else {
u8::from_str(s).map_err(|_| nix::Error::Sys(Errno::EINVAL))
}
}
pub fn parse_ipv4_addr(s: &str) -> Result<Vec<u8>> {
match Ipv4Addr::from_str(s) {
Ok(v) => Ok(Vec::from(v.octets().as_ref())),
Err(_e) => nix_errno(Errno::EINVAL),
}
}
pub fn parse_ip_addr(s: &str) -> Result<Vec<u8>> {
if let Ok(v6) = Ipv6Addr::from_str(s) {
Ok(Vec::from(v6.octets().as_ref()))
} else {
parse_ipv4_addr(s)
}
}
pub fn parse_ip_addr_with_family(ip_address: &str) -> Result<(__u8, Vec<u8>)> {
if let Ok(v6) = Ipv6Addr::from_str(ip_address) {
Ok((libc::AF_INET6 as __u8, Vec::from(v6.octets().as_ref())))
} else {
parse_ipv4_addr(ip_address).map(|v| (libc::AF_INET as __u8, v))
}
}
pub fn parse_ipv4_cidr(s: &str) -> Result<(Vec<u8>, u8)> {
let fields: Vec<&str> = s.split('/').collect();
if fields.len() != 2 {
nix_errno(Errno::EINVAL)
} else {
Ok((parse_ipv4_addr(fields[0])?, parse_u8(fields[1], 10)?))
}
}
pub fn parse_cidr(s: &str) -> Result<(Vec<u8>, u8)> {
let fields: Vec<&str> = s.split('/').collect();
if fields.len() != 2 {
nix_errno(Errno::EINVAL)
} else {
Ok((parse_ip_addr(fields[0])?, parse_u8(fields[1], 10)?))
}
}
pub fn parse_mac_addr(hwaddr: &str) -> Result<Vec<u8>> {
let fields: Vec<&str> = hwaddr.split(':').collect();
if fields.len() != 6 {
nix_errno(Errno::EINVAL)
} else {
Ok(vec![
parse_u8(fields[0], 16)?,
parse_u8(fields[1], 16)?,
parse_u8(fields[2], 16)?,
parse_u8(fields[3], 16)?,
parse_u8(fields[4], 16)?,
parse_u8(fields[5], 16)?,
])
}
}
/// Format an IPv4/IPv6/MAC address.
///
/// # Safety
/// Caller needs to ensure that addr and len are valid.
pub unsafe fn format_address(addr: *const u8, len: u32) -> Result<String> {
let mut a: String;
if len == 4 {
// ipv4
let mut i = 1;
let mut p = addr as i64;
a = format!("{}", *(p as *const u8));
while i < len {
p += 1;
i += 1;
a.push_str(format!(".{}", *(p as *const u8)).as_str());
}
return Ok(a);
}
if len == 6 {
// hwaddr
let mut i = 1;
let mut p = addr as i64;
a = format!("{:0>2X}", *(p as *const u8));
while i < len {
p += 1;
i += 1;
a.push_str(format!(":{:0>2X}", *(p as *const u8)).as_str());
}
return Ok(a);
}
if len == 16 {
// ipv6
let p = addr as *const u8 as *const libc::c_void;
let mut ar: [u8; 16] = [0; 16];
let mut v: Vec<u8> = vec![0; 16];
let dp: *mut libc::c_void = v.as_mut_ptr() as *mut libc::c_void;
libc::memcpy(dp, p, 16);
ar.copy_from_slice(v.as_slice());
return Ok(Ipv6Addr::from(ar).to_string());
}
nix_errno(Errno::EINVAL)
}
#[cfg(test)]
mod tests {
use super::*;
use libc;
#[test]
fn test_ip_addr() {
let ip = parse_ipv4_addr("1.2.3.4").unwrap();
assert_eq!(ip, vec![0x1u8, 0x2u8, 0x3u8, 0x4u8]);
parse_ipv4_addr("1.2.3.4.5").unwrap_err();
parse_ipv4_addr("1.2.3-4").unwrap_err();
parse_ipv4_addr("1.2.3.a").unwrap_err();
parse_ipv4_addr("1.2.3.x").unwrap_err();
parse_ipv4_addr("-1.2.3.4").unwrap_err();
parse_ipv4_addr("+1.2.3.4").unwrap_err();
let (family, _) = parse_ip_addr_with_family("192.168.1.1").unwrap();
assert_eq!(family, libc::AF_INET as __u8);
let (family, ip) =
parse_ip_addr_with_family("2001:0db8:85a3:0000:0000:8a2e:0370:7334").unwrap();
assert_eq!(family, libc::AF_INET6 as __u8);
assert_eq!(ip.len(), 16);
parse_ip_addr_with_family("2001:0db8:85a3:0000:0000:8a2e:0370:73345").unwrap_err();
let ip = parse_ip_addr("::1").unwrap();
assert_eq!(ip[0], 0x0);
assert_eq!(ip[15], 0x1);
}
#[test]
fn test_parse_cidr() {
let (_, mask) = parse_ipv4_cidr("1.2.3.4/31").unwrap();
assert_eq!(mask, 31);
parse_ipv4_cidr("1.2.3/4/31").unwrap_err();
parse_ipv4_cidr("1.2.3.4/f").unwrap_err();
parse_ipv4_cidr("1.2.3/8").unwrap_err();
parse_ipv4_cidr("1.2.3.4.8").unwrap_err();
let (ip, mask) = parse_cidr("2001:db8:a::123/64").unwrap();
assert_eq!(mask, 64);
assert_eq!(ip[0], 0x20);
assert_eq!(ip[15], 0x23);
}
#[test]
fn test_parse_mac_addr() {
let mac = parse_mac_addr("FF:FF:FF:FF:FF:FE").unwrap();
assert_eq!(mac.len(), 6);
assert_eq!(mac[0], 0xff);
assert_eq!(mac[5], 0xfe);
parse_mac_addr("FF:FF:FF:FF:FF:FE:A0").unwrap_err();
parse_mac_addr("FF:FF:FF:FF:FF:FX").unwrap_err();
parse_mac_addr("FF:FF:FF:FF:FF").unwrap_err();
}
#[test]
fn test_format_address() {
let buf = [1u8, 2u8, 3u8, 4u8];
let addr = unsafe { format_address(&buf as *const u8, 4).unwrap() };
assert_eq!(addr, "1.2.3.4");
let buf = [1u8, 2u8, 3u8, 4u8, 5u8, 6u8];
let addr = unsafe { format_address(&buf as *const u8, 6).unwrap() };
assert_eq!(addr, "01:02:03:04:05:06");
}
}

11
src/agent/src/main.rs
View File

@ -24,9 +24,7 @@ extern crate scopeguard;
#[macro_use]
extern crate slog;
extern crate netlink;
use crate::netlink::{RtnlHandle, NETLINK_ROUTE};
use anyhow::{anyhow, Context, Result};
use nix::fcntl::{self, OFlag};
use nix::fcntl::{FcntlArg, FdFlag};
@ -55,6 +53,7 @@ mod linux_abi;
mod metrics;
mod mount;
mod namespace;
mod netlink;
mod network;
pub mod random;
mod sandbox;
@ -276,13 +275,9 @@ async fn start_sandbox(logger: &Logger, config: &agentConfig, init_mode: bool) -
};
// Initialize unique sandbox structure.
let mut s = Sandbox::new(&logger).context("Failed to create sandbox")?;
let s = Sandbox::new(&logger).context("Failed to create sandbox")?;
if init_mode {
let mut rtnl = RtnlHandle::new(NETLINK_ROUTE, 0).unwrap();
rtnl.handle_localhost()?;
s.rtnl = Some(rtnl);
s.rtnl.handle_localhost().await?;
}
let sandbox = Arc::new(Mutex::new(s));

1038
src/agent/src/netlink.rs Normal file
View File

File diff suppressed because it is too large Load Diff

183
src/agent/src/rpc.rs
View File

@ -51,7 +51,6 @@ use crate::random;
use crate::sandbox::Sandbox;
use crate::version::{AGENT_VERSION, API_VERSION};
use crate::AGENT_CONFIG;
use netlink::{RtnlHandle, NETLINK_ROUTE};
use libc::{self, c_ushort, pid_t, winsize, TIOCSWINSZ};
use std::convert::TryFrom;
@ -850,30 +849,24 @@ impl protocols::agent_ttrpc::AgentService for agentService {
_ctx: &TtrpcContext,
req: protocols::agent::UpdateInterfaceRequest,
) -> ttrpc::Result<Interface> {
if req.interface.is_none() {
return Err(ttrpc_error(
let interface = req.interface.into_option().ok_or_else(|| {
ttrpc_error(
ttrpc::Code::INVALID_ARGUMENT,
"empty update interface request".to_string(),
));
}
)
})?;
let interface = req.interface;
let s = Arc::clone(&self.sandbox);
let mut sandbox = s.lock().await;
if sandbox.rtnl.is_none() {
sandbox.rtnl = Some(RtnlHandle::new(NETLINK_ROUTE, 0).unwrap());
}
let rtnl = sandbox.rtnl.as_mut().unwrap();
let iface = rtnl
.update_interface(interface.as_ref().unwrap())
self.sandbox
.lock()
.await
.rtnl
.update_interface(&interface)
.await
.map_err(|e| {
ttrpc_error(ttrpc::Code::INTERNAL, format!("update interface: {:?}", e))
})?;
Ok(iface)
Ok(interface)
}
async fn update_routes(
@ -881,38 +874,37 @@ impl protocols::agent_ttrpc::AgentService for agentService {
_ctx: &TtrpcContext,
req: protocols::agent::UpdateRoutesRequest,
) -> ttrpc::Result<Routes> {
let mut routes = protocols::agent::Routes::new();
if req.routes.is_none() {
return Err(ttrpc_error(
ttrpc::Code::INVALID_ARGUMENT,
"empty update routes request".to_string(),
));
}
let new_routes = req
.routes
.into_option()
.map(|r| r.Routes.into_vec())
.ok_or_else(|| {
ttrpc_error(
ttrpc::Code::INVALID_ARGUMENT,
"empty update routes request".to_string(),
)
})?;
let rs = req.routes.unwrap().Routes.into_vec();
let mut sandbox = self.sandbox.lock().await;
let s = Arc::clone(&self.sandbox);
let mut sandbox = s.lock().await;
sandbox.rtnl.update_routes(new_routes).await.map_err(|e| {
ttrpc_error(
ttrpc::Code::INTERNAL,
format!("Failed to update routes: {:?}", e),
)
})?;
if sandbox.rtnl.is_none() {
sandbox.rtnl = Some(RtnlHandle::new(NETLINK_ROUTE, 0).unwrap());
}
let list = sandbox.rtnl.list_routes().await.map_err(|e| {
ttrpc_error(
ttrpc::Code::INTERNAL,
format!("Failed to list routes after update: {:?}", e),
)
})?;
let rtnl = sandbox.rtnl.as_mut().unwrap();
// get current routes to return when error out
let crs = rtnl
.list_routes()
.map_err(|e| ttrpc_error(ttrpc::Code::INTERNAL, format!("update routes: {:?}", e)))?;
let v = match rtnl.update_routes(rs.as_ref()) {
Ok(value) => value,
Err(_) => crs,
};
routes.set_Routes(RepeatedField::from_vec(v));
Ok(routes)
Ok(protocols::agent::Routes {
Routes: RepeatedField::from_vec(list),
..Default::default()
})
}
async fn list_interfaces(
@ -920,22 +912,24 @@ impl protocols::agent_ttrpc::AgentService for agentService {
_ctx: &TtrpcContext,
_req: protocols::agent::ListInterfacesRequest,
) -> ttrpc::Result<Interfaces> {
let mut interface = protocols::agent::Interfaces::new();
let s = Arc::clone(&self.sandbox);
let mut sandbox = s.lock().await;
if sandbox.rtnl.is_none() {
sandbox.rtnl = Some(RtnlHandle::new(NETLINK_ROUTE, 0).unwrap());
}
let rtnl = sandbox.rtnl.as_mut().unwrap();
let v = rtnl
let list = self
.sandbox
.lock()
.await
.rtnl
.list_interfaces()
.map_err(|e| ttrpc_error(ttrpc::Code::INTERNAL, format!("list interface: {:?}", e)))?;
.await
.map_err(|e| {
ttrpc_error(
ttrpc::Code::INTERNAL,
format!("Failed to list interfaces: {:?}", e),
)
})?;
interface.set_Interfaces(RepeatedField::from_vec(v));
Ok(interface)
Ok(protocols::agent::Interfaces {
Interfaces: RepeatedField::from_vec(list),
..Default::default()
})
}
async fn list_routes(
@ -943,23 +937,19 @@ impl protocols::agent_ttrpc::AgentService for agentService {
_ctx: &TtrpcContext,
_req: protocols::agent::ListRoutesRequest,
) -> ttrpc::Result<Routes> {
let mut routes = protocols::agent::Routes::new();
let s = Arc::clone(&self.sandbox);
let mut sandbox = s.lock().await;
if sandbox.rtnl.is_none() {
sandbox.rtnl = Some(RtnlHandle::new(NETLINK_ROUTE, 0).unwrap());
}
let rtnl = sandbox.rtnl.as_mut().unwrap();
let v = rtnl
let list = self
.sandbox
.lock()
.await
.rtnl
.list_routes()
.await
.map_err(|e| ttrpc_error(ttrpc::Code::INTERNAL, format!("list routes: {:?}", e)))?;
routes.set_Routes(RepeatedField::from_vec(v));
Ok(routes)
Ok(protocols::agent::Routes {
Routes: RepeatedField::from_vec(list),
..Default::default()
})
}
async fn start_tracing(
@ -1062,26 +1052,29 @@ impl protocols::agent_ttrpc::AgentService for agentService {
_ctx: &TtrpcContext,
req: protocols::agent::AddARPNeighborsRequest,
) -> ttrpc::Result<Empty> {
if req.neighbors.is_none() {
return Err(ttrpc_error(
ttrpc::Code::INVALID_ARGUMENT,
"empty add arp neighbours request".to_string(),
));
}
let neighs = req
.neighbors
.into_option()
.map(|n| n.ARPNeighbors.into_vec())
.ok_or_else(|| {
ttrpc_error(
ttrpc::Code::INVALID_ARGUMENT,
"empty add arp neighbours request".to_string(),
)
})?;
let neighs = req.neighbors.unwrap().ARPNeighbors.into_vec();
let s = Arc::clone(&self.sandbox);
let mut sandbox = s.lock().await;
if sandbox.rtnl.is_none() {
sandbox.rtnl = Some(RtnlHandle::new(NETLINK_ROUTE, 0).unwrap());
}
let rtnl = sandbox.rtnl.as_mut().unwrap();
rtnl.add_arp_neighbors(neighs.as_ref())
.map_err(|e| ttrpc_error(ttrpc::Code::INTERNAL, e.to_string()))?;
self.sandbox
.lock()
.await
.rtnl
.add_arp_neighbors(neighs)
.await
.map_err(|e| {
ttrpc_error(
ttrpc::Code::INTERNAL,
format!("Failed to add ARP neighbours: {:?}", e),
)
})?;
Ok(Empty::new())
}
@ -1709,8 +1702,8 @@ mod tests {
assert!(result.is_ok(), "load module should success");
}
#[test]
fn test_append_guest_hooks() {
#[tokio::test]
async fn test_append_guest_hooks() {
let logger = slog::Logger::root(slog::Discard, o!());
let mut s = Sandbox::new(&logger).unwrap();
s.hooks = Some(Hooks {

52
src/agent/src/sandbox.rs
View File

@ -6,10 +6,10 @@
use crate::linux_abi::*;
use crate::mount::{get_mount_fs_type, remove_mounts, TYPE_ROOTFS};
use crate::namespace::Namespace;
use crate::netlink::Handle;
use crate::network::Network;
use anyhow::{anyhow, Context, Result};
use libc::pid_t;
use netlink::{RtnlHandle, NETLINK_ROUTE};
use oci::{Hook, Hooks};
use protocols::agent::OnlineCPUMemRequest;
use regex::Regex;
@ -44,7 +44,7 @@ pub struct Sandbox {
pub running: bool,
pub no_pivot_root: bool,
pub sender: Option<tokio::sync::oneshot::Sender<i32>>,
pub rtnl: Option<RtnlHandle>,
pub rtnl: Handle,
pub hooks: Option<Hooks>,
pub event_rx: Arc<Mutex<Receiver<String>>>,
pub event_tx: Sender<String>,
@ -73,7 +73,7 @@ impl Sandbox {
running: false,
no_pivot_root: fs_type.eq(TYPE_ROOTFS),
sender: None,
rtnl: Some(RtnlHandle::new(NETLINK_ROUTE, 0).unwrap()),
rtnl: Handle::new()?,
hooks: None,
event_rx,
event_tx: tx,
@ -433,8 +433,8 @@ mod tests {
baremount.mount()
}
#[test]
fn set_sandbox_storage() {
#[tokio::test]
async fn set_sandbox_storage() {
let logger = slog::Logger::root(slog::Discard, o!());
let mut s = Sandbox::new(&logger).unwrap();
@ -467,8 +467,8 @@ mod tests {
);
}
#[test]
fn remove_sandbox_storage() {
#[tokio::test]
async fn remove_sandbox_storage() {
skip_if_not_root!();
let logger = slog::Logger::root(slog::Discard, o!());
@ -523,9 +523,9 @@ mod tests {
assert!(s.remove_sandbox_storage(destdir_path).is_ok());
}
#[test]
#[tokio::test]
#[allow(unused_assignments)]
fn unset_and_remove_sandbox_storage() {
async fn unset_and_remove_sandbox_storage() {
skip_if_not_root!();
let logger = slog::Logger::root(slog::Discard, o!());
@ -575,8 +575,8 @@ mod tests {
assert!(s.unset_and_remove_sandbox_storage(&other_dir_str).is_err());
}
#[test]
fn unset_sandbox_storage() {
#[tokio::test]
async fn unset_sandbox_storage() {
let logger = slog::Logger::root(slog::Discard, o!());
let mut s = Sandbox::new(&logger).unwrap();
@ -658,8 +658,8 @@ mod tests {
.unwrap()
}
#[test]
fn get_container_entry_exist() {
#[tokio::test]
async fn get_container_entry_exist() {
skip_if_not_root!();
let logger = slog::Logger::root(slog::Discard, o!());
let mut s = Sandbox::new(&logger).unwrap();
@ -671,8 +671,8 @@ mod tests {
assert!(cnt.is_some());
}
#[test]
fn get_container_no_entry() {
#[tokio::test]
async fn get_container_no_entry() {
let logger = slog::Logger::root(slog::Discard, o!());
let mut s = Sandbox::new(&logger).unwrap();
@ -680,8 +680,8 @@ mod tests {
assert!(cnt.is_none());
}
#[test]
fn add_and_get_container() {
#[tokio::test]
async fn add_and_get_container() {
skip_if_not_root!();
let logger = slog::Logger::root(slog::Discard, o!());
let mut s = Sandbox::new(&logger).unwrap();
@ -690,8 +690,9 @@ mod tests {
s.add_container(linux_container);
assert!(s.get_container("some_id").is_some());
}
#[test]
fn update_shared_pidns() {
#[tokio::test]
async fn update_shared_pidns() {
skip_if_not_root!();
let logger = slog::Logger::root(slog::Discard, o!());
let mut s = Sandbox::new(&logger).unwrap();
@ -707,8 +708,9 @@ mod tests {
let ns_path = format!("/proc/{}/ns/pid", test_pid);
assert_eq!(s.sandbox_pidns.unwrap().path, ns_path);
}
#[test]
fn add_guest_hooks() {
#[tokio::test]
async fn add_guest_hooks() {
let logger = slog::Logger::root(slog::Discard, o!());
let mut s = Sandbox::new(&logger).unwrap();
let tmpdir = Builder::new().tempdir().unwrap();
@ -730,8 +732,8 @@ mod tests {
assert!(s.hooks.as_ref().unwrap().poststop.is_empty());
}
#[test]
pub fn test_sandbox_is_running() {
#[tokio::test]
async fn test_sandbox_is_running() {
let logger = slog::Logger::root(slog::Discard, o!());
let mut s = Sandbox::new(&logger).unwrap();
s.running = true;
@ -740,8 +742,8 @@ mod tests {
assert!(!s.is_running());
}
#[test]
fn test_sandbox_set_hostname() {
#[tokio::test]
async fn test_sandbox_set_hostname() {
let logger = slog::Logger::root(slog::Discard, o!());
let mut s = Sandbox::new(&logger).unwrap();
let hostname = "abc123";