From 89e62d4edf8bd3ba1fa27c4c3a98a1ab941eda6f Mon Sep 17 00:00:00 2001 From: Champ-Goblem Date: Tue, 4 Oct 2022 09:16:30 +0100 Subject: [PATCH 01/24] shim: Ensure pagesize is set when reporting hugetbl stats The containerd stats method and metrics API are broken with Kata 2.5.x, the stats fail to load and the metrics API responds with status code 500 This seems to be down to the conversion from the stats reported by the agent RPC `StatsContainer` where the field `Pagesize` is not completed by the `setHugetlbStats` method. In the case where multiple sized tables stats are reported, this causes containerd to register two metrics with the same label set, rather than each being partitioned by the `page` label. Fixes: #5316 Signed-off-by: Champ-Goblem --- src/runtime/pkg/containerd-shim-v2/metrics.go | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/src/runtime/pkg/containerd-shim-v2/metrics.go b/src/runtime/pkg/containerd-shim-v2/metrics.go index 86476ad3ac..6fc10cae95 100644 --- a/src/runtime/pkg/containerd-shim-v2/metrics.go +++ b/src/runtime/pkg/containerd-shim-v2/metrics.go @@ -51,13 +51,14 @@ func statsToMetrics(stats *vc.ContainerStats) *cgroupsv1.Metrics { func setHugetlbStats(vcHugetlb map[string]vc.HugetlbStats) []*cgroupsv1.HugetlbStat { var hugetlbStats []*cgroupsv1.HugetlbStat - for _, v := range vcHugetlb { + for k, v := range vcHugetlb { hugetlbStats = append( hugetlbStats, &cgroupsv1.HugetlbStat{ - Usage: v.Usage, - Max: v.MaxUsage, - Failcnt: v.Failcnt, + Usage: v.Usage, + Max: v.MaxUsage, + Failcnt: v.Failcnt, + Pagesize: k, }) } From 9c1ac3d457f09d3f22c046d71afe1f1d17b4a5b3 Mon Sep 17 00:00:00 2001 From: Ji-Xinyou Date: Wed, 21 Sep 2022 17:36:56 +0800 Subject: [PATCH 02/24] runtime-rs: return port on agent-url req Add the server vport (1024) when requesting agent-url Fixes: #5213 Signed-off-by: Ji-Xinyou --- src/runtime-rs/crates/agent/src/kata/mod.rs | 6 +++++- .../crates/runtimes/virt_container/src/sandbox.rs | 9 ++++++--- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/src/runtime-rs/crates/agent/src/kata/mod.rs b/src/runtime-rs/crates/agent/src/kata/mod.rs index 920b55340c..d87965f612 100644 --- a/src/runtime-rs/crates/agent/src/kata/mod.rs +++ b/src/runtime-rs/crates/agent/src/kata/mod.rs @@ -130,7 +130,11 @@ impl KataAgent { pub(crate) async fn agent_sock(&self) -> Result { let inner = self.inner.read().await; - Ok(inner.socket_address.clone()) + Ok(format!( + "{}:{}", + inner.socket_address.clone(), + inner.config.server_port + )) } pub(crate) async fn agent_config(&self) -> AgentConfig { diff --git a/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs b/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs index ebe0a4e204..968c164418 100644 --- a/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs +++ b/src/runtime-rs/crates/runtimes/virt_container/src/sandbox.rs @@ -15,7 +15,10 @@ use common::{ }; use containerd_shim_protos::events::task::TaskOOM; use hypervisor::{dragonball::Dragonball, Hypervisor, HYPERVISOR_DRAGONBALL}; -use kata_types::config::TomlConfig; +use kata_types::config::{ + default::{DEFAULT_AGENT_LOG_PORT, DEFAULT_AGENT_VSOCK_PORT}, + TomlConfig, +}; use resource::{ manager::ManagerArgs, network::{NetworkConfig, NetworkWithNetNsConfig}, @@ -299,8 +302,8 @@ impl Persist for VirtSandbox { let agent = Arc::new(KataAgent::new(kata_types::config::Agent { debug: true, enable_tracing: false, - server_port: 1024, - log_port: 1025, + server_port: DEFAULT_AGENT_VSOCK_PORT, + log_port: DEFAULT_AGENT_LOG_PORT, dial_timeout_ms: 10, reconnect_timeout_ms: 3_000, request_timeout_ms: 30_000, From 39363ffbfb0d37cf5c415d39801e6f78bc861707 Mon Sep 17 00:00:00 2001 From: Rouzip <1226015390@qq.com> Date: Fri, 14 Oct 2022 23:46:05 +0800 Subject: [PATCH 03/24] runtime: remove same function Add EnterNetNS in virtcontainers to remove same function. FIXes #5394 Signed-off-by: Rouzip <1226015390@qq.com> --- src/runtime/pkg/katautils/network_linux.go | 26 +-------------------- src/runtime/virtcontainers/network_linux.go | 9 +++++++ 2 files changed, 10 insertions(+), 25 deletions(-) diff --git a/src/runtime/pkg/katautils/network_linux.go b/src/runtime/pkg/katautils/network_linux.go index fd37c66056..f2691330cf 100644 --- a/src/runtime/pkg/katautils/network_linux.go +++ b/src/runtime/pkg/katautils/network_linux.go @@ -11,7 +11,6 @@ import ( "fmt" "os" "path/filepath" - goruntime "runtime" "strings" "github.com/containernetworking/plugins/pkg/ns" @@ -27,30 +26,7 @@ const procMountInfoFile = "/proc/self/mountinfo" // into runtime.LockOSThread(), meaning it won't be executed in a // different thread than the one expected by the caller. func EnterNetNS(networkID string, cb func() error) error { - if networkID == "" { - return cb() - } - - goruntime.LockOSThread() - defer goruntime.UnlockOSThread() - - currentNS, err := ns.GetCurrentNS() - if err != nil { - return err - } - defer currentNS.Close() - - targetNS, err := ns.GetNS(networkID) - if err != nil { - return err - } - - if err := targetNS.Set(); err != nil { - return err - } - defer currentNS.Set() - - return cb() + return vc.EnterNetNS(networkID, cb) } // SetupNetworkNamespace create a network namespace diff --git a/src/runtime/virtcontainers/network_linux.go b/src/runtime/virtcontainers/network_linux.go index cd2157ece3..667cdaf044 100644 --- a/src/runtime/virtcontainers/network_linux.go +++ b/src/runtime/virtcontainers/network_linux.go @@ -1045,6 +1045,15 @@ func doNetNS(netNSPath string, cb func(ns.NetNS) error) error { return cb(targetNS) } +// EnterNetNS is free from any call to a go routine, and it calls +// into runtime.LockOSThread(), meaning it won't be executed in a +// different thread than the one expected by the caller. +func EnterNetNS(networkID string, cb func() error) error { + return doNetNS(networkID, func(nn ns.NetNS) error { + return cb() + }) +} + func deleteNetNS(netNSPath string) error { n, err := ns.GetNS(netNSPath) if err != nil { From 9f2c7e47c9dacc8822d236972c6b1c5e28f6ec84 Mon Sep 17 00:00:00 2001 From: Hendrik Brueckner Date: Tue, 18 Oct 2022 11:12:18 +0000 Subject: [PATCH 04/24] Revert "kata-ctl: Disable network check on s390x" This reverts commit 00981b3c0a705e26691e519e4062689a1d6a258a. Signed-off-by: Hendrik Brueckner --- src/tools/kata-ctl/Cargo.toml | 5 +-- src/tools/kata-ctl/src/check.rs | 46 ------------------------- src/tools/kata-ctl/src/ops/check_ops.rs | 9 ----- 3 files changed, 1 insertion(+), 59 deletions(-) diff --git a/src/tools/kata-ctl/Cargo.toml b/src/tools/kata-ctl/Cargo.toml index b92491ecd9..094613c343 100644 --- a/src/tools/kata-ctl/Cargo.toml +++ b/src/tools/kata-ctl/Cargo.toml @@ -12,12 +12,9 @@ edition = "2018" [dependencies] anyhow = "1.0.31" clap = { version = "3.2.20", features = ["derive", "cargo"] } +reqwest = { version = "0.11", default-features = false, features = ["json", "blocking", "rustls-tls"] } serde_json = "1.0.85" thiserror = "1.0.35" -# See: https://github.com/kata-containers/kata-containers/issues/5438 -[target.'cfg(not(target_arch = "s390x"))'.dependencies] -reqwest = { version = "0.11", default-features = false, features = ["json", "blocking", "rustls-tls"] } - [dev-dependencies] semver = "1.0.12" diff --git a/src/tools/kata-ctl/src/check.rs b/src/tools/kata-ctl/src/check.rs index 2dbadeb545..28febb307c 100644 --- a/src/tools/kata-ctl/src/check.rs +++ b/src/tools/kata-ctl/src/check.rs @@ -6,19 +6,8 @@ // Contains checks that are not architecture-specific use anyhow::{anyhow, Result}; -// See: https://github.com/kata-containers/kata-containers/issues/5438 -#[cfg(any( - target_arch = "aarch64", - target_arch = "powerpc64le", - target_arch = "x86_64" -))] use reqwest::header::{CONTENT_TYPE, USER_AGENT}; use serde_json::Value; -#[cfg(any( - target_arch = "aarch64", - target_arch = "powerpc64le", - target_arch = "x86_64" -))] use std::collections::HashMap; use std::fs; @@ -110,11 +99,6 @@ pub fn run_network_checks() -> Result<()> { Ok(()) } -#[cfg(any( - target_arch = "aarch64", - target_arch = "powerpc64le", - target_arch = "x86_64" -))] fn get_kata_version_by_url(url: &str) -> std::result::Result { let content = reqwest::blocking::Client::new() .get(url) @@ -127,11 +111,6 @@ fn get_kata_version_by_url(url: &str) -> std::result::Result anyhow::Error { if e.is_connect() { return anyhow!(e).context("http connection failure: connection refused"); @@ -152,11 +131,6 @@ fn handle_reqwest_error(e: reqwest::Error) -> anyhow::Error { anyhow!(e).context("unknown http connection failure: {:?}") } -#[cfg(any( - target_arch = "aarch64", - target_arch = "powerpc64le", - target_arch = "x86_64" -))] pub fn check_version() -> Result<()> { let version = get_kata_version_by_url(KATA_GITHUB_URL).map_err(handle_reqwest_error)?; @@ -190,11 +164,6 @@ mod tests { assert_eq!(expected, actual); } - #[cfg(any( - target_arch = "aarch64", - target_arch = "powerpc64le", - target_arch = "x86_64" - ))] #[test] fn check_version_by_empty_url() { const TEST_URL: &str = "http:"; @@ -203,11 +172,6 @@ mod tests { assert_eq!(expected, actual); } - #[cfg(any( - target_arch = "aarch64", - target_arch = "powerpc64le", - target_arch = "x86_64" - ))] #[test] fn check_version_by_garbage_url() { const TEST_URL: &str = "_localhost_"; @@ -216,11 +180,6 @@ mod tests { assert_eq!(expected, actual); } - #[cfg(any( - target_arch = "aarch64", - target_arch = "powerpc64le", - target_arch = "x86_64" - ))] #[test] fn check_version_by_invalid_url() { const TEST_URL: &str = "http://localhost :80"; @@ -229,11 +188,6 @@ mod tests { assert_eq!(expected, actual); } - #[cfg(any( - target_arch = "aarch64", - target_arch = "powerpc64le", - target_arch = "x86_64" - ))] #[test] fn check_latest_version() { let version = get_kata_version_by_url(KATA_GITHUB_URL).unwrap(); diff --git a/src/tools/kata-ctl/src/ops/check_ops.rs b/src/tools/kata-ctl/src/ops/check_ops.rs index 80556894c8..b97cb6b05d 100644 --- a/src/tools/kata-ctl/src/ops/check_ops.rs +++ b/src/tools/kata-ctl/src/ops/check_ops.rs @@ -32,16 +32,7 @@ pub fn handle_check(checkcmd: CheckArgument) -> Result<()> { CheckSubCommand::CheckVersionOnly => { // retrieve latest release - #[cfg(any( - target_arch = "aarch64", - target_arch = "powerpc64le", - target_arch = "x86_64" - ))] check::check_version()?; - - // See: https://github.com/kata-containers/kata-containers/issues/5438 - #[cfg(target_arch = "s390x")] - unimplemented!("Network check not implemented on s390x") } } From f74e328fffc4737b8a278a588db79942f84df20a Mon Sep 17 00:00:00 2001 From: Chao Wu Date: Wed, 19 Oct 2022 14:12:48 +0800 Subject: [PATCH 05/24] Makefile: fix an typo in runtime-rs makefile There is a typo in runtime-rs makefile. _dragonball should be _DB fixes: #5452 Signed-off-by: Chao Wu --- src/runtime-rs/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/runtime-rs/Makefile b/src/runtime-rs/Makefile index 482517b3d7..0a5666e0d2 100644 --- a/src/runtime-rs/Makefile +++ b/src/runtime-rs/Makefile @@ -177,7 +177,7 @@ ifneq (,$(DBCMD)) SYSCONFIG_DB = $(abspath $(SYSCONFDIR)/$(CONFIG_FILE_DB)) SYSCONFIG_PATHS += $(SYSCONFIG_DB) CONFIGS += $(CONFIG_DB) - # dragonball-specific options (all should be suffixed by "_dragonball") + # dragonball-specific options (all should be suffixed by "_DB") DEFMAXVCPUS_DB := 1 DEFBLOCKSTORAGEDRIVER_DB := virtio-blk DEFNETWORKMODEL_DB := tcfilter From 72738dc11f45e2871d8144c8b40bb3af39ae7b0f Mon Sep 17 00:00:00 2001 From: Snir Sheriber Date: Mon, 19 Sep 2022 12:38:15 +0300 Subject: [PATCH 06/24] agent: validate hugepage size is supported before setting a limit, otherwise paths may not be found. guest supporting different hugepage size is more likely with peer-pods where podvm may use different flavor. Fixes: #5191 Signed-off-by: Snir Sheriber --- src/agent/rustjail/src/cgroups/fs/mod.rs | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/src/agent/rustjail/src/cgroups/fs/mod.rs b/src/agent/rustjail/src/cgroups/fs/mod.rs index b4cf73e31a..85fffe6fd3 100644 --- a/src/agent/rustjail/src/cgroups/fs/mod.rs +++ b/src/agent/rustjail/src/cgroups/fs/mod.rs @@ -252,19 +252,28 @@ fn set_devices_resources( } fn set_hugepages_resources( - _cg: &cgroups::Cgroup, + cg: &cgroups::Cgroup, hugepage_limits: &[LinuxHugepageLimit], res: &mut cgroups::Resources, ) { info!(sl!(), "cgroup manager set hugepage"); let mut limits = vec![]; + let hugetlb_controller = cg.controller_of::(); for l in hugepage_limits.iter() { - let hr = HugePageResource { - size: l.page_size.clone(), - limit: l.limit, - }; - limits.push(hr); + if hugetlb_controller.is_some() && hugetlb_controller.unwrap().size_supported(&l.page_size) + { + let hr = HugePageResource { + size: l.page_size.clone(), + limit: l.limit, + }; + limits.push(hr); + } else { + warn!( + sl!(), + "{} page size support cannot be verified, dropping requested limit", l.page_size + ); + } } res.hugepages.limits = limits; } From 227e717d278dd838baf5fa29bebcb7d318ac5fac Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Wed, 19 Oct 2022 21:12:08 +0200 Subject: [PATCH 07/24] qemu: Re-work static-build Dockerfile MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Differently than every single other bit that's part of our repo, QEMU has been using a single Dockerfile that prepares an environment where the project can be built, but *also* building the project as part of that very same Dockerfile. This is a problem, for several different reasons, including: * It's very hard to have a reproducible build if you don't have an archived image of the builder * One cannot cache / ipload the image of the builder, as that contains already a specific version of QEMU * Every single CI run we end up building the builder image, which includes building dependencies (such as liburing) Let's split the logic into a new build script, and pass the build script to be executed inside the builder image, which will be only responsible for providing an environment where QEMU can be built. Fixes: #5464 Signed-off-by: Fabiano Fidêncio --- tools/packaging/static-build/qemu/Dockerfile | 36 +------------------ .../static-build/qemu/build-base-qemu.sh | 21 ++++++----- .../packaging/static-build/qemu/build-qemu.sh | 28 +++++++++++++++ 3 files changed, 41 insertions(+), 44 deletions(-) create mode 100755 tools/packaging/static-build/qemu/build-qemu.sh diff --git a/tools/packaging/static-build/qemu/Dockerfile b/tools/packaging/static-build/qemu/Dockerfile index 1e4441daec..930a907817 100644 --- a/tools/packaging/static-build/qemu/Dockerfile +++ b/tools/packaging/static-build/qemu/Dockerfile @@ -4,15 +4,12 @@ # SPDX-License-Identifier: Apache-2.0 from ubuntu:20.04 - -WORKDIR /root/qemu - # CACHE_TIMEOUT: date to invalid cache, if the date changes the image will be rebuild # This is required to keep build dependencies with security fixes. ARG CACHE_TIMEOUT -RUN echo "$CACHE_TIMEOUT" ARG DEBIAN_FRONTEND=noninteractive +SHELL ["/bin/bash", "-o", "pipefail", "-c"] RUN apt-get update && apt-get upgrade -y && \ apt-get --no-install-recommends install -y \ apt-utils \ @@ -52,38 +49,7 @@ RUN apt-get update && apt-get upgrade -y && \ if [ "$(uname -m)" != "s390x" ]; then apt-get install -y --no-install-recommends libpmem-dev; fi && \ apt-get clean && rm -rf /var/lib/apt/lists/ -ARG QEMU_REPO -# commit/tag/branch -ARG QEMU_VERSION -ARG PREFIX -# BUILD_SUFFIX is used by the qemu-build-post.sh script to -# properly rename non vanilla versions of the QEMU -ARG BUILD_SUFFIX -ARG HYPERVISOR_NAME -ARG PKGVERSION -ARG QEMU_DESTDIR -ARG QEMU_TARBALL - -SHELL ["/bin/bash", "-o", "pipefail", "-c"] RUN git clone https://github.com/axboe/liburing/ ~/liburing && \ cd ~/liburing && \ git checkout tags/liburing-2.1 && \ make && make install && ldconfig - -COPY scripts/configure-hypervisor.sh /root/configure-hypervisor.sh -COPY qemu /root/kata_qemu -COPY scripts/apply_patches.sh /root/apply_patches.sh -COPY scripts/patch_qemu.sh /root/patch_qemu.sh -COPY static-build/scripts/qemu-build-post.sh /root/static-build/scripts/qemu-build-post.sh -COPY static-build/qemu.blacklist /root/static-build/qemu.blacklist - -RUN git clone --depth=1 "${QEMU_REPO}" qemu && \ - cd qemu && \ - git fetch --depth=1 origin "${QEMU_VERSION}" && git checkout FETCH_HEAD && \ - scripts/git-submodule.sh update meson capstone && \ - /root/patch_qemu.sh "${QEMU_VERSION}" "/root/kata_qemu/patches" && \ - (PREFIX="${PREFIX}" /root/configure-hypervisor.sh -s "${HYPERVISOR_NAME}" | xargs ./configure \ - --with-pkgversion="${PKGVERSION}") && \ - make -j"$(nproc ${CI:+--ignore 1})" && \ - make install DESTDIR="${QEMU_DESTDIR}" && \ - /root/static-build/scripts/qemu-build-post.sh diff --git a/tools/packaging/static-build/qemu/build-base-qemu.sh b/tools/packaging/static-build/qemu/build-base-qemu.sh index 0657503f17..4ad6e0f952 100755 --- a/tools/packaging/static-build/qemu/build-base-qemu.sh +++ b/tools/packaging/static-build/qemu/build-base-qemu.sh @@ -9,6 +9,8 @@ set -o nounset set -o pipefail script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +readonly repo_root_dir="$(cd "${script_dir}/../../../.." && pwd)" +readonly qemu_builder="${script_dir}/build-qemu.sh" source "${script_dir}/../../scripts/lib.sh" source "${script_dir}/../qemu.blacklist" @@ -39,16 +41,8 @@ CACHE_TIMEOUT=$(date +"%Y-%m-%d") sudo "${container_engine}" build \ --build-arg CACHE_TIMEOUT="${CACHE_TIMEOUT}" \ - --build-arg BUILD_SUFFIX=${build_suffix} \ - --build-arg HYPERVISOR_NAME="${HYPERVISOR_NAME}" \ - --build-arg PKGVERSION="${PKGVERSION}" \ --build-arg http_proxy="${http_proxy}" \ --build-arg https_proxy="${https_proxy}" \ - --build-arg QEMU_DESTDIR="${qemu_destdir}" \ - --build-arg QEMU_REPO="${qemu_repo}" \ - --build-arg QEMU_VERSION="${qemu_version}" \ - --build-arg QEMU_TARBALL="${qemu_tar}" \ - --build-arg PREFIX="${prefix}" \ "${packaging_dir}" \ -f "${script_dir}/Dockerfile" \ -t qemu-static @@ -56,7 +50,16 @@ sudo "${container_engine}" build \ sudo "${container_engine}" run \ --rm \ -i \ + --env BUILD_SUFFIX="${build_suffix}" \ + --env HYPERVISOR_NAME="${HYPERVISOR_NAME}" \ + --env PKGVERSION="${PKGVERSION}" \ + --env QEMU_DESTDIR="${qemu_destdir}" \ + --env QEMU_REPO="${qemu_repo}" \ + --env QEMU_VERSION="${qemu_version}" \ + --env QEMU_TARBALL="${qemu_tar}" \ + --env PREFIX="${prefix}" \ + -v "${repo_root_dir}:/root/kata-containers" \ -v "${PWD}":/share qemu-static \ - mv "${qemu_destdir}/${qemu_tar}" /share/ + bash -c "/root/kata-containers/tools/packaging/static-build/qemu/build-qemu.sh" sudo chown ${USER}:$(id -gn ${USER}) "${PWD}/${qemu_tar}" diff --git a/tools/packaging/static-build/qemu/build-qemu.sh b/tools/packaging/static-build/qemu/build-qemu.sh new file mode 100755 index 0000000000..edab348910 --- /dev/null +++ b/tools/packaging/static-build/qemu/build-qemu.sh @@ -0,0 +1,28 @@ +#!/usr/bin/env bash +# +# Copyright (c) 2022 Intel Corporation +# +# SPDX-License-Identifier: Apache-2.0 + +set -o errexit +set -o nounset +set -o pipefail + +kata_packaging_dir="/root/kata-containers/tools/packaging" +kata_packaging_scripts="${kata_packaging_dir}/scripts" + +kata_static_build_dir="${kata_packaging_dir}/static-build" +kata_static_build_scripts="${kata_static_build_dir}/scripts" + +git clone --depth=1 "${QEMU_REPO}" qemu +pushd qemu +git fetch --depth=1 origin "${QEMU_VERSION}" +git checkout FETCH_HEAD +scripts/git-submodule.sh update meson capstone +${kata_packaging_scripts}/patch_qemu.sh "${QEMU_VERSION}" "${kata_packaging_dir}/qemu/patches" +PREFIX="${PREFIX}" ${kata_packaging_scripts}/configure-hypervisor.sh -s "${HYPERVISOR_NAME}" | xargs ./configure --with-pkgversion="${PKGVERSION}" +make -j"$(nproc +--ignore 1)" +make install DESTDIR="${QEMU_DESTDIR}" +popd +${kata_static_build_scripts}/qemu-build-post.sh +mv "${QEMU_DESTDIR}/${QEMU_TARBALL}" /share/ From 748be0fe3d160f8e976ff3a6b042cb91e4be3ec7 Mon Sep 17 00:00:00 2001 From: Zhongtao Hu Date: Thu, 20 Oct 2022 21:34:50 +0800 Subject: [PATCH 08/24] makefile: remove sudo when create symbolic link when using mock to package rpm, we cannot have sudo permission Fixes: #5473 Signed-off-by: Zhongtao Hu --- src/runtime-rs/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/runtime-rs/Makefile b/src/runtime-rs/Makefile index b04f778808..3e68e4b0a5 100644 --- a/src/runtime-rs/Makefile +++ b/src/runtime-rs/Makefile @@ -490,7 +490,7 @@ install-runtime: runtime install-configs: $(CONFIGS) $(foreach f,$(CONFIGS),$(call INSTALL_FILE,$f,$(dir $(CONFIG_PATH)))) \ - sudo ln -sf $(DEFAULT_HYPERVISOR_CONFIG) $(DESTDIR)/$(CONFIG_PATH) + ln -sf $(DEFAULT_HYPERVISOR_CONFIG) $(DESTDIR)/$(CONFIG_PATH) .PHONY: \ help \ From cbd84c3f5a8849065b6f85d742b67707b59139cc Mon Sep 17 00:00:00 2001 From: Manabu Sugimoto Date: Fri, 21 Oct 2022 15:40:05 +0900 Subject: [PATCH 09/24] rustjail: Upgrade libseccomp crate to v0.3.0 The libseccomp crate v0.3.0 has been released, so use it in the agent. Fixes: #5487 Signed-off-by: Manabu Sugimoto --- src/agent/Cargo.lock | 5 +++-- src/agent/rustjail/Cargo.toml | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index 4f6ccd9582..a6a464c9ae 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -743,10 +743,11 @@ checksum = "349d5a591cd28b49e1d1037471617a32ddcda5731b99419008085f72d5a53836" [[package]] name = "libseccomp" -version = "0.2.3" +version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "49bda1fbf25c42ac8942ff7df1eb6172a3bc36299e84be0dba8c888a7db68c80" +checksum = "21c57fd8981a80019807b7b68118618d29a87177c63d704fc96e6ecd003ae5b3" dependencies = [ + "bitflags", "libc", "libseccomp-sys", "pkg-config", diff --git a/src/agent/rustjail/Cargo.toml b/src/agent/rustjail/Cargo.toml index 324f540e1d..b193c70c7a 100644 --- a/src/agent/rustjail/Cargo.toml +++ b/src/agent/rustjail/Cargo.toml @@ -32,7 +32,7 @@ tokio = { version = "1.2.0", features = ["sync", "io-util", "process", "time", " futures = "0.3.17" async-trait = "0.1.31" inotify = "0.9.2" -libseccomp = { version = "0.2.3", optional = true } +libseccomp = { version = "0.3.0", optional = true } [dev-dependencies] serial_test = "0.5.0" From 871d2cf2c026140eda08bd08d79353182cd3e8a3 Mon Sep 17 00:00:00 2001 From: Hendrik Brueckner Date: Tue, 18 Oct 2022 11:10:56 +0000 Subject: [PATCH 10/24] kata-ctl: Limit running tests to x86 and use native-tls on s390x For s390x, use native-tls for reqwest because the rustls-tls/ring dependency is not available for s390x. Also exclude s390x, powerpc64le, and aarch64 from running the cpu check due to the lack of the arch-specific implementation. In this case, rust complains about unused functions in src/check.rs (both normal and test context). Fixes: #5438 Co-authored-by: James O. D. Hunt Signed-off-by: Hendrik Brueckner --- src/tools/kata-ctl/Cargo.toml | 10 +++++++++- src/tools/kata-ctl/src/check.rs | 10 ++++++++-- 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/src/tools/kata-ctl/Cargo.toml b/src/tools/kata-ctl/Cargo.toml index 094613c343..04b177b002 100644 --- a/src/tools/kata-ctl/Cargo.toml +++ b/src/tools/kata-ctl/Cargo.toml @@ -3,6 +3,9 @@ # SPDX-License-Identifier: Apache-2.0 # +[workspace] +resolver = "2" + [package] name = "kata-ctl" version = "0.0.1" @@ -12,9 +15,14 @@ edition = "2018" [dependencies] anyhow = "1.0.31" clap = { version = "3.2.20", features = ["derive", "cargo"] } -reqwest = { version = "0.11", default-features = false, features = ["json", "blocking", "rustls-tls"] } serde_json = "1.0.85" thiserror = "1.0.35" +[target.'cfg(target_arch = "s390x")'.dependencies] +reqwest = { version = "0.11", default-features = false, features = ["json", "blocking", "native-tls"] } + +[target.'cfg(not(target_arch = "s390x"))'.dependencies] +reqwest = { version = "0.11", default-features = false, features = ["json", "blocking", "rustls-tls"] } + [dev-dependencies] semver = "1.0.12" diff --git a/src/tools/kata-ctl/src/check.rs b/src/tools/kata-ctl/src/check.rs index 28febb307c..63e1da5551 100644 --- a/src/tools/kata-ctl/src/check.rs +++ b/src/tools/kata-ctl/src/check.rs @@ -9,18 +9,19 @@ use anyhow::{anyhow, Result}; use reqwest::header::{CONTENT_TYPE, USER_AGENT}; use serde_json::Value; use std::collections::HashMap; -use std::fs; const KATA_GITHUB_URL: &str = "https://api.github.com/repos/kata-containers/kata-containers/releases/latest"; +#[cfg(any(target_arch = "x86_64"))] fn get_cpu_info(cpu_info_file: &str) -> Result { - let contents = fs::read_to_string(cpu_info_file)?; + let contents = std::fs::read_to_string(cpu_info_file)?; Ok(contents) } // get_single_cpu_info returns the contents of the first cpu from // the specified cpuinfo file by parsing based on a specified delimiter +#[cfg(any(target_arch = "x86_64"))] pub fn get_single_cpu_info(cpu_info_file: &str, substring: &str) -> Result { let contents = get_cpu_info(cpu_info_file)?; @@ -40,6 +41,7 @@ pub fn get_single_cpu_info(cpu_info_file: &str, substring: &str) -> Result Result { if cpu_info.is_empty() { return Err(anyhow!("cpu_info string is empty"))?; @@ -63,6 +65,7 @@ pub fn get_cpu_flags(cpu_info: &str, cpu_flags_tag: &str) -> Result { // get_missing_strings searches for required (strings) in data and returns // a vector containing the missing strings +#[cfg(any(target_arch = "x86_64"))] fn get_missing_strings(data: &str, required: &'static [&'static str]) -> Result> { let mut missing: Vec = Vec::new(); @@ -75,6 +78,7 @@ fn get_missing_strings(data: &str, required: &'static [&'static str]) -> Result< Ok(missing) } +#[cfg(any(target_arch = "x86_64"))] pub fn check_cpu_flags( retrieved_flags: &str, required_flags: &'static [&'static str], @@ -84,6 +88,7 @@ pub fn check_cpu_flags( Ok(missing_flags) } +#[cfg(any(target_arch = "x86_64"))] pub fn check_cpu_attribs( cpu_info: &str, required_attribs: &'static [&'static str], @@ -139,6 +144,7 @@ pub fn check_version() -> Result<()> { Ok(()) } +#[cfg(any(target_arch = "x86_64"))] #[cfg(test)] mod tests { use super::*; From e95089b716b234c2075e171a12b4f632c6611075 Mon Sep 17 00:00:00 2001 From: Hendrik Brueckner Date: Tue, 18 Oct 2022 17:23:28 +0000 Subject: [PATCH 11/24] kata-ctl: add basic cpu check for s390x Add a basic s390x cpu check for the "sie" feature to be present. Also re-enable cpu check testing. Fixes: #5438 Signed-off-by: Hendrik Brueckner --- src/tools/kata-ctl/src/arch/s390x/mod.rs | 40 ++++++++++++++++++++++-- src/tools/kata-ctl/src/check.rs | 12 +++---- 2 files changed, 44 insertions(+), 8 deletions(-) diff --git a/src/tools/kata-ctl/src/arch/s390x/mod.rs b/src/tools/kata-ctl/src/arch/s390x/mod.rs index 7f6a424c3b..20daa49dcd 100644 --- a/src/tools/kata-ctl/src/arch/s390x/mod.rs +++ b/src/tools/kata-ctl/src/arch/s390x/mod.rs @@ -1,4 +1,5 @@ // Copyright (c) 2022 Intel Corporation +// Copyright (c) 2022 IBM Corp. // // SPDX-License-Identifier: Apache-2.0 // @@ -7,9 +8,44 @@ pub use arch_specific::*; mod arch_specific { - use anyhow::Result; + use crate::check; + use anyhow::{anyhow, Result}; + + const PROC_CPUINFO: &str = "/proc/cpuinfo"; + const CPUINFO_DELIMITER: &str = "processor "; + const CPUINFO_FEATURES_TAG: &str = "features"; + const CPU_FEATURES_REQ: &[&str] = &["sie"]; + + // check cpu + fn check_cpu() -> Result<()> { + println!("INFO: check CPU: s390x"); + + let cpu_info = check::get_single_cpu_info(PROC_CPUINFO, CPUINFO_DELIMITER)?; + + let cpu_features = check::get_cpu_flags(&cpu_info, CPUINFO_FEATURES_TAG).map_err(|e| { + anyhow!( + "Error parsing CPU features, file {:?}, {:?}", + PROC_CPUINFO, + e + ) + })?; + + let missing_cpu_features = check::check_cpu_flags(&cpu_features, CPU_FEATURES_REQ)?; + if !missing_cpu_features.is_empty() { + eprintln!("WARNING: Missing CPU flags {:?}", missing_cpu_features); + } + + Ok(()) + } pub fn check() -> Result<()> { - unimplemented!("Check not implemented in s390x"); + println!("INFO: check: s390x"); + + let _cpu_result = check_cpu(); + + // TODO: add additional checks, e.g, kernel modules as in go runtime + // TODO: collect outcome of tests to determine if checks pass or not + + Ok(()) } } diff --git a/src/tools/kata-ctl/src/check.rs b/src/tools/kata-ctl/src/check.rs index 63e1da5551..0e012cf53d 100644 --- a/src/tools/kata-ctl/src/check.rs +++ b/src/tools/kata-ctl/src/check.rs @@ -13,7 +13,7 @@ use std::collections::HashMap; const KATA_GITHUB_URL: &str = "https://api.github.com/repos/kata-containers/kata-containers/releases/latest"; -#[cfg(any(target_arch = "x86_64"))] +#[cfg(any(target_arch = "s390x", target_arch = "x86_64"))] fn get_cpu_info(cpu_info_file: &str) -> Result { let contents = std::fs::read_to_string(cpu_info_file)?; Ok(contents) @@ -21,7 +21,7 @@ fn get_cpu_info(cpu_info_file: &str) -> Result { // get_single_cpu_info returns the contents of the first cpu from // the specified cpuinfo file by parsing based on a specified delimiter -#[cfg(any(target_arch = "x86_64"))] +#[cfg(any(target_arch = "s390x", target_arch = "x86_64"))] pub fn get_single_cpu_info(cpu_info_file: &str, substring: &str) -> Result { let contents = get_cpu_info(cpu_info_file)?; @@ -41,7 +41,7 @@ pub fn get_single_cpu_info(cpu_info_file: &str, substring: &str) -> Result Result { if cpu_info.is_empty() { return Err(anyhow!("cpu_info string is empty"))?; @@ -65,7 +65,7 @@ pub fn get_cpu_flags(cpu_info: &str, cpu_flags_tag: &str) -> Result { // get_missing_strings searches for required (strings) in data and returns // a vector containing the missing strings -#[cfg(any(target_arch = "x86_64"))] +#[cfg(any(target_arch = "s390x", target_arch = "x86_64"))] fn get_missing_strings(data: &str, required: &'static [&'static str]) -> Result> { let mut missing: Vec = Vec::new(); @@ -78,7 +78,7 @@ fn get_missing_strings(data: &str, required: &'static [&'static str]) -> Result< Ok(missing) } -#[cfg(any(target_arch = "x86_64"))] +#[cfg(any(target_arch = "s390x", target_arch = "x86_64"))] pub fn check_cpu_flags( retrieved_flags: &str, required_flags: &'static [&'static str], @@ -144,7 +144,7 @@ pub fn check_version() -> Result<()> { Ok(()) } -#[cfg(any(target_arch = "x86_64"))] +#[cfg(any(target_arch = "s390x", target_arch = "x86_64"))] #[cfg(test)] mod tests { use super::*; From 081ee487134c36ba997e50c57df5fe81f740b6a0 Mon Sep 17 00:00:00 2001 From: Bin Liu Date: Fri, 21 Oct 2022 21:12:55 +0800 Subject: [PATCH 12/24] agent: use NLM_F_REPLACE replace NLM_F_EXCL in rtnetlink Sometimes we will face EEXIST error when adding arp neighbour. Using NLM_F_REPLACE replace NLM_F_EXCL will avoid fail if the entry exists. See https://man7.org/linux/man-pages/man7/netlink.7.html Fixes: #4895 Signed-off-by: Bin Liu --- src/agent/src/netlink.rs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/agent/src/netlink.rs b/src/agent/src/netlink.rs index 4d6a26e140..ef926f5157 100644 --- a/src/agent/src/netlink.rs +++ b/src/agent/src/netlink.rs @@ -529,7 +529,9 @@ impl Handle { .map_err(|e| anyhow!("Failed to parse IP {}: {:?}", ip_address, e))?; // Import rtnetlink objects that make sense only for this function - use packet::constants::{NDA_UNSPEC, NLM_F_ACK, NLM_F_CREATE, NLM_F_EXCL, NLM_F_REQUEST}; + use packet::constants::{ + NDA_UNSPEC, NLM_F_ACK, NLM_F_CREATE, NLM_F_REPLACE, NLM_F_REQUEST, + }; use packet::neighbour::{NeighbourHeader, NeighbourMessage}; use packet::nlas::neighbour::Nla; use packet::{NetlinkMessage, NetlinkPayload, RtnlMessage}; @@ -572,7 +574,7 @@ impl Handle { // Send request and ACK let mut req = NetlinkMessage::from(RtnlMessage::NewNeighbour(message)); - req.header.flags = NLM_F_REQUEST | NLM_F_ACK | NLM_F_EXCL | NLM_F_CREATE; + req.header.flags = NLM_F_REQUEST | NLM_F_ACK | NLM_F_CREATE | NLM_F_REPLACE; let mut response = self.handle.request(req)?; while let Some(message) = response.next().await { From 9d286af7b4543b0af9e6db53c6c84e0731f61c09 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= Date: Fri, 21 Oct 2022 11:20:32 -0700 Subject: [PATCH 13/24] versions: Update Cloud Hypervisor to b4e39427080 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit An API change, done a long time ago, has been exposed on Cloud Hypervisor and we should update it on the Kata Containers side to ensure it doesn't affect Cloud Hypervisor CI and because the change is needed for an upcoming work to get QAT working with Cloud Hypervisor. Fixes: #5492 Signed-off-by: Fabiano Fidêncio --- src/runtime/virtcontainers/clh.go | 9 +- src/runtime/virtcontainers/clh_test.go | 2 +- .../client/.openapi-generator/FILES | 2 - .../pkg/cloud-hypervisor/client/README.md | 1 - .../cloud-hypervisor/client/api/openapi.yaml | 16 +- .../cloud-hypervisor/client/api_default.go | 154 +++++++------- .../client/docs/DefaultApi.md | 8 +- .../client/docs/VmAddDevice.md | 108 ---------- .../client/model_vm_add_device.go | 189 ------------------ .../cloud-hypervisor/cloud-hypervisor.yaml | 13 +- versions.yaml | 2 +- 11 files changed, 84 insertions(+), 420 deletions(-) delete mode 100644 src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/VmAddDevice.md delete mode 100644 src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_vm_add_device.go diff --git a/src/runtime/virtcontainers/clh.go b/src/runtime/virtcontainers/clh.go index 9d40c882c1..93a19facd5 100644 --- a/src/runtime/virtcontainers/clh.go +++ b/src/runtime/virtcontainers/clh.go @@ -100,7 +100,7 @@ type clhClient interface { // Add/remove CPUs to/from the VM VmResizePut(ctx context.Context, vmResize chclient.VmResize) (*http.Response, error) // Add VFIO PCI device to the VM - VmAddDevicePut(ctx context.Context, vmAddDevice chclient.VmAddDevice) (chclient.PciDeviceInfo, *http.Response, error) + VmAddDevicePut(ctx context.Context, deviceConfig chclient.DeviceConfig) (chclient.PciDeviceInfo, *http.Response, error) // Add a new disk device to the VM VmAddDiskPut(ctx context.Context, diskConfig chclient.DiskConfig) (chclient.PciDeviceInfo, *http.Response, error) // Remove a device from the VM @@ -136,8 +136,8 @@ func (c *clhClientApi) VmResizePut(ctx context.Context, vmResize chclient.VmResi return c.ApiInternal.VmResizePut(ctx).VmResize(vmResize).Execute() } -func (c *clhClientApi) VmAddDevicePut(ctx context.Context, vmAddDevice chclient.VmAddDevice) (chclient.PciDeviceInfo, *http.Response, error) { - return c.ApiInternal.VmAddDevicePut(ctx).VmAddDevice(vmAddDevice).Execute() +func (c *clhClientApi) VmAddDevicePut(ctx context.Context, deviceConfig chclient.DeviceConfig) (chclient.PciDeviceInfo, *http.Response, error) { + return c.ApiInternal.VmAddDevicePut(ctx).DeviceConfig(deviceConfig).Execute() } func (c *clhClientApi) VmAddDiskPut(ctx context.Context, diskConfig chclient.DiskConfig) (chclient.PciDeviceInfo, *http.Response, error) { @@ -808,8 +808,7 @@ func (clh *cloudHypervisor) hotPlugVFIODevice(device *config.VFIODev) error { defer cancel() // Create the clh device config via the constructor to ensure default values are properly assigned - clhDevice := *chclient.NewVmAddDevice() - clhDevice.Path = &device.SysfsDev + clhDevice := *chclient.NewDeviceConfig(device.SysfsDev) pciInfo, _, err := cl.VmAddDevicePut(ctx, clhDevice) if err != nil { return fmt.Errorf("Failed to hotplug device %+v %s", device, openAPIClientError(err)) diff --git a/src/runtime/virtcontainers/clh_test.go b/src/runtime/virtcontainers/clh_test.go index 58b1b7fe9a..d36ace88fb 100644 --- a/src/runtime/virtcontainers/clh_test.go +++ b/src/runtime/virtcontainers/clh_test.go @@ -104,7 +104,7 @@ func (c *clhClientMock) VmResizePut(ctx context.Context, vmResize chclient.VmRes } //nolint:golint -func (c *clhClientMock) VmAddDevicePut(ctx context.Context, vmAddDevice chclient.VmAddDevice) (chclient.PciDeviceInfo, *http.Response, error) { +func (c *clhClientMock) VmAddDevicePut(ctx context.Context, deviceConfig chclient.DeviceConfig) (chclient.PciDeviceInfo, *http.Response, error) { return chclient.PciDeviceInfo{}, nil, nil } diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/.openapi-generator/FILES b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/.openapi-generator/FILES index 60eb887203..6369a3a413 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/.openapi-generator/FILES +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/.openapi-generator/FILES @@ -34,7 +34,6 @@ docs/SendMigrationData.md docs/SgxEpcConfig.md docs/TokenBucket.md docs/VdpaConfig.md -docs/VmAddDevice.md docs/VmConfig.md docs/VmCoredumpData.md docs/VmInfo.md @@ -74,7 +73,6 @@ model_send_migration_data.go model_sgx_epc_config.go model_token_bucket.go model_vdpa_config.go -model_vm_add_device.go model_vm_config.go model_vm_coredump_data.go model_vm_info.go diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/README.md b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/README.md index 04b5c9f0cf..a33f74c7ed 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/README.md +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/README.md @@ -136,7 +136,6 @@ Class | Method | HTTP request | Description - [SgxEpcConfig](docs/SgxEpcConfig.md) - [TokenBucket](docs/TokenBucket.md) - [VdpaConfig](docs/VdpaConfig.md) - - [VmAddDevice](docs/VmAddDevice.md) - [VmConfig](docs/VmConfig.md) - [VmCoredumpData](docs/VmCoredumpData.md) - [VmInfo](docs/VmInfo.md) diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api/openapi.yaml b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api/openapi.yaml index fbffa9053d..61e57e3727 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api/openapi.yaml +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api/openapi.yaml @@ -171,7 +171,7 @@ paths: content: application/json: schema: - $ref: '#/components/schemas/VmAddDevice' + $ref: '#/components/schemas/DeviceConfig' description: The path of the new device required: true responses: @@ -1808,20 +1808,6 @@ components: format: int64 type: integer type: object - VmAddDevice: - example: - path: path - iommu: false - id: id - properties: - path: - type: string - iommu: - default: false - type: boolean - id: - type: string - type: object VmRemoveDevice: example: id: id diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api_default.go b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api_default.go index cf97c19dd5..cb9b99d66a 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api_default.go +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/api_default.go @@ -38,8 +38,8 @@ func (r ApiBootVMRequest) Execute() (*_nethttp.Response, error) { /* BootVM Boot the previously created VM instance. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiBootVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiBootVMRequest */ func (a *DefaultApiService) BootVM(ctx _context.Context) ApiBootVMRequest { return ApiBootVMRequest{ @@ -133,8 +133,8 @@ func (r ApiCreateVMRequest) Execute() (*_nethttp.Response, error) { /* CreateVM Create the cloud-hypervisor Virtual Machine (VM) instance. The instance is not booted, only created. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiCreateVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiCreateVMRequest */ func (a *DefaultApiService) CreateVM(ctx _context.Context) ApiCreateVMRequest { return ApiCreateVMRequest{ @@ -226,8 +226,8 @@ func (r ApiDeleteVMRequest) Execute() (*_nethttp.Response, error) { /* DeleteVM Delete the cloud-hypervisor Virtual Machine (VM) instance. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiDeleteVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiDeleteVMRequest */ func (a *DefaultApiService) DeleteVM(ctx _context.Context) ApiDeleteVMRequest { return ApiDeleteVMRequest{ @@ -314,8 +314,8 @@ func (r ApiPauseVMRequest) Execute() (*_nethttp.Response, error) { /* PauseVM Pause a previously booted VM instance. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiPauseVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiPauseVMRequest */ func (a *DefaultApiService) PauseVM(ctx _context.Context) ApiPauseVMRequest { return ApiPauseVMRequest{ @@ -402,8 +402,8 @@ func (r ApiPowerButtonVMRequest) Execute() (*_nethttp.Response, error) { /* PowerButtonVM Trigger a power button in the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiPowerButtonVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiPowerButtonVMRequest */ func (a *DefaultApiService) PowerButtonVM(ctx _context.Context) ApiPowerButtonVMRequest { return ApiPowerButtonVMRequest{ @@ -490,8 +490,8 @@ func (r ApiRebootVMRequest) Execute() (*_nethttp.Response, error) { /* RebootVM Reboot the VM instance. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiRebootVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiRebootVMRequest */ func (a *DefaultApiService) RebootVM(ctx _context.Context) ApiRebootVMRequest { return ApiRebootVMRequest{ @@ -578,8 +578,8 @@ func (r ApiResumeVMRequest) Execute() (*_nethttp.Response, error) { /* ResumeVM Resume a previously paused VM instance. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiResumeVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiResumeVMRequest */ func (a *DefaultApiService) ResumeVM(ctx _context.Context) ApiResumeVMRequest { return ApiResumeVMRequest{ @@ -666,8 +666,8 @@ func (r ApiShutdownVMRequest) Execute() (*_nethttp.Response, error) { /* ShutdownVM Shut the VM instance down. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiShutdownVMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiShutdownVMRequest */ func (a *DefaultApiService) ShutdownVM(ctx _context.Context) ApiShutdownVMRequest { return ApiShutdownVMRequest{ @@ -754,8 +754,8 @@ func (r ApiShutdownVMMRequest) Execute() (*_nethttp.Response, error) { /* ShutdownVMM Shuts the cloud-hypervisor VMM. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiShutdownVMMRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiShutdownVMMRequest */ func (a *DefaultApiService) ShutdownVMM(ctx _context.Context) ApiShutdownVMMRequest { return ApiShutdownVMMRequest{ @@ -831,14 +831,14 @@ func (a *DefaultApiService) ShutdownVMMExecute(r ApiShutdownVMMRequest) (*_netht } type ApiVmAddDevicePutRequest struct { - ctx _context.Context - ApiService *DefaultApiService - vmAddDevice *VmAddDevice + ctx _context.Context + ApiService *DefaultApiService + deviceConfig *DeviceConfig } // The path of the new device -func (r ApiVmAddDevicePutRequest) VmAddDevice(vmAddDevice VmAddDevice) ApiVmAddDevicePutRequest { - r.vmAddDevice = &vmAddDevice +func (r ApiVmAddDevicePutRequest) DeviceConfig(deviceConfig DeviceConfig) ApiVmAddDevicePutRequest { + r.deviceConfig = &deviceConfig return r } @@ -849,8 +849,8 @@ func (r ApiVmAddDevicePutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, /* VmAddDevicePut Add a new device to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddDevicePutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddDevicePutRequest */ func (a *DefaultApiService) VmAddDevicePut(ctx _context.Context) ApiVmAddDevicePutRequest { return ApiVmAddDevicePutRequest{ @@ -860,8 +860,7 @@ func (a *DefaultApiService) VmAddDevicePut(ctx _context.Context) ApiVmAddDeviceP } // Execute executes the request -// -// @return PciDeviceInfo +// @return PciDeviceInfo func (a *DefaultApiService) VmAddDevicePutExecute(r ApiVmAddDevicePutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -882,8 +881,8 @@ func (a *DefaultApiService) VmAddDevicePutExecute(r ApiVmAddDevicePutRequest) (P localVarHeaderParams := make(map[string]string) localVarQueryParams := _neturl.Values{} localVarFormParams := _neturl.Values{} - if r.vmAddDevice == nil { - return localVarReturnValue, nil, reportError("vmAddDevice is required and must be specified") + if r.deviceConfig == nil { + return localVarReturnValue, nil, reportError("deviceConfig is required and must be specified") } // to determine the Content-Type header @@ -904,7 +903,7 @@ func (a *DefaultApiService) VmAddDevicePutExecute(r ApiVmAddDevicePutRequest) (P localVarHeaderParams["Accept"] = localVarHTTPHeaderAccept } // body params - localVarPostBody = r.vmAddDevice + localVarPostBody = r.deviceConfig req, err := a.client.prepareRequest(r.ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, localVarFormFileName, localVarFileName, localVarFileBytes) if err != nil { return localVarReturnValue, nil, err @@ -961,8 +960,8 @@ func (r ApiVmAddDiskPutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, er /* VmAddDiskPut Add a new disk to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddDiskPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddDiskPutRequest */ func (a *DefaultApiService) VmAddDiskPut(ctx _context.Context) ApiVmAddDiskPutRequest { return ApiVmAddDiskPutRequest{ @@ -972,8 +971,7 @@ func (a *DefaultApiService) VmAddDiskPut(ctx _context.Context) ApiVmAddDiskPutRe } // Execute executes the request -// -// @return PciDeviceInfo +// @return PciDeviceInfo func (a *DefaultApiService) VmAddDiskPutExecute(r ApiVmAddDiskPutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -1073,8 +1071,8 @@ func (r ApiVmAddFsPutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, erro /* VmAddFsPut Add a new virtio-fs device to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddFsPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddFsPutRequest */ func (a *DefaultApiService) VmAddFsPut(ctx _context.Context) ApiVmAddFsPutRequest { return ApiVmAddFsPutRequest{ @@ -1084,8 +1082,7 @@ func (a *DefaultApiService) VmAddFsPut(ctx _context.Context) ApiVmAddFsPutReques } // Execute executes the request -// -// @return PciDeviceInfo +// @return PciDeviceInfo func (a *DefaultApiService) VmAddFsPutExecute(r ApiVmAddFsPutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -1185,8 +1182,8 @@ func (r ApiVmAddNetPutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, err /* VmAddNetPut Add a new network device to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddNetPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddNetPutRequest */ func (a *DefaultApiService) VmAddNetPut(ctx _context.Context) ApiVmAddNetPutRequest { return ApiVmAddNetPutRequest{ @@ -1196,8 +1193,7 @@ func (a *DefaultApiService) VmAddNetPut(ctx _context.Context) ApiVmAddNetPutRequ } // Execute executes the request -// -// @return PciDeviceInfo +// @return PciDeviceInfo func (a *DefaultApiService) VmAddNetPutExecute(r ApiVmAddNetPutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -1297,8 +1293,8 @@ func (r ApiVmAddPmemPutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, er /* VmAddPmemPut Add a new pmem device to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddPmemPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddPmemPutRequest */ func (a *DefaultApiService) VmAddPmemPut(ctx _context.Context) ApiVmAddPmemPutRequest { return ApiVmAddPmemPutRequest{ @@ -1308,8 +1304,7 @@ func (a *DefaultApiService) VmAddPmemPut(ctx _context.Context) ApiVmAddPmemPutRe } // Execute executes the request -// -// @return PciDeviceInfo +// @return PciDeviceInfo func (a *DefaultApiService) VmAddPmemPutExecute(r ApiVmAddPmemPutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -1409,8 +1404,8 @@ func (r ApiVmAddVdpaPutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, er /* VmAddVdpaPut Add a new vDPA device to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddVdpaPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddVdpaPutRequest */ func (a *DefaultApiService) VmAddVdpaPut(ctx _context.Context) ApiVmAddVdpaPutRequest { return ApiVmAddVdpaPutRequest{ @@ -1420,8 +1415,7 @@ func (a *DefaultApiService) VmAddVdpaPut(ctx _context.Context) ApiVmAddVdpaPutRe } // Execute executes the request -// -// @return PciDeviceInfo +// @return PciDeviceInfo func (a *DefaultApiService) VmAddVdpaPutExecute(r ApiVmAddVdpaPutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -1521,8 +1515,8 @@ func (r ApiVmAddVsockPutRequest) Execute() (PciDeviceInfo, *_nethttp.Response, e /* VmAddVsockPut Add a new vsock device to the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmAddVsockPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmAddVsockPutRequest */ func (a *DefaultApiService) VmAddVsockPut(ctx _context.Context) ApiVmAddVsockPutRequest { return ApiVmAddVsockPutRequest{ @@ -1532,8 +1526,7 @@ func (a *DefaultApiService) VmAddVsockPut(ctx _context.Context) ApiVmAddVsockPut } // Execute executes the request -// -// @return PciDeviceInfo +// @return PciDeviceInfo func (a *DefaultApiService) VmAddVsockPutExecute(r ApiVmAddVsockPutRequest) (PciDeviceInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodPut @@ -1633,8 +1626,8 @@ func (r ApiVmCoredumpPutRequest) Execute() (*_nethttp.Response, error) { /* VmCoredumpPut Takes a VM coredump. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmCoredumpPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmCoredumpPutRequest */ func (a *DefaultApiService) VmCoredumpPut(ctx _context.Context) ApiVmCoredumpPutRequest { return ApiVmCoredumpPutRequest{ @@ -1726,8 +1719,8 @@ func (r ApiVmCountersGetRequest) Execute() (map[string]map[string]int64, *_netht /* VmCountersGet Get counters from the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmCountersGetRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmCountersGetRequest */ func (a *DefaultApiService) VmCountersGet(ctx _context.Context) ApiVmCountersGetRequest { return ApiVmCountersGetRequest{ @@ -1737,8 +1730,7 @@ func (a *DefaultApiService) VmCountersGet(ctx _context.Context) ApiVmCountersGet } // Execute executes the request -// -// @return map[string]map[string]int64 +// @return map[string]map[string]int64 func (a *DefaultApiService) VmCountersGetExecute(r ApiVmCountersGetRequest) (map[string]map[string]int64, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodGet @@ -1826,8 +1818,8 @@ func (r ApiVmInfoGetRequest) Execute() (VmInfo, *_nethttp.Response, error) { /* VmInfoGet Returns general information about the cloud-hypervisor Virtual Machine (VM) instance. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmInfoGetRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmInfoGetRequest */ func (a *DefaultApiService) VmInfoGet(ctx _context.Context) ApiVmInfoGetRequest { return ApiVmInfoGetRequest{ @@ -1837,8 +1829,7 @@ func (a *DefaultApiService) VmInfoGet(ctx _context.Context) ApiVmInfoGetRequest } // Execute executes the request -// -// @return VmInfo +// @return VmInfo func (a *DefaultApiService) VmInfoGetExecute(r ApiVmInfoGetRequest) (VmInfo, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodGet @@ -1933,8 +1924,8 @@ func (r ApiVmReceiveMigrationPutRequest) Execute() (*_nethttp.Response, error) { /* VmReceiveMigrationPut Receive a VM migration from URL - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmReceiveMigrationPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmReceiveMigrationPutRequest */ func (a *DefaultApiService) VmReceiveMigrationPut(ctx _context.Context) ApiVmReceiveMigrationPutRequest { return ApiVmReceiveMigrationPutRequest{ @@ -2033,8 +2024,8 @@ func (r ApiVmRemoveDevicePutRequest) Execute() (*_nethttp.Response, error) { /* VmRemoveDevicePut Remove a device from the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmRemoveDevicePutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmRemoveDevicePutRequest */ func (a *DefaultApiService) VmRemoveDevicePut(ctx _context.Context) ApiVmRemoveDevicePutRequest { return ApiVmRemoveDevicePutRequest{ @@ -2133,8 +2124,8 @@ func (r ApiVmResizePutRequest) Execute() (*_nethttp.Response, error) { /* VmResizePut Resize the VM - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmResizePutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmResizePutRequest */ func (a *DefaultApiService) VmResizePut(ctx _context.Context) ApiVmResizePutRequest { return ApiVmResizePutRequest{ @@ -2233,8 +2224,8 @@ func (r ApiVmResizeZonePutRequest) Execute() (*_nethttp.Response, error) { /* VmResizeZonePut Resize a memory zone - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmResizeZonePutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmResizeZonePutRequest */ func (a *DefaultApiService) VmResizeZonePut(ctx _context.Context) ApiVmResizeZonePutRequest { return ApiVmResizeZonePutRequest{ @@ -2333,8 +2324,8 @@ func (r ApiVmRestorePutRequest) Execute() (*_nethttp.Response, error) { /* VmRestorePut Restore a VM from a snapshot. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmRestorePutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmRestorePutRequest */ func (a *DefaultApiService) VmRestorePut(ctx _context.Context) ApiVmRestorePutRequest { return ApiVmRestorePutRequest{ @@ -2433,8 +2424,8 @@ func (r ApiVmSendMigrationPutRequest) Execute() (*_nethttp.Response, error) { /* VmSendMigrationPut Send a VM migration to URL - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmSendMigrationPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmSendMigrationPutRequest */ func (a *DefaultApiService) VmSendMigrationPut(ctx _context.Context) ApiVmSendMigrationPutRequest { return ApiVmSendMigrationPutRequest{ @@ -2533,8 +2524,8 @@ func (r ApiVmSnapshotPutRequest) Execute() (*_nethttp.Response, error) { /* VmSnapshotPut Returns a VM snapshot. - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmSnapshotPutRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmSnapshotPutRequest */ func (a *DefaultApiService) VmSnapshotPut(ctx _context.Context) ApiVmSnapshotPutRequest { return ApiVmSnapshotPutRequest{ @@ -2626,8 +2617,8 @@ func (r ApiVmmPingGetRequest) Execute() (VmmPingResponse, *_nethttp.Response, er /* VmmPingGet Ping the VMM to check for API server availability - @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). - @return ApiVmmPingGetRequest + @param ctx _context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background(). + @return ApiVmmPingGetRequest */ func (a *DefaultApiService) VmmPingGet(ctx _context.Context) ApiVmmPingGetRequest { return ApiVmmPingGetRequest{ @@ -2637,8 +2628,7 @@ func (a *DefaultApiService) VmmPingGet(ctx _context.Context) ApiVmmPingGetReques } // Execute executes the request -// -// @return VmmPingResponse +// @return VmmPingResponse func (a *DefaultApiService) VmmPingGetExecute(r ApiVmmPingGetRequest) (VmmPingResponse, *_nethttp.Response, error) { var ( localVarHTTPMethod = _nethttp.MethodGet diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/DefaultApi.md b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/DefaultApi.md index 1391a0b277..d610977193 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/DefaultApi.md +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/DefaultApi.md @@ -554,7 +554,7 @@ No authorization required ## VmAddDevicePut -> PciDeviceInfo VmAddDevicePut(ctx).VmAddDevice(vmAddDevice).Execute() +> PciDeviceInfo VmAddDevicePut(ctx).DeviceConfig(deviceConfig).Execute() Add a new device to the VM @@ -571,11 +571,11 @@ import ( ) func main() { - vmAddDevice := *openapiclient.NewVmAddDevice() // VmAddDevice | The path of the new device + deviceConfig := *openapiclient.NewDeviceConfig("Path_example") // DeviceConfig | The path of the new device configuration := openapiclient.NewConfiguration() api_client := openapiclient.NewAPIClient(configuration) - resp, r, err := api_client.DefaultApi.VmAddDevicePut(context.Background()).VmAddDevice(vmAddDevice).Execute() + resp, r, err := api_client.DefaultApi.VmAddDevicePut(context.Background()).DeviceConfig(deviceConfig).Execute() if err != nil { fmt.Fprintf(os.Stderr, "Error when calling `DefaultApi.VmAddDevicePut``: %v\n", err) fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r) @@ -596,7 +596,7 @@ Other parameters are passed through a pointer to a apiVmAddDevicePutRequest stru Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- - **vmAddDevice** | [**VmAddDevice**](VmAddDevice.md) | The path of the new device | + **deviceConfig** | [**DeviceConfig**](DeviceConfig.md) | The path of the new device | ### Return type diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/VmAddDevice.md b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/VmAddDevice.md deleted file mode 100644 index aaef7b32cb..0000000000 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/docs/VmAddDevice.md +++ /dev/null @@ -1,108 +0,0 @@ -# VmAddDevice - -## Properties - -Name | Type | Description | Notes ------------- | ------------- | ------------- | ------------- -**Path** | Pointer to **string** | | [optional] -**Iommu** | Pointer to **bool** | | [optional] [default to false] -**Id** | Pointer to **string** | | [optional] - -## Methods - -### NewVmAddDevice - -`func NewVmAddDevice() *VmAddDevice` - -NewVmAddDevice instantiates a new VmAddDevice object -This constructor will assign default values to properties that have it defined, -and makes sure properties required by API are set, but the set of arguments -will change when the set of required properties is changed - -### NewVmAddDeviceWithDefaults - -`func NewVmAddDeviceWithDefaults() *VmAddDevice` - -NewVmAddDeviceWithDefaults instantiates a new VmAddDevice object -This constructor will only assign default values to properties that have it defined, -but it doesn't guarantee that properties required by API are set - -### GetPath - -`func (o *VmAddDevice) GetPath() string` - -GetPath returns the Path field if non-nil, zero value otherwise. - -### GetPathOk - -`func (o *VmAddDevice) GetPathOk() (*string, bool)` - -GetPathOk returns a tuple with the Path field if it's non-nil, zero value otherwise -and a boolean to check if the value has been set. - -### SetPath - -`func (o *VmAddDevice) SetPath(v string)` - -SetPath sets Path field to given value. - -### HasPath - -`func (o *VmAddDevice) HasPath() bool` - -HasPath returns a boolean if a field has been set. - -### GetIommu - -`func (o *VmAddDevice) GetIommu() bool` - -GetIommu returns the Iommu field if non-nil, zero value otherwise. - -### GetIommuOk - -`func (o *VmAddDevice) GetIommuOk() (*bool, bool)` - -GetIommuOk returns a tuple with the Iommu field if it's non-nil, zero value otherwise -and a boolean to check if the value has been set. - -### SetIommu - -`func (o *VmAddDevice) SetIommu(v bool)` - -SetIommu sets Iommu field to given value. - -### HasIommu - -`func (o *VmAddDevice) HasIommu() bool` - -HasIommu returns a boolean if a field has been set. - -### GetId - -`func (o *VmAddDevice) GetId() string` - -GetId returns the Id field if non-nil, zero value otherwise. - -### GetIdOk - -`func (o *VmAddDevice) GetIdOk() (*string, bool)` - -GetIdOk returns a tuple with the Id field if it's non-nil, zero value otherwise -and a boolean to check if the value has been set. - -### SetId - -`func (o *VmAddDevice) SetId(v string)` - -SetId sets Id field to given value. - -### HasId - -`func (o *VmAddDevice) HasId() bool` - -HasId returns a boolean if a field has been set. - - -[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md) - - diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_vm_add_device.go b/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_vm_add_device.go deleted file mode 100644 index acc3c177d9..0000000000 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/client/model_vm_add_device.go +++ /dev/null @@ -1,189 +0,0 @@ -/* -Cloud Hypervisor API - -Local HTTP based API for managing and inspecting a cloud-hypervisor virtual machine. - -API version: 0.3.0 -*/ - -// Code generated by OpenAPI Generator (https://openapi-generator.tech); DO NOT EDIT. - -package openapi - -import ( - "encoding/json" -) - -// VmAddDevice struct for VmAddDevice -type VmAddDevice struct { - Path *string `json:"path,omitempty"` - Iommu *bool `json:"iommu,omitempty"` - Id *string `json:"id,omitempty"` -} - -// NewVmAddDevice instantiates a new VmAddDevice object -// This constructor will assign default values to properties that have it defined, -// and makes sure properties required by API are set, but the set of arguments -// will change when the set of required properties is changed -func NewVmAddDevice() *VmAddDevice { - this := VmAddDevice{} - var iommu bool = false - this.Iommu = &iommu - return &this -} - -// NewVmAddDeviceWithDefaults instantiates a new VmAddDevice object -// This constructor will only assign default values to properties that have it defined, -// but it doesn't guarantee that properties required by API are set -func NewVmAddDeviceWithDefaults() *VmAddDevice { - this := VmAddDevice{} - var iommu bool = false - this.Iommu = &iommu - return &this -} - -// GetPath returns the Path field value if set, zero value otherwise. -func (o *VmAddDevice) GetPath() string { - if o == nil || o.Path == nil { - var ret string - return ret - } - return *o.Path -} - -// GetPathOk returns a tuple with the Path field value if set, nil otherwise -// and a boolean to check if the value has been set. -func (o *VmAddDevice) GetPathOk() (*string, bool) { - if o == nil || o.Path == nil { - return nil, false - } - return o.Path, true -} - -// HasPath returns a boolean if a field has been set. -func (o *VmAddDevice) HasPath() bool { - if o != nil && o.Path != nil { - return true - } - - return false -} - -// SetPath gets a reference to the given string and assigns it to the Path field. -func (o *VmAddDevice) SetPath(v string) { - o.Path = &v -} - -// GetIommu returns the Iommu field value if set, zero value otherwise. -func (o *VmAddDevice) GetIommu() bool { - if o == nil || o.Iommu == nil { - var ret bool - return ret - } - return *o.Iommu -} - -// GetIommuOk returns a tuple with the Iommu field value if set, nil otherwise -// and a boolean to check if the value has been set. -func (o *VmAddDevice) GetIommuOk() (*bool, bool) { - if o == nil || o.Iommu == nil { - return nil, false - } - return o.Iommu, true -} - -// HasIommu returns a boolean if a field has been set. -func (o *VmAddDevice) HasIommu() bool { - if o != nil && o.Iommu != nil { - return true - } - - return false -} - -// SetIommu gets a reference to the given bool and assigns it to the Iommu field. -func (o *VmAddDevice) SetIommu(v bool) { - o.Iommu = &v -} - -// GetId returns the Id field value if set, zero value otherwise. -func (o *VmAddDevice) GetId() string { - if o == nil || o.Id == nil { - var ret string - return ret - } - return *o.Id -} - -// GetIdOk returns a tuple with the Id field value if set, nil otherwise -// and a boolean to check if the value has been set. -func (o *VmAddDevice) GetIdOk() (*string, bool) { - if o == nil || o.Id == nil { - return nil, false - } - return o.Id, true -} - -// HasId returns a boolean if a field has been set. -func (o *VmAddDevice) HasId() bool { - if o != nil && o.Id != nil { - return true - } - - return false -} - -// SetId gets a reference to the given string and assigns it to the Id field. -func (o *VmAddDevice) SetId(v string) { - o.Id = &v -} - -func (o VmAddDevice) MarshalJSON() ([]byte, error) { - toSerialize := map[string]interface{}{} - if o.Path != nil { - toSerialize["path"] = o.Path - } - if o.Iommu != nil { - toSerialize["iommu"] = o.Iommu - } - if o.Id != nil { - toSerialize["id"] = o.Id - } - return json.Marshal(toSerialize) -} - -type NullableVmAddDevice struct { - value *VmAddDevice - isSet bool -} - -func (v NullableVmAddDevice) Get() *VmAddDevice { - return v.value -} - -func (v *NullableVmAddDevice) Set(val *VmAddDevice) { - v.value = val - v.isSet = true -} - -func (v NullableVmAddDevice) IsSet() bool { - return v.isSet -} - -func (v *NullableVmAddDevice) Unset() { - v.value = nil - v.isSet = false -} - -func NewNullableVmAddDevice(val *VmAddDevice) *NullableVmAddDevice { - return &NullableVmAddDevice{value: val, isSet: true} -} - -func (v NullableVmAddDevice) MarshalJSON() ([]byte, error) { - return json.Marshal(v.value) -} - -func (v *NullableVmAddDevice) UnmarshalJSON(src []byte) error { - v.isSet = true - return json.Unmarshal(src, &v.value) -} diff --git a/src/runtime/virtcontainers/pkg/cloud-hypervisor/cloud-hypervisor.yaml b/src/runtime/virtcontainers/pkg/cloud-hypervisor/cloud-hypervisor.yaml index c793ce3edb..46d9aac832 100644 --- a/src/runtime/virtcontainers/pkg/cloud-hypervisor/cloud-hypervisor.yaml +++ b/src/runtime/virtcontainers/pkg/cloud-hypervisor/cloud-hypervisor.yaml @@ -185,7 +185,7 @@ paths: content: application/json: schema: - $ref: "#/components/schemas/VmAddDevice" + $ref: "#/components/schemas/DeviceConfig" required: true responses: 200: @@ -1077,17 +1077,6 @@ components: type: integer format: int64 - VmAddDevice: - type: object - properties: - path: - type: string - iommu: - type: boolean - default: false - id: - type: string - VmRemoveDevice: type: object properties: diff --git a/versions.yaml b/versions.yaml index a4836a11ce..fdc48d84e3 100644 --- a/versions.yaml +++ b/versions.yaml @@ -75,7 +75,7 @@ assets: url: "https://github.com/cloud-hypervisor/cloud-hypervisor" uscan-url: >- https://github.com/cloud-hypervisor/cloud-hypervisor/tags.*/v?(\d\S+)\.tar\.gz - version: "2115a4156891804e5fc7bbd0d1831d2e92a0c50e" + version: "b4e39427080293c674b8db627ee6daf1f1b56806" firecracker: description: "Firecracker micro-VMM" From 44d8de8923213daf860bdfda954c9159cb54a525 Mon Sep 17 00:00:00 2001 From: Rouzip <1226015390@qq.com> Date: Sat, 22 Oct 2022 23:31:18 +0800 Subject: [PATCH 14/24] agent: remove redundant checks Remove redundant checks for executable files. FIXes: #3730 Signed-off-by: Rouzip <1226015390@qq.com> --- src/agent/src/sandbox.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/agent/src/sandbox.rs b/src/agent/src/sandbox.rs index 8f93fdd5bc..922d9e1141 100644 --- a/src/agent/src/sandbox.rs +++ b/src/agent/src/sandbox.rs @@ -327,7 +327,7 @@ impl Sandbox { // Reject non-file, symlinks and non-executable files if !entry.file_type()?.is_file() || entry.file_type()?.is_symlink() - || entry.metadata()?.permissions().mode() & 0o777 & 0o111 == 0 + || entry.metadata()?.permissions().mode() & 0o111 == 0 { continue; } From abf4f9b2999d673e437fb5507e78147f3f15bd78 Mon Sep 17 00:00:00 2001 From: zhaoxu Date: Mon, 24 Oct 2022 11:07:34 +0800 Subject: [PATCH 15/24] docs: kata 3.0 Architecture fix readme content error Fixes: #5498 Signed-off-by: zhaoxu --- docs/design/architecture_3.0/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/design/architecture_3.0/README.md b/docs/design/architecture_3.0/README.md index 8159409489..bc0acf6b24 100644 --- a/docs/design/architecture_3.0/README.md +++ b/docs/design/architecture_3.0/README.md @@ -64,8 +64,8 @@ The kata-runtime is controlled by TOKIO_RUNTIME_WORKER_THREADS to run the OS thr ├─ TTRPC listener thread(M * tokio task) ├─ TTRPC client handler thread(7 * M * tokio task) ├─ container stdin io thread(M * tokio task) - ├─ container stdin io thread(M * tokio task) - └─ container stdin io thread(M * tokio task) + ├─ container stdout io thread(M * tokio task) + └─ container stderr io thread(M * tokio task) ``` ### Extensible Framework The Kata 3.x runtime is designed with the extension of service, runtime, and hypervisor, combined with configuration to meet the needs of different scenarios. At present, the service provides a register mechanism to support multiple services. Services could interact with runtime through messages. In addition, the runtime handler handles messages from services. To meet the needs of a binary that supports multiple runtimes and hypervisors, the startup must obtain the runtime handler type and hypervisor type through configuration. From 144efd1a7a78831d544f53fb08c5126a1dfd1dc6 Mon Sep 17 00:00:00 2001 From: Zhongtao Hu Date: Mon, 24 Oct 2022 15:52:34 +0800 Subject: [PATCH 16/24] docs: update rust runtime installation guide As kata-deploy support rust runtime, we need to update the installation docs Fixes:#5500 Signed-off-by: Zhongtao Hu --- .../kata-containers-3.0-rust-runtime-installation-guide.md | 5 +++-- tools/packaging/kata-deploy/README.md | 1 + 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/docs/install/kata-containers-3.0-rust-runtime-installation-guide.md b/docs/install/kata-containers-3.0-rust-runtime-installation-guide.md index cf9eee456c..b3a88e145a 100644 --- a/docs/install/kata-containers-3.0-rust-runtime-installation-guide.md +++ b/docs/install/kata-containers-3.0-rust-runtime-installation-guide.md @@ -24,7 +24,7 @@ architectures: | Installation method | Description | Automatic updates | Use case | Availability |------------------------------------------------------|----------------------------------------------------------------------------------------------|-------------------|-----------------------------------------------------------------------------------------------|----------- | -| [Using kata-deploy](#kata-deploy-installation) | The preferred way to deploy the Kata Containers distributed binaries on a Kubernetes cluster | **No!** | Best way to give it a try on kata-containers on an already up and running Kubernetes cluster. | No | +| [Using kata-deploy](#kata-deploy-installation) | The preferred way to deploy the Kata Containers distributed binaries on a Kubernetes cluster | **No!** | Best way to give it a try on kata-containers on an already up and running Kubernetes cluster. | Yes | | [Using official distro packages](#official-packages) | Kata packages provided by Linux distributions official repositories | yes | Recommended for most users. | No | | [Using snap](#snap-installation) | Easy to install | yes | Good alternative to official distro packages. | No | | [Automatic](#automatic-installation) | Run a single command to install a full system | **No!** | For those wanting the latest release quickly. | No | @@ -32,7 +32,8 @@ architectures: | [Build from source](#build-from-source-installation) | Build the software components manually | **No!** | Power users and developers only. | Yes | ### Kata Deploy Installation -`ToDo` + +Follow the [`kata-deploy`](../../tools/packaging/kata-deploy/README.md). ### Official packages `ToDo` ### Snap Installation diff --git a/tools/packaging/kata-deploy/README.md b/tools/packaging/kata-deploy/README.md index 99ff3d3af2..5a8b9cc1ae 100644 --- a/tools/packaging/kata-deploy/README.md +++ b/tools/packaging/kata-deploy/README.md @@ -143,6 +143,7 @@ $ kubectl apply -f https://raw.githubusercontent.com/kata-containers/kata-contai The following removes the test pods: ```bash +$ kubectl delete -f https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/examples/test-deploy-kata-dragonball.yaml $ kubectl delete -f https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/examples/test-deploy-kata-clh.yaml $ kubectl delete -f https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/examples/test-deploy-kata-fc.yaml $ kubectl delete -f https://raw.githubusercontent.com/kata-containers/kata-containers/main/tools/packaging/kata-deploy/examples/test-deploy-kata-qemu.yaml From b015f34aff1728d4f89c9b7521886896c4be8b8b Mon Sep 17 00:00:00 2001 From: Peng Tao Date: Tue, 25 Oct 2022 15:30:13 +0800 Subject: [PATCH 17/24] runtime-rs: generate config files with the default target Right now it is not generated with a simple `make`. Fixes: #5509 Signed-off-by: Peng Tao --- src/runtime-rs/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/runtime-rs/Makefile b/src/runtime-rs/Makefile index 7c1bd663b1..a78d41770f 100644 --- a/src/runtime-rs/Makefile +++ b/src/runtime-rs/Makefile @@ -357,15 +357,15 @@ endef .DEFAULT_GOAL := default +GENERATED_FILES += $(CONFIGS) + runtime: $(TARGET) -$(TARGET): $(GENERATED_CODE) $(TARGET_PATH) +$(TARGET): $(GENERATED_FILES) $(TARGET_PATH) $(TARGET_PATH): $(SOURCES) | show-summary @RUSTFLAGS="$(EXTRA_RUSTFLAGS) --deny warnings" cargo build --target $(TRIPLE) --$(BUILD_TYPE) $(EXTRA_RUSTFEATURES) -GENERATED_FILES += $(CONFIGS) - $(GENERATED_FILES): %: %.in @sed \ $(foreach r,$(GENERATED_REPLACEMENTS),-e 's|@$r@|$($r)|g') \ From a6fb4e2a68ce17483a5f62273595b8bf2cb6a9d5 Mon Sep 17 00:00:00 2001 From: Peng Tao Date: Wed, 26 Oct 2022 10:41:24 +0800 Subject: [PATCH 18/24] versions: bump golangci-lint version There is little point to maintain backward compatiblity for golangci-lint. Let's just use a unified version of it. Fixes: #5512 Signed-off-by: Peng Tao --- versions.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/versions.yaml b/versions.yaml index fdc48d84e3..cf9c823008 100644 --- a/versions.yaml +++ b/versions.yaml @@ -324,7 +324,7 @@ languages: golangci-lint: description: "golangci-lint" notes: "'version' is the default minimum version used by this project." - version: "1.41.1" + version: "1.46.2" meta: description: | 'newest-version' is the latest version known to work when From 699f821e12c8793b8cc313312eac384223028b61 Mon Sep 17 00:00:00 2001 From: Archana Shinde Date: Thu, 13 Oct 2022 17:35:43 -0700 Subject: [PATCH 19/24] utils: Add function to drop priveleges This function is meant to be used before operations such as accessing network to make sure those operations are not performed as a privilged user. Fixes: #5331 Signed-off-by: Archana Shinde --- src/tools/kata-ctl/Cargo.toml | 2 ++ src/tools/kata-ctl/src/main.rs | 1 + src/tools/kata-ctl/src/utils.rs | 33 +++++++++++++++++++++++++++++++++ 3 files changed, 36 insertions(+) create mode 100644 src/tools/kata-ctl/src/utils.rs diff --git a/src/tools/kata-ctl/Cargo.toml b/src/tools/kata-ctl/Cargo.toml index 094613c343..a6701ddbd0 100644 --- a/src/tools/kata-ctl/Cargo.toml +++ b/src/tools/kata-ctl/Cargo.toml @@ -15,6 +15,8 @@ clap = { version = "3.2.20", features = ["derive", "cargo"] } reqwest = { version = "0.11", default-features = false, features = ["json", "blocking", "rustls-tls"] } serde_json = "1.0.85" thiserror = "1.0.35" +privdrop = "0.5.2" +nix = "0.25.0" [dev-dependencies] semver = "1.0.12" diff --git a/src/tools/kata-ctl/src/main.rs b/src/tools/kata-ctl/src/main.rs index 30e4b5eb7a..df3e0d7e7a 100644 --- a/src/tools/kata-ctl/src/main.rs +++ b/src/tools/kata-ctl/src/main.rs @@ -7,6 +7,7 @@ mod arch; mod args; mod check; mod ops; +mod utils; use anyhow::Result; use clap::Parser; diff --git a/src/tools/kata-ctl/src/utils.rs b/src/tools/kata-ctl/src/utils.rs new file mode 100644 index 0000000000..86b22a4bf0 --- /dev/null +++ b/src/tools/kata-ctl/src/utils.rs @@ -0,0 +1,33 @@ +// Copyright (c) 2022 Intel Corporation +// +// SPDX-License-Identifier: Apache-2.0 +// + +#![allow(dead_code)] + +use anyhow::{anyhow, Result}; + +const NON_PRIV_USER: &str = "nobody"; + +pub fn drop_privs() -> Result<()> { + if nix::unistd::Uid::effective().is_root() { + privdrop::PrivDrop::default() + .chroot("/") + .user(NON_PRIV_USER) + .apply() + .map_err(|e| anyhow!("Failed to drop privileges to user {}: {}", NON_PRIV_USER, e))?; + } + + Ok(()) +} + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn test_drop_privs() { + let res = drop_privs(); + assert!(res.is_ok()); + } +} From 474927ec90555cd52b84881ae03bd2ac65f5ec40 Mon Sep 17 00:00:00 2001 From: Archana Shinde Date: Thu, 13 Oct 2022 17:49:08 -0700 Subject: [PATCH 20/24] gitignore: Add gitignore file Ignore autogeneraated version.rs Signed-off-by: Archana Shinde --- src/tools/kata-ctl/.gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tools/kata-ctl/.gitignore b/src/tools/kata-ctl/.gitignore index 57872d0f1e..623c9e0b55 100644 --- a/src/tools/kata-ctl/.gitignore +++ b/src/tools/kata-ctl/.gitignore @@ -1 +1 @@ -/vendor/ +src/ops/version.rs From c0f5bc81b748138095e158518997d0f0a75e04f9 Mon Sep 17 00:00:00 2001 From: Archana Shinde Date: Thu, 13 Oct 2022 17:50:41 -0700 Subject: [PATCH 21/24] cargo: Add Cargo.lock to version control Add Cargo.lock to capture state of build. Signed-off-by: Archana Shinde --- src/tools/kata-ctl/Cargo.lock | 1035 +++++++++++++++++++++++++++++++++ 1 file changed, 1035 insertions(+) create mode 100644 src/tools/kata-ctl/Cargo.lock diff --git a/src/tools/kata-ctl/Cargo.lock b/src/tools/kata-ctl/Cargo.lock new file mode 100644 index 0000000000..42ddf2f160 --- /dev/null +++ b/src/tools/kata-ctl/Cargo.lock @@ -0,0 +1,1035 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "anyhow" +version = "1.0.65" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "98161a4e3e2184da77bb14f02184cdd111e83bbbcc9979dfee3c44b9a85f5602" + +[[package]] +name = "atty" +version = "0.2.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" +dependencies = [ + "hermit-abi", + "libc", + "winapi", +] + +[[package]] +name = "autocfg" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" + +[[package]] +name = "base64" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd" + +[[package]] +name = "bitflags" +version = "1.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" + +[[package]] +name = "bumpalo" +version = "3.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c1ad822118d20d2c234f427000d5acc36eabe1e29a348c89b63dd60b13f28e5d" + +[[package]] +name = "bytes" +version = "1.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ec8a7b6a70fde80372154c65702f00a0f56f3e1c36abbc6c440484be248856db" + +[[package]] +name = "cc" +version = "1.0.73" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11" + +[[package]] +name = "cfg-if" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" + +[[package]] +name = "clap" +version = "3.2.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "86447ad904c7fb335a790c9d7fe3d0d971dc523b8ccd1561a520de9a85302750" +dependencies = [ + "atty", + "bitflags", + "clap_derive", + "clap_lex", + "indexmap", + "once_cell", + "strsim", + "termcolor", + "textwrap", +] + +[[package]] +name = "clap_derive" +version = "3.2.18" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea0c8bce528c4be4da13ea6fead8965e95b6073585a2f05204bd8f4119f82a65" +dependencies = [ + "heck", + "proc-macro-error", + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "clap_lex" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2850f2f5a82cbf437dd5af4d49848fbdfc27c157c3d010345776f952765261c5" +dependencies = [ + "os_str_bytes", +] + +[[package]] +name = "encoding_rs" +version = "0.8.31" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9852635589dc9f9ea1b6fe9f05b50ef208c85c834a562f0c6abb1c475736ec2b" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "fnv" +version = "1.0.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" + +[[package]] +name = "form_urlencoded" +version = "1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9c384f161156f5260c24a097c56119f9be8c798586aecc13afbcbe7b7e26bf8" +dependencies = [ + "percent-encoding", +] + +[[package]] +name = "futures-channel" +version = "0.3.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "30bdd20c28fadd505d0fd6712cdfcb0d4b5648baf45faef7f852afb2399bb050" +dependencies = [ + "futures-core", +] + +[[package]] +name = "futures-core" +version = "0.3.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4e5aa3de05362c3fb88de6531e6296e85cde7739cccad4b9dfeeb7f6ebce56bf" + +[[package]] +name = "futures-io" +version = "0.3.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbf4d2a7a308fd4578637c0b17c7e1c7ba127b8f6ba00b29f717e9655d85eb68" + +[[package]] +name = "futures-sink" +version = "0.3.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "21b20ba5a92e727ba30e72834706623d94ac93a725410b6a6b6fbc1b07f7ba56" + +[[package]] +name = "futures-task" +version = "0.3.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a6508c467c73851293f390476d4491cf4d227dbabcd4170f3bb6044959b294f1" + +[[package]] +name = "futures-util" +version = "0.3.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "44fb6cb1be61cc1d2e43b262516aafcf63b241cffdb1d3fa115f91d9c7b09c90" +dependencies = [ + "futures-core", + "futures-io", + "futures-task", + "memchr", + "pin-project-lite", + "pin-utils", + "slab", +] + +[[package]] +name = "h2" +version = "0.3.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5ca32592cf21ac7ccab1825cd87f6c9b3d9022c44d086172ed0966bec8af30be" +dependencies = [ + "bytes", + "fnv", + "futures-core", + "futures-sink", + "futures-util", + "http", + "indexmap", + "slab", + "tokio", + "tokio-util", + "tracing", +] + +[[package]] +name = "hashbrown" +version = "0.12.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" + +[[package]] +name = "heck" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2540771e65fc8cb83cd6e8a237f70c319bd5c29f78ed1084ba5d50eeac86f7f9" + +[[package]] +name = "hermit-abi" +version = "0.1.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33" +dependencies = [ + "libc", +] + +[[package]] +name = "http" +version = "0.2.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75f43d41e26995c17e71ee126451dd3941010b0514a81a9d11f3b341debc2399" +dependencies = [ + "bytes", + "fnv", + "itoa", +] + +[[package]] +name = "http-body" +version = "0.4.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5f38f16d184e36f2408a55281cd658ecbd3ca05cce6d6510a176eca393e26d1" +dependencies = [ + "bytes", + "http", + "pin-project-lite", +] + +[[package]] +name = "httparse" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d897f394bad6a705d5f4104762e116a75639e470d80901eed05a860a95cb1904" + +[[package]] +name = "httpdate" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c4a1e36c821dbe04574f602848a19f742f4fb3c98d40449f11bcad18d6b17421" + +[[package]] +name = "hyper" +version = "0.14.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "02c929dc5c39e335a03c405292728118860721b10190d98c2a0f0efd5baafbac" +dependencies = [ + "bytes", + "futures-channel", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "httparse", + "httpdate", + "itoa", + "pin-project-lite", + "socket2", + "tokio", + "tower-service", + "tracing", + "want", +] + +[[package]] +name = "hyper-rustls" +version = "0.23.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d87c48c02e0dc5e3b849a2041db3029fd066650f8f717c07bf8ed78ccb895cac" +dependencies = [ + "http", + "hyper", + "rustls", + "tokio", + "tokio-rustls", +] + +[[package]] +name = "idna" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e14ddfc70884202db2244c223200c204c2bda1bc6e0998d11b5e024d657209e6" +dependencies = [ + "unicode-bidi", + "unicode-normalization", +] + +[[package]] +name = "indexmap" +version = "1.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "10a35a97730320ffe8e2d410b5d3b69279b98d2c14bdb8b70ea89ecf7888d41e" +dependencies = [ + "autocfg", + "hashbrown", +] + +[[package]] +name = "ipnet" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "879d54834c8c76457ef4293a689b2a8c59b076067ad77b15efafbb05f92a592b" + +[[package]] +name = "itoa" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4217ad341ebadf8d8e724e264f13e593e0648f5b3e94b3896a5df283be015ecc" + +[[package]] +name = "js-sys" +version = "0.3.60" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49409df3e3bf0856b916e2ceaca09ee28e6871cf7d9ce97a692cacfdb2a25a47" +dependencies = [ + "wasm-bindgen", +] + +[[package]] +name = "kata-ctl" +version = "0.0.1" +dependencies = [ + "anyhow", + "clap", + "nix 0.25.0", + "privdrop", + "reqwest", + "semver", + "serde_json", + "thiserror", +] + +[[package]] +name = "libc" +version = "0.2.135" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "68783febc7782c6c5cb401fbda4de5a9898be1762314da0bb2c10ced61f18b0c" + +[[package]] +name = "log" +version = "0.4.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" +dependencies = [ + "cfg-if", +] + +[[package]] +name = "memchr" +version = "2.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" + +[[package]] +name = "memoffset" +version = "0.6.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5aa361d4faea93603064a027415f07bd8e1d5c88c9fbf68bf56a285428fd79ce" +dependencies = [ + "autocfg", +] + +[[package]] +name = "mime" +version = "0.3.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a60c7ce501c71e03a9c9c0d35b861413ae925bd979cc7a4e30d060069aaac8d" + +[[package]] +name = "mio" +version = "0.8.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57ee1c23c7c63b0c9250c339ffdc69255f110b298b901b9f6c82547b7b87caaf" +dependencies = [ + "libc", + "log", + "wasi", + "windows-sys", +] + +[[package]] +name = "nix" +version = "0.24.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "195cdbc1741b8134346d515b3a56a1c94b0912758009cfd53f99ea0f57b065fc" +dependencies = [ + "bitflags", + "cfg-if", + "libc", + "memoffset", +] + +[[package]] +name = "nix" +version = "0.25.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e322c04a9e3440c327fca7b6c8a63e6890a32fa2ad689db972425f07e0d22abb" +dependencies = [ + "autocfg", + "bitflags", + "cfg-if", + "libc", + "memoffset", + "pin-utils", +] + +[[package]] +name = "num_cpus" +version = "1.13.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "19e64526ebdee182341572e50e9ad03965aa510cd94427a4549448f285e957a1" +dependencies = [ + "hermit-abi", + "libc", +] + +[[package]] +name = "once_cell" +version = "1.15.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e82dad04139b71a90c080c8463fe0dc7902db5192d939bd0950f074d014339e1" + +[[package]] +name = "os_str_bytes" +version = "6.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ff7415e9ae3fff1225851df9e0d9e4e5479f947619774677a63572e55e80eff" + +[[package]] +name = "percent-encoding" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "478c572c3d73181ff3c2539045f6eb99e5491218eae919370993b890cdbdd98e" + +[[package]] +name = "pin-project-lite" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e0a7ae3ac2f1173085d398531c705756c94a4c56843785df85a60c1a0afac116" + +[[package]] +name = "pin-utils" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184" + +[[package]] +name = "privdrop" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ad5b1f7e40f628a2f8f90e40d3f313be83066cc61997fdcb96cade6abf7cee93" +dependencies = [ + "libc", + "nix 0.24.2", +] + +[[package]] +name = "proc-macro-error" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" +dependencies = [ + "proc-macro-error-attr", + "proc-macro2", + "quote", + "syn", + "version_check", +] + +[[package]] +name = "proc-macro-error-attr" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" +dependencies = [ + "proc-macro2", + "quote", + "version_check", +] + +[[package]] +name = "proc-macro2" +version = "1.0.46" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "94e2ef8dbfc347b10c094890f778ee2e36ca9bb4262e86dc99cd217e35f3470b" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "quote" +version = "1.0.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bbe448f377a7d6961e30f5955f9b8d106c3f5e449d493ee1b125c1d43c2b5179" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "reqwest" +version = "0.11.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "431949c384f4e2ae07605ccaa56d1d9d2ecdb5cadd4f9577ccfab29f2e5149fc" +dependencies = [ + "base64", + "bytes", + "encoding_rs", + "futures-core", + "futures-util", + "h2", + "http", + "http-body", + "hyper", + "hyper-rustls", + "ipnet", + "js-sys", + "log", + "mime", + "once_cell", + "percent-encoding", + "pin-project-lite", + "rustls", + "rustls-pemfile", + "serde", + "serde_json", + "serde_urlencoded", + "tokio", + "tokio-rustls", + "tower-service", + "url", + "wasm-bindgen", + "wasm-bindgen-futures", + "web-sys", + "webpki-roots", + "winreg", +] + +[[package]] +name = "ring" +version = "0.16.20" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3053cf52e236a3ed746dfc745aa9cacf1b791d846bdaf412f60a8d7d6e17c8fc" +dependencies = [ + "cc", + "libc", + "once_cell", + "spin", + "untrusted", + "web-sys", + "winapi", +] + +[[package]] +name = "rustls" +version = "0.20.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5aab8ee6c7097ed6057f43c187a62418d0c05a4bd5f18b3571db50ee0f9ce033" +dependencies = [ + "log", + "ring", + "sct", + "webpki", +] + +[[package]] +name = "rustls-pemfile" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0864aeff53f8c05aa08d86e5ef839d3dfcf07aeba2db32f12db0ef716e87bd55" +dependencies = [ + "base64", +] + +[[package]] +name = "ryu" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4501abdff3ae82a1c1b477a17252eb69cee9e66eb915c1abaa4f44d873df9f09" + +[[package]] +name = "sct" +version = "0.7.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d53dcdb7c9f8158937a7981b48accfd39a43af418591a5d008c7b22b5e1b7ca4" +dependencies = [ + "ring", + "untrusted", +] + +[[package]] +name = "semver" +version = "1.0.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e25dfac463d778e353db5be2449d1cce89bd6fd23c9f1ea21310ce6e5a1b29c4" + +[[package]] +name = "serde" +version = "1.0.145" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "728eb6351430bccb993660dfffc5a72f91ccc1295abaa8ce19b27ebe4f75568b" + +[[package]] +name = "serde_json" +version = "1.0.86" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "41feea4228a6f1cd09ec7a3593a682276702cd67b5273544757dae23c096f074" +dependencies = [ + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "serde_urlencoded" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd" +dependencies = [ + "form_urlencoded", + "itoa", + "ryu", + "serde", +] + +[[package]] +name = "slab" +version = "0.4.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4614a76b2a8be0058caa9dbbaf66d988527d86d003c11a94fbd335d7661edcef" +dependencies = [ + "autocfg", +] + +[[package]] +name = "socket2" +version = "0.4.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "02e2d2db9033d13a1567121ddd7a095ee144db4e1ca1b1bda3419bc0da294ebd" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "spin" +version = "0.5.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" + +[[package]] +name = "strsim" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623" + +[[package]] +name = "syn" +version = "1.0.102" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3fcd952facd492f9be3ef0d0b7032a6e442ee9b361d4acc2b1d0c4aaa5f613a1" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "termcolor" +version = "1.1.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bab24d30b911b2376f3a13cc2cd443142f0c81dda04c118693e35b3835757755" +dependencies = [ + "winapi-util", +] + +[[package]] +name = "textwrap" +version = "0.15.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "949517c0cf1bf4ee812e2e07e08ab448e3ae0d23472aee8a06c985f0c8815b16" + +[[package]] +name = "thiserror" +version = "1.0.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "10deb33631e3c9018b9baf9dcbbc4f737320d2b576bac10f6aefa048fa407e3e" +dependencies = [ + "thiserror-impl", +] + +[[package]] +name = "thiserror-impl" +version = "1.0.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "982d17546b47146b28f7c22e3d08465f6b8903d0ea13c1660d9d84a6e7adcdbb" +dependencies = [ + "proc-macro2", + "quote", + "syn", +] + +[[package]] +name = "tinyvec" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87cc5ceb3875bb20c2890005a4e226a4651264a5c75edb2421b52861a0a0cb50" +dependencies = [ + "tinyvec_macros", +] + +[[package]] +name = "tinyvec_macros" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c" + +[[package]] +name = "tokio" +version = "1.21.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a9e03c497dc955702ba729190dc4aac6f2a0ce97f913e5b1b5912fc5039d9099" +dependencies = [ + "autocfg", + "bytes", + "libc", + "memchr", + "mio", + "num_cpus", + "pin-project-lite", + "socket2", + "winapi", +] + +[[package]] +name = "tokio-rustls" +version = "0.23.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c43ee83903113e03984cb9e5cebe6c04a5116269e900e3ddba8f068a62adda59" +dependencies = [ + "rustls", + "tokio", + "webpki", +] + +[[package]] +name = "tokio-util" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0bb2e075f03b3d66d8d8785356224ba688d2906a371015e225beeb65ca92c740" +dependencies = [ + "bytes", + "futures-core", + "futures-sink", + "pin-project-lite", + "tokio", + "tracing", +] + +[[package]] +name = "tower-service" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b6bc1c9ce2b5135ac7f93c72918fc37feb872bdc6a5533a8b85eb4b86bfdae52" + +[[package]] +name = "tracing" +version = "0.1.37" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8ce8c33a8d48bd45d624a6e523445fd21ec13d3653cd51f681abf67418f54eb8" +dependencies = [ + "cfg-if", + "pin-project-lite", + "tracing-core", +] + +[[package]] +name = "tracing-core" +version = "0.1.30" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "24eb03ba0eab1fd845050058ce5e616558e8f8d8fca633e6b163fe25c797213a" +dependencies = [ + "once_cell", +] + +[[package]] +name = "try-lock" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "59547bce71d9c38b83d9c0e92b6066c4253371f15005def0c30d9657f50c7642" + +[[package]] +name = "unicode-bidi" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "099b7128301d285f79ddd55b9a83d5e6b9e97c92e0ea0daebee7263e932de992" + +[[package]] +name = "unicode-ident" +version = "1.0.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ceab39d59e4c9499d4e5a8ee0e2735b891bb7308ac83dfb4e80cad195c9f6f3" + +[[package]] +name = "unicode-normalization" +version = "0.1.22" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c5713f0fc4b5db668a2ac63cdb7bb4469d8c9fed047b1d0292cc7b0ce2ba921" +dependencies = [ + "tinyvec", +] + +[[package]] +name = "untrusted" +version = "0.7.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" + +[[package]] +name = "url" +version = "2.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d68c799ae75762b8c3fe375feb6600ef5602c883c5d21eb51c09f22b83c4643" +dependencies = [ + "form_urlencoded", + "idna", + "percent-encoding", +] + +[[package]] +name = "version_check" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" + +[[package]] +name = "want" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1ce8a968cb1cd110d136ff8b819a556d6fb6d919363c61534f6860c7eb172ba0" +dependencies = [ + "log", + "try-lock", +] + +[[package]] +name = "wasi" +version = "0.11.0+wasi-snapshot-preview1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" + +[[package]] +name = "wasm-bindgen" +version = "0.2.83" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eaf9f5aceeec8be17c128b2e93e031fb8a4d469bb9c4ae2d7dc1888b26887268" +dependencies = [ + "cfg-if", + "wasm-bindgen-macro", +] + +[[package]] +name = "wasm-bindgen-backend" +version = "0.2.83" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c8ffb332579b0557b52d268b91feab8df3615f265d5270fec2a8c95b17c1142" +dependencies = [ + "bumpalo", + "log", + "once_cell", + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-futures" +version = "0.4.33" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23639446165ca5a5de86ae1d8896b737ae80319560fbaa4c2887b7da6e7ebd7d" +dependencies = [ + "cfg-if", + "js-sys", + "wasm-bindgen", + "web-sys", +] + +[[package]] +name = "wasm-bindgen-macro" +version = "0.2.83" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "052be0f94026e6cbc75cdefc9bae13fd6052cdcaf532fa6c45e7ae33a1e6c810" +dependencies = [ + "quote", + "wasm-bindgen-macro-support", +] + +[[package]] +name = "wasm-bindgen-macro-support" +version = "0.2.83" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "07bc0c051dc5f23e307b13285f9d75df86bfdf816c5721e573dec1f9b8aa193c" +dependencies = [ + "proc-macro2", + "quote", + "syn", + "wasm-bindgen-backend", + "wasm-bindgen-shared", +] + +[[package]] +name = "wasm-bindgen-shared" +version = "0.2.83" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1c38c045535d93ec4f0b4defec448e4291638ee608530863b1e2ba115d4fff7f" + +[[package]] +name = "web-sys" +version = "0.3.60" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bcda906d8be16e728fd5adc5b729afad4e444e106ab28cd1c7256e54fa61510f" +dependencies = [ + "js-sys", + "wasm-bindgen", +] + +[[package]] +name = "webpki" +version = "0.22.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f095d78192e208183081cc07bc5515ef55216397af48b873e5edcd72637fa1bd" +dependencies = [ + "ring", + "untrusted", +] + +[[package]] +name = "webpki-roots" +version = "0.22.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "368bfe657969fb01238bb756d351dcade285e0f6fcbd36dcb23359a5169975be" +dependencies = [ + "webpki", +] + +[[package]] +name = "winapi" +version = "0.3.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419" +dependencies = [ + "winapi-i686-pc-windows-gnu", + "winapi-x86_64-pc-windows-gnu", +] + +[[package]] +name = "winapi-i686-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6" + +[[package]] +name = "winapi-util" +version = "0.1.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "70ec6ce85bb158151cae5e5c87f95a8e97d2c0c4b001223f33a334e3ce5de178" +dependencies = [ + "winapi", +] + +[[package]] +name = "winapi-x86_64-pc-windows-gnu" +version = "0.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" + +[[package]] +name = "windows-sys" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2" +dependencies = [ + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_msvc", +] + +[[package]] +name = "windows_aarch64_msvc" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47" + +[[package]] +name = "windows_i686_gnu" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6" + +[[package]] +name = "windows_i686_msvc" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024" + +[[package]] +name = "windows_x86_64_gnu" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1" + +[[package]] +name = "windows_x86_64_msvc" +version = "0.36.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" + +[[package]] +name = "winreg" +version = "0.10.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "80d0f4e272c85def139476380b12f9ac60926689dd2e01d4923222f40580869d" +dependencies = [ + "winapi", +] From 219919e9f7d6b39000b9dbf93856e8268ac7865a Mon Sep 17 00:00:00 2001 From: Chelsea Mafrica Date: Tue, 25 Oct 2022 23:16:00 -0700 Subject: [PATCH 22/24] docs: Fix volumeMounts in SGX usage example The /dev/sgx is not mounted and the enclave is not available, causing the demo job to report an error in the logs. Add volumeMounts to container in order to have the device available in the container. Fixes: #5514 Signed-off-by: Chelsea Mafrica --- docs/use-cases/using-Intel-SGX-and-kata.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/use-cases/using-Intel-SGX-and-kata.md b/docs/use-cases/using-Intel-SGX-and-kata.md index 9b721f1bc4..29635e6ae4 100644 --- a/docs/use-cases/using-Intel-SGX-and-kata.md +++ b/docs/use-cases/using-Intel-SGX-and-kata.md @@ -61,6 +61,9 @@ spec: name: eosgx-demo-job-1 image: oeciteam/oe-helloworld:latest imagePullPolicy: IfNotPresent + volumeMounts: + - mountPath: /dev + name: dev-mount securityContext: readOnlyRootFilesystem: true capabilities: From 43fcb8fd09064b8b383ec3b15275991665e269ca Mon Sep 17 00:00:00 2001 From: Hyounggyu Choi Date: Wed, 26 Oct 2022 23:43:22 +0200 Subject: [PATCH 23/24] virtiofsd: Not use "link-self-contained=yes" on s390x The compile option link-self-contained=yes asks rustc to use C library startup object files that come with the compiler, which are not available on the target s390x-unknown-linux-gnu. A build does not contain any startup files leading to a broken executable entry point (causing segmentation fault). Fixes: #5522 Signed-off-by: Hyounggyu Choi --- .../static-build/virtiofsd/build-static-virtiofsd.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tools/packaging/static-build/virtiofsd/build-static-virtiofsd.sh b/tools/packaging/static-build/virtiofsd/build-static-virtiofsd.sh index 90d6d6fa57..8b0a048264 100755 --- a/tools/packaging/static-build/virtiofsd/build-static-virtiofsd.sh +++ b/tools/packaging/static-build/virtiofsd/build-static-virtiofsd.sh @@ -47,6 +47,7 @@ pull_virtiofsd_released_binary() { init_env() { source "$HOME/.cargo/env" + extra_rust_flags=" -C link-self-contained=yes" case ${ARCH} in "aarch64") LIBC="musl" @@ -60,6 +61,7 @@ init_env() { "s390x") LIBC="gnu" ARCH_LIBC=${ARCH}-linux-${LIBC} + extra_rust_flags="" ;; "x86_64") LIBC="musl" @@ -76,7 +78,7 @@ build_virtiofsd_from_source() { git clone --depth 1 --branch ${virtiofsd_version} ${virtiofsd_repo} virtiofsd pushd virtiofsd - export RUSTFLAGS='-C target-feature=+crt-static -C link-self-contained=yes' + export RUSTFLAGS='-C target-feature=+crt-static'${extra_rust_flags} export LIBSECCOMP_LINK_TYPE=static export LIBSECCOMP_LIB_PATH=/usr/lib/${ARCH_LIBC} export LIBCAPNG_LINK_TYPE=static From 0ed7da30d7b63e613c7bb4ec1755673b335a92d3 Mon Sep 17 00:00:00 2001 From: Gabriela Cervantes Date: Thu, 27 Oct 2022 21:09:34 +0000 Subject: [PATCH 24/24] tools: Fix indentation of build static clh script This Pr removes single spaces and fix the indentation of the script. Fixes #5528 Signed-off-by: Gabriela Cervantes --- .../cloud-hypervisor/build-static-clh.sh | 88 +++++++++---------- 1 file changed, 44 insertions(+), 44 deletions(-) diff --git a/tools/packaging/static-build/cloud-hypervisor/build-static-clh.sh b/tools/packaging/static-build/cloud-hypervisor/build-static-clh.sh index 8cb1a6e79f..0bee1ea041 100755 --- a/tools/packaging/static-build/cloud-hypervisor/build-static-clh.sh +++ b/tools/packaging/static-build/cloud-hypervisor/build-static-clh.sh @@ -25,10 +25,10 @@ cloud_hypervisor_pr="${cloud_hypervisor_pr:-}" cloud_hypervisor_pull_ref_branch="${cloud_hypervisor_pull_ref_branch:-main}" if [ -z "$cloud_hypervisor_repo" ]; then - info "Get cloud_hypervisor information from runtime versions.yaml" - cloud_hypervisor_url=$(get_from_kata_deps "assets.hypervisor.cloud_hypervisor.url") - [ -n "$cloud_hypervisor_url" ] || die "failed to get cloud_hypervisor url" - cloud_hypervisor_repo="${cloud_hypervisor_url}.git" + info "Get cloud_hypervisor information from runtime versions.yaml" + cloud_hypervisor_url=$(get_from_kata_deps "assets.hypervisor.cloud_hypervisor.url") + [ -n "$cloud_hypervisor_url" ] || die "failed to get cloud_hypervisor url" + cloud_hypervisor_repo="${cloud_hypervisor_url}.git" fi [ -n "$cloud_hypervisor_repo" ] || die "failed to get cloud_hypervisor repo" @@ -41,61 +41,61 @@ else fi pull_clh_released_binary() { - info "Download cloud-hypervisor version: ${cloud_hypervisor_version}" - cloud_hypervisor_binary="https://github.com/cloud-hypervisor/cloud-hypervisor/releases/download/${cloud_hypervisor_version}/cloud-hypervisor-static" + info "Download cloud-hypervisor version: ${cloud_hypervisor_version}" + cloud_hypervisor_binary="https://github.com/cloud-hypervisor/cloud-hypervisor/releases/download/${cloud_hypervisor_version}/cloud-hypervisor-static" - curl --fail -L ${cloud_hypervisor_binary} -o cloud-hypervisor-static || return 1 - mkdir -p cloud-hypervisor - mv -f cloud-hypervisor-static cloud-hypervisor/cloud-hypervisor - chmod +x cloud-hypervisor/cloud-hypervisor + curl --fail -L ${cloud_hypervisor_binary} -o cloud-hypervisor-static || return 1 + mkdir -p cloud-hypervisor + mv -f cloud-hypervisor-static cloud-hypervisor/cloud-hypervisor + chmod +x cloud-hypervisor/cloud-hypervisor } build_clh_from_source() { - info "Build ${cloud_hypervisor_repo} version: ${cloud_hypervisor_version}" - repo_dir=$(basename "${cloud_hypervisor_repo}") - repo_dir="${repo_dir//.git}" - rm -rf "${repo_dir}" - git clone "${cloud_hypervisor_repo}" - git config --global --add safe.directory "$PWD/repo_dir" - pushd "${repo_dir}" + info "Build ${cloud_hypervisor_repo} version: ${cloud_hypervisor_version}" + repo_dir=$(basename "${cloud_hypervisor_repo}") + repo_dir="${repo_dir//.git}" + rm -rf "${repo_dir}" + git clone "${cloud_hypervisor_repo}" + git config --global --add safe.directory "$PWD/repo_dir" + pushd "${repo_dir}" - if [ -n "${cloud_hypervisor_pr}" ]; then - local pr_branch="PR_${cloud_hypervisor_pr}" - git fetch origin "pull/${cloud_hypervisor_pr}/head:${pr_branch}" || return 1 - git checkout "${pr_branch}" - git rebase "origin/${cloud_hypervisor_pull_ref_branch}" + if [ -n "${cloud_hypervisor_pr}" ]; then + local pr_branch="PR_${cloud_hypervisor_pr}" + git fetch origin "pull/${cloud_hypervisor_pr}/head:${pr_branch}" || return 1 + git checkout "${pr_branch}" + git rebase "origin/${cloud_hypervisor_pull_ref_branch}" - git log --oneline main~1..HEAD - else - git fetch || true - git checkout "${cloud_hypervisor_version}" - fi + git log --oneline main~1..HEAD + else + git fetch || true + git checkout "${cloud_hypervisor_version}" + fi - if [ -n "${features}" ]; then - info "Build cloud-hypervisor enabling the following features: ${features}" - ./scripts/dev_cli.sh build --release --libc musl --features "${features}" - else - ./scripts/dev_cli.sh build --release --libc musl - fi - rm -f cloud-hypervisor - cp build/cargo_target/$(uname -m)-unknown-linux-musl/release/cloud-hypervisor . - popd + if [ -n "${features}" ]; then + info "Build cloud-hypervisor enabling the following features: ${features}" + ./scripts/dev_cli.sh build --release --libc musl --features "${features}" + else + ./scripts/dev_cli.sh build --release --libc musl + fi + rm -f cloud-hypervisor + cp build/cargo_target/$(uname -m)-unknown-linux-musl/release/cloud-hypervisor . + popd } if [ "${ARCH}" == "aarch64" ]; then - info "aarch64 binaries are not distributed as part of the Cloud Hypervisor releases, forcing to build from source" - force_build_from_source="true" + info "aarch64 binaries are not distributed as part of the Cloud Hypervisor releases, forcing to build from source" + force_build_from_source="true" fi if [ -n "${features}" ]; then - info "As an extra build argument has been passed to the script, forcing to build from source" - force_build_from_source="true" + info "As an extra build argument has been passed to the script, forcing to build from source" + force_build_from_source="true" fi if [ "${force_build_from_source}" == "true" ]; then - info "Build cloud-hypervisor from source as it's been request via the force_build_from_source flag" - build_clh_from_source + info "Build cloud-hypervisor from source as it's been request via the force_build_from_source flag" + build_clh_from_source else - pull_clh_released_binary || - (info "Failed to pull cloud-hypervisor released binary, trying to build from source" && build_clh_from_source) + pull_clh_released_binary || + (info "Failed to pull cloud-hypervisor released binary, trying to build from source" && build_clh_from_source) fi