diff --git a/.github/workflows/add-pr-sizing-label.yaml b/.github/workflows/add-pr-sizing-label.yaml index 0a2d7fcbf7..ffd9b06a96 100644 --- a/.github/workflows/add-pr-sizing-label.yaml +++ b/.github/workflows/add-pr-sizing-label.yaml @@ -33,6 +33,8 @@ jobs: GITHUB_TOKEN: ${{ secrets.KATA_GITHUB_ACTIONS_PR_SIZE_TOKEN }} run: | pr=${{ github.event.number }} + # Removing man-db, workflow kept failing, fixes: #4480 + sudo apt -y remove --purge man-db sudo apt -y install diffstat patchutils pr-add-size-label.sh -p "$pr" diff --git a/.github/workflows/snap-release.yaml b/.github/workflows/snap-release.yaml index 2fde90afc4..ecd34978f7 100644 --- a/.github/workflows/snap-release.yaml +++ b/.github/workflows/snap-release.yaml @@ -19,6 +19,8 @@ jobs: - name: Build snap run: | + # Removing man-db, workflow kept failing, fixes: #4480 + sudo apt -y remove --purge man-db sudo apt-get install -y git git-extras kata_url="https://github.com/kata-containers/kata-containers" latest_version=$(git ls-remote --tags ${kata_url} | egrep -o "refs.*" | egrep -v "\-alpha|\-rc|{}" | egrep -o "[[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+" | sort -V -r | head -1) diff --git a/ci/darwin-test.sh b/ci/darwin-test.sh index 92317653be..f9d32e743d 100755 --- a/ci/darwin-test.sh +++ b/ci/darwin-test.sh @@ -11,10 +11,10 @@ runtimedir=$cidir/../src/runtime build_working_packages() { # working packages: - device_api=$runtimedir/virtcontainers/device/api - device_config=$runtimedir/virtcontainers/device/config - device_drivers=$runtimedir/virtcontainers/device/drivers - device_manager=$runtimedir/virtcontainers/device/manager + device_api=$runtimedir/pkg/device/api + device_config=$runtimedir/pkg/device/config + device_drivers=$runtimedir/pkg/device/drivers + device_manager=$runtimedir/pkg/device/manager rc_pkg_dir=$runtimedir/pkg/resourcecontrol/ utils_pkg_dir=$runtimedir/virtcontainers/utils diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 60185e8f61..77f27b15f9 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -74,7 +74,7 @@ parts: rustup toolchain install ${version} rustup default ${version} if [ "${arch}" == "ppc64le" ] || [ "${arch}" == "s390x" ] ; then - [ ${arch} == "ppc64le"] && arch="powerpc64le" + [ "${arch}" == "ppc64le" ] && arch="powerpc64le" rustup target add ${arch}-unknown-linux-gnu else rustup target add ${arch}-unknown-linux-musl diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index aaa550ec3e..b927b597db 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -28,9 +28,9 @@ dependencies = [ [[package]] name = "anyhow" -version = "1.0.51" +version = "1.0.58" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b26702f315f53b6071259e15dd9d64528213b44d61de1ec926eca7715d62203" +checksum = "bb07d2053ccdbe10e2af2995a2f116c1330396493dc1269f6a91d0ae82e19704" [[package]] name = "arc-swap" @@ -51,9 +51,9 @@ dependencies = [ [[package]] name = "async-trait" -version = "0.1.52" +version = "0.1.56" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "061a7acccaa286c011ddc30970520b98fa40e00c9d644633fb26b5fc63a265e3" +checksum = "96cf8829f67d2eab0b2dfa42c5d0ef737e0724e4a82b01b3e292456202b19716" dependencies = [ "proc-macro2", "quote", @@ -73,9 +73,9 @@ dependencies = [ [[package]] name = "autocfg" -version = "1.0.1" +version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a" +checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" [[package]] name = "bincode" @@ -88,15 +88,15 @@ dependencies = [ [[package]] name = "bitflags" -version = "1.2.1" +version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" [[package]] name = "bumpalo" -version = "3.8.0" +version = "3.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f1e260c3a9040a7c19a12468758f4c16f31a81a1fe087482be9570ec864bb6c" +checksum = "37ccbd214614c6783386c1af30caf03192f17891059cecc394b4fb119e363de3" [[package]] name = "byteorder" @@ -122,11 +122,12 @@ checksum = "c4872d67bab6358e59559027aa3b9157c53d9358c51423c17554809a8858e0f8" [[package]] name = "capctl" -version = "0.2.0" +version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eea0d91a34c56f0a0779e1cc2ec7040fa7f672819c4d3fe7d9dd4af3d2e78aca" +checksum = "526c6a8746a7cfb052c15d20259c4f5c021966affdc7c960c71ca640f824c801" dependencies = [ "bitflags", + "cfg-if 1.0.0", "libc", ] @@ -143,9 +144,9 @@ dependencies = [ [[package]] name = "cc" -version = "1.0.72" +version = "1.0.73" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22a9137b95ea06864e018375b72adfb7db6e6f68cfc8df5a04d00288050485ee" +checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11" [[package]] name = "cfg-if" @@ -161,9 +162,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "cgroups-rs" -version = "0.2.8" +version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b827f9d9f6c2fff719d25f5d44cbc8d2ef6df1ef00d055c5c14d5dc25529579" +checksum = "cdae996d9638ba03253ffa1c93345a585974a97abbdeab9176c77922f3efc1e8" dependencies = [ "libc", "log", @@ -180,22 +181,22 @@ dependencies = [ "libc", "num-integer", "num-traits", - "time", + "time 0.1.44", "winapi", ] [[package]] name = "clap" -version = "3.0.1" +version = "3.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1121e32687f7f90b905d4775273305baa4f32cd418923e9b0fa726533221857" +checksum = "9f1fe12880bae935d142c8702d500c63a4e8634b6c3c57ad72bf978fc7b6249a" dependencies = [ "atty", "bitflags", "clap_derive", + "clap_lex", "indexmap", - "lazy_static", - "os_str_bytes", + "once_cell", "strsim", "termcolor", "textwrap", @@ -203,9 +204,9 @@ dependencies = [ [[package]] name = "clap_derive" -version = "3.0.1" +version = "3.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7cbcf660a32ad0eda4b11996d8761432f499034f6e685bc6072337db662c85f8" +checksum = "ed6db9e867166a43a53f7199b5e4d1f522a1e5bd626654be263c999ce59df39a" dependencies = [ "heck 0.4.0", "proc-macro-error", @@ -214,6 +215,15 @@ dependencies = [ "syn", ] +[[package]] +name = "clap_lex" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87eba3c8c7f42ef17f6c659fc7416d0f4758cd3e58861ee63c5fa4a4dde649e4" +dependencies = [ + "os_str_bytes", +] + [[package]] name = "common-path" version = "1.0.0" @@ -228,18 +238,18 @@ checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc" [[package]] name = "crc32fast" -version = "1.3.0" +version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "738c290dfaea84fc1ca15ad9c168d083b05a714e1efddd8edaab678dc28d2836" +checksum = "b540bd8bc810d3885c6ea91e2018302f68baba2129ab3e88f32389ee9370880d" dependencies = [ "cfg-if 1.0.0", ] [[package]] name = "crossbeam-channel" -version = "0.5.1" +version = "0.5.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "06ed27e177f16d65f0f0c22a213e17c696ace5dd64b14258b52f9417ccb52db4" +checksum = "4c02a4d71819009c192cf4872265391563fd6a84c81ff2c0f2a7026ca4c1d85c" dependencies = [ "cfg-if 1.0.0", "crossbeam-utils", @@ -258,25 +268,26 @@ dependencies = [ [[package]] name = "crossbeam-epoch" -version = "0.9.6" +version = "0.9.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97242a70df9b89a65d0b6df3c4bf5b9ce03c5b7309019777fbde37e7537f8762" +checksum = "07db9d94cbd326813772c968ccd25999e5f8ae22f4f8d1b11effa37ef6ce281d" dependencies = [ + "autocfg", "cfg-if 1.0.0", "crossbeam-utils", - "lazy_static", "memoffset", + "once_cell", "scopeguard", ] [[package]] name = "crossbeam-utils" -version = "0.8.8" +version = "0.8.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0bf124c720b7686e3c2663cf54062ab0f68a88af2fb6a030e87e30bf721fcb38" +checksum = "7d82ee10ce34d7bc12c2122495e7593a9c41347ecdd64185af4ecf72cb1a7f83" dependencies = [ "cfg-if 1.0.0", - "lazy_static", + "once_cell", ] [[package]] @@ -325,7 +336,16 @@ checksum = "ec3245a0ca564e7f3c797d20d833a6870f57a728ac967d5225b3ffdef4465011" dependencies = [ "lazy_static", "log", - "rand 0.8.4", + "rand 0.8.5", +] + +[[package]] +name = "fastrand" +version = "1.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c3fcf0cee53519c866c09b5de1f6c56ff9d647101f81c1964fa632e148896cdf" +dependencies = [ + "instant", ] [[package]] @@ -336,13 +356,11 @@ checksum = "37ab347416e802de484e4d03c7316c48f1ecb56574dfd4a46a80f173ce1de04d" [[package]] name = "flate2" -version = "1.0.22" +version = "1.0.24" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e6988e897c1c9c485f43b47a529cef42fde0547f9d8d41a7062518f1d8fc53f" +checksum = "f82b0f4c27ad9f8bfd1f3208d882da2b09c301bc1c828fd3a00d0216d2fbbff6" dependencies = [ - "cfg-if 1.0.0", "crc32fast", - "libc", "miniz_oxide", ] @@ -354,9 +372,9 @@ checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" [[package]] name = "futures" -version = "0.3.17" +version = "0.3.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a12aa0eb539080d55c3f2d45a67c3b58b6b0773c1a3ca2dfec66d58c97fd66ca" +checksum = "f73fe65f54d1e12b726f517d3e2135ca3125a437b6d998caf1962961f7172d9e" dependencies = [ "futures-channel", "futures-core", @@ -369,9 +387,9 @@ dependencies = [ [[package]] name = "futures-channel" -version = "0.3.17" +version = "0.3.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5da6ba8c3bb3c165d3c7319fc1cc8304facf1fb8db99c5de877183c08a273888" +checksum = "c3083ce4b914124575708913bca19bfe887522d6e2e6d0952943f5eac4a74010" dependencies = [ "futures-core", "futures-sink", @@ -379,15 +397,15 @@ dependencies = [ [[package]] name = "futures-core" -version = "0.3.17" +version = "0.3.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "88d1c26957f23603395cd326b0ffe64124b818f4449552f960d815cfba83a53d" +checksum = "0c09fd04b7e4073ac7156a9539b57a484a8ea920f79c7c675d05d289ab6110d3" [[package]] name = "futures-executor" -version = "0.3.17" +version = "0.3.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "45025be030969d763025784f7f355043dc6bc74093e4ecc5000ca4dc50d8745c" +checksum = "9420b90cfa29e327d0429f19be13e7ddb68fa1cccb09d65e5706b8c7a749b8a6" dependencies = [ "futures-core", "futures-task", @@ -396,18 +414,16 @@ dependencies = [ [[package]] name = "futures-io" -version = "0.3.17" +version = "0.3.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "522de2a0fe3e380f1bc577ba0474108faf3f6b18321dbf60b3b9c39a75073377" +checksum = "fc4045962a5a5e935ee2fdedaa4e08284547402885ab326734432bed5d12966b" [[package]] name = "futures-macro" -version = "0.3.17" +version = "0.3.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "18e4a4b95cea4b4ccbcf1c5675ca7c4ee4e9e75eb79944d07defde18068f79bb" +checksum = "33c1e13800337f4d4d7a316bf45a567dbcb6ffe087f16424852d97e97a91f512" dependencies = [ - "autocfg", - "proc-macro-hack", "proc-macro2", "quote", "syn", @@ -415,23 +431,22 @@ dependencies = [ [[package]] name = "futures-sink" -version = "0.3.17" +version = "0.3.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "36ea153c13024fe480590b3e3d4cad89a0cfacecc24577b68f86c6ced9c2bc11" +checksum = "21163e139fa306126e6eedaf49ecdb4588f939600f0b1e770f4205ee4b7fa868" [[package]] name = "futures-task" -version = "0.3.17" +version = "0.3.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1d3d00f4eddb73e498a54394f228cd55853bdf059259e8e7bc6e69d408892e99" +checksum = "57c66a976bf5909d801bbef33416c41372779507e7a6b3a5e25e4749c58f776a" [[package]] name = "futures-util" -version = "0.3.17" +version = "0.3.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "36568465210a3a6ee45e1f165136d68671471a501e632e9a98d96872222b5481" +checksum = "d8b7abd5d659d9b90c8cba917f6ec750a74e2dc23902ef9cd4cc8c8b22e6036a" dependencies = [ - "autocfg", "futures-channel", "futures-core", "futures-io", @@ -441,8 +456,6 @@ dependencies = [ "memchr", "pin-project-lite", "pin-utils", - "proc-macro-hack", - "proc-macro-nested", "slab", ] @@ -459,13 +472,13 @@ dependencies = [ [[package]] name = "getrandom" -version = "0.2.3" +version = "0.2.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7fcd999463524c52659517fe2cea98493cfe485d10565e7b0fb07dbba7ad2753" +checksum = "4eb1a864a501629691edf6c15a593b7a51eebaa1e8468e9ddc623de7c9b58ec6" dependencies = [ "cfg-if 1.0.0", "libc", - "wasi 0.10.2+wasi-snapshot-preview1", + "wasi 0.11.0+wasi-snapshot-preview1", ] [[package]] @@ -476,9 +489,9 @@ checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574" [[package]] name = "hashbrown" -version = "0.11.2" +version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ab5ef0d4909ef3724cc8cce6ccc8572c5c817592e9285f5464f8e86f8bd3726e" +checksum = "db0d4cf898abf0081f964436dc980e96670a0f36863e4b83aaacdb65c9d7ccc3" [[package]] name = "heck" @@ -512,9 +525,9 @@ checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" [[package]] name = "indexmap" -version = "1.7.0" +version = "1.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bc633605454125dec4b66843673f01c7df2b89479b32e0ed634e43a91cff62a5" +checksum = "10a35a97730320ffe8e2d410b5d3b69279b98d2c14bdb8b70ea89ecf7888d41e" dependencies = [ "autocfg", "hashbrown", @@ -580,15 +593,15 @@ dependencies = [ [[package]] name = "itoa" -version = "1.0.1" +version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1aab8fc367588b89dcee83ab0fd66b72b50b72fa1904d7095045ace2b0c81c35" +checksum = "112c678d4050afce233f4f2852bb2eb519230b3cf12f33585275537d7e41578d" [[package]] name = "js-sys" -version = "0.3.55" +version = "0.3.58" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7cc9ffccd38c451a86bf13657df244e9c3f37493cce8e5e21e940963777acc84" +checksum = "c3fac17f7123a73ca62df411b1bf727ccc805daa070338fda671c86dac1bdc27" dependencies = [ "wasm-bindgen", ] @@ -615,7 +628,7 @@ dependencies = [ "nix 0.23.1", "oci", "opentelemetry", - "procfs 0.12.0", + "procfs", "prometheus", "protobuf", "protocols", @@ -691,9 +704,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.112" +version = "0.2.126" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b03d17f364a3a042d5e5d46b053bbbf82c92c9430c592dd4c064dc6ee997125" +checksum = "349d5a591cd28b49e1d1037471617a32ddcda5731b99419008085f72d5a53836" [[package]] name = "libseccomp" @@ -715,18 +728,19 @@ checksum = "539912de229a4fc16e507e8df12a394038a524a5b5b6c92045ad344472aac475" [[package]] name = "lock_api" -version = "0.4.5" +version = "0.4.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "712a4d093c9976e24e7dbca41db895dabcbac38eb5f4045393d17a95bdfb1109" +checksum = "327fa5b6a6940e4699ec49a9beae1ea4845c6bab9314e4f84ac68742139d8c53" dependencies = [ + "autocfg", "scopeguard", ] [[package]] name = "log" -version = "0.4.14" +version = "0.4.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51b9bbe6c47d51fc3e1a9b945965946b4c44142ab8792c50835a980d362c2710" +checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" dependencies = [ "cfg-if 1.0.0", ] @@ -753,9 +767,9 @@ dependencies = [ [[package]] name = "memchr" -version = "2.4.1" +version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "308cc39be01b73d0d18f82a0e7b2a3df85245f84af96fdddc5d202d27e47b86a" +checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" [[package]] name = "memoffset" @@ -768,34 +782,23 @@ dependencies = [ [[package]] name = "miniz_oxide" -version = "0.4.4" +version = "0.5.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a92518e98c078586bc6c934028adcca4c92a53d6a958196de835170a01d84e4b" +checksum = "6f5c75688da582b8ffc1f1799e9db273f32133c49e048f614d22ec3256773ccc" dependencies = [ "adler", - "autocfg", ] [[package]] name = "mio" -version = "0.7.14" +version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8067b404fe97c70829f082dec8bcf4f71225d7eaea1d8645349cb76fa06205cc" +checksum = "57ee1c23c7c63b0c9250c339ffdc69255f110b298b901b9f6c82547b7b87caaf" dependencies = [ "libc", "log", - "miow", - "ntapi", - "winapi", -] - -[[package]] -name = "miow" -version = "0.3.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b9f1c5b025cda876f66ef43a113f91ebc9f4ccef34843000e0adf6ebbab84e21" -dependencies = [ - "winapi", + "wasi 0.11.0+wasi-snapshot-preview1", + "windows-sys", ] [[package]] @@ -884,9 +887,9 @@ dependencies = [ [[package]] name = "nix" -version = "0.22.2" +version = "0.22.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3bb9a13fa32bc5aeb64150cd3f32d6cf4c748f8f8a417cce5d2eb976a8370ba" +checksum = "e4916f159ed8e5de0082076562152a76b7a1f64a01fd9d1e0fea002c37624faf" dependencies = [ "bitflags", "cc", @@ -910,18 +913,18 @@ dependencies = [ [[package]] name = "ntapi" -version = "0.3.6" +version = "0.3.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f6bb902e437b6d86e03cce10a7e2af662292c5dfef23b65899ea3ac9354ad44" +checksum = "c28774a7fd2fbb4f0babd8237ce554b73af68021b5f695a3cebd6c59bac0980f" dependencies = [ "winapi", ] [[package]] name = "num-integer" -version = "0.1.44" +version = "0.1.45" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d2cc698a63b549a70bc047073d2949cce27cd1c7b0a4a862d08a8031bc2801db" +checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9" dependencies = [ "autocfg", "num-traits", @@ -929,9 +932,9 @@ dependencies = [ [[package]] name = "num-traits" -version = "0.2.14" +version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9a64b1ec5cda2586e284722486d802acf1f7dbdc623e2bfc57e65ca1cd099290" +checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" dependencies = [ "autocfg", ] @@ -946,6 +949,15 @@ dependencies = [ "libc", ] +[[package]] +name = "num_threads" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44" +dependencies = [ + "libc", +] + [[package]] name = "oci" version = "0.1.0" @@ -958,9 +970,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.9.0" +version = "1.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da32515d9f6e6e489d7bc9d84c71b060db7247dc035bbe44eac88cf87486d8d5" +checksum = "7709cef83f0c1f58f666e746a08b21e0085f7440fa6a29cc194d68aac97a4225" [[package]] name = "opentelemetry" @@ -975,7 +987,7 @@ dependencies = [ "lazy_static", "percent-encoding", "pin-project", - "rand 0.8.4", + "rand 0.8.5", "serde", "thiserror", "tokio", @@ -984,12 +996,9 @@ dependencies = [ [[package]] name = "os_str_bytes" -version = "6.0.0" +version = "6.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8e22443d1643a904602595ba1cd8f7d896afe56d26712531c5ff73a15b2fbf64" -dependencies = [ - "memchr", -] +checksum = "21326818e99cfe6ce1e524c2a805c189a99b5ae555a35d19f9a284b427d86afa" [[package]] name = "parking_lot" @@ -999,7 +1008,17 @@ checksum = "7d17b78036a60663b797adeaee46f5c9dfebb86948d1255007a1d6be0271ff99" dependencies = [ "instant", "lock_api", - "parking_lot_core", + "parking_lot_core 0.8.5", +] + +[[package]] +name = "parking_lot" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f" +dependencies = [ + "lock_api", + "parking_lot_core 0.9.3", ] [[package]] @@ -1017,10 +1036,23 @@ dependencies = [ ] [[package]] -name = "paste" -version = "1.0.6" +name = "parking_lot_core" +version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0744126afe1a6dd7f394cb50a716dbe086cb06e255e53d8d0185d82828358fb5" +checksum = "09a279cbf25cb0757810394fbc1e359949b59e348145c643a939a525692e6929" +dependencies = [ + "cfg-if 1.0.0", + "libc", + "redox_syscall", + "smallvec", + "windows-sys", +] + +[[package]] +name = "paste" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0c520e05135d6e763148b6426a837e239041653ba7becd2e538c076c738025fc" [[package]] name = "path-absolutize" @@ -1059,18 +1091,18 @@ dependencies = [ [[package]] name = "pin-project" -version = "1.0.8" +version = "1.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "576bc800220cc65dac09e99e97b08b358cfab6e17078de8dc5fee223bd2d0c08" +checksum = "58ad3879ad3baf4e44784bc6a718a8698867bb991f8ce24d1bcbe2cfb4c3a75e" dependencies = [ "pin-project-internal", ] [[package]] name = "pin-project-internal" -version = "1.0.8" +version = "1.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6e8fe8163d14ce7f0cdac2e040116f22eac817edabff0be91e8aff7e9accf389" +checksum = "744b6f092ba29c3650faf274db506afd39944f48420f6c86b17cfe0ee1cb36bb" dependencies = [ "proc-macro2", "quote", @@ -1079,9 +1111,9 @@ dependencies = [ [[package]] name = "pin-project-lite" -version = "0.2.7" +version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d31d11c69a6b52a174b42bdc0c30e5e11670f90788b2c471c31c1d17d449443" +checksum = "e0a7ae3ac2f1173085d398531c705756c94a4c56843785df85a60c1a0afac116" [[package]] name = "pin-utils" @@ -1091,15 +1123,15 @@ checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" [[package]] name = "pkg-config" -version = "0.3.24" +version = "0.3.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "58893f751c9b0412871a09abd62ecd2a00298c6c83befa223ef98c52aef40cbe" +checksum = "1df8c4ec4b0627e53bdf214615ad287367e482558cf84b109250b37464dc03ae" [[package]] name = "ppv-lite86" -version = "0.2.15" +version = "0.2.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed0cfbc8191465bed66e1718596ee0b0b35d5ee1f41c5df2189d0fe8bde535ba" +checksum = "eb9f9e6e233e5c4a35559a617bf40a4ec447db2e84c20b55a6f83167b7e57872" [[package]] name = "proc-macro-error" @@ -1125,39 +1157,13 @@ dependencies = [ "version_check", ] -[[package]] -name = "proc-macro-hack" -version = "0.5.19" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dbf0c48bc1d91375ae5c3cd81e3722dff1abcf81a30960240640d223f59fe0e5" - -[[package]] -name = "proc-macro-nested" -version = "0.1.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bc881b2c22681370c6a780e47af9840ef841837bc98118431d4e1868bd0c1086" - [[package]] name = "proc-macro2" -version = "1.0.34" +version = "1.0.40" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f84e92c0f7c9d58328b85a78557813e4bd845130db68d7184635344399423b1" +checksum = "dd96a1e8ed2596c337f8eae5f24924ec83f5ad5ab21ea8e455d3566c69fbcaf7" dependencies = [ - "unicode-xid", -] - -[[package]] -name = "procfs" -version = "0.10.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "95e344cafeaeefe487300c361654bcfc85db3ac53619eeccced29f5ea18c4c70" -dependencies = [ - "bitflags", - "byteorder", - "flate2", - "hex", - "lazy_static", - "libc", + "unicode-ident", ] [[package]] @@ -1177,17 +1183,17 @@ dependencies = [ [[package]] name = "prometheus" -version = "0.13.0" +version = "0.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b7f64969ffd5dd8f39bd57a68ac53c163a095ed9d0fb707146da1b27025a3504" +checksum = "cface98dfa6d645ea4c789839f176e4b072265d085bfcc48eaa8d137f58d3c39" dependencies = [ "cfg-if 1.0.0", "fnv", "lazy_static", "libc", "memchr", - "parking_lot", - "procfs 0.10.1", + "parking_lot 0.12.1", + "procfs", "protobuf", "thiserror", ] @@ -1285,9 +1291,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.10" +version = "1.0.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38bc8cc6a5f2e3655e0899c1b848643b2562f853f114bfec7be120678e3ace05" +checksum = "3bcdf212e9776fbcb2d23ab029360416bb1706b1aea2d1a5ba002727cbcab804" dependencies = [ "proc-macro2", ] @@ -1302,19 +1308,18 @@ dependencies = [ "libc", "rand_chacha 0.2.2", "rand_core 0.5.1", - "rand_hc 0.2.0", + "rand_hc", ] [[package]] name = "rand" -version = "0.8.4" +version = "0.8.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2e7573632e6454cf6b99d7aac4ccca54be06da05aca2ef7423d22d27d4d4bcd8" +checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" dependencies = [ "libc", "rand_chacha 0.3.1", "rand_core 0.6.3", - "rand_hc 0.3.1", ] [[package]] @@ -1352,7 +1357,7 @@ version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d34f1408f55294453790c48b2f1ebbb1c5b4b7563eb1f418bcfcfdbb06ebb4e7" dependencies = [ - "getrandom 0.2.3", + "getrandom 0.2.7", ] [[package]] @@ -1364,20 +1369,11 @@ dependencies = [ "rand_core 0.5.1", ] -[[package]] -name = "rand_hc" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d51e9f596de227fda2ea6c84607f5558e196eeaf43c986b724ba4fb8fdf497e7" -dependencies = [ - "rand_core 0.6.3", -] - [[package]] name = "rayon" -version = "1.5.1" +version = "1.5.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c06aca804d41dbc8ba42dfd964f0d01334eceb64314b9ecf7c5fad5188a06d90" +checksum = "bd99e5772ead8baa5215278c9b15bf92087709e9c1b2d1f97cdb5a183c933a7d" dependencies = [ "autocfg", "crossbeam-deque", @@ -1387,31 +1383,30 @@ dependencies = [ [[package]] name = "rayon-core" -version = "1.9.1" +version = "1.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d78120e2c850279833f1dd3582f730c4ab53ed95aeaaaa862a2a5c71b1656d8e" +checksum = "258bcdb5ac6dad48491bb2992db6b7cf74878b0384908af124823d118c99683f" dependencies = [ "crossbeam-channel", "crossbeam-deque", "crossbeam-utils", - "lazy_static", "num_cpus", ] [[package]] name = "redox_syscall" -version = "0.2.10" +version = "0.2.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8383f39639269cde97d255a32bdb68c047337295414940c68bdd30c2e13203ff" +checksum = "62f25bc4c7e55e0b0b7a1d43fb893f4fa1361d0abe38b9ce4f323c2adfe6ef42" dependencies = [ "bitflags", ] [[package]] name = "regex" -version = "1.5.5" +version = "1.5.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a11647b6b25ff05a515cb92c365cec08801e83423a235b51e231e1808747286" +checksum = "d83f127d94bdbcda4c8cc2e50f6f84f4b611f69c902699ca385a39c3a75f9ff1" dependencies = [ "aho-corasick", "memchr", @@ -1429,9 +1424,9 @@ dependencies = [ [[package]] name = "regex-syntax" -version = "0.6.25" +version = "0.6.26" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f497285884f3fcff424ffc933e56d7cbca511def0c9831a7f9b5f6153e3cc89b" +checksum = "49b3de9ec5dc0a3417da371aab17d729997c15010e7fd24ff707773a33bddb64" [[package]] name = "remove_dir_all" @@ -1461,7 +1456,7 @@ dependencies = [ "log", "netlink-packet-route", "netlink-proto", - "nix 0.22.2", + "nix 0.22.3", "thiserror", "tokio", ] @@ -1502,9 +1497,9 @@ dependencies = [ [[package]] name = "ryu" -version = "1.0.9" +version = "1.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "73b4b750c782965c211b42f022f59af1fbceabdd026623714f104152f1ec149f" +checksum = "f3f6f92acf49d1b98f7a81226834412ada05458b7364277387724a237f062695" [[package]] name = "scan_fmt" @@ -1523,18 +1518,18 @@ checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" [[package]] name = "serde" -version = "1.0.132" +version = "1.0.137" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b9875c23cf305cd1fd7eb77234cbb705f21ea6a72c637a5c6db5fe4b8e7f008" +checksum = "61ea8d54c77f8315140a05f4c7237403bf38b72704d031543aa1d16abbf517d1" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.132" +version = "1.0.137" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ecc0db5cb2556c0e558887d9bbdcf6ac4471e83ff66cf696e5419024d1606276" +checksum = "1f26faba0c3959972377d3b2d306ee9f71faee9714294e41bb777f83f88578be" dependencies = [ "proc-macro2", "quote", @@ -1543,9 +1538,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.73" +version = "1.0.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bcbd0344bc6533bc7ec56df11d42fb70f1b912351c0825ccb7211b59d8af7cf5" +checksum = "9b7ce2b32a1aed03c558dc61a5cd328f15aff2dbc17daad8fb8af04d2100e15c" dependencies = [ "itoa", "ryu", @@ -1559,7 +1554,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e0bccbcf40c8938196944a3da0e133e031a33f4d6b72db3bda3cc556e361905d" dependencies = [ "lazy_static", - "parking_lot", + "parking_lot 0.11.2", "serial_test_derive", ] @@ -1594,9 +1589,9 @@ dependencies = [ [[package]] name = "slab" -version = "0.4.5" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9def91fd1e018fe007022791f865d0ccc9b3a0d5001e01aabb8b40e46000afb5" +checksum = "eb703cfe953bccee95685111adeedb76fabe4e97549a58d16f03ea7b9367bb32" [[package]] name = "slash-formatter" @@ -1624,14 +1619,14 @@ dependencies = [ [[package]] name = "slog-json" -version = "2.4.0" +version = "2.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "52e9b96fb6b5e80e371423b4aca6656eb537661ce8f82c2697e619f8ca85d043" +checksum = "3e1e53f61af1e3c8b852eef0a9dee29008f55d6dd63794f3f12cef786cf0f219" dependencies = [ - "chrono", "serde", "serde_json", "slog", + "time 0.3.11", ] [[package]] @@ -1647,9 +1642,9 @@ dependencies = [ [[package]] name = "slog-stdlog" -version = "4.1.0" +version = "4.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8228ab7302adbf4fcb37e66f3cda78003feb521e7fd9e3847ec117a7784d0f5a" +checksum = "6706b2ace5bbae7291d3f8d2473e2bfab073ccd7d03670946197aec98471fa3e" dependencies = [ "log", "slog", @@ -1658,9 +1653,19 @@ dependencies = [ [[package]] name = "smallvec" -version = "1.7.0" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1ecab6c735a6bb4139c0caafd0cc3635748bbb3acf4550e8138122099251f309" +checksum = "f2dd574626839106c320a323308629dcb1acfc96e32a8cba364ddc61ac23ee83" + +[[package]] +name = "socket2" +version = "0.4.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "66d72b759436ae32898a2af0a14218dbf55efde3feeb170eb623637db85ee1e0" +dependencies = [ + "libc", + "winapi", +] [[package]] name = "strsim" @@ -1680,20 +1685,20 @@ dependencies = [ [[package]] name = "syn" -version = "1.0.82" +version = "1.0.98" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8daf5dd0bb60cbd4137b1b587d2fc0ae729bc07cf01cd70b36a1ed5ade3b9d59" +checksum = "c50aef8a904de4c23c788f104b7dddc7d6f79c647c7c8ce4cc8f73eb0ca773dd" dependencies = [ "proc-macro2", "quote", - "unicode-xid", + "unicode-ident", ] [[package]] name = "sysinfo" -version = "0.23.0" +version = "0.23.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e757000a4bed2b1be9be65a3f418b9696adf30bb419214c73997422de73a591" +checksum = "3977ec2e0520829be45c8a2df70db2bf364714d8a748316a10c3c35d4d2b01c9" dependencies = [ "cfg-if 1.0.0", "core-foundation-sys", @@ -1712,13 +1717,13 @@ checksum = "f764005d11ee5f36500a149ace24e00e3da98b0158b3e2d53a7495660d3f4d60" [[package]] name = "tempfile" -version = "3.2.0" +version = "3.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dac1c663cfc93810f88aed9b8941d48cabf856a1b111c29a40439018d870eb22" +checksum = "5cdb1ef4eaeeaddc8fbd371e5017057064af0911902ef36b39801f67cc6d79e4" dependencies = [ "cfg-if 1.0.0", + "fastrand", "libc", - "rand 0.8.4", "redox_syscall", "remove_dir_all", "winapi", @@ -1726,33 +1731,33 @@ dependencies = [ [[package]] name = "termcolor" -version = "1.1.2" +version = "1.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2dfed899f0eb03f32ee8c6a0aabdb8a7949659e3466561fc0adf54e26d88c5f4" +checksum = "bab24d30b911b2376f3a13cc2cd443142f0c81dda04c118693e35b3835757755" dependencies = [ "winapi-util", ] [[package]] name = "textwrap" -version = "0.14.2" +version = "0.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0066c8d12af8b5acd21e00547c3797fde4e8677254a7ee429176ccebbe93dd80" +checksum = "b1141d4d61095b28419e22cb0bbf02755f5e54e0526f97f1e3d1d160e60885fb" [[package]] name = "thiserror" -version = "1.0.30" +version = "1.0.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "854babe52e4df1653706b98fcfc05843010039b406875930a70e4d9644e5c417" +checksum = "bd829fe32373d27f76265620b5309d0340cb8550f523c1dda251d6298069069a" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.30" +version = "1.0.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa32fd3f627f367fe16f893e2597ae3c05020f8bba2666a4e6ea73d377e5714b" +checksum = "0396bc89e626244658bef819e22d0cc459e795a5ebe878e6ec336d1674a8d79a" dependencies = [ "proc-macro2", "quote", @@ -1761,28 +1766,40 @@ dependencies = [ [[package]] name = "thread_local" -version = "1.1.3" +version = "1.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8018d24e04c95ac8790716a5987d0fec4f8b27249ffa0f7d33f1369bdfb88cbd" +checksum = "5516c27b78311c50bf42c071425c560ac799b11c30b31f87e3081965fe5e0180" dependencies = [ "once_cell", ] [[package]] name = "time" -version = "0.1.43" +version = "0.1.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ca8a50ef2360fbd1eeb0ecd46795a87a19024eb4b53c5dc916ca1fd95fe62438" +checksum = "6db9e6914ab8b1ae1c260a4ae7a49b6c5611b40328a735b21862567685e73255" dependencies = [ "libc", + "wasi 0.10.0+wasi-snapshot-preview1", "winapi", ] [[package]] -name = "tokio" -version = "1.15.0" +name = "time" +version = "0.3.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fbbf1c778ec206785635ce8ad57fe52b3009ae9e0c9f574a728f3049d3e55838" +checksum = "72c91f41dcb2f096c05f0873d667dceec1087ce5bcf984ec8ffb19acddbb3217" +dependencies = [ + "itoa", + "libc", + "num_threads", +] + +[[package]] +name = "tokio" +version = "1.19.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c51a52ed6686dd62c320f9b89299e9dfb46f730c7a48e635c19f21d116cb1439" dependencies = [ "bytes 1.1.0", "libc", @@ -1790,18 +1807,19 @@ dependencies = [ "mio", "num_cpus", "once_cell", - "parking_lot", + "parking_lot 0.12.1", "pin-project-lite", "signal-hook-registry", + "socket2", "tokio-macros", "winapi", ] [[package]] name = "tokio-macros" -version = "1.7.0" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b557f72f448c511a979e2564e55d74e6c4432fc96ff4f6241bc6bded342643b7" +checksum = "9724f9a975fb987ef7a3cd9be0350edcbe130698af5b8f7a631e23d42d052484" dependencies = [ "proc-macro2", "quote", @@ -1810,9 +1828,9 @@ dependencies = [ [[package]] name = "tokio-stream" -version = "0.1.8" +version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50145484efff8818b5ccd256697f36863f587da82cf8b409c53adf1e840798e3" +checksum = "df54d54117d6fdc4e4fea40fe1e4e566b3505700e148a6827e59b34b0d2600d9" dependencies = [ "futures-core", "pin-project-lite", @@ -1821,9 +1839,9 @@ dependencies = [ [[package]] name = "tokio-util" -version = "0.6.9" +version = "0.6.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e99e1983e5d376cd8eb4b66604d2e99e79f5bd988c3055891dcd8c9e2604cc0" +checksum = "36943ee01a6d67977dd3f84a5a1d2efeb4ada3a1ae771cadfaa535d9d9fc6507" dependencies = [ "bytes 1.1.0", "futures-core", @@ -1848,18 +1866,18 @@ dependencies = [ [[package]] name = "toml" -version = "0.5.8" +version = "0.5.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a31142970826733df8241ef35dc040ef98c679ab14d7c3e54d827099b3acecaa" +checksum = "8d82e1a7758622a465f8cee077614c73484dac5b836c02ff6a40d5d1010324d7" dependencies = [ "serde", ] [[package]] name = "tracing" -version = "0.1.29" +version = "0.1.35" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "375a639232caf30edfc78e8d89b2d4c375515393e7af7e16f01cd96917fb2105" +checksum = "a400e31aa60b9d44a52a8ee0343b5b18566b03a8321e0d321f695cf56e940160" dependencies = [ "cfg-if 1.0.0", "pin-project-lite", @@ -1869,9 +1887,9 @@ dependencies = [ [[package]] name = "tracing-attributes" -version = "0.1.18" +version = "0.1.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4f480b8f81512e825f337ad51e94c1eb5d3bbdf2b363dcd01e2b19a9ffe3f8e" +checksum = "cc6b8ad3567499f98a1db7a752b07a7c8c7c7c34c332ec00effb2b0027974b7c" dependencies = [ "proc-macro2", "quote", @@ -1880,18 +1898,19 @@ dependencies = [ [[package]] name = "tracing-core" -version = "0.1.21" +version = "0.1.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1f4ed65637b8390770814083d20756f87bfa2c21bf2f110babdc5438351746e4" +checksum = "7b7358be39f2f274f322d2aaed611acc57f382e8eb1e5b48cb9ae30933495ce7" dependencies = [ - "lazy_static", + "once_cell", + "valuable", ] [[package]] name = "tracing-log" -version = "0.1.2" +version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a6923477a48e41c1951f1999ef8bb5a3023eb723ceadafe78ffb65dc366761e3" +checksum = "78ddad33d2d10b1ed7eb9d1f518a5674713876e97e5bb9b7345a7984fbb4f922" dependencies = [ "lazy_static", "log", @@ -1913,9 +1932,9 @@ dependencies = [ [[package]] name = "tracing-serde" -version = "0.1.2" +version = "0.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb65ea441fbb84f9f6748fd496cf7f63ec9af5bca94dd86456978d055e8eb28b" +checksum = "bc6b213177105856957181934e4920de57730fc69bf42c37ee5bb664d406d9e1" dependencies = [ "serde", "tracing-core", @@ -1945,9 +1964,9 @@ dependencies = [ [[package]] name = "ttrpc" -version = "0.6.0" +version = "0.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0c7d6c992964a013c17814c08d31708d577b0aae44ebadb58755659dd824c2d1" +checksum = "2ecfff459a859c6ba6668ff72b34c2f1d94d9d58f7088414c2674ad0f31cc7d8" dependencies = [ "async-trait", "byteorder", @@ -1990,22 +2009,28 @@ dependencies = [ ] [[package]] -name = "unicode-segmentation" -version = "1.8.0" +name = "unicode-ident" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8895849a949e7845e06bd6dc1aa51731a103c42707010a5b591c0038fb73385b" +checksum = "5bd2fe26506023ed7b5e1e315add59d6f584c621d037f9368fea9cfb988f368c" [[package]] -name = "unicode-xid" -version = "0.2.2" +name = "unicode-segmentation" +version = "1.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ccb82d61f80a663efe1f787a51b16b5a51e3314d6ac365b08639f52387b33f3" +checksum = "7e8820f5d777f6224dc4be3632222971ac30164d4a258d595640799554ebfd99" + +[[package]] +name = "valuable" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "830b7e5d4d90034032940e4ace0d9a9a057e7a45cd94e6c007832e39edb82f6d" [[package]] name = "version_check" -version = "0.9.3" +version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5fecdca9a5291cc2b8dcf7dc02453fee791a280f3743cb0905f8822ae463b3fe" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" [[package]] name = "void" @@ -2048,15 +2073,21 @@ checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" [[package]] name = "wasi" -version = "0.10.2+wasi-snapshot-preview1" +version = "0.10.0+wasi-snapshot-preview1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd6fbd9a79829dd1ad0cc20627bf1ed606756a7f77edff7b66b7064f9cb327c6" +checksum = "1a143597ca7c7793eff794def352d41792a93c481eb1042423ff7ff72ba2c31f" + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.78" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "632f73e236b219150ea279196e54e610f5dbafa5d61786303d4da54f84e47fce" +checksum = "7c53b543413a17a202f4be280a7e5c62a1c69345f5de525ee64f8cfdbc954994" dependencies = [ "cfg-if 1.0.0", "wasm-bindgen-macro", @@ -2064,9 +2095,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.78" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a317bf8f9fba2476b4b2c85ef4c4af8ff39c3c7f0cdfeed4f82c34a880aa837b" +checksum = "5491a68ab4500fa6b4d726bd67408630c3dbe9c4fe7bda16d5c82a1fd8c7340a" dependencies = [ "bumpalo", "lazy_static", @@ -2079,9 +2110,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.78" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d56146e7c495528bf6587663bea13a8eb588d39b36b679d83972e1a2dbbdacf9" +checksum = "c441e177922bc58f1e12c022624b6216378e5febc2f0533e41ba443d505b80aa" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -2089,9 +2120,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.78" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7803e0eea25835f8abdc585cd3021b3deb11543c6fe226dcd30b228857c5c5ab" +checksum = "7d94ac45fcf608c1f45ef53e748d35660f168490c10b23704c7779ab8f5c3048" dependencies = [ "proc-macro2", "quote", @@ -2102,15 +2133,15 @@ dependencies = [ [[package]] name = "wasm-bindgen-shared" -version = "0.2.78" +version = "0.2.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0237232789cf037d5480773fe568aac745bfe2afbc11a863e97901780a6b47cc" +checksum = "6a89911bd99e5f3659ec4acf9c4d93b0a90fe4a2a11f15328472058edc5261be" [[package]] name = "which" -version = "4.2.2" +version = "4.2.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ea187a8ef279bc014ec368c27a920da2024d2a711109bfbe3440585d5cf27ad9" +checksum = "5c4fb54e6113b6a8772ee41c3404fb0301ac79604489467e0a9ce1f3e97c24ae" dependencies = [ "either", "lazy_static", @@ -2147,3 +2178,46 @@ name = "winapi-x86_64-pc-windows-gnu" version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "windows-sys" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2" +dependencies = [ + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_msvc", +] + +[[package]] +name = "windows_aarch64_msvc" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47" + +[[package]] +name = "windows_i686_gnu" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6" + +[[package]] +name = "windows_i686_msvc" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" diff --git a/src/agent/Makefile b/src/agent/Makefile index 0a537aa559..f0e86fd6bc 100644 --- a/src/agent/Makefile +++ b/src/agent/Makefile @@ -110,14 +110,14 @@ default: $(TARGET) show-header $(TARGET): $(GENERATED_CODE) $(TARGET_PATH) $(TARGET_PATH): show-summary - @RUSTFLAGS="$(EXTRA_RUSTFLAGS) --deny warnings" cargo build --target $(TRIPLE) --$(BUILD_TYPE) $(EXTRA_RUSTFEATURES) + @RUSTFLAGS="$(EXTRA_RUSTFLAGS) --deny warnings" cargo build --target $(TRIPLE) $(if $(findstring release,$(BUILD_TYPE)),--release) $(EXTRA_RUSTFEATURES) $(GENERATED_FILES): %: %.in @sed $(foreach r,$(GENERATED_REPLACEMENTS),-e 's|@$r@|$($r)|g') "$<" > "$@" ##TARGET optimize: optimized build optimize: show-summary show-header - @RUSTFLAGS="-C link-arg=-s $(EXTRA_RUSTFLAGS) --deny warnings" cargo build --target $(TRIPLE) --$(BUILD_TYPE) $(EXTRA_RUSTFEATURES) + @RUSTFLAGS="-C link-arg=-s $(EXTRA_RUSTFLAGS) --deny warnings" cargo build --target $(TRIPLE) $(if $(findstring release,$(BUILD_TYPE)),--release) $(EXTRA_RUSTFEATURES) ##TARGET install: install agent install: install-services diff --git a/src/agent/src/netlink.rs b/src/agent/src/netlink.rs index ed071b60a4..1de4ef6920 100644 --- a/src/agent/src/netlink.rs +++ b/src/agent/src/netlink.rs @@ -523,7 +523,7 @@ impl Handle { .as_ref() .map(|to| to.address.as_str()) // Extract address field .and_then(|addr| if addr.is_empty() { None } else { Some(addr) }) // Make sure it's not empty - .ok_or(anyhow!(nix::Error::EINVAL))?; + .ok_or_else(|| anyhow!(nix::Error::EINVAL))?; let ip = IpAddr::from_str(ip_address) .map_err(|e| anyhow!("Failed to parse IP {}: {:?}", ip_address, e))?; @@ -612,7 +612,7 @@ fn parse_mac_address(addr: &str) -> Result<[u8; 6]> { // Parse single Mac address block let mut parse_next = || -> Result { - let v = u8::from_str_radix(split.next().ok_or(anyhow!(nix::Error::EINVAL))?, 16)?; + let v = u8::from_str_radix(split.next().ok_or_else(|| anyhow!(nix::Error::EINVAL))?, 16)?; Ok(v) }; diff --git a/src/agent/src/random.rs b/src/agent/src/random.rs index c2506ac246..1c83f03f0d 100644 --- a/src/agent/src/random.rs +++ b/src/agent/src/random.rs @@ -82,7 +82,7 @@ mod tests { if nix::unistd::Uid::effective().is_root() { assert!(ret.is_ok()); } else { - assert!(!ret.is_ok()); + assert!(ret.is_err()); } } @@ -90,6 +90,6 @@ mod tests { fn test_reseed_rng_zero_data() { let seed = []; let ret = reseed_rng(&seed); - assert!(!ret.is_ok()); + assert!(ret.is_err()); } } diff --git a/src/runtime/Makefile b/src/runtime/Makefile index be47012f05..757d0a48a9 100644 --- a/src/runtime/Makefile +++ b/src/runtime/Makefile @@ -167,6 +167,11 @@ DEFDISABLEGUESTEMPTYDIR := false DEFAULTEXPFEATURES := [] DEFDISABLESELINUX := false +#Default SeccomSandbox param +#The same default policy is used by libvirt +#More explanation on https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg03348.html +# Note: "elevateprivileges=deny" doesn't work with daemonize option, so it's removed from the seccomp sandbox +DEFSECCOMPSANDBOXPARAM := on,obsolete=deny,spawn=deny,resourcecontrol=deny #Default entropy source DEFENTROPYSOURCE := /dev/urandom @@ -459,6 +464,7 @@ USER_VARS += DEFVIRTIOFSCACHE USER_VARS += DEFVIRTIOFSEXTRAARGS USER_VARS += DEFENABLEANNOTATIONS USER_VARS += DEFENABLEIOTHREADS +USER_VARS += DEFSECCOMPSANDBOXPARAM USER_VARS += DEFENABLEVHOSTUSERSTORE USER_VARS += DEFVHOSTUSERSTOREPATH USER_VARS += DEFVALIDVHOSTUSERSTOREPATHS diff --git a/src/runtime/config/configuration-qemu.toml.in b/src/runtime/config/configuration-qemu.toml.in index 09c219545d..702b71aadd 100644 --- a/src/runtime/config/configuration-qemu.toml.in +++ b/src/runtime/config/configuration-qemu.toml.in @@ -76,6 +76,14 @@ firmware_volume = "@FIRMWAREVOLUMEPATH@" # For example, `machine_accelerators = "nosmm,nosmbus,nosata,nopit,static-prt,nofw"` machine_accelerators="@MACHINEACCELERATORS@" +# Qemu seccomp sandbox feature +# comma-separated list of seccomp sandbox features to control the syscall access. +# For example, `seccompsandbox= "on,obsolete=deny,spawn=deny,resourcecontrol=deny"` +# Note: "elevateprivileges=deny" doesn't work with daemonize option, so it's removed from the seccomp sandbox +# Another note: enabling this feature may reduce performance, you may enable +# /proc/sys/net/core/bpf_jit_enable to reduce the impact. see https://man7.org/linux/man-pages/man8/bpfc.8.html +#seccompsandbox="@DEFSECCOMPSANDBOXPARAM@" + # CPU features # comma-separated list of cpu features to pass to the cpu # For example, `cpu_features = "pmu=off,vmx=off" diff --git a/src/runtime/go.mod b/src/runtime/go.mod index 30141e0625..14f0f3ecf3 100644 --- a/src/runtime/go.mod +++ b/src/runtime/go.mod @@ -44,6 +44,7 @@ require ( github.com/urfave/cli v1.22.2 github.com/vishvananda/netlink v1.1.1-0.20210924202909-187053b97868 github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f + gitlab.com/nvidia/cloud-native/go-nvlib v0.0.0-20220601114329-47893b162965 go.opentelemetry.io/otel v1.3.0 go.opentelemetry.io/otel/exporters/jaeger v1.0.0 go.opentelemetry.io/otel/sdk v1.3.0 diff --git a/src/runtime/go.sum b/src/runtime/go.sum index 41f2a167a5..86868038e9 100644 --- a/src/runtime/go.sum +++ b/src/runtime/go.sum @@ -925,6 +925,8 @@ github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1 github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= +gitlab.com/nvidia/cloud-native/go-nvlib v0.0.0-20220601114329-47893b162965 h1:EXE1ZsUqiUWGV5Dw2oTYpXx24ffxj0//yhTB0Ppv+4s= +gitlab.com/nvidia/cloud-native/go-nvlib v0.0.0-20220601114329-47893b162965/go.mod h1:TBB3sR7/jg4RCThC/cgT4fB8mAbbMO307TycfgeR59w= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= diff --git a/src/runtime/pkg/containerd-shim-v2/create.go b/src/runtime/pkg/containerd-shim-v2/create.go index 11609f2bcf..eba829e2dd 100644 --- a/src/runtime/pkg/containerd-shim-v2/create.go +++ b/src/runtime/pkg/containerd-shim-v2/create.go @@ -97,7 +97,7 @@ func create(ctx context.Context, s *service, r *taskAPI.CreateTaskRequest) (*con } // create root span - rootSpan, newCtx := katatrace.Trace(s.ctx, shimLog, "root span", shimTracingTags) + rootSpan, newCtx := katatrace.Trace(s.ctx, shimLog, "rootSpan", shimTracingTags) s.rootCtx = newCtx defer rootSpan.End() diff --git a/src/runtime/pkg/containerd-shim-v2/service.go b/src/runtime/pkg/containerd-shim-v2/service.go index 27ebe19268..9e703c9e21 100644 --- a/src/runtime/pkg/containerd-shim-v2/service.go +++ b/src/runtime/pkg/containerd-shim-v2/service.go @@ -7,6 +7,7 @@ package containerdshim import ( "context" + "fmt" "io" "os" sysexec "os/exec" @@ -85,6 +86,11 @@ func New(ctx context.Context, id string, publisher cdshim.Publisher, shutdown fu vci.SetLogger(ctx, shimLog) katautils.SetLogger(ctx, shimLog, shimLog.Logger.Level) + ns, found := namespaces.Namespace(ctx) + if !found { + return nil, fmt.Errorf("shim namespace cannot be empty") + } + s := &service{ id: id, pid: uint32(os.Getpid()), @@ -93,6 +99,7 @@ func New(ctx context.Context, id string, publisher cdshim.Publisher, shutdown fu events: make(chan interface{}, chSize), ec: make(chan exit, bufferSize), cancel: shutdown, + namespace: ns, } go s.processExits() @@ -131,6 +138,9 @@ type service struct { id string + // Namespace from upper container engine + namespace string + mu sync.Mutex eventSendMu sync.Mutex diff --git a/src/runtime/pkg/containerd-shim-v2/shim_io_binary.go b/src/runtime/pkg/containerd-shim-v2/shim_io_binary.go new file mode 100644 index 0000000000..39a72ec115 --- /dev/null +++ b/src/runtime/pkg/containerd-shim-v2/shim_io_binary.go @@ -0,0 +1,216 @@ +// Copyright (c) 2022 Ant Group +// +// SPDX-License-Identifier: Apache-2.0 +// + +package containerdshim + +import ( + "context" + "fmt" + "io" + "net/url" + "os" + "syscall" + "time" + + "golang.org/x/sys/execabs" + + "github.com/hashicorp/go-multierror" +) + +const ( + binaryIOProcTermTimeout = 12 * time.Second // Give logger process solid 10 seconds for cleanup +) + +var ( + _ IO = &binaryIO{} +) + +// binaryIO related code is from https://github.com/containerd/containerd/blob/v1.6.6/pkg/process/io.go#L311 +type binaryIO struct { + cmd *execabs.Cmd + out, err *pipe +} + +// https://github.com/containerd/containerd/blob/v1.6.6/pkg/process/io.go#L248 +func newBinaryIO(ctx context.Context, ns, id string, uri *url.URL) (bio *binaryIO, err error) { + var closers []func() error + defer func() { + if err == nil { + return + } + result := multierror.Append(err) + for _, fn := range closers { + result = multierror.Append(result, fn()) + } + err = multierror.Flatten(result) + }() + + out, err := newPipe() + if err != nil { + return nil, fmt.Errorf("failed to create stdout pipes: %w", err) + } + closers = append(closers, out.Close) + + serr, err := newPipe() + if err != nil { + return nil, fmt.Errorf("failed to create stderr pipes: %w", err) + } + closers = append(closers, serr.Close) + + r, w, err := os.Pipe() + if err != nil { + return nil, err + } + closers = append(closers, r.Close, w.Close) + + cmd := newBinaryCmd(uri, id, ns) + cmd.ExtraFiles = append(cmd.ExtraFiles, out.r, serr.r, w) + // don't need to register this with the reaper or wait when + // running inside a shim + if err := cmd.Start(); err != nil { + return nil, fmt.Errorf("failed to start binary process: %w", err) + } + closers = append(closers, func() error { return cmd.Process.Kill() }) + + // close our side of the pipe after start + if err := w.Close(); err != nil { + return nil, fmt.Errorf("failed to close write pipe after start: %w", err) + } + + // wait for the logging binary to be ready + b := make([]byte, 1) + if _, err := r.Read(b); err != nil && err != io.EOF { + return nil, fmt.Errorf("failed to read from logging binary: %w", err) + } + + return &binaryIO{ + cmd: cmd, + out: out, + err: serr, + }, nil +} + +// newBinaryCmd returns a Cmd to be used to start a logging binary. +// The Cmd is generated from the provided uri, and the container ID and +// namespace are appended to the Cmd environment. +func newBinaryCmd(binaryURI *url.URL, id, ns string) *execabs.Cmd { + var args []string + for k, vs := range binaryURI.Query() { + args = append(args, k) + if len(vs) > 0 { + args = append(args, vs[0]) + } + } + + cmd := execabs.Command(binaryURI.Path, args...) + + cmd.Env = append(cmd.Env, + "CONTAINER_ID="+id, + "CONTAINER_NAMESPACE="+ns, + ) + + return cmd +} + +func (bi *binaryIO) Stdin() io.ReadCloser { + return nil +} + +func (bi *binaryIO) Stdout() io.Writer { + return bi.out.w +} + +func (bi *binaryIO) Stderr() io.Writer { + return bi.err.w +} + +func (bi *binaryIO) Close() error { + var ( + result *multierror.Error + ) + + for _, v := range []*pipe{bi.out, bi.err} { + if v != nil { + if err := v.Close(); err != nil { + result = multierror.Append(result, err) + } + } + } + + if err := bi.cancel(); err != nil { + result = multierror.Append(result, err) + } + + return result.ErrorOrNil() +} + +func (bi *binaryIO) cancel() error { + if bi.cmd == nil || bi.cmd.Process == nil { + return nil + } + + // Send SIGTERM first, so logger process has a chance to flush and exit properly + if err := bi.cmd.Process.Signal(syscall.SIGTERM); err != nil { + result := multierror.Append(fmt.Errorf("failed to send SIGTERM: %w", err)) + + shimLog.WithError(err).Warn("failed to send SIGTERM signal, killing logging shim") + + if err := bi.cmd.Process.Kill(); err != nil { + result = multierror.Append(result, fmt.Errorf("failed to kill process after faulty SIGTERM: %w", err)) + } + + return result.ErrorOrNil() + } + + done := make(chan error, 1) + go func() { + done <- bi.cmd.Wait() + }() + + select { + case err := <-done: + return err + case <-time.After(binaryIOProcTermTimeout): + shimLog.Warn("failed to wait for shim logger process to exit, killing") + + err := bi.cmd.Process.Kill() + if err != nil { + return fmt.Errorf("failed to kill shim logger process: %w", err) + } + + return nil + } +} + +func newPipe() (*pipe, error) { + r, w, err := os.Pipe() + if err != nil { + return nil, err + } + return &pipe{ + r: r, + w: w, + }, nil +} + +type pipe struct { + r *os.File + w *os.File +} + +// https://github.com/containerd/containerd/blob/v1.6.6/vendor/github.com/containerd/go-runc/io.go#L71 +func (p *pipe) Close() error { + var result *multierror.Error + + if err := p.w.Close(); err != nil { + result = multierror.Append(result, fmt.Errorf("failed to close write pipe: %w", err)) + } + + if err := p.r.Close(); err != nil { + result = multierror.Append(result, fmt.Errorf("failed to close read pipe: %w", err)) + } + + return multierror.Prefix(result.ErrorOrNil(), "pipe:") +} diff --git a/src/runtime/pkg/containerd-shim-v2/shim_io_file.go b/src/runtime/pkg/containerd-shim-v2/shim_io_file.go new file mode 100644 index 0000000000..8ef43981d1 --- /dev/null +++ b/src/runtime/pkg/containerd-shim-v2/shim_io_file.go @@ -0,0 +1,80 @@ +// Copyright (c) 2022 Ant Group +// +// SPDX-License-Identifier: Apache-2.0 +// + +package containerdshim + +import ( + "context" + "io" + "net/url" + "os" + "path/filepath" + + cioutil "github.com/containerd/containerd/pkg/ioutil" +) + +var ( + _ IO = &fileIO{} +) + +// fileIO only support write both stdout/stderr to the same file +type fileIO struct { + outw io.WriteCloser + errw io.WriteCloser + path string +} + +// openLogFile opens/creates a container log file with its directory. +func openLogFile(path string) (*os.File, error) { + if err := os.MkdirAll(filepath.Dir(path), 0755); err != nil { + return nil, err + } + return os.OpenFile(path, os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0640) +} + +func newFileIO(ctx context.Context, stdio *stdio, uri *url.URL) (*fileIO, error) { + var outw, errw, f io.WriteCloser + var err error + + logFile := uri.Path + if f, err = openLogFile(logFile); err != nil { + return nil, err + } + + if stdio.Stdout != "" { + outw = cioutil.NewSerialWriteCloser(f) + } + + if !stdio.Console && stdio.Stderr != "" { + errw = cioutil.NewSerialWriteCloser(f) + } + + return &fileIO{ + path: logFile, + outw: outw, + errw: errw, + }, nil +} + +func (fi *fileIO) Close() error { + if fi.outw != nil { + return wc(fi.outw) + } else if fi.errw != nil { + return wc(fi.errw) + } + return nil +} + +func (fi *fileIO) Stdin() io.ReadCloser { + return nil +} + +func (fi *fileIO) Stdout() io.Writer { + return fi.outw +} + +func (fi *fileIO) Stderr() io.Writer { + return fi.errw +} diff --git a/src/runtime/pkg/containerd-shim-v2/shim_io_pipe.go b/src/runtime/pkg/containerd-shim-v2/shim_io_pipe.go new file mode 100644 index 0000000000..702549b41f --- /dev/null +++ b/src/runtime/pkg/containerd-shim-v2/shim_io_pipe.go @@ -0,0 +1,95 @@ +// Copyright (c) 2022 Ant Group +// +// SPDX-License-Identifier: Apache-2.0 +// + +package containerdshim + +import ( + "context" + "fmt" + "io" + "syscall" + + "github.com/containerd/fifo" + "github.com/hashicorp/go-multierror" +) + +var ( + _ IO = &pipeIO{} +) + +type pipeIO struct { + in io.ReadCloser + outw io.WriteCloser + errw io.WriteCloser +} + +func newPipeIO(ctx context.Context, stdio *stdio) (*pipeIO, error) { + var in io.ReadCloser + var outw io.WriteCloser + var errw io.WriteCloser + var err error + + if stdio.Stdin != "" { + in, err = fifo.OpenFifo(ctx, stdio.Stdin, syscall.O_RDONLY|syscall.O_NONBLOCK, 0) + if err != nil { + return nil, err + } + } + + if stdio.Stdout != "" { + outw, err = fifo.OpenFifo(ctx, stdio.Stdout, syscall.O_RDWR, 0) + if err != nil { + return nil, err + } + } + + if !stdio.Console && stdio.Stderr != "" { + errw, err = fifo.OpenFifo(ctx, stdio.Stderr, syscall.O_RDWR, 0) + if err != nil { + return nil, err + } + } + + pipeIO := &pipeIO{ + in: in, + outw: outw, + errw: errw, + } + + return pipeIO, nil +} + +func (pi *pipeIO) Stdin() io.ReadCloser { + return pi.in +} + +func (pi *pipeIO) Stdout() io.Writer { + return pi.outw +} + +func (pi *pipeIO) Stderr() io.Writer { + return pi.errw +} + +func (pi *pipeIO) Close() error { + var result *multierror.Error + + if pi.in != nil { + if err := pi.in.Close(); err != nil { + result = multierror.Append(result, fmt.Errorf("failed to close stdin: %w", err)) + } + pi.in = nil + } + + if err := wc(pi.outw); err != nil { + result = multierror.Append(result, fmt.Errorf("failed to close stdout: %w", err)) + } + + if err := wc(pi.errw); err != nil { + result = multierror.Append(result, fmt.Errorf("failed to close stderr: %w", err)) + } + + return result.ErrorOrNil() +} diff --git a/src/runtime/pkg/containerd-shim-v2/start.go b/src/runtime/pkg/containerd-shim-v2/start.go index 65bfe6d9a1..d8c9368995 100644 --- a/src/runtime/pkg/containerd-shim-v2/start.go +++ b/src/runtime/pkg/containerd-shim-v2/start.go @@ -8,6 +8,7 @@ package containerdshim import ( "context" "fmt" + "github.com/sirupsen/logrus" "github.com/containerd/containerd/api/types/task" @@ -75,7 +76,7 @@ func startContainer(ctx context.Context, s *service, c *container) (retErr error c.stdinPipe = stdin if c.stdin != "" || c.stdout != "" || c.stderr != "" { - tty, err := newTtyIO(ctx, c.stdin, c.stdout, c.stderr, c.terminal) + tty, err := newTtyIO(ctx, s.namespace, c.id, c.stdin, c.stdout, c.stderr, c.terminal) if err != nil { return err } @@ -141,7 +142,7 @@ func startExec(ctx context.Context, s *service, containerID, execID string) (e * execs.stdinPipe = stdin - tty, err := newTtyIO(ctx, execs.tty.stdin, execs.tty.stdout, execs.tty.stderr, execs.tty.terminal) + tty, err := newTtyIO(ctx, s.namespace, execs.id, execs.tty.stdin, execs.tty.stdout, execs.tty.stderr, execs.tty.terminal) if err != nil { return nil, err } diff --git a/src/runtime/pkg/containerd-shim-v2/stream.go b/src/runtime/pkg/containerd-shim-v2/stream.go index 58045359b3..c20e63de82 100644 --- a/src/runtime/pkg/containerd-shim-v2/stream.go +++ b/src/runtime/pkg/containerd-shim-v2/stream.go @@ -7,16 +7,22 @@ package containerdshim import ( "context" + "fmt" "io" + "net/url" "sync" - "syscall" - "github.com/containerd/fifo" "github.com/sirupsen/logrus" ) -// The buffer size used to specify the buffer for IO streams copy -const bufSize = 32 << 10 +const ( + // The buffer size used to specify the buffer for IO streams copy + bufSize = 32 << 10 + + shimLogPluginBinary = "binary" + shimLogPluginFifo = "fifo" + shimLogPluginFile = "file" +) var ( bufPool = sync.Pool{ @@ -27,76 +33,84 @@ var ( } ) +type stdio struct { + Stdin string + Stdout string + Stderr string + Console bool +} +type IO interface { + io.Closer + Stdin() io.ReadCloser + Stdout() io.Writer + Stderr() io.Writer +} + type ttyIO struct { - Stdin io.ReadCloser - Stdout io.Writer - Stderr io.Writer + io IO + raw *stdio } func (tty *ttyIO) close() { - - if tty.Stdin != nil { - tty.Stdin.Close() - tty.Stdin = nil - } - cf := func(w io.Writer) { - if w == nil { - return - } - if c, ok := w.(io.WriteCloser); ok { - c.Close() - } - } - cf(tty.Stdout) - cf(tty.Stderr) + tty.io.Close() } -func newTtyIO(ctx context.Context, stdin, stdout, stderr string, console bool) (*ttyIO, error) { - var in io.ReadCloser - var outw io.Writer - var errw io.Writer +// newTtyIO creates a new ttyIO struct. +// ns(namespace)/id(container ID) are used for containerd binary IO. +// containerd will pass the ns/id as ENV to the binary log driver, +// and the binary log driver will use ns/id to get the log options config file. +// for example nerdctl: https://github.com/containerd/nerdctl/blob/v0.21.0/pkg/logging/logging.go#L102 +func newTtyIO(ctx context.Context, ns, id, stdin, stdout, stderr string, console bool) (*ttyIO, error) { var err error + var io IO - if stdin != "" { - in, err = fifo.OpenFifo(ctx, stdin, syscall.O_RDONLY|syscall.O_NONBLOCK, 0) - if err != nil { - return nil, err - } + raw := &stdio{ + Stdin: stdin, + Stdout: stdout, + Stderr: stderr, + Console: console, } - if stdout != "" { - outw, err = fifo.OpenFifo(ctx, stdout, syscall.O_RDWR, 0) - if err != nil { - return nil, err - } + uri, err := url.Parse(stdout) + if err != nil { + return nil, fmt.Errorf("unable to parse stdout uri: %w", err) } - if !console && stderr != "" { - errw, err = fifo.OpenFifo(ctx, stderr, syscall.O_RDWR, 0) - if err != nil { - return nil, err - } + if uri.Scheme == "" { + uri.Scheme = "fifo" } - ttyIO := &ttyIO{ - Stdin: in, - Stdout: outw, - Stderr: errw, + switch uri.Scheme { + case shimLogPluginFifo: + io, err = newPipeIO(ctx, raw) + case shimLogPluginBinary: + io, err = newBinaryIO(ctx, ns, id, uri) + case shimLogPluginFile: + io, err = newFileIO(ctx, raw, uri) + default: + return nil, fmt.Errorf("unknown STDIO scheme %s", uri.Scheme) } - return ttyIO, nil + if err != nil { + return nil, fmt.Errorf("failed to creat io stream: %w", err) + } + + return &ttyIO{ + io: io, + raw: raw, + }, nil } func ioCopy(shimLog *logrus.Entry, exitch, stdinCloser chan struct{}, tty *ttyIO, stdinPipe io.WriteCloser, stdoutPipe, stderrPipe io.Reader) { var wg sync.WaitGroup - if tty.Stdin != nil { + if tty.io.Stdin() != nil { wg.Add(1) go func() { shimLog.Debug("stdin io stream copy started") p := bufPool.Get().(*[]byte) defer bufPool.Put(p) - io.CopyBuffer(stdinPipe, tty.Stdin, *p) + io.CopyBuffer(stdinPipe, tty.io.Stdin(), *p) // notify that we can close process's io safely. close(stdinCloser) wg.Done() @@ -104,30 +118,30 @@ func ioCopy(shimLog *logrus.Entry, exitch, stdinCloser chan struct{}, tty *ttyIO }() } - if tty.Stdout != nil { + if tty.io.Stdout() != nil { wg.Add(1) go func() { shimLog.Debug("stdout io stream copy started") p := bufPool.Get().(*[]byte) defer bufPool.Put(p) - io.CopyBuffer(tty.Stdout, stdoutPipe, *p) + io.CopyBuffer(tty.io.Stdout(), stdoutPipe, *p) wg.Done() - if tty.Stdin != nil { + if tty.io.Stdin() != nil { // close stdin to make the other routine stop - tty.Stdin.Close() + tty.io.Stdin().Close() } shimLog.Debug("stdout io stream copy exited") }() } - if tty.Stderr != nil && stderrPipe != nil { + if tty.io.Stderr() != nil && stderrPipe != nil { wg.Add(1) go func() { shimLog.Debug("stderr io stream copy started") p := bufPool.Get().(*[]byte) defer bufPool.Put(p) - io.CopyBuffer(tty.Stderr, stderrPipe, *p) + io.CopyBuffer(tty.io.Stderr(), stderrPipe, *p) wg.Done() shimLog.Debug("stderr io stream copy exited") }() @@ -138,3 +152,10 @@ func ioCopy(shimLog *logrus.Entry, exitch, stdinCloser chan struct{}, tty *ttyIO close(exitch) shimLog.Debug("all io stream copy goroutines exited") } + +func wc(w io.WriteCloser) error { + if w == nil { + return nil + } + return w.Close() +} diff --git a/src/runtime/pkg/containerd-shim-v2/stream_test.go b/src/runtime/pkg/containerd-shim-v2/stream_test.go index d5317a172a..ea4f026ca1 100644 --- a/src/runtime/pkg/containerd-shim-v2/stream_test.go +++ b/src/runtime/pkg/containerd-shim-v2/stream_test.go @@ -7,7 +7,6 @@ package containerdshim import ( "context" - "github.com/sirupsen/logrus" "io" "os" "path/filepath" @@ -15,6 +14,8 @@ import ( "testing" "time" + "github.com/sirupsen/logrus" + "github.com/containerd/fifo" "github.com/stretchr/testify/assert" ) @@ -45,7 +46,7 @@ func TestNewTtyIOFifoReopen(t *testing.T) { defer outr.Close() errr = createReadFifo(stderr) defer errr.Close() - tty, err = newTtyIO(ctx, "", stdout, stderr, false) + tty, err = newTtyIO(ctx, "", "", "", stdout, stderr, false) assert.NoError(err) defer tty.close() @@ -72,9 +73,9 @@ func TestNewTtyIOFifoReopen(t *testing.T) { } } - checkFifoWrite(tty.Stdout) + checkFifoWrite(tty.io.Stdout()) checkFifoRead(outr) - checkFifoWrite(tty.Stderr) + checkFifoWrite(tty.io.Stderr()) checkFifoRead(errr) err = outr.Close() @@ -84,8 +85,8 @@ func TestNewTtyIOFifoReopen(t *testing.T) { // Make sure that writing to tty fifo will not get `EPIPE` // when the read side is closed - checkFifoWrite(tty.Stdout) - checkFifoWrite(tty.Stderr) + checkFifoWrite(tty.io.Stdout()) + checkFifoWrite(tty.io.Stderr()) // Reopen the fifo outr = createReadFifo(stdout) @@ -171,7 +172,7 @@ func TestIoCopy(t *testing.T) { defer srcInW.Close() } - tty, err := newTtyIO(ctx, srcStdinPath, dstStdoutPath, dstStderrPath, false) + tty, err := newTtyIO(ctx, "", "", srcStdinPath, dstStdoutPath, dstStderrPath, false) assert.NoError(err) defer tty.close() diff --git a/src/runtime/virtcontainers/device/api/interface.go b/src/runtime/pkg/device/api/interface.go similarity index 90% rename from src/runtime/virtcontainers/device/api/interface.go rename to src/runtime/pkg/device/api/interface.go index 802efe861e..074980f44f 100644 --- a/src/runtime/virtcontainers/device/api/interface.go +++ b/src/runtime/pkg/device/api/interface.go @@ -9,8 +9,7 @@ package api import ( "context" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/sirupsen/logrus" ) @@ -78,10 +77,10 @@ type Device interface { Dereference() uint // Save converts Device to DeviceState - Save() persistapi.DeviceState + Save() config.DeviceState // Load loads DeviceState and converts it to specific device - Load(persistapi.DeviceState) + Load(config.DeviceState) } // DeviceManager can be used to create a new device, this can be used as single @@ -94,5 +93,5 @@ type DeviceManager interface { IsDeviceAttached(string) bool GetDeviceByID(string) Device GetAllDevices() []Device - LoadDevices([]persistapi.DeviceState) + LoadDevices([]config.DeviceState) } diff --git a/src/runtime/virtcontainers/device/api/mockDeviceReceiver.go b/src/runtime/pkg/device/api/mockDeviceReceiver.go similarity index 93% rename from src/runtime/virtcontainers/device/api/mockDeviceReceiver.go rename to src/runtime/pkg/device/api/mockDeviceReceiver.go index d6c23d5d5c..f0bd947f7b 100644 --- a/src/runtime/virtcontainers/device/api/mockDeviceReceiver.go +++ b/src/runtime/pkg/device/api/mockDeviceReceiver.go @@ -8,7 +8,7 @@ package api import ( "context" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" ) // MockDeviceReceiver is a fake DeviceReceiver API implementation only used for test diff --git a/src/runtime/virtcontainers/device/config/config.go b/src/runtime/pkg/device/config/config.go similarity index 90% rename from src/runtime/virtcontainers/device/config/config.go rename to src/runtime/pkg/device/config/config.go index 48280092d6..748c5b4e51 100644 --- a/src/runtime/virtcontainers/device/config/config.go +++ b/src/runtime/pkg/device/config/config.go @@ -441,3 +441,45 @@ func getVhostUserDevName(dirname string, majorNum, minorNum uint32) (string, err return "", fmt.Errorf("Required device node (%d:%d) doesn't exist under directory %s", majorNum, minorNum, dirname) } + +// DeviceState is a structure which represents host devices +// plugged to a hypervisor, one Device can be shared among containers in POD +// Refs: virtcontainers/device/drivers/generic.go:GenericDevice +type DeviceState struct { + // DriverOptions is specific options for each device driver + // for example, for BlockDevice, we can set DriverOptions["block-driver"]="virtio-blk" + DriverOptions map[string]string + + // VhostUserDeviceAttrs is specific for vhost-user device driver + VhostUserDev *VhostUserDeviceAttrs `json:",omitempty"` + + // BlockDrive is specific for block device driver + BlockDrive *BlockDrive `json:",omitempty"` + + ID string + + // Type is used to specify driver type + // Refs: virtcontainers/device/config/config.go:DeviceType + Type string + + // Type of device: c, b, u or p + // c , u - character(unbuffered) + // p - FIFO + // b - block(buffered) special file + // More info in mknod(1). + DevType string + + // VFIODev is specific VFIO device driver + VFIODevs []*VFIODev `json:",omitempty"` + + RefCount uint + AttachCount uint + + // Major, minor numbers for device. + Major int64 + Minor int64 + + // ColdPlug specifies whether the device must be cold plugged (true) + // or hot plugged (false). + ColdPlug bool +} diff --git a/src/runtime/virtcontainers/device/config/config_test.go b/src/runtime/pkg/device/config/config_test.go similarity index 100% rename from src/runtime/virtcontainers/device/config/config_test.go rename to src/runtime/pkg/device/config/config_test.go diff --git a/src/runtime/virtcontainers/device/config/pmem.go b/src/runtime/pkg/device/config/pmem.go similarity index 100% rename from src/runtime/virtcontainers/device/config/pmem.go rename to src/runtime/pkg/device/config/pmem.go diff --git a/src/runtime/virtcontainers/device/config/pmem_test.go b/src/runtime/pkg/device/config/pmem_test.go similarity index 100% rename from src/runtime/virtcontainers/device/config/pmem_test.go rename to src/runtime/pkg/device/config/pmem_test.go diff --git a/src/runtime/virtcontainers/device/drivers/block.go b/src/runtime/pkg/device/drivers/block.go similarity index 80% rename from src/runtime/virtcontainers/device/drivers/block.go rename to src/runtime/pkg/device/drivers/block.go index faaadf32c9..d2e9644fde 100644 --- a/src/runtime/virtcontainers/device/drivers/block.go +++ b/src/runtime/pkg/device/drivers/block.go @@ -10,9 +10,8 @@ import ( "context" "path/filepath" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" ) @@ -159,51 +158,21 @@ func (device *BlockDevice) GetDeviceInfo() interface{} { } // Save converts Device to DeviceState -func (device *BlockDevice) Save() persistapi.DeviceState { +func (device *BlockDevice) Save() config.DeviceState { ds := device.GenericDevice.Save() ds.Type = string(device.DeviceType()) - drive := device.BlockDrive - if drive != nil { - ds.BlockDrive = &persistapi.BlockDrive{ - File: drive.File, - Format: drive.Format, - ID: drive.ID, - Index: drive.Index, - MmioAddr: drive.MmioAddr, - PCIPath: drive.PCIPath, - SCSIAddr: drive.SCSIAddr, - NvdimmID: drive.NvdimmID, - VirtPath: drive.VirtPath, - DevNo: drive.DevNo, - Pmem: drive.Pmem, - } - } + ds.BlockDrive = device.BlockDrive + return ds } // Load loads DeviceState and converts it to specific device -func (device *BlockDevice) Load(ds persistapi.DeviceState) { +func (device *BlockDevice) Load(ds config.DeviceState) { device.GenericDevice = &GenericDevice{} device.GenericDevice.Load(ds) - bd := ds.BlockDrive - if bd == nil { - return - } - device.BlockDrive = &config.BlockDrive{ - File: bd.File, - Format: bd.Format, - ID: bd.ID, - Index: bd.Index, - MmioAddr: bd.MmioAddr, - PCIPath: bd.PCIPath, - SCSIAddr: bd.SCSIAddr, - NvdimmID: bd.NvdimmID, - VirtPath: bd.VirtPath, - DevNo: bd.DevNo, - Pmem: bd.Pmem, - } + device.BlockDrive = ds.BlockDrive } // It should implement GetAttachCount() and DeviceID() as api.Device implementation diff --git a/src/runtime/virtcontainers/device/drivers/generic.go b/src/runtime/pkg/device/drivers/generic.go similarity index 90% rename from src/runtime/virtcontainers/device/drivers/generic.go rename to src/runtime/pkg/device/drivers/generic.go index fd2bfb671c..38358ed248 100644 --- a/src/runtime/virtcontainers/device/drivers/generic.go +++ b/src/runtime/pkg/device/drivers/generic.go @@ -10,9 +10,8 @@ import ( "context" "fmt" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" ) // GenericDevice refers to a device that is neither a VFIO device, block device or VhostUserDevice. @@ -128,8 +127,8 @@ func (device *GenericDevice) bumpAttachCount(attach bool) (skip bool, err error) } // Save converts Device to DeviceState -func (device *GenericDevice) Save() persistapi.DeviceState { - dss := persistapi.DeviceState{ +func (device *GenericDevice) Save() config.DeviceState { + dss := config.DeviceState{ ID: device.ID, Type: string(device.DeviceType()), RefCount: device.RefCount, @@ -148,7 +147,7 @@ func (device *GenericDevice) Save() persistapi.DeviceState { } // Load loads DeviceState and converts it to specific device -func (device *GenericDevice) Load(ds persistapi.DeviceState) { +func (device *GenericDevice) Load(ds config.DeviceState) { device.ID = ds.ID device.RefCount = ds.RefCount device.AttachCount = ds.AttachCount diff --git a/src/runtime/virtcontainers/device/drivers/generic_test.go b/src/runtime/pkg/device/drivers/generic_test.go similarity index 92% rename from src/runtime/virtcontainers/device/drivers/generic_test.go rename to src/runtime/pkg/device/drivers/generic_test.go index e2f6d2e4bd..1dbd505476 100644 --- a/src/runtime/virtcontainers/device/drivers/generic_test.go +++ b/src/runtime/pkg/device/drivers/generic_test.go @@ -8,7 +8,7 @@ package drivers import ( "testing" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/stretchr/testify/assert" ) diff --git a/src/runtime/virtcontainers/device/drivers/utils.go b/src/runtime/pkg/device/drivers/utils.go similarity index 94% rename from src/runtime/virtcontainers/device/drivers/utils.go rename to src/runtime/pkg/device/drivers/utils.go index aa97747219..25f021eda0 100644 --- a/src/runtime/virtcontainers/device/drivers/utils.go +++ b/src/runtime/pkg/device/drivers/utils.go @@ -12,8 +12,8 @@ import ( "path/filepath" "strings" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/sirupsen/logrus" ) diff --git a/src/runtime/virtcontainers/device/drivers/vfio.go b/src/runtime/pkg/device/drivers/vfio.go similarity index 94% rename from src/runtime/virtcontainers/device/drivers/vfio.go rename to src/runtime/pkg/device/drivers/vfio.go index 8e36ff46ba..58658b0b88 100644 --- a/src/runtime/virtcontainers/device/drivers/vfio.go +++ b/src/runtime/pkg/device/drivers/vfio.go @@ -16,9 +16,8 @@ import ( "github.com/sirupsen/logrus" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" ) @@ -174,26 +173,21 @@ func (device *VFIODevice) GetDeviceInfo() interface{} { } // Save converts Device to DeviceState -func (device *VFIODevice) Save() persistapi.DeviceState { +func (device *VFIODevice) Save() config.DeviceState { ds := device.GenericDevice.Save() ds.Type = string(device.DeviceType()) devs := device.VfioDevs for _, dev := range devs { if dev != nil { - ds.VFIODevs = append(ds.VFIODevs, &persistapi.VFIODev{ - ID: dev.ID, - Type: uint32(dev.Type), - BDF: dev.BDF, - SysfsDev: dev.SysfsDev, - }) + ds.VFIODevs = append(ds.VFIODevs, dev) } } return ds } // Load loads DeviceState and converts it to specific device -func (device *VFIODevice) Load(ds persistapi.DeviceState) { +func (device *VFIODevice) Load(ds config.DeviceState) { device.GenericDevice = &GenericDevice{} device.GenericDevice.Load(ds) diff --git a/src/runtime/virtcontainers/device/drivers/vfio_test.go b/src/runtime/pkg/device/drivers/vfio_test.go similarity index 91% rename from src/runtime/virtcontainers/device/drivers/vfio_test.go rename to src/runtime/pkg/device/drivers/vfio_test.go index 05118871f5..3c25a64c3c 100644 --- a/src/runtime/virtcontainers/device/drivers/vfio_test.go +++ b/src/runtime/pkg/device/drivers/vfio_test.go @@ -9,7 +9,7 @@ package drivers import ( "testing" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/stretchr/testify/assert" ) diff --git a/src/runtime/virtcontainers/device/drivers/vhost_user_blk.go b/src/runtime/pkg/device/drivers/vhost_user_blk.go similarity index 82% rename from src/runtime/virtcontainers/device/drivers/vhost_user_blk.go rename to src/runtime/pkg/device/drivers/vhost_user_blk.go index 4a495c9d51..49c66e7117 100644 --- a/src/runtime/virtcontainers/device/drivers/vhost_user_blk.go +++ b/src/runtime/pkg/device/drivers/vhost_user_blk.go @@ -9,9 +9,8 @@ package drivers import ( "context" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" "github.com/sirupsen/logrus" ) @@ -156,40 +155,19 @@ func (device *VhostUserBlkDevice) GetDeviceInfo() interface{} { } // Save converts Device to DeviceState -func (device *VhostUserBlkDevice) Save() persistapi.DeviceState { +func (device *VhostUserBlkDevice) Save() config.DeviceState { ds := device.GenericDevice.Save() ds.Type = string(device.DeviceType()) + ds.VhostUserDev = device.VhostUserDeviceAttrs - vAttr := device.VhostUserDeviceAttrs - if vAttr != nil { - ds.VhostUserDev = &persistapi.VhostUserDeviceAttrs{ - DevID: vAttr.DevID, - SocketPath: vAttr.SocketPath, - Type: string(vAttr.Type), - PCIPath: vAttr.PCIPath, - Index: vAttr.Index, - } - } return ds } // Load loads DeviceState and converts it to specific device -func (device *VhostUserBlkDevice) Load(ds persistapi.DeviceState) { +func (device *VhostUserBlkDevice) Load(ds config.DeviceState) { device.GenericDevice = &GenericDevice{} device.GenericDevice.Load(ds) - - dev := ds.VhostUserDev - if dev == nil { - return - } - - device.VhostUserDeviceAttrs = &config.VhostUserDeviceAttrs{ - DevID: dev.DevID, - SocketPath: dev.SocketPath, - Type: config.DeviceType(dev.Type), - PCIPath: dev.PCIPath, - Index: dev.Index, - } + device.VhostUserDeviceAttrs = ds.VhostUserDev } // It should implement GetAttachCount() and DeviceID() as api.Device implementation diff --git a/src/runtime/virtcontainers/device/drivers/vhost_user_fs.go b/src/runtime/pkg/device/drivers/vhost_user_fs.go similarity index 89% rename from src/runtime/virtcontainers/device/drivers/vhost_user_fs.go rename to src/runtime/pkg/device/drivers/vhost_user_fs.go index 5724d1db0c..dba9ea79df 100644 --- a/src/runtime/virtcontainers/device/drivers/vhost_user_fs.go +++ b/src/runtime/pkg/device/drivers/vhost_user_fs.go @@ -9,8 +9,8 @@ import ( "context" "encoding/hex" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" ) diff --git a/src/runtime/virtcontainers/device/drivers/vhost_user_net.go b/src/runtime/pkg/device/drivers/vhost_user_net.go similarity index 70% rename from src/runtime/virtcontainers/device/drivers/vhost_user_net.go rename to src/runtime/pkg/device/drivers/vhost_user_net.go index 7b70e97db2..39c38751e2 100644 --- a/src/runtime/virtcontainers/device/drivers/vhost_user_net.go +++ b/src/runtime/pkg/device/drivers/vhost_user_net.go @@ -10,16 +10,15 @@ import ( "context" "encoding/hex" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" ) // VhostUserNetDevice is a network vhost-user based device type VhostUserNetDevice struct { *GenericDevice - config.VhostUserDeviceAttrs + *config.VhostUserDeviceAttrs } // @@ -71,38 +70,25 @@ func (device *VhostUserNetDevice) DeviceType() config.DeviceType { // GetDeviceInfo returns device information used for creating func (device *VhostUserNetDevice) GetDeviceInfo() interface{} { device.Type = device.DeviceType() - return &device.VhostUserDeviceAttrs + return device.VhostUserDeviceAttrs } // Save converts Device to DeviceState -func (device *VhostUserNetDevice) Save() persistapi.DeviceState { +func (device *VhostUserNetDevice) Save() config.DeviceState { ds := device.GenericDevice.Save() ds.Type = string(device.DeviceType()) - ds.VhostUserDev = &persistapi.VhostUserDeviceAttrs{ - DevID: device.DevID, - SocketPath: device.SocketPath, - Type: string(device.Type), - MacAddress: device.MacAddress, - } + + ds.VhostUserDev = device.VhostUserDeviceAttrs + return ds } // Load loads DeviceState and converts it to specific device -func (device *VhostUserNetDevice) Load(ds persistapi.DeviceState) { +func (device *VhostUserNetDevice) Load(ds config.DeviceState) { device.GenericDevice = &GenericDevice{} device.GenericDevice.Load(ds) - dev := ds.VhostUserDev - if dev == nil { - return - } - - device.VhostUserDeviceAttrs = config.VhostUserDeviceAttrs{ - DevID: dev.DevID, - SocketPath: dev.SocketPath, - Type: config.DeviceType(dev.Type), - MacAddress: dev.MacAddress, - } + device.VhostUserDeviceAttrs = ds.VhostUserDev } // It should implement GetAttachCount() and DeviceID() as api.Device implementation diff --git a/src/runtime/virtcontainers/device/drivers/vhost_user_scsi.go b/src/runtime/pkg/device/drivers/vhost_user_scsi.go similarity index 70% rename from src/runtime/virtcontainers/device/drivers/vhost_user_scsi.go rename to src/runtime/pkg/device/drivers/vhost_user_scsi.go index 13b90cdf08..bb9fe97227 100644 --- a/src/runtime/virtcontainers/device/drivers/vhost_user_scsi.go +++ b/src/runtime/pkg/device/drivers/vhost_user_scsi.go @@ -10,16 +10,15 @@ import ( "context" "encoding/hex" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" ) // VhostUserSCSIDevice is a SCSI vhost-user based device type VhostUserSCSIDevice struct { *GenericDevice - config.VhostUserDeviceAttrs + *config.VhostUserDeviceAttrs } // @@ -71,38 +70,24 @@ func (device *VhostUserSCSIDevice) DeviceType() config.DeviceType { // GetDeviceInfo returns device information used for creating func (device *VhostUserSCSIDevice) GetDeviceInfo() interface{} { device.Type = device.DeviceType() - return &device.VhostUserDeviceAttrs + return device.VhostUserDeviceAttrs } // Save converts Device to DeviceState -func (device *VhostUserSCSIDevice) Save() persistapi.DeviceState { +func (device *VhostUserSCSIDevice) Save() config.DeviceState { ds := device.GenericDevice.Save() ds.Type = string(device.DeviceType()) - ds.VhostUserDev = &persistapi.VhostUserDeviceAttrs{ - DevID: device.DevID, - SocketPath: device.SocketPath, - Type: string(device.Type), - MacAddress: device.MacAddress, - } + ds.VhostUserDev = device.VhostUserDeviceAttrs + return ds } // Load loads DeviceState and converts it to specific device -func (device *VhostUserSCSIDevice) Load(ds persistapi.DeviceState) { +func (device *VhostUserSCSIDevice) Load(ds config.DeviceState) { device.GenericDevice = &GenericDevice{} device.GenericDevice.Load(ds) - dev := ds.VhostUserDev - if dev == nil { - return - } - - device.VhostUserDeviceAttrs = config.VhostUserDeviceAttrs{ - DevID: dev.DevID, - SocketPath: dev.SocketPath, - Type: config.DeviceType(dev.Type), - MacAddress: dev.MacAddress, - } + device.VhostUserDeviceAttrs = ds.VhostUserDev } // It should implement GetAttachCount() and DeviceID() as api.Device implementation diff --git a/src/runtime/virtcontainers/device/manager/manager.go b/src/runtime/pkg/device/manager/manager.go similarity index 94% rename from src/runtime/virtcontainers/device/manager/manager.go rename to src/runtime/pkg/device/manager/manager.go index 9a5bba2604..eed9e39f1e 100644 --- a/src/runtime/virtcontainers/device/manager/manager.go +++ b/src/runtime/pkg/device/manager/manager.go @@ -14,10 +14,9 @@ import ( "github.com/sirupsen/logrus" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/drivers" - persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/drivers" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" ) @@ -242,7 +241,7 @@ func (dm *deviceManager) IsDeviceAttached(id string) bool { } // LoadDevices load devices from persist state -func (dm *deviceManager) LoadDevices(devStates []persistapi.DeviceState) { +func (dm *deviceManager) LoadDevices(devStates []config.DeviceState) { dm.Lock() defer dm.Unlock() diff --git a/src/runtime/virtcontainers/device/manager/manager_linux_test.go b/src/runtime/pkg/device/manager/manager_linux_test.go similarity index 90% rename from src/runtime/virtcontainers/device/manager/manager_linux_test.go rename to src/runtime/pkg/device/manager/manager_linux_test.go index abb7532911..fd790f093e 100644 --- a/src/runtime/virtcontainers/device/manager/manager_linux_test.go +++ b/src/runtime/pkg/device/manager/manager_linux_test.go @@ -13,10 +13,10 @@ import ( "path/filepath" "testing" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/drivers" ktu "github.com/kata-containers/kata-containers/src/runtime/pkg/katatestutils" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/drivers" "github.com/stretchr/testify/assert" "golang.org/x/sys/unix" diff --git a/src/runtime/virtcontainers/device/manager/manager_test.go b/src/runtime/pkg/device/manager/manager_test.go similarity index 96% rename from src/runtime/virtcontainers/device/manager/manager_test.go rename to src/runtime/pkg/device/manager/manager_test.go index ea20012a92..1070e6b8e2 100644 --- a/src/runtime/virtcontainers/device/manager/manager_test.go +++ b/src/runtime/pkg/device/manager/manager_test.go @@ -13,9 +13,9 @@ import ( "strconv" "testing" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/drivers" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/drivers" "github.com/stretchr/testify/assert" ) diff --git a/src/runtime/virtcontainers/device/manager/utils.go b/src/runtime/pkg/device/manager/utils.go similarity index 92% rename from src/runtime/virtcontainers/device/manager/utils.go rename to src/runtime/pkg/device/manager/utils.go index 61488ef9fd..17d14741c1 100644 --- a/src/runtime/virtcontainers/device/manager/utils.go +++ b/src/runtime/pkg/device/manager/utils.go @@ -10,7 +10,7 @@ import ( "path/filepath" "strings" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" ) const ( diff --git a/src/runtime/virtcontainers/device/manager/utils_test.go b/src/runtime/pkg/device/manager/utils_test.go similarity index 95% rename from src/runtime/virtcontainers/device/manager/utils_test.go rename to src/runtime/pkg/device/manager/utils_test.go index ec518ce7ad..273283823f 100644 --- a/src/runtime/virtcontainers/device/manager/utils_test.go +++ b/src/runtime/pkg/device/manager/utils_test.go @@ -9,7 +9,7 @@ package manager import ( "testing" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/stretchr/testify/assert" ) diff --git a/src/runtime/pkg/govmm/qemu/qemu.go b/src/runtime/pkg/govmm/qemu/qemu.go index ea3f1311a8..100316dd9e 100644 --- a/src/runtime/pkg/govmm/qemu/qemu.go +++ b/src/runtime/pkg/govmm/qemu/qemu.go @@ -15,6 +15,7 @@ package qemu import ( "bytes" + "context" "fmt" "log" "os" @@ -23,8 +24,6 @@ import ( "strconv" "strings" "syscall" - - "context" ) // Machine describes the machine type qemu will emulate. diff --git a/src/runtime/pkg/katautils/config.go b/src/runtime/pkg/katautils/config.go index 2a62c3d6c3..dbdfdac303 100644 --- a/src/runtime/pkg/katautils/config.go +++ b/src/runtime/pkg/katautils/config.go @@ -16,12 +16,12 @@ import ( "strings" "github.com/BurntSushi/toml" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/pkg/govmm" govmmQemu "github.com/kata-containers/kata-containers/src/runtime/pkg/govmm/qemu" "github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace" "github.com/kata-containers/kata-containers/src/runtime/pkg/oci" vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" exp "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/experimental" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" "github.com/sirupsen/logrus" @@ -95,6 +95,7 @@ type hypervisor struct { FileBackedMemRootDir string `toml:"file_mem_backend"` GuestHookPath string `toml:"guest_hook_path"` GuestMemoryDumpPath string `toml:"guest_memory_dump_path"` + SeccompSandbox string `toml:"seccompsandbox"` HypervisorPathList []string `toml:"valid_hypervisor_paths"` JailerPathList []string `toml:"valid_jailer_paths"` CtlPathList []string `toml:"valid_ctlpaths"` @@ -767,6 +768,7 @@ func newQemuHypervisorConfig(h hypervisor) (vc.HypervisorConfig, error) { EnableVhostUserStore: h.EnableVhostUserStore, VhostUserStorePath: h.vhostUserStorePath(), VhostUserStorePathList: h.VhostUserStorePathList, + SeccompSandbox: h.SeccompSandbox, GuestHookPath: h.guestHookPath(), RxRateLimiterMaxRate: rxRateLimiterMaxRate, TxRateLimiterMaxRate: txRateLimiterMaxRate, diff --git a/src/runtime/pkg/oci/utils.go b/src/runtime/pkg/oci/utils.go index 1d39ccc76e..71423cf0cc 100644 --- a/src/runtime/pkg/oci/utils.go +++ b/src/runtime/pkg/oci/utils.go @@ -27,7 +27,7 @@ import ( "github.com/kata-containers/kata-containers/src/runtime/pkg/govmm" vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" exp "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/experimental" vcAnnotations "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/annotations" dockershimAnnotations "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/annotations/dockershim" diff --git a/src/runtime/pkg/oci/utils_test.go b/src/runtime/pkg/oci/utils_test.go index 4f778d5699..2ddd42d111 100644 --- a/src/runtime/pkg/oci/utils_test.go +++ b/src/runtime/pkg/oci/utils_test.go @@ -21,8 +21,8 @@ import ( "github.com/stretchr/testify/assert" "golang.org/x/sys/unix" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" vcAnnotations "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/annotations" dockerAnnotations "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/annotations/dockershim" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/compatoci" diff --git a/src/runtime/vendor/github.com/containerd/containerd/pkg/ioutil/read_closer.go b/src/runtime/vendor/github.com/containerd/containerd/pkg/ioutil/read_closer.go new file mode 100644 index 0000000000..fbc30a6f73 --- /dev/null +++ b/src/runtime/vendor/github.com/containerd/containerd/pkg/ioutil/read_closer.go @@ -0,0 +1,57 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package ioutil + +import "io" + +// writeCloseInformer wraps a reader with a close function. +type wrapReadCloser struct { + reader *io.PipeReader + writer *io.PipeWriter +} + +// NewWrapReadCloser creates a wrapReadCloser from a reader. +// NOTE(random-liu): To avoid goroutine leakage, the reader passed in +// must be eventually closed by the caller. +func NewWrapReadCloser(r io.Reader) io.ReadCloser { + pr, pw := io.Pipe() + go func() { + _, _ = io.Copy(pw, r) + pr.Close() + pw.Close() + }() + return &wrapReadCloser{ + reader: pr, + writer: pw, + } +} + +// Read reads up to len(p) bytes into p. +func (w *wrapReadCloser) Read(p []byte) (int, error) { + n, err := w.reader.Read(p) + if err == io.ErrClosedPipe { + return n, io.EOF + } + return n, err +} + +// Close closes read closer. +func (w *wrapReadCloser) Close() error { + w.reader.Close() + w.writer.Close() + return nil +} diff --git a/src/runtime/vendor/github.com/containerd/containerd/pkg/ioutil/write_closer.go b/src/runtime/vendor/github.com/containerd/containerd/pkg/ioutil/write_closer.go new file mode 100644 index 0000000000..c816c514ad --- /dev/null +++ b/src/runtime/vendor/github.com/containerd/containerd/pkg/ioutil/write_closer.go @@ -0,0 +1,102 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package ioutil + +import ( + "io" + "sync" +) + +// writeCloseInformer wraps passed in write closer with a close channel. +// Caller could wait on the close channel for the write closer to be +// closed. +type writeCloseInformer struct { + close chan struct{} + wc io.WriteCloser +} + +// NewWriteCloseInformer creates the writeCloseInformer from a write closer. +func NewWriteCloseInformer(wc io.WriteCloser) (io.WriteCloser, <-chan struct{}) { + close := make(chan struct{}) + return &writeCloseInformer{ + close: close, + wc: wc, + }, close +} + +// Write passes through the data into the internal write closer. +func (w *writeCloseInformer) Write(p []byte) (int, error) { + return w.wc.Write(p) +} + +// Close closes the internal write closer and inform the close channel. +func (w *writeCloseInformer) Close() error { + err := w.wc.Close() + close(w.close) + return err +} + +// nopWriteCloser wraps passed in writer with a nop close function. +type nopWriteCloser struct { + w io.Writer +} + +// NewNopWriteCloser creates the nopWriteCloser from a writer. +func NewNopWriteCloser(w io.Writer) io.WriteCloser { + return &nopWriteCloser{w: w} +} + +// Write passes through the data into the internal writer. +func (n *nopWriteCloser) Write(p []byte) (int, error) { + return n.w.Write(p) +} + +// Close is a nop close function. +func (n *nopWriteCloser) Close() error { + return nil +} + +// serialWriteCloser wraps a write closer and makes sure all writes +// are done in serial. +// Parallel write won't intersect with each other. Use case: +// 1) Pipe: Write content longer than PIPE_BUF. +// See http://man7.org/linux/man-pages/man7/pipe.7.html +// 2) <3.14 Linux Kernel: write is not atomic +// See http://man7.org/linux/man-pages/man2/write.2.html +type serialWriteCloser struct { + mu sync.Mutex + wc io.WriteCloser +} + +// NewSerialWriteCloser creates a SerialWriteCloser from a write closer. +func NewSerialWriteCloser(wc io.WriteCloser) io.WriteCloser { + return &serialWriteCloser{wc: wc} +} + +// Write writes a group of byte arrays in order atomically. +func (s *serialWriteCloser) Write(data []byte) (int, error) { + s.mu.Lock() + defer s.mu.Unlock() + return s.wc.Write(data) +} + +// Close closes the write closer. +func (s *serialWriteCloser) Close() error { + s.mu.Lock() + defer s.mu.Unlock() + return s.wc.Close() +} diff --git a/src/runtime/vendor/github.com/containerd/containerd/pkg/ioutil/writer_group.go b/src/runtime/vendor/github.com/containerd/containerd/pkg/ioutil/writer_group.go new file mode 100644 index 0000000000..0ed550497b --- /dev/null +++ b/src/runtime/vendor/github.com/containerd/containerd/pkg/ioutil/writer_group.go @@ -0,0 +1,105 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package ioutil + +import ( + "errors" + "io" + "sync" +) + +// WriterGroup is a group of writers. Writer could be dynamically +// added and removed. +type WriterGroup struct { + mu sync.Mutex + writers map[string]io.WriteCloser + closed bool +} + +var _ io.Writer = &WriterGroup{} + +// NewWriterGroup creates an empty writer group. +func NewWriterGroup() *WriterGroup { + return &WriterGroup{ + writers: make(map[string]io.WriteCloser), + } +} + +// Add adds a writer into the group. The writer will be closed +// if the writer group is closed. +func (g *WriterGroup) Add(key string, w io.WriteCloser) { + g.mu.Lock() + defer g.mu.Unlock() + if g.closed { + w.Close() + return + } + g.writers[key] = w +} + +// Get gets a writer from the group, returns nil if the writer +// doesn't exist. +func (g *WriterGroup) Get(key string) io.WriteCloser { + g.mu.Lock() + defer g.mu.Unlock() + return g.writers[key] +} + +// Remove removes a writer from the group. +func (g *WriterGroup) Remove(key string) { + g.mu.Lock() + defer g.mu.Unlock() + w, ok := g.writers[key] + if !ok { + return + } + w.Close() + delete(g.writers, key) +} + +// Write writes data into each writer. If a writer returns error, +// it will be closed and removed from the writer group. It returns +// error if writer group is empty. +func (g *WriterGroup) Write(p []byte) (int, error) { + g.mu.Lock() + defer g.mu.Unlock() + for k, w := range g.writers { + n, err := w.Write(p) + if err == nil && len(p) == n { + continue + } + // The writer is closed or in bad state, remove it. + w.Close() + delete(g.writers, k) + } + if len(g.writers) == 0 { + return 0, errors.New("writer group is empty") + } + return len(p), nil +} + +// Close closes the writer group. Write will return error after +// closed. +func (g *WriterGroup) Close() { + g.mu.Lock() + defer g.mu.Unlock() + for _, w := range g.writers { + w.Close() + } + g.writers = nil + g.closed = true +} diff --git a/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/LICENSE b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/LICENSE new file mode 100644 index 0000000000..d645695673 --- /dev/null +++ b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes/bytes.go b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes/bytes.go new file mode 100644 index 0000000000..7788a1fbe1 --- /dev/null +++ b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes/bytes.go @@ -0,0 +1,94 @@ +/* + * Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package bytes + +import ( + "encoding/binary" + "unsafe" +) + +// Raw returns just the bytes without any assumptions about layout +type Raw interface { + Raw() *[]byte +} + +// Reader used to read various data sizes in the byte array +type Reader interface { + Read8(pos int) uint8 + Read16(pos int) uint16 + Read32(pos int) uint32 + Read64(pos int) uint64 + Len() int +} + +// Writer used to write various sizes of data in the byte array +type Writer interface { + Write8(pos int, value uint8) + Write16(pos int, value uint16) + Write32(pos int, value uint32) + Write64(pos int, value uint64) + Len() int +} + +// Bytes object for manipulating arbitrary byte arrays +type Bytes interface { + Raw + Reader + Writer + Slice(offset int, size int) Bytes + LittleEndian() Bytes + BigEndian() Bytes +} + +var nativeByteOrder binary.ByteOrder + +func init() { + buf := [2]byte{} + *(*uint16)(unsafe.Pointer(&buf[0])) = uint16(0x00FF) + + switch buf { + case [2]byte{0xFF, 0x00}: + nativeByteOrder = binary.LittleEndian + case [2]byte{0x00, 0xFF}: + nativeByteOrder = binary.BigEndian + default: + panic("Unable to infer byte order") + } +} + +// New raw bytearray +func New(data *[]byte) Bytes { + return (*native)(data) +} + +// NewLittleEndian little endian ordering of bytes +func NewLittleEndian(data *[]byte) Bytes { + if nativeByteOrder == binary.LittleEndian { + return (*native)(data) + } + + return (*swapbo)(data) +} + +// NewBigEndian big endian ordering of bytes +func NewBigEndian(data *[]byte) Bytes { + if nativeByteOrder == binary.BigEndian { + return (*native)(data) + } + + return (*swapbo)(data) +} diff --git a/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes/native.go b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes/native.go new file mode 100644 index 0000000000..3c79e6890c --- /dev/null +++ b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes/native.go @@ -0,0 +1,78 @@ +/* + * Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package bytes + +import ( + "unsafe" +) + +type native []byte + +var _ Bytes = (*native)(nil) + +func (b *native) Read8(pos int) uint8 { + return (*b)[pos] +} + +func (b *native) Read16(pos int) uint16 { + return *(*uint16)(unsafe.Pointer(&((*b)[pos]))) +} + +func (b *native) Read32(pos int) uint32 { + return *(*uint32)(unsafe.Pointer(&((*b)[pos]))) +} + +func (b *native) Read64(pos int) uint64 { + return *(*uint64)(unsafe.Pointer(&((*b)[pos]))) +} + +func (b *native) Write8(pos int, value uint8) { + (*b)[pos] = value +} + +func (b *native) Write16(pos int, value uint16) { + *(*uint16)(unsafe.Pointer(&((*b)[pos]))) = value +} + +func (b *native) Write32(pos int, value uint32) { + *(*uint32)(unsafe.Pointer(&((*b)[pos]))) = value +} + +func (b *native) Write64(pos int, value uint64) { + *(*uint64)(unsafe.Pointer(&((*b)[pos]))) = value +} + +func (b *native) Slice(offset int, size int) Bytes { + nb := (*b)[offset : offset+size] + return &nb +} + +func (b *native) LittleEndian() Bytes { + return NewLittleEndian((*[]byte)(b)) +} + +func (b *native) BigEndian() Bytes { + return NewBigEndian((*[]byte)(b)) +} + +func (b *native) Raw() *[]byte { + return (*[]byte)(b) +} + +func (b *native) Len() int { + return len(*b) +} diff --git a/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes/swapbo.go b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes/swapbo.go new file mode 100644 index 0000000000..278c67daf4 --- /dev/null +++ b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes/swapbo.go @@ -0,0 +1,112 @@ +/* + * Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package bytes + +import ( + "unsafe" +) + +type swapbo []byte + +var _ Bytes = (*swapbo)(nil) + +func (b *swapbo) Read8(pos int) uint8 { + return (*b)[pos] +} + +func (b *swapbo) Read16(pos int) uint16 { + buf := [2]byte{} + buf[0] = (*b)[pos+1] + buf[1] = (*b)[pos+0] + return *(*uint16)(unsafe.Pointer(&buf[0])) +} + +func (b *swapbo) Read32(pos int) uint32 { + buf := [4]byte{} + buf[0] = (*b)[pos+3] + buf[1] = (*b)[pos+2] + buf[2] = (*b)[pos+1] + buf[3] = (*b)[pos+0] + return *(*uint32)(unsafe.Pointer(&buf[0])) +} + +func (b *swapbo) Read64(pos int) uint64 { + buf := [8]byte{} + buf[0] = (*b)[pos+7] + buf[1] = (*b)[pos+6] + buf[2] = (*b)[pos+5] + buf[3] = (*b)[pos+4] + buf[4] = (*b)[pos+3] + buf[5] = (*b)[pos+2] + buf[6] = (*b)[pos+1] + buf[7] = (*b)[pos+0] + return *(*uint64)(unsafe.Pointer(&buf[0])) +} + +func (b *swapbo) Write8(pos int, value uint8) { + (*b)[pos] = value +} + +func (b *swapbo) Write16(pos int, value uint16) { + buf := [2]byte{} + *(*uint16)(unsafe.Pointer(&buf[0])) = value + (*b)[pos+0] = buf[1] + (*b)[pos+1] = buf[0] +} + +func (b *swapbo) Write32(pos int, value uint32) { + buf := [4]byte{} + *(*uint32)(unsafe.Pointer(&buf[0])) = value + (*b)[pos+0] = buf[3] + (*b)[pos+1] = buf[2] + (*b)[pos+2] = buf[1] + (*b)[pos+3] = buf[0] +} + +func (b *swapbo) Write64(pos int, value uint64) { + buf := [8]byte{} + *(*uint64)(unsafe.Pointer(&buf[0])) = value + (*b)[pos+0] = buf[7] + (*b)[pos+1] = buf[6] + (*b)[pos+2] = buf[5] + (*b)[pos+3] = buf[4] + (*b)[pos+4] = buf[3] + (*b)[pos+5] = buf[2] + (*b)[pos+6] = buf[1] + (*b)[pos+7] = buf[0] +} + +func (b *swapbo) Slice(offset int, size int) Bytes { + nb := (*b)[offset : offset+size] + return &nb +} + +func (b *swapbo) LittleEndian() Bytes { + return NewLittleEndian((*[]byte)(b)) +} + +func (b *swapbo) BigEndian() Bytes { + return NewBigEndian((*[]byte)(b)) +} + +func (b *swapbo) Raw() *[]byte { + return (*[]byte)(b) +} + +func (b *swapbo) Len() int { + return len(*b) +} diff --git a/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/config.go b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/config.go new file mode 100644 index 0000000000..7cd2920b75 --- /dev/null +++ b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/config.go @@ -0,0 +1,143 @@ +/* + * Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package nvpci + +import ( + "fmt" + "io/ioutil" + + "gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes" +) + +const ( + // PCICfgSpaceStandardSize represents the size in bytes of the standard config space + PCICfgSpaceStandardSize = 256 + // PCICfgSpaceExtendedSize represents the size in bytes of the extended config space + PCICfgSpaceExtendedSize = 4096 + // PCICapabilityListPointer represents offset for the capability list pointer + PCICapabilityListPointer = 0x34 + // PCIStatusCapabilityList represents the status register bit which indicates capability list support + PCIStatusCapabilityList = 0x10 + // PCIStatusBytePosition represents the position of the status register + PCIStatusBytePosition = 0x06 +) + +// ConfigSpace PCI configuration space (standard extended) file path +type ConfigSpace struct { + Path string +} + +// ConfigSpaceIO Interface for reading and writing raw and preconfigured values +type ConfigSpaceIO interface { + bytes.Bytes + GetVendorID() uint16 + GetDeviceID() uint16 + GetPCICapabilities() (*PCICapabilities, error) +} + +type configSpaceIO struct { + bytes.Bytes +} + +// PCIStandardCapability standard PCI config space +type PCIStandardCapability struct { + bytes.Bytes +} + +// PCIExtendedCapability extended PCI config space +type PCIExtendedCapability struct { + bytes.Bytes + Version uint8 +} + +// PCICapabilities combines the standard and extended config space +type PCICapabilities struct { + Standard map[uint8]*PCIStandardCapability + Extended map[uint16]*PCIExtendedCapability +} + +func (cs *ConfigSpace) Read() (ConfigSpaceIO, error) { + config, err := ioutil.ReadFile(cs.Path) + if err != nil { + return nil, fmt.Errorf("failed to open file: %v", err) + } + return &configSpaceIO{bytes.New(&config)}, nil +} + +func (cs *configSpaceIO) GetVendorID() uint16 { + return cs.Read16(0) +} + +func (cs *configSpaceIO) GetDeviceID() uint16 { + return cs.Read16(2) +} + +func (cs *configSpaceIO) GetPCICapabilities() (*PCICapabilities, error) { + caps := &PCICapabilities{ + make(map[uint8]*PCIStandardCapability), + make(map[uint16]*PCIExtendedCapability), + } + + support := cs.Read8(PCIStatusBytePosition) & PCIStatusCapabilityList + if support == 0 { + return nil, fmt.Errorf("pci device does not support capability list") + } + + soffset := cs.Read8(PCICapabilityListPointer) + if int(soffset) >= cs.Len() { + return nil, fmt.Errorf("capability list pointer out of bounds") + } + + for soffset != 0 { + if soffset == 0xff { + return nil, fmt.Errorf("config space broken") + } + if int(soffset) >= PCICfgSpaceStandardSize { + return nil, fmt.Errorf("standard capability list pointer out of bounds") + } + data := cs.Read32(int(soffset)) + id := uint8(data & 0xff) + caps.Standard[id] = &PCIStandardCapability{ + cs.Slice(int(soffset), cs.Len()-int(soffset)), + } + soffset = uint8((data >> 8) & 0xff) + } + + if cs.Len() <= PCICfgSpaceStandardSize { + return caps, nil + } + + eoffset := uint16(PCICfgSpaceStandardSize) + for eoffset != 0 { + if eoffset == 0xffff { + return nil, fmt.Errorf("config space broken") + } + if int(eoffset) >= PCICfgSpaceExtendedSize { + return nil, fmt.Errorf("extended capability list pointer out of bounds") + } + data := cs.Read32(int(eoffset)) + id := uint16(data & 0xffff) + version := uint8((data >> 16) & 0xf) + caps.Extended[id] = &PCIExtendedCapability{ + cs.Slice(int(eoffset), cs.Len()-int(eoffset)), + version, + } + eoffset = uint16((data >> 4) & 0xffc) + } + + return caps, nil +} diff --git a/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/mmio/mmio.go b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/mmio/mmio.go new file mode 100644 index 0000000000..602486ead6 --- /dev/null +++ b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/mmio/mmio.go @@ -0,0 +1,127 @@ +/* + * Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package mmio + +import ( + "fmt" + "os" + "syscall" + "unsafe" + + "gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes" +) + +// Mmio memory map a region +type Mmio interface { + bytes.Raw + bytes.Reader + bytes.Writer + Sync() error + Close() error + Slice(offset int, size int) Mmio + LittleEndian() Mmio + BigEndian() Mmio +} + +type mmio struct { + bytes.Bytes +} + +func open(path string, offset int, size int, flags int) (Mmio, error) { + var mmapFlags int + switch flags { + case os.O_RDONLY: + mmapFlags = syscall.PROT_READ + case os.O_RDWR: + mmapFlags = syscall.PROT_READ | syscall.PROT_WRITE + default: + return nil, fmt.Errorf("invalid flags: %v", flags) + } + + file, err := os.OpenFile(path, flags, 0) + if err != nil { + return nil, fmt.Errorf("failed to open file: %v", err) + } + defer file.Close() + + fi, err := file.Stat() + if err != nil { + return nil, fmt.Errorf("failed to get file info: %v", err) + } + + if size > int(fi.Size()) { + return nil, fmt.Errorf("requested size larger than file size") + } + + if size < 0 { + size = int(fi.Size()) + } + + mmap, err := syscall.Mmap( + int(file.Fd()), + int64(offset), + size, + mmapFlags, + syscall.MAP_SHARED) + if err != nil { + return nil, fmt.Errorf("failed to mmap file: %v", err) + } + + return &mmio{bytes.New(&mmap)}, nil +} + +// OpenRO open region readonly +func OpenRO(path string, offset int, size int) (Mmio, error) { + return open(path, offset, size, os.O_RDONLY) +} + +// OpenRW open region read write +func OpenRW(path string, offset int, size int) (Mmio, error) { + return open(path, offset, size, os.O_RDWR) +} + +func (m *mmio) Slice(offset int, size int) Mmio { + return &mmio{m.Bytes.Slice(offset, size)} +} + +func (m *mmio) LittleEndian() Mmio { + return &mmio{m.Bytes.LittleEndian()} +} + +func (m *mmio) BigEndian() Mmio { + return &mmio{m.Bytes.BigEndian()} +} + +func (m *mmio) Close() error { + err := syscall.Munmap(*m.Bytes.Raw()) + if err != nil { + return fmt.Errorf("failed to munmap file: %v", err) + } + return nil +} + +func (m *mmio) Sync() error { + _, _, errno := syscall.Syscall( + syscall.SYS_MSYNC, + uintptr(unsafe.Pointer(&(*m.Bytes.Raw())[0])), + uintptr(m.Len()), + uintptr(syscall.MS_SYNC|syscall.MS_INVALIDATE)) + if errno != 0 { + return fmt.Errorf("failed to msync file: %v", errno) + } + return nil +} diff --git a/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/mmio/mock.go b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/mmio/mock.go new file mode 100644 index 0000000000..42a86b157e --- /dev/null +++ b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/mmio/mock.go @@ -0,0 +1,74 @@ +/* + * Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package mmio + +import ( + "fmt" + + "gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes" +) + +type mockMmio struct { + mmio + source *[]byte + offset int + rw bool +} + +func mockOpen(source *[]byte, offset int, size int, rw bool) (Mmio, error) { + if size < 0 { + size = len(*source) - offset + } + if (offset + size) > len(*source) { + return nil, fmt.Errorf("offset+size out of range") + } + + data := append([]byte{}, (*source)[offset:offset+size]...) + + m := &mockMmio{} + m.Bytes = bytes.New(&data).LittleEndian() + m.source = source + m.offset = offset + m.rw = rw + + return m, nil +} + +// MockOpenRO open read only +func MockOpenRO(source *[]byte, offset int, size int) (Mmio, error) { + return mockOpen(source, offset, size, false) +} + +// MockOpenRW open read write +func MockOpenRW(source *[]byte, offset int, size int) (Mmio, error) { + return mockOpen(source, offset, size, true) +} + +func (m *mockMmio) Close() error { + m = &mockMmio{} + return nil +} + +func (m *mockMmio) Sync() error { + if !m.rw { + return fmt.Errorf("opened read-only") + } + for i := range *m.Bytes.Raw() { + (*m.source)[m.offset+i] = (*m.Bytes.Raw())[i] + } + return nil +} diff --git a/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/mock.go b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/mock.go new file mode 100644 index 0000000000..5c13ae1861 --- /dev/null +++ b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/mock.go @@ -0,0 +1,141 @@ +/* + * Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package nvpci + +import ( + "fmt" + "io/ioutil" + "os" + "path/filepath" + + "gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes" +) + +// MockNvpci mock pci device +type MockNvpci struct { + *nvpci +} + +var _ Interface = (*MockNvpci)(nil) + +// NewMockNvpci create new mock PCI and remove old devices +func NewMockNvpci() (mock *MockNvpci, rerr error) { + rootDir, err := ioutil.TempDir("", "") + if err != nil { + return nil, err + } + defer func() { + if rerr != nil { + os.RemoveAll(rootDir) + } + }() + + mock = &MockNvpci{ + NewFrom(rootDir).(*nvpci), + } + + return mock, nil +} + +// Cleanup remove the mocked PCI devices root folder +func (m *MockNvpci) Cleanup() { + os.RemoveAll(m.pciDevicesRoot) +} + +// AddMockA100 Create an A100 like GPU mock device +func (m *MockNvpci) AddMockA100(address string, numaNode int) error { + deviceDir := filepath.Join(m.pciDevicesRoot, address) + err := os.MkdirAll(deviceDir, 0755) + if err != nil { + return err + } + + vendor, err := os.Create(filepath.Join(deviceDir, "vendor")) + if err != nil { + return err + } + _, err = vendor.WriteString(fmt.Sprintf("0x%x", PCINvidiaVendorID)) + if err != nil { + return err + } + + class, err := os.Create(filepath.Join(deviceDir, "class")) + if err != nil { + return err + } + _, err = class.WriteString(fmt.Sprintf("0x%x", PCI3dControllerClass)) + if err != nil { + return err + } + + device, err := os.Create(filepath.Join(deviceDir, "device")) + if err != nil { + return err + } + _, err = device.WriteString("0x20bf") + if err != nil { + return err + } + + numa, err := os.Create(filepath.Join(deviceDir, "numa_node")) + if err != nil { + return err + } + _, err = numa.WriteString(fmt.Sprintf("%v", numaNode)) + if err != nil { + return err + } + + config, err := os.Create(filepath.Join(deviceDir, "config")) + if err != nil { + return err + } + _data := make([]byte, PCICfgSpaceStandardSize) + data := bytes.New(&_data) + data.Write16(0, PCINvidiaVendorID) + data.Write16(2, uint16(0x20bf)) + data.Write8(PCIStatusBytePosition, PCIStatusCapabilityList) + _, err = config.Write(*data.Raw()) + if err != nil { + return err + } + + bar0 := []uint64{0x00000000c2000000, 0x00000000c2ffffff, 0x0000000000040200} + resource, err := os.Create(filepath.Join(deviceDir, "resource")) + if err != nil { + return err + } + _, err = resource.WriteString(fmt.Sprintf("0x%x 0x%x 0x%x", bar0[0], bar0[1], bar0[2])) + if err != nil { + return err + } + + pmcID := uint32(0x170000a1) + resource0, err := os.Create(filepath.Join(deviceDir, "resource0")) + if err != nil { + return err + } + _data = make([]byte, bar0[1]-bar0[0]+1) + data = bytes.New(&_data).LittleEndian() + data.Write32(0, pmcID) + _, err = resource0.Write(*data.Raw()) + if err != nil { + return err + } + + return nil +} diff --git a/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/nvpci.go b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/nvpci.go new file mode 100644 index 0000000000..61a8bd302d --- /dev/null +++ b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/nvpci.go @@ -0,0 +1,316 @@ +/* + * Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package nvpci + +import ( + "fmt" + "io/ioutil" + "os" + "path" + "sort" + "strconv" + "strings" +) + +const ( + // PCIDevicesRoot represents base path for all pci devices under sysfs + PCIDevicesRoot = "/sys/bus/pci/devices" + // PCINvidiaVendorID represents PCI vendor id for NVIDIA + PCINvidiaVendorID uint16 = 0x10de + // PCIVgaControllerClass represents the PCI class for VGA Controllers + PCIVgaControllerClass uint32 = 0x030000 + // PCI3dControllerClass represents the PCI class for 3D Graphics accellerators + PCI3dControllerClass uint32 = 0x030200 + // PCINvSwitchClass represents the PCI class for NVSwitches + PCINvSwitchClass uint32 = 0x068000 +) + +// Interface allows us to get a list of all NVIDIA PCI devices +type Interface interface { + GetAllDevices() ([]*NvidiaPCIDevice, error) + Get3DControllers() ([]*NvidiaPCIDevice, error) + GetVGAControllers() ([]*NvidiaPCIDevice, error) + GetNVSwitches() ([]*NvidiaPCIDevice, error) + GetGPUs() ([]*NvidiaPCIDevice, error) +} + +// MemoryResources a more human readable handle +type MemoryResources map[int]*MemoryResource + +// ResourceInterface exposes some higher level functions of resources +type ResourceInterface interface { + GetTotalAddressableMemory(bool) (uint64, uint64) +} + +type nvpci struct { + pciDevicesRoot string +} + +var _ Interface = (*nvpci)(nil) +var _ ResourceInterface = (*MemoryResources)(nil) + +// NvidiaPCIDevice represents a PCI device for an NVIDIA product +type NvidiaPCIDevice struct { + Path string + Address string + Vendor uint16 + Class uint32 + Device uint16 + NumaNode int + Config *ConfigSpace + Resources MemoryResources +} + +// IsVGAController if class == 0x300 +func (d *NvidiaPCIDevice) IsVGAController() bool { + return d.Class == PCIVgaControllerClass +} + +// Is3DController if class == 0x302 +func (d *NvidiaPCIDevice) Is3DController() bool { + return d.Class == PCI3dControllerClass +} + +// IsNVSwitch if classe == 0x068 +func (d *NvidiaPCIDevice) IsNVSwitch() bool { + return d.Class == PCINvSwitchClass +} + +// IsGPU either VGA for older cards or 3D for newer +func (d *NvidiaPCIDevice) IsGPU() bool { + return d.IsVGAController() || d.Is3DController() +} + +// IsResetAvailable some devices can be reset without rebooting, +// check if applicable +func (d *NvidiaPCIDevice) IsResetAvailable() bool { + _, err := os.Stat(path.Join(d.Path, "reset")) + return err == nil +} + +// Reset perform a reset to apply a new configuration at HW level +func (d *NvidiaPCIDevice) Reset() error { + err := ioutil.WriteFile(path.Join(d.Path, "reset"), []byte("1"), 0) + if err != nil { + return fmt.Errorf("unable to write to reset file: %v", err) + } + return nil +} + +// New interface that allows us to get a list of all NVIDIA PCI devices +func New() Interface { + return &nvpci{PCIDevicesRoot} +} + +// NewFrom interface allows us to get a list of all NVIDIA PCI devices at a specific root directory +func NewFrom(root string) Interface { + return &nvpci{root} +} + +// GetAllDevices returns all Nvidia PCI devices on the system +func (p *nvpci) GetAllDevices() ([]*NvidiaPCIDevice, error) { + deviceDirs, err := ioutil.ReadDir(p.pciDevicesRoot) + if err != nil { + return nil, fmt.Errorf("unable to read PCI bus devices: %v", err) + } + + var nvdevices []*NvidiaPCIDevice + for _, deviceDir := range deviceDirs { + devicePath := path.Join(p.pciDevicesRoot, deviceDir.Name()) + nvdevice, err := NewDevice(devicePath) + if err != nil { + return nil, fmt.Errorf("error constructing NVIDIA PCI device %s: %v", deviceDir.Name(), err) + } + if nvdevice == nil { + continue + } + nvdevices = append(nvdevices, nvdevice) + } + + addressToID := func(address string) uint64 { + address = strings.ReplaceAll(address, ":", "") + address = strings.ReplaceAll(address, ".", "") + id, _ := strconv.ParseUint(address, 16, 64) + return id + } + + sort.Slice(nvdevices, func(i, j int) bool { + return addressToID(nvdevices[i].Address) < addressToID(nvdevices[j].Address) + }) + + return nvdevices, nil +} + +// NewDevice constructs an NvidiaPCIDevice +func NewDevice(devicePath string) (*NvidiaPCIDevice, error) { + address := path.Base(devicePath) + + vendor, err := ioutil.ReadFile(path.Join(devicePath, "vendor")) + if err != nil { + return nil, fmt.Errorf("unable to read PCI device vendor id for %s: %v", address, err) + } + vendorStr := strings.TrimSpace(string(vendor)) + vendorID, err := strconv.ParseUint(vendorStr, 0, 16) + if err != nil { + return nil, fmt.Errorf("unable to convert vendor string to uint16: %v", vendorStr) + } + + if uint16(vendorID) != PCINvidiaVendorID { + return nil, nil + } + + class, err := ioutil.ReadFile(path.Join(devicePath, "class")) + if err != nil { + return nil, fmt.Errorf("unable to read PCI device class for %s: %v", address, err) + } + classStr := strings.TrimSpace(string(class)) + classID, err := strconv.ParseUint(classStr, 0, 32) + if err != nil { + return nil, fmt.Errorf("unable to convert class string to uint32: %v", classStr) + } + + device, err := ioutil.ReadFile(path.Join(devicePath, "device")) + if err != nil { + return nil, fmt.Errorf("unable to read PCI device id for %s: %v", address, err) + } + deviceStr := strings.TrimSpace(string(device)) + deviceID, err := strconv.ParseUint(deviceStr, 0, 16) + if err != nil { + return nil, fmt.Errorf("unable to convert device string to uint16: %v", deviceStr) + } + + numa, err := ioutil.ReadFile(path.Join(devicePath, "numa_node")) + if err != nil { + return nil, fmt.Errorf("unable to read PCI NUMA node for %s: %v", address, err) + } + numaStr := strings.TrimSpace(string(numa)) + numaNode, err := strconv.ParseInt(numaStr, 0, 64) + if err != nil { + return nil, fmt.Errorf("unable to convert NUMA node string to int64: %v", numaNode) + } + + config := &ConfigSpace{ + Path: path.Join(devicePath, "config"), + } + + resource, err := ioutil.ReadFile(path.Join(devicePath, "resource")) + if err != nil { + return nil, fmt.Errorf("unable to read PCI resource file for %s: %v", address, err) + } + + resources := make(map[int]*MemoryResource) + for i, line := range strings.Split(strings.TrimSpace(string(resource)), "\n") { + values := strings.Split(line, " ") + if len(values) != 3 { + return nil, fmt.Errorf("more than 3 entries in line '%d' of resource file", i) + } + + start, _ := strconv.ParseUint(values[0], 0, 64) + end, _ := strconv.ParseUint(values[1], 0, 64) + flags, _ := strconv.ParseUint(values[2], 0, 64) + + if (end - start) != 0 { + resources[i] = &MemoryResource{ + uintptr(start), + uintptr(end), + flags, + fmt.Sprintf("%s/resource%d", devicePath, i), + } + } + } + + nvdevice := &NvidiaPCIDevice{ + Path: devicePath, + Address: address, + Vendor: uint16(vendorID), + Class: uint32(classID), + Device: uint16(deviceID), + NumaNode: int(numaNode), + Config: config, + Resources: resources, + } + + return nvdevice, nil +} + +// Get3DControllers returns all NVIDIA 3D Controller PCI devices on the system +func (p *nvpci) Get3DControllers() ([]*NvidiaPCIDevice, error) { + devices, err := p.GetAllDevices() + if err != nil { + return nil, fmt.Errorf("error getting all NVIDIA devices: %v", err) + } + + var filtered []*NvidiaPCIDevice + for _, d := range devices { + if d.Is3DController() { + filtered = append(filtered, d) + } + } + + return filtered, nil +} + +// GetVGAControllers returns all NVIDIA VGA Controller PCI devices on the system +func (p *nvpci) GetVGAControllers() ([]*NvidiaPCIDevice, error) { + devices, err := p.GetAllDevices() + if err != nil { + return nil, fmt.Errorf("error getting all NVIDIA devices: %v", err) + } + + var filtered []*NvidiaPCIDevice + for _, d := range devices { + if d.IsVGAController() { + filtered = append(filtered, d) + } + } + + return filtered, nil +} + +// GetNVSwitches returns all NVIDIA NVSwitch PCI devices on the system +func (p *nvpci) GetNVSwitches() ([]*NvidiaPCIDevice, error) { + devices, err := p.GetAllDevices() + if err != nil { + return nil, fmt.Errorf("error getting all NVIDIA devices: %v", err) + } + + var filtered []*NvidiaPCIDevice + for _, d := range devices { + if d.IsNVSwitch() { + filtered = append(filtered, d) + } + } + + return filtered, nil +} + +// GetGPUs returns all NVIDIA GPU devices on the system +func (p *nvpci) GetGPUs() ([]*NvidiaPCIDevice, error) { + devices, err := p.GetAllDevices() + if err != nil { + return nil, fmt.Errorf("error getting all NVIDIA devices: %v", err) + } + + var filtered []*NvidiaPCIDevice + for _, d := range devices { + if d.IsGPU() { + filtered = append(filtered, d) + } + } + + return filtered, nil +} diff --git a/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/resources.go b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/resources.go new file mode 100644 index 0000000000..02a0430f38 --- /dev/null +++ b/src/runtime/vendor/gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/resources.go @@ -0,0 +1,140 @@ +/* + * Copyright (c) 2021, NVIDIA CORPORATION. All rights reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package nvpci + +import ( + "fmt" + "sort" + + "gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/mmio" +) + +const ( + pmcEndianRegister = 0x4 + pmcLittleEndian = 0x0 + pmcBigEndian = 0x01000001 +) + +// MemoryResource represents a mmio region +type MemoryResource struct { + Start uintptr + End uintptr + Flags uint64 + Path string +} + +// OpenRW read write mmio region +func (mr *MemoryResource) OpenRW() (mmio.Mmio, error) { + rw, err := mmio.OpenRW(mr.Path, 0, int(mr.End-mr.Start+1)) + if err != nil { + return nil, fmt.Errorf("failed to open file for mmio: %v", err) + } + switch rw.Read32(pmcEndianRegister) { + case pmcBigEndian: + return rw.BigEndian(), nil + case pmcLittleEndian: + return rw.LittleEndian(), nil + } + return nil, fmt.Errorf("unknown endianness for mmio: %v", err) +} + +// OpenRO read only mmio region +func (mr *MemoryResource) OpenRO() (mmio.Mmio, error) { + ro, err := mmio.OpenRO(mr.Path, 0, int(mr.End-mr.Start+1)) + if err != nil { + return nil, fmt.Errorf("failed to open file for mmio: %v", err) + } + switch ro.Read32(pmcEndianRegister) { + case pmcBigEndian: + return ro.BigEndian(), nil + case pmcLittleEndian: + return ro.LittleEndian(), nil + } + return nil, fmt.Errorf("unknown endianness for mmio: %v", err) +} + +// From Bit Twiddling Hacks, great resource for all low level bit manipulations +func calcNextPowerOf2(n uint64) uint64 { + n-- + n |= n >> 1 + n |= n >> 2 + n |= n >> 4 + n |= n >> 8 + n |= n >> 16 + n |= n >> 32 + n++ + + return n +} + +// GetTotalAddressableMemory will accumulate the 32bit and 64bit memory windows +// of each BAR and round the value if needed to the next power of 2; first +// return value is the accumulated 32bit addresable memory size the second one +// is the accumulated 64bit addressable memory size in bytes. These values are +// needed to configure virtualized environments. +func (mrs MemoryResources) GetTotalAddressableMemory(roundUp bool) (uint64, uint64) { + const pciIOVNumBAR = 6 + const pciBaseAddressMemTypeMask = 0x06 + const pciBaseAddressMemType32 = 0x00 /* 32 bit address */ + const pciBaseAddressMemType64 = 0x04 /* 64 bit address */ + + // We need to sort the resources so the first 6 entries are the BARs + // How a map is represented in memory is not guaranteed, it is not an + // array. Keys do not have an order. + keys := make([]int, 0, len(mrs)) + for k := range mrs { + keys = append(keys, k) + } + sort.Ints(keys) + + numBAR := 0 + memSize32bit := uint64(0) + memSize64bit := uint64(0) + + for _, key := range keys { + // The PCIe spec only defines 5 BARs per device, we're + // discarding everything after the 5th entry of the resources + // file, see lspci.c + if key >= pciIOVNumBAR || numBAR == pciIOVNumBAR { + break + } + numBAR = numBAR + 1 + + region := mrs[key] + + flags := region.Flags & pciBaseAddressMemTypeMask + memType32bit := flags == pciBaseAddressMemType32 + memType64bit := flags == pciBaseAddressMemType64 + + memSize := (region.End - region.Start) + 1 + + if memType32bit { + memSize32bit = memSize32bit + uint64(memSize) + } + if memType64bit { + memSize64bit = memSize64bit + uint64(memSize) + } + + } + + if roundUp { + memSize32bit = calcNextPowerOf2(memSize32bit) + memSize64bit = calcNextPowerOf2(memSize64bit) + } + + return memSize32bit, memSize64bit +} diff --git a/src/runtime/vendor/modules.txt b/src/runtime/vendor/modules.txt index 2e4a632603..adf9f6ce53 100644 --- a/src/runtime/vendor/modules.txt +++ b/src/runtime/vendor/modules.txt @@ -81,6 +81,7 @@ github.com/containerd/containerd/mount github.com/containerd/containerd/namespaces github.com/containerd/containerd/pkg/cri/annotations github.com/containerd/containerd/pkg/dialer +github.com/containerd/containerd/pkg/ioutil github.com/containerd/containerd/pkg/runtimeoptions/v1 github.com/containerd/containerd/pkg/shutdown github.com/containerd/containerd/pkg/ttrpcutil @@ -305,6 +306,11 @@ github.com/vishvananda/netlink/nl # github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f ## explicit github.com/vishvananda/netns +# gitlab.com/nvidia/cloud-native/go-nvlib v0.0.0-20220601114329-47893b162965 +## explicit +gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci +gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/bytes +gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci/mmio # go.opencensus.io v0.23.0 go.opencensus.io go.opencensus.io/internal diff --git a/src/runtime/virtcontainers/acrn.go b/src/runtime/virtcontainers/acrn.go index 38f42a207b..f6da05ec58 100644 --- a/src/runtime/virtcontainers/acrn.go +++ b/src/runtime/virtcontainers/acrn.go @@ -22,10 +22,10 @@ import ( "github.com/pkg/errors" "github.com/sirupsen/logrus" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" hv "github.com/kata-containers/kata-containers/src/runtime/pkg/hypervisors" "github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace" "github.com/kata-containers/kata-containers/src/runtime/pkg/uuid" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" diff --git a/src/runtime/virtcontainers/acrn_arch_base.go b/src/runtime/virtcontainers/acrn_arch_base.go index ab547b6bd3..f84019ee61 100644 --- a/src/runtime/virtcontainers/acrn_arch_base.go +++ b/src/runtime/virtcontainers/acrn_arch_base.go @@ -16,7 +16,7 @@ import ( "os/exec" "strings" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/sirupsen/logrus" ) diff --git a/src/runtime/virtcontainers/acrn_arch_base_test.go b/src/runtime/virtcontainers/acrn_arch_base_test.go index 19d7858c59..3d168f56f9 100644 --- a/src/runtime/virtcontainers/acrn_arch_base_test.go +++ b/src/runtime/virtcontainers/acrn_arch_base_test.go @@ -12,7 +12,7 @@ import ( "path/filepath" "testing" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/fs" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/stretchr/testify/assert" diff --git a/src/runtime/virtcontainers/acrn_test.go b/src/runtime/virtcontainers/acrn_test.go index b92f35a2fa..f0e8c7ce2c 100644 --- a/src/runtime/virtcontainers/acrn_test.go +++ b/src/runtime/virtcontainers/acrn_test.go @@ -14,7 +14,7 @@ import ( "path/filepath" "testing" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/stretchr/testify/assert" diff --git a/src/runtime/virtcontainers/api.go b/src/runtime/virtcontainers/api.go index 4b85851cf6..437c926a7e 100644 --- a/src/runtime/virtcontainers/api.go +++ b/src/runtime/virtcontainers/api.go @@ -9,10 +9,10 @@ import ( "context" "runtime" + deviceApi "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + deviceConfig "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace" resCtrl "github.com/kata-containers/kata-containers/src/runtime/pkg/resourcecontrol" - deviceApi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - deviceConfig "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/compatoci" vcTypes "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/sirupsen/logrus" diff --git a/src/runtime/virtcontainers/clh.go b/src/runtime/virtcontainers/clh.go index ce8f8fa577..6984b73be5 100644 --- a/src/runtime/virtcontainers/clh.go +++ b/src/runtime/virtcontainers/clh.go @@ -32,9 +32,9 @@ import ( "github.com/pkg/errors" log "github.com/sirupsen/logrus" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" hv "github.com/kata-containers/kata-containers/src/runtime/pkg/hypervisors" "github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" ) @@ -753,6 +753,11 @@ func (clh *cloudHypervisor) hotplugAddBlockDevice(drive *config.BlockDrive) erro clhDisk.Readonly = &drive.ReadOnly clhDisk.VhostUser = func(b bool) *bool { return &b }(false) + queues := int32(clh.config.NumVCPUs) + queueSize := int32(1024) + clhDisk.NumQueues = &queues + clhDisk.QueueSize = &queueSize + diskRateLimiterConfig := clh.getDiskRateLimiterConfig() if diskRateLimiterConfig != nil { clhDisk.SetRateLimiterConfig(*diskRateLimiterConfig) diff --git a/src/runtime/virtcontainers/clh_test.go b/src/runtime/virtcontainers/clh_test.go index 302d945f00..bb4a04925b 100644 --- a/src/runtime/virtcontainers/clh_test.go +++ b/src/runtime/virtcontainers/clh_test.go @@ -18,7 +18,7 @@ import ( "strings" "testing" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist" chclient "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/cloud-hypervisor/client" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" diff --git a/src/runtime/virtcontainers/container.go b/src/runtime/virtcontainers/container.go index d5239a386e..f812f0f4c2 100644 --- a/src/runtime/virtcontainers/container.go +++ b/src/runtime/virtcontainers/container.go @@ -16,10 +16,10 @@ import ( "syscall" "time" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/manager" volume "github.com/kata-containers/kata-containers/src/runtime/pkg/direct-volume" "github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/manager" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/agent/protocols/grpc" vcAnnotations "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/annotations" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" diff --git a/src/runtime/virtcontainers/container_test.go b/src/runtime/virtcontainers/container_test.go index f6fce13e62..7a165ce9fc 100644 --- a/src/runtime/virtcontainers/container_test.go +++ b/src/runtime/virtcontainers/container_test.go @@ -14,11 +14,11 @@ import ( "syscall" "testing" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/drivers" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/manager" ktu "github.com/kata-containers/kata-containers/src/runtime/pkg/katatestutils" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/drivers" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/manager" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/stretchr/testify/assert" diff --git a/src/runtime/virtcontainers/fc.go b/src/runtime/virtcontainers/fc.go index b792c90acb..25012d3f3d 100644 --- a/src/runtime/virtcontainers/fc.go +++ b/src/runtime/virtcontainers/fc.go @@ -24,9 +24,9 @@ import ( "syscall" "time" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" hv "github.com/kata-containers/kata-containers/src/runtime/pkg/hypervisors" "github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/fs" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/firecracker/client" models "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/firecracker/client/models" diff --git a/src/runtime/virtcontainers/fs_share_linux.go b/src/runtime/virtcontainers/fs_share_linux.go index a7007826fa..5d56b457b8 100644 --- a/src/runtime/virtcontainers/fs_share_linux.go +++ b/src/runtime/virtcontainers/fs_share_linux.go @@ -19,8 +19,8 @@ import ( "github.com/pkg/errors" "github.com/sirupsen/logrus" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/agent/protocols/grpc" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" ) diff --git a/src/runtime/virtcontainers/hypervisor.go b/src/runtime/virtcontainers/hypervisor.go index 9de4dc0d0a..119c4667c3 100644 --- a/src/runtime/virtcontainers/hypervisor.go +++ b/src/runtime/virtcontainers/hypervisor.go @@ -16,9 +16,9 @@ import ( "github.com/pkg/errors" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/pkg/govmm" hv "github.com/kata-containers/kata-containers/src/runtime/pkg/hypervisors" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/sirupsen/logrus" @@ -370,6 +370,9 @@ type HypervisorConfig struct { // VhostUserStorePathList is the list of valid values for vhost-user paths VhostUserStorePathList []string + // SeccompSandbox is the qemu function which enables the seccomp feature + SeccompSandbox string + // KernelParams are additional guest kernel parameters. KernelParams []Param diff --git a/src/runtime/virtcontainers/interfaces.go b/src/runtime/virtcontainers/interfaces.go index df72978e50..7664f0281f 100644 --- a/src/runtime/virtcontainers/interfaces.go +++ b/src/runtime/virtcontainers/interfaces.go @@ -10,8 +10,8 @@ import ( "io" "syscall" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" pbTypes "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/agent/protocols" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" specs "github.com/opencontainers/runtime-spec/specs-go" diff --git a/src/runtime/virtcontainers/kata_agent.go b/src/runtime/virtcontainers/kata_agent.go index 2f85a2828a..ba2fc811d2 100644 --- a/src/runtime/virtcontainers/kata_agent.go +++ b/src/runtime/virtcontainers/kata_agent.go @@ -19,12 +19,12 @@ import ( "time" "github.com/docker/go-units" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" volume "github.com/kata-containers/kata-containers/src/runtime/pkg/direct-volume" "github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace" resCtrl "github.com/kata-containers/kata-containers/src/runtime/pkg/resourcecontrol" "github.com/kata-containers/kata-containers/src/runtime/pkg/uuid" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" pbTypes "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/agent/protocols" kataclient "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/agent/protocols/client" diff --git a/src/runtime/virtcontainers/kata_agent_test.go b/src/runtime/virtcontainers/kata_agent_test.go index c24934b682..27a6837e9c 100644 --- a/src/runtime/virtcontainers/kata_agent_test.go +++ b/src/runtime/virtcontainers/kata_agent_test.go @@ -23,11 +23,11 @@ import ( "github.com/stretchr/testify/assert" "code.cloudfoundry.org/bytefmt" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/drivers" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/manager" volume "github.com/kata-containers/kata-containers/src/runtime/pkg/direct-volume" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/drivers" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/manager" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist" pbTypes "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/agent/protocols" pb "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/agent/protocols/grpc" diff --git a/src/runtime/virtcontainers/persist.go b/src/runtime/virtcontainers/persist.go index bc20af21fa..59c6dda15f 100644 --- a/src/runtime/virtcontainers/persist.go +++ b/src/runtime/virtcontainers/persist.go @@ -8,8 +8,9 @@ package virtcontainers import ( "errors" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + devconfig "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" hv "github.com/kata-containers/kata-containers/src/runtime/pkg/hypervisors" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" exp "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/experimental" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist" persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" @@ -65,7 +66,7 @@ func (s *Sandbox) dumpHypervisor(ss *persistapi.SandboxState) { ss.HypervisorState.BlockIndexMap = s.state.BlockIndexMap } -func deviceToDeviceState(devices []api.Device) (dss []persistapi.DeviceState) { +func deviceToDeviceState(devices []api.Device) (dss []devconfig.DeviceState) { for _, dev := range devices { dss = append(dss, dev.Save()) } @@ -247,6 +248,7 @@ func (s *Sandbox) dumpConfig(ss *persistapi.SandboxState) { BootFromTemplate: sconfig.HypervisorConfig.BootFromTemplate, DisableVhostNet: sconfig.HypervisorConfig.DisableVhostNet, EnableVhostUserStore: sconfig.HypervisorConfig.EnableVhostUserStore, + SeccompSandbox: sconfig.HypervisorConfig.SeccompSandbox, VhostUserStorePath: sconfig.HypervisorConfig.VhostUserStorePath, VhostUserStorePathList: sconfig.HypervisorConfig.VhostUserStorePathList, GuestHookPath: sconfig.HypervisorConfig.GuestHookPath, @@ -323,7 +325,7 @@ func (s *Sandbox) loadAgent(as persistapi.AgentState) { } } -func (s *Sandbox) loadDevices(devStates []persistapi.DeviceState) { +func (s *Sandbox) loadDevices(devStates []devconfig.DeviceState) { s.devManager.LoadDevices(devStates) } diff --git a/src/runtime/virtcontainers/persist/api/config.go b/src/runtime/virtcontainers/persist/api/config.go index 0af8a09227..1c16b7bd91 100644 --- a/src/runtime/virtcontainers/persist/api/config.go +++ b/src/runtime/virtcontainers/persist/api/config.go @@ -80,6 +80,9 @@ type HypervisorConfig struct { // related folders, sockets and device nodes should be. VhostUserStorePath string + // SeccompSandbox is the qemu function which enables the seccomp feature + SeccompSandbox string + // GuestHookPath is the path within the VM that will be used for 'drop-in' hooks GuestHookPath string diff --git a/src/runtime/virtcontainers/persist/api/device.go b/src/runtime/virtcontainers/persist/api/device.go deleted file mode 100644 index dd61efbfcf..0000000000 --- a/src/runtime/virtcontainers/persist/api/device.go +++ /dev/null @@ -1,124 +0,0 @@ -// Copyright (c) 2016 Intel Corporation -// Copyright (c) 2019 Huawei Corporation -// -// SPDX-License-Identifier: Apache-2.0 -// - -package persistapi - -import vcTypes "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" - -// ============= sandbox level resources ============= - -// BlockDrive represents a block storage drive which may be used in case the storage -// driver has an underlying block storage device. -type BlockDrive struct { - // File is the path to the disk-image/device which will be used with this drive - File string - - // Format of the drive - Format string - - // ID is used to identify this drive in the hypervisor options. - ID string - - // MmioAddr is used to identify the slot at which the drive is attached (order?). - MmioAddr string - - // SCSI Address of the block device, in case the device is attached using SCSI driver - // SCSI address is in the format SCSI-Id:LUN - SCSIAddr string - - // NvdimmID is the nvdimm id inside the VM - NvdimmID string - - // VirtPath at which the device appears inside the VM, outside of the container mount namespace - VirtPath string - - // DevNo - DevNo string - - // PCIPath is the PCI path used to identify the slot at which the drive is attached. - PCIPath vcTypes.PciPath - - // Index assigned to the drive. In case of virtio-scsi, this is used as SCSI LUN index - Index int - - // Pmem enabled persistent memory. Use File as backing file - // for a nvdimm device in the guest. - Pmem bool -} - -// VFIODev represents a VFIO drive used for hotplugging -type VFIODev struct { - // ID is used to identify this drive in the hypervisor options. - ID string - - // BDF (Bus:Device.Function) of the PCI address - BDF string - - // Sysfsdev of VFIO mediated device - SysfsDev string - - // Type of VFIO device - Type uint32 -} - -// VhostUserDeviceAttrs represents data shared by most vhost-user devices -type VhostUserDeviceAttrs struct { - DevID string - SocketPath string - Type string - - // MacAddress is only meaningful for vhost user net device - MacAddress string - - // PCIPath is the PCI path used to identify the slot at which the drive is attached. - // It is only meaningful for vhost user block devices - PCIPath vcTypes.PciPath - - // Block index of the device if assigned - Index int -} - -// DeviceState is sandbox level resource which represents host devices -// plugged to hypervisor, one Device can be shared among containers in POD -// Refs: virtcontainers/device/drivers/generic.go:GenericDevice -type DeviceState struct { - // DriverOptions is specific options for each device driver - // for example, for BlockDevice, we can set DriverOptions["block-driver"]="virtio-blk" - DriverOptions map[string]string - - // VhostUserDeviceAttrs is specific for vhost-user device driver - VhostUserDev *VhostUserDeviceAttrs `json:",omitempty"` - - // BlockDrive is specific for block device driver - BlockDrive *BlockDrive `json:",omitempty"` - - ID string - - // Type is used to specify driver type - // Refs: virtcontainers/device/config/config.go:DeviceType - Type string - - // Type of device: c, b, u or p - // c , u - character(unbuffered) - // p - FIFO - // b - block(buffered) special file - // More info in mknod(1). - DevType string - - // VFIODev is specific VFIO device driver - VFIODevs []*VFIODev `json:",omitempty"` - - RefCount uint - AttachCount uint - - // Major, minor numbers for device. - Major int64 - Minor int64 - - // ColdPlug specifies whether the device must be cold plugged (true) - // or hot plugged (false). - ColdPlug bool -} diff --git a/src/runtime/virtcontainers/persist/api/sandbox.go b/src/runtime/virtcontainers/persist/api/sandbox.go index 09196637ca..665edd2804 100644 --- a/src/runtime/virtcontainers/persist/api/sandbox.go +++ b/src/runtime/virtcontainers/persist/api/sandbox.go @@ -7,6 +7,7 @@ package persistapi import ( + dev "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" hv "github.com/kata-containers/kata-containers/src/runtime/pkg/hypervisors" ) @@ -26,7 +27,7 @@ type SandboxState struct { CgroupPaths map[string]string // Devices plugged to sandbox(hypervisor) - Devices []DeviceState + Devices []dev.DeviceState // State is sandbox running status State string diff --git a/src/runtime/virtcontainers/persist_test.go b/src/runtime/virtcontainers/persist_test.go index b6c096a5d9..96b947e5b9 100644 --- a/src/runtime/virtcontainers/persist_test.go +++ b/src/runtime/virtcontainers/persist_test.go @@ -10,8 +10,8 @@ import ( "os" "testing" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/manager" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/manager" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/stretchr/testify/assert" diff --git a/src/runtime/virtcontainers/physical_endpoint.go b/src/runtime/virtcontainers/physical_endpoint.go index 71f67da8fd..ea64ba926b 100644 --- a/src/runtime/virtcontainers/physical_endpoint.go +++ b/src/runtime/virtcontainers/physical_endpoint.go @@ -15,9 +15,9 @@ import ( "path/filepath" "strings" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/drivers" resCtrl "github.com/kata-containers/kata-containers/src/runtime/pkg/resourcecontrol" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/drivers" persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" vcTypes "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/safchain/ethtool" diff --git a/src/runtime/virtcontainers/pkg/vcmock/sandbox.go b/src/runtime/virtcontainers/pkg/vcmock/sandbox.go index 064a60af71..77f56846a2 100644 --- a/src/runtime/virtcontainers/pkg/vcmock/sandbox.go +++ b/src/runtime/virtcontainers/pkg/vcmock/sandbox.go @@ -11,9 +11,9 @@ import ( "io" "syscall" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" pbTypes "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/agent/protocols" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" specs "github.com/opencontainers/runtime-spec/specs-go" diff --git a/src/runtime/virtcontainers/pkg/vcmock/types.go b/src/runtime/virtcontainers/pkg/vcmock/types.go index 1125090a1b..05a0a98592 100644 --- a/src/runtime/virtcontainers/pkg/vcmock/types.go +++ b/src/runtime/virtcontainers/pkg/vcmock/types.go @@ -10,9 +10,9 @@ import ( "io" "syscall" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" vc "github.com/kata-containers/kata-containers/src/runtime/virtcontainers" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" pbTypes "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/pkg/agent/protocols" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" specs "github.com/opencontainers/runtime-spec/specs-go" diff --git a/src/runtime/virtcontainers/qemu.go b/src/runtime/virtcontainers/qemu.go index 656548e88c..c8e48953f6 100644 --- a/src/runtime/virtcontainers/qemu.go +++ b/src/runtime/virtcontainers/qemu.go @@ -33,12 +33,12 @@ import ( "github.com/sirupsen/logrus" "golang.org/x/sys/unix" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/drivers" hv "github.com/kata-containers/kata-containers/src/runtime/pkg/hypervisors" "github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace" pkgUtils "github.com/kata-containers/kata-containers/src/runtime/pkg/utils" "github.com/kata-containers/kata-containers/src/runtime/pkg/uuid" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/drivers" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" ) @@ -629,30 +629,32 @@ func (q *qemu) CreateVM(ctx context.Context, id string, network Network, hypervi // some devices configuration may also change kernel params, make sure this is called afterwards Params: q.kernelParameters(), } + q.checkBpfEnabled() qemuConfig := govmmQemu.Config{ - Name: fmt.Sprintf("sandbox-%s", q.id), - UUID: q.state.UUID, - Path: qemuPath, - Ctx: q.qmpMonitorCh.ctx, - Uid: q.config.Uid, - Gid: q.config.Gid, - Groups: q.config.Groups, - Machine: machine, - SMP: smp, - Memory: memory, - Devices: devices, - CPUModel: cpuModel, - Kernel: kernel, - RTC: rtc, - QMPSockets: qmpSockets, - Knobs: knobs, - Incoming: incoming, - VGA: "none", - GlobalParam: "kvm-pit.lost_tick_policy=discard", - Bios: firmwarePath, - PFlash: pflash, - PidFile: filepath.Join(q.config.VMStorePath, q.id, "pid"), + Name: fmt.Sprintf("sandbox-%s", q.id), + UUID: q.state.UUID, + Path: qemuPath, + Ctx: q.qmpMonitorCh.ctx, + Uid: q.config.Uid, + Gid: q.config.Gid, + Groups: q.config.Groups, + Machine: machine, + SMP: smp, + Memory: memory, + Devices: devices, + CPUModel: cpuModel, + SeccompSandbox: q.config.SeccompSandbox, + Kernel: kernel, + RTC: rtc, + QMPSockets: qmpSockets, + Knobs: knobs, + Incoming: incoming, + VGA: "none", + GlobalParam: "kvm-pit.lost_tick_policy=discard", + Bios: firmwarePath, + PFlash: pflash, + PidFile: filepath.Join(q.config.VMStorePath, q.id, "pid"), } qemuConfig.Devices, qemuConfig.Bios, err = q.arch.appendProtectionDevice(qemuConfig.Devices, firmwarePath, firmwareVolumePath) @@ -679,8 +681,10 @@ func (q *qemu) CreateVM(ctx context.Context, id string, network Network, hypervi // Add PCIe Root Port devices to hypervisor // The pcie.0 bus do not support hot-plug, but PCIe device can be hot-plugged into PCIe Root Port. // For more details, please see https://github.com/qemu/qemu/blob/master/docs/pcie.txt + memSize32bit, memSize64bit := q.arch.getBARsMaxAddressableMemory() + if hypervisorConfig.PCIeRootPort > 0 { - qemuConfig.Devices = q.arch.appendPCIeRootPortDevice(qemuConfig.Devices, hypervisorConfig.PCIeRootPort) + qemuConfig.Devices = q.arch.appendPCIeRootPortDevice(qemuConfig.Devices, hypervisorConfig.PCIeRootPort, memSize32bit, memSize64bit) } q.qemuConfig = qemuConfig @@ -689,6 +693,25 @@ func (q *qemu) CreateVM(ctx context.Context, id string, network Network, hypervi return err } +func (q *qemu) checkBpfEnabled() { + if q.config.SeccompSandbox != "" { + out, err := os.ReadFile("/proc/sys/net/core/bpf_jit_enable") + if err != nil { + q.Logger().WithError(err).Warningf("failed to get bpf_jit_enable status") + return + } + enabled, err := strconv.Atoi(string(out)) + if err != nil { + q.Logger().WithError(err).Warningf("failed to convert bpf_jit_enable status to integer") + return + } + if enabled == 0 { + q.Logger().Warningf("bpf_jit_enable is disabled. " + + "It's recommended to turn on bpf_jit_enable to reduce the performance impact of QEMU seccomp sandbox.") + } + } +} + func (q *qemu) vhostFSSocketPath(id string) (string, error) { return utils.BuildSocketPath(q.config.VMStorePath, id, vhostFSSocket) } @@ -1341,7 +1364,9 @@ func (q *qemu) hotplugAddBlockDevice(ctx context.Context, drive *config.BlockDri return err } - if err = q.qmpMonitorCh.qmp.ExecutePCIDeviceAdd(q.qmpMonitorCh.ctx, drive.ID, devID, driver, addr, bridge.ID, romFile, 0, true, defaultDisableModern); err != nil { + queues := int(q.config.NumVCPUs) + + if err = q.qmpMonitorCh.qmp.ExecutePCIDeviceAdd(q.qmpMonitorCh.ctx, drive.ID, devID, driver, addr, bridge.ID, romFile, queues, true, defaultDisableModern); err != nil { return err } case q.config.BlockDeviceDriver == config.VirtioBlockCCW: @@ -2352,7 +2377,7 @@ func genericMemoryTopology(memoryMb, hostMemoryMb uint64, slots uint8, memoryOff } // genericAppendPCIeRootPort appends to devices the given pcie-root-port -func genericAppendPCIeRootPort(devices []govmmQemu.Device, number uint32, machineType string) []govmmQemu.Device { +func genericAppendPCIeRootPort(devices []govmmQemu.Device, number uint32, machineType string, memSize32bit uint64, memSize64bit uint64) []govmmQemu.Device { var ( bus string chassis string @@ -2378,6 +2403,8 @@ func genericAppendPCIeRootPort(devices []govmmQemu.Device, number uint32, machin Slot: strconv.FormatUint(uint64(i), 10), Multifunction: multiFunction, Addr: addr, + MemReserve: fmt.Sprintf("%dB", memSize32bit), + Pref64Reserve: fmt.Sprintf("%dB", memSize64bit), }, ) } diff --git a/src/runtime/virtcontainers/qemu_arch_base.go b/src/runtime/virtcontainers/qemu_arch_base.go index a2873a2160..1d7d76bfae 100644 --- a/src/runtime/virtcontainers/qemu_arch_base.go +++ b/src/runtime/virtcontainers/qemu_arch_base.go @@ -18,8 +18,9 @@ import ( "strings" govmmQemu "github.com/kata-containers/kata-containers/src/runtime/pkg/govmm/qemu" + "gitlab.com/nvidia/cloud-native/go-nvlib/pkg/nvpci" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" ) @@ -138,7 +139,7 @@ type qemuArch interface { setIgnoreSharedMemoryMigrationCaps(context.Context, *govmmQemu.QMP) error // appendPCIeRootPortDevice appends a pcie-root-port device to pcie.0 bus - appendPCIeRootPortDevice(devices []govmmQemu.Device, number uint32) []govmmQemu.Device + appendPCIeRootPortDevice(devices []govmmQemu.Device, number uint32, memSize32bit uint64, memSize64bit uint64) []govmmQemu.Device // append vIOMMU device appendIOMMU(devices []govmmQemu.Device) ([]govmmQemu.Device, error) @@ -151,6 +152,10 @@ type qemuArch interface { // a firmware, returns a string containing the path to the firmware that should // be used with the -bios option, ommit -bios option if the path is empty. appendProtectionDevice(devices []govmmQemu.Device, firmware, firmwareVolume string) ([]govmmQemu.Device, string, error) + + // scans the PCIe space and returns the biggest BAR sizes for 32-bit + // and 64-bit addressable memory + getBARsMaxAddressableMemory() (uint64, uint64) } type qemuArchBase struct { @@ -787,8 +792,39 @@ func (q *qemuArchBase) addBridge(b types.Bridge) { } // appendPCIeRootPortDevice appends to devices the given pcie-root-port -func (q *qemuArchBase) appendPCIeRootPortDevice(devices []govmmQemu.Device, number uint32) []govmmQemu.Device { - return genericAppendPCIeRootPort(devices, number, q.qemuMachine.Type) +func (q *qemuArchBase) appendPCIeRootPortDevice(devices []govmmQemu.Device, number uint32, memSize32bit uint64, memSize64bit uint64) []govmmQemu.Device { + return genericAppendPCIeRootPort(devices, number, q.qemuMachine.Type, memSize32bit, memSize64bit) +} + +func (q *qemuArchBase) getBARsMaxAddressableMemory() (uint64, uint64) { + + pci := nvpci.New() + devs, _ := pci.GetAllDevices() + + // Since we do not know which devices are going to be hotplugged, + // we're going to use the GPU with the biggest BARs to initialize the + // root port, this should work for all other devices as well. + // defaults are 2MB for both, if no suitable devices found + max32bit := uint64(2 * 1024 * 1024) + max64bit := uint64(2 * 1024 * 1024) + + for _, dev := range devs { + if !dev.IsGPU() { + continue + } + memSize32bit, memSize64bit := dev.Resources.GetTotalAddressableMemory(true) + if max32bit < memSize32bit { + max32bit = memSize32bit + } + if max64bit < memSize64bit { + max64bit = memSize64bit + } + } + // The actual 32bit is most of the time a power of 2 but we need some + // buffer so double that to leave space for other IO functions. + // The 64bit size is not a power of 2 and hence is already rounded up + // to the higher value. + return max32bit * 2, max64bit } // appendIOMMU appends a virtual IOMMU device diff --git a/src/runtime/virtcontainers/qemu_arch_base_test.go b/src/runtime/virtcontainers/qemu_arch_base_test.go index 57c97f773b..41d3bbd430 100644 --- a/src/runtime/virtcontainers/qemu_arch_base_test.go +++ b/src/runtime/virtcontainers/qemu_arch_base_test.go @@ -19,7 +19,7 @@ import ( govmmQemu "github.com/kata-containers/kata-containers/src/runtime/pkg/govmm/qemu" "github.com/stretchr/testify/assert" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/fs" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/pkg/errors" diff --git a/src/runtime/virtcontainers/qemu_s390x.go b/src/runtime/virtcontainers/qemu_s390x.go index f0946698f7..46a1af4ad5 100644 --- a/src/runtime/virtcontainers/qemu_s390x.go +++ b/src/runtime/virtcontainers/qemu_s390x.go @@ -13,8 +13,8 @@ import ( "fmt" "time" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" govmmQemu "github.com/kata-containers/kata-containers/src/runtime/pkg/govmm/qemu" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" "github.com/sirupsen/logrus" diff --git a/src/runtime/virtcontainers/qemu_s390x_test.go b/src/runtime/virtcontainers/qemu_s390x_test.go index 3d0c393a69..ada3cefc6e 100644 --- a/src/runtime/virtcontainers/qemu_s390x_test.go +++ b/src/runtime/virtcontainers/qemu_s390x_test.go @@ -16,7 +16,7 @@ import ( govmmQemu "github.com/kata-containers/kata-containers/src/runtime/pkg/govmm/qemu" "github.com/stretchr/testify/assert" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" ) func newTestQemu(assert *assert.Assertions, machineType string) qemuArch { diff --git a/src/runtime/virtcontainers/qemu_test.go b/src/runtime/virtcontainers/qemu_test.go index 0c27240be6..b50d73a917 100644 --- a/src/runtime/virtcontainers/qemu_test.go +++ b/src/runtime/virtcontainers/qemu_test.go @@ -15,9 +15,9 @@ import ( "path/filepath" "testing" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" "github.com/kata-containers/kata-containers/src/runtime/pkg/govmm" govmmQemu "github.com/kata-containers/kata-containers/src/runtime/pkg/govmm/qemu" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" diff --git a/src/runtime/virtcontainers/sandbox.go b/src/runtime/virtcontainers/sandbox.go index 71851c2cfb..a995f1f77b 100644 --- a/src/runtime/virtcontainers/sandbox.go +++ b/src/runtime/virtcontainers/sandbox.go @@ -25,12 +25,12 @@ import ( "github.com/sirupsen/logrus" "github.com/vishvananda/netlink" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/api" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/drivers" + deviceManager "github.com/kata-containers/kata-containers/src/runtime/pkg/device/manager" "github.com/kata-containers/kata-containers/src/runtime/pkg/katautils/katatrace" resCtrl "github.com/kata-containers/kata-containers/src/runtime/pkg/resourcecontrol" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/api" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/drivers" - deviceManager "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/manager" exp "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/experimental" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist" persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" diff --git a/src/runtime/virtcontainers/sandbox_test.go b/src/runtime/virtcontainers/sandbox_test.go index 31bec93818..331094ee39 100644 --- a/src/runtime/virtcontainers/sandbox_test.go +++ b/src/runtime/virtcontainers/sandbox_test.go @@ -16,10 +16,10 @@ import ( "syscall" "testing" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/drivers" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/manager" ktu "github.com/kata-containers/kata-containers/src/runtime/pkg/katatestutils" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/drivers" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/manager" exp "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/experimental" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/fs" diff --git a/src/runtime/virtcontainers/vhostuser_endpoint.go b/src/runtime/virtcontainers/vhostuser_endpoint.go index ecdfa8a5ef..c27f1159d7 100644 --- a/src/runtime/virtcontainers/vhostuser_endpoint.go +++ b/src/runtime/virtcontainers/vhostuser_endpoint.go @@ -14,7 +14,7 @@ import ( "fmt" "os" - "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/device/config" + "github.com/kata-containers/kata-containers/src/runtime/pkg/device/config" persistapi "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/persist/api" vcTypes "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/types" "github.com/kata-containers/kata-containers/src/runtime/virtcontainers/utils" diff --git a/tools/osbuilder/rootfs-builder/rootfs.sh b/tools/osbuilder/rootfs-builder/rootfs.sh index b6441ac1bf..8403a2dc56 100755 --- a/tools/osbuilder/rootfs-builder/rootfs.sh +++ b/tools/osbuilder/rootfs-builder/rootfs.sh @@ -540,8 +540,13 @@ EOF if [ -f "$chrony_systemd_service" ]; then # Remove user option, user could not exist in the rootfs + # Set the /var/lib/chrony for ReadWritePaths to be ignored if + # its nonexistent, this broke the service on boot previously + # due to the directory not being present "(code=exited, status=226/NAMESPACE)" sed -i -e 's/^\(ExecStart=.*\)-u [[:alnum:]]*/\1/g' \ - -e '/^\[Unit\]/a ConditionPathExists=\/dev\/ptp0' ${chrony_systemd_service} + -e '/^\[Unit\]/a ConditionPathExists=\/dev\/ptp0' \ + -e 's/^ReadWritePaths=\(.\+\) \/var\/lib\/chrony \(.\+\)$/ReadWritePaths=\1 -\/var\/lib\/chrony \2/m' \ + ${chrony_systemd_service} fi AGENT_DIR="${ROOTFS_DIR}/usr/bin" diff --git a/tools/packaging/kernel/README.md b/tools/packaging/kernel/README.md index 4f89121e03..cb4840260e 100644 --- a/tools/packaging/kernel/README.md +++ b/tools/packaging/kernel/README.md @@ -47,7 +47,7 @@ Options: -g : GPU vendor, intel or nvidia. -h : Display this help. -k : Path to kernel to build. - -p : Path to a directory with patches to apply to kernel. + -p : Path to a directory with patches to apply to kernel, only patches in top-level directory are applied. -t : Hypervisor_target. -v : Kernel version to use if kernel path not provided. ``` @@ -76,7 +76,7 @@ $ ./build-kernel.sh setup The script `./build-kernel.sh` tries to apply the patches from `${GOPATH}/src/github.com/kata-containers/kata-containers/tools/packaging/kernel/patches/` when it sets up a kernel. If you want to add a source modification, add a patch on this -directory. +directory. Patches present in the top-level directory are applied, with subdirectories being ignored. The script also adds a kernel config file from `${GOPATH}/src/github.com/kata-containers/kata-containers/tools/packaging/kernel/configs/` to `.config` diff --git a/tools/packaging/kernel/configs/fragments/x86_64/tdx/tdx.conf b/tools/packaging/kernel/configs/fragments/x86_64/tdx/tdx.conf index 214c469b58..a363ec6b6e 100644 --- a/tools/packaging/kernel/configs/fragments/x86_64/tdx/tdx.conf +++ b/tools/packaging/kernel/configs/fragments/x86_64/tdx/tdx.conf @@ -1,5 +1,6 @@ # Intel Trust Domain Extensions (Intel TDX) +CONFIG_EFI=y CONFIG_EFI_STUB=y CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS=y CONFIG_INTEL_TDX_GUEST=y diff --git a/tools/packaging/kernel/kata_config_version b/tools/packaging/kernel/kata_config_version index cd5b025272..c67f579c9a 100644 --- a/tools/packaging/kernel/kata_config_version +++ b/tools/packaging/kernel/kata_config_version @@ -1 +1 @@ -92 +93 diff --git a/tools/packaging/release/publish-kata-image.sh b/tools/packaging/release/publish-kata-image.sh deleted file mode 100755 index 1240e4f5dd..0000000000 --- a/tools/packaging/release/publish-kata-image.sh +++ /dev/null @@ -1,76 +0,0 @@ -#!/usr/bin/env bash -#Copyright (c) 2018 Intel Corporation -# -#SPDX-License-Identifier: Apache-2.0 -# - -[ -z "${DEBUG}" ] || set -x - -set -o errexit -set -o nounset -set -o pipefail - -workdir="${PWD}" - -readonly script_name="$(basename "${BASH_SOURCE[0]}")" -readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -readonly project="kata-containers" -GOPATH=${GOPATH:-${HOME}/go} - -source "${script_dir}/../scripts/lib.sh" -source "${script_dir}/../obs-packaging/scripts/pkglib.sh" - -die() { - msg="$*" - echo "ERROR: ${FUNCNAME[1]} ${msg}" >&2 - exit 1 -} - -usage() { - return_code=${1:-0} - cat < - -version: Kata version to create the image. - -Create image for a kata version. - -options: - --h : show this help --p : push image to github -EOF - - exit "${return_code}" -} - -main() { - push="false" - while getopts "d:hp" opt; do - case $opt in - h) usage 0 ;; - p) push="true" ;; - esac - done - - shift $((OPTIND - 1)) - kata_version=${1:-} - [ -n "${kata_version}" ] || usage "1" - - ref="refs/tags/${kata_version}^{}" - agent_sha=$(get_kata_hash "agent" "${ref}") - agent_sha=${agent_sha:0:${short_commit_length}} - image_tarball=$(find -name 'kata-containers-*.tar.gz' | grep "${kata_version}" | grep "${agent_sha}") || - "${script_dir}/../obs-packaging/kata-containers-image/build_image.sh" -v "${kata_version}" - image_tarball=$(find -name 'kata-containers-*.tar.gz' | grep "${kata_version}" | grep "${agent_sha}" ) || die "file not found ${image_tarball}" - - if [ ${push} == "true" ]; then - hub -C "${GOPATH}/src/github.com/${project}/agent" release edit -a "${image_tarball}" "${kata_version}" - else - echo "Wont push image to github use -p option to do it." - fi -} - -main $@ diff --git a/tools/packaging/scripts/apply_patches.sh b/tools/packaging/scripts/apply_patches.sh index e5092779f5..c5b8c748d7 100755 --- a/tools/packaging/scripts/apply_patches.sh +++ b/tools/packaging/scripts/apply_patches.sh @@ -36,7 +36,7 @@ fi echo "INFO: Apply patches from $patches_dir" if [ -d "$patches_dir" ]; then - patches=($(find "$patches_dir" -name '*.patch'|sort -t- -k1,1n)) + patches=($(find "$patches_dir" -maxdepth 1 -name '*.patch'|sort -t- -k1,1n)) echo "INFO: Found ${#patches[@]} patches" for patch in ${patches[@]}; do echo "INFO: Apply $patch" diff --git a/versions.yaml b/versions.yaml index b07a1bbfdc..d2cba59bf9 100644 --- a/versions.yaml +++ b/versions.yaml @@ -153,7 +153,7 @@ assets: kernel: description: "Linux kernel optimised for virtual machines" url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/" - version: "v5.15.26" + version: "v5.15.48" tdx: description: "Linux kernel that supports TDX" url: "https://github.com/intel/tdx/archive/refs/tags"