runtime-rs: Merge branch 'main' into runtime-rs-merge-main-1

To keep runtime-rs up to date, we will merge main into runtime-rs every week. Fixes: #4790 Signed-off-by: Zhongtao Hu <zhongtaohu.tim@linux.alibaba.com>
2025-09-19 15:58:25 +00:00 · 2022-08-02 10:46:42 +08:00
parent 993ae24080 7503bdab6e
commit 9803393f2f
11 changed files with 134 additions and 20 deletions
--- a/src/agent/rustjail/src/mount.rs
+++ b/src/agent/rustjail/src/mount.rs
@@ -780,7 +780,7 @@ fn mount_from(
            Path::new(&dest).parent().unwrap()
        };
-        let _ = fs::create_dir_all(&dir).map_err(|e| {
+        fs::create_dir_all(&dir).map_err(|e| {
            log_child!(
                cfd_log,
                "create dir {}: {}",
--- a/src/agent/src/main.rs
+++ b/src/agent/src/main.rs
@@ -209,7 +209,7 @@ async fn real_main() -> std::result::Result<(), Box<dyn std::error::Error>> {
    if config.log_level == slog::Level::Trace {
        // Redirect ttrpc log calls to slog iff full debug requested
-        ttrpc_log_guard = Ok(slog_stdlog::init().map_err(|e| e)?);
+        ttrpc_log_guard = Ok(slog_stdlog::init()?);
    }
    if config.tracing {
--- a/src/libs/logging/src/lib.rs
+++ b/src/libs/logging/src/lib.rs
@@ -545,13 +545,13 @@ mod tests {
            let msg = format!("test[{}]", i);
            // Create a writer for the logger drain to use
-            let writer = NamedTempFile::new()
+            let writer =
-                .unwrap_or_else(|_| panic!("{:}: failed to create tempfile", msg));
+                NamedTempFile::new().unwrap_or_else(|_| panic!("{:}: failed to create tempfile", msg));
            // Used to check file contents before the temp file is unlinked
            let mut writer_ref = writer
                .reopen()
-                .unwrap_or_else(|e| panic!("{:?}: failed to clone tempfile, {}", msg, e));
+                .unwrap_or_else(|_| panic!("{:?}: failed to clone tempfile", msg));
            let (logger, logger_guard) = create_logger(name, source, d.slog_level, writer);
@@ -565,11 +565,11 @@ mod tests {
            let mut contents = String::new();
            writer_ref
                .read_to_string(&mut contents)
-                .unwrap_or_else(|e| panic!("{:?}: failed to read tempfile contents, {}", msg, e));
+                .unwrap_or_else(|_| panic!("{:?}: failed to read tempfile contents", msg));
            // Convert file to JSON
            let fields: Value = serde_json::from_str(&contents)
-                .unwrap_or_else(|e| panic!("{:?}: failed to convert logfile to json, {}", msg, e));
+                .unwrap_or_else(|_| panic!("{:?}: failed to convert logfile to json", msg));
            // Check the expected JSON fields
--- a/src/tools/agent-ctl/src/main.rs
+++ b/src/tools/agent-ctl/src/main.rs
@@ -163,7 +163,7 @@ fn connect(name: &str, global_args: clap::ArgMatches) -> Result<()> {
    let (logger, _guard) = logging::create_logger(name, crate_name!(), log_level, writer);
    let timeout_nano: i64 = match args.value_of("timeout") {
-        Some(t) => utils::human_time_to_ns(t).map_err(|e| e)?,
+        Some(t) => utils::human_time_to_ns(t)?,
        None => 0,
    };
--- a/src/tools/agent-ctl/src/utils.rs
+++ b/src/tools/agent-ctl/src/utils.rs
@@ -684,7 +684,7 @@ fn oci_to_ttrpc(bundle_dir: &str, cid: &str, oci: &ociSpec) -> Result<ttrpcSpec>
    let root = match &oci.root {
        Some(r) => {
-            let ttrpc_root = root_oci_to_ttrpc(bundle_dir, r).map_err(|e| e)?;
+            let ttrpc_root = root_oci_to_ttrpc(bundle_dir, r)?;
            protobuf::SingularPtrField::some(ttrpc_root)
        }
--- a/src/tools/runk/src/commands/delete.rs
+++ b/src/tools/runk/src/commands/delete.rs
@@ -72,13 +72,10 @@ pub async fn run(opts: Delete, root: &Path, logger: &Logger) -> Result<()> {
        }
        _ => {
            if opts.force {
-                match kill(Pid::from_raw(status.pid), Some(Signal::SIGKILL)) {
+                if let Err(errno) = kill(Pid::from_raw(status.pid), Some(Signal::SIGKILL)) {
-                    Err(errno) => {
+                    if errno != Errno::ESRCH {
-                        if errno != Errno::ESRCH {
+                        return Err(anyhow!("{}", errno));
                            return Err(anyhow!("{}", errno));
                        }
                    }
                    Ok(()) => {}
                }
                destroy_container(&status)?;
            } else {
--- a/src/tools/runk/src/commands/list.rs
+++ b/src/tools/runk/src/commands/list.rs
@@ -9,6 +9,7 @@ use libcontainer::status::{get_current_container_state, Status};
 use liboci_cli::List;
 use oci::ContainerState;
 use slog::{info, Logger};
 use std::fmt::Write as _;
 use std::{fs, os::unix::prelude::MetadataExt, path::Path};
 use std::{io, io::Write};
 use tabwriter::TabWriter;
@@ -48,15 +49,16 @@ pub fn run(_: List, root: &Path, logger: &Logger) -> Result<()> {
            Some(user) => String::from(user.name().to_string_lossy()),
            None => format!("#{}", metadata.uid()),
        };
-        content.push_str(&format!(
+        let _ = writeln!(
-            "{}\t{}\t{}\t{}\t{}\t{}\n",
+            content,
            "{}\t{}\t{}\t{}\t{}\t{}",
            container_id,
            pid,
            get_container_state_name(state),
            status.bundle.display(),
            status.created,
            owner
-        ));
+        );
    }
    let mut tab_writer = TabWriter::new(io::stdout());
--- a/tools/packaging/static-build/td-shim/Dockerfile
+++ b/tools/packaging/static-build/td-shim/Dockerfile
@@ -0,0 +1,23 @@
 # Copyright (c) 2022 Intel
 #
 # SPDX-License-Identifier: Apache-2.0
 FROM ubuntu:20.04
 ENV DEBIAN_FRONTEND=noninteractive
 SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 ARG RUST_TOOLCHAIN
 RUN apt-get update && \
    apt-get install -y --no-install-recommends \
        ca-certificates \
        clang \
        curl \
        gcc \
        git \
        llvm \
        nasm && \
    apt-get clean && rm -rf /var/lib/lists/ && \
    curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain ${RUST_TOOLCHAIN} && \
    source "$HOME/.cargo/env" && \
    rustup component add rust-src && \
    cargo install cargo-xbuild
--- a/tools/packaging/static-build/td-shim/build-td-shim.sh
+++ b/tools/packaging/static-build/td-shim/build-td-shim.sh
@@ -0,0 +1,41 @@
 #!/bin/bash
 #
 # Copyright (c) 2022 Intel
 #
 # SPDX-License-Identifier: Apache-2.0
 set -o errexit
 set -o nounset
 set -o pipefail
 script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 source "${script_dir}/../../scripts/lib.sh"
 tdshim_repo="${tdshim_repo:-}"
 DESTDIR=${DESTDIR:-${PWD}}
 PREFIX="${PREFIX:-/opt/kata}"
 [ -n "${tdshim_repo}" ] || die "Failed to get TD-shim repo"
 [ -n "${tdshim_version}" ] || die "Failed to get TD-shim version or commit"
 info "Build ${tdshim_repo} version: ${tdshim_version}"
 source ${HOME}/.cargo/env
 build_root=$(mktemp -d)
 pushd ${build_root}
 git clone --single-branch "${tdshim_repo}"
 pushd td-shim
 git checkout "${tdshim_version}"
 bash sh_script/build_final.sh boot_kernel
 install_dir="${DESTDIR}/${PREFIX}/share/td-shim"
 mkdir -p ${install_dir}
 install target/x86_64-unknown-uefi/release/final-boot-kernel.bin ${install_dir}/td-shim.bin
 popd #td-shim
 popd #${build_root}
 pushd ${DESTDIR}
 tar -czvf "td-shim.tar.gz" "./$PREFIX"
 rm -rf $(dirname ./$PREFIX)
 popd #${DESTDIR}
--- a/tools/packaging/static-build/td-shim/build.sh
+++ b/tools/packaging/static-build/td-shim/build.sh
@@ -0,0 +1,45 @@
 #!/usr/bin/env bash
 #
 # Copyright (c) 2022 Intel
 #
 # SPDX-License-Identifier: Apache-2.0
 set -o errexit
 set -o nounset
 set -o pipefail
 script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 readonly repo_root_dir="$(cd "${script_dir}/../../../.." && pwd)"
 readonly tdshim_builder="${script_dir}/build-td-shim.sh"
 source "${script_dir}/../../scripts/lib.sh"
 DESTDIR=${DESTDIR:-${PWD}}
 PREFIX=${PREFIX:-/opt/kata}
 container_image="kata-td-shim-builder"
 kata_version="${kata_version:-}"
 tdshim_repo="${tdshim_repo:-}"
 tdshim_version="${tdshim_version:-}"
 tdshim_toolchain="${tdshim_toolchain:-}"
 package_output_dir="${package_output_dir:-}"
 [ -n "${tdshim_repo}" ] || tdshim_repo=$(get_from_kata_deps "externals.td-shim.url" "${kata_version}")
 [ -n "${tdshim_version}" ] || tdshim_version=$(get_from_kata_deps "externals.td-shim.version" "${kata_version}")
 [ -n "${tdshim_toolchain}" ] || tdshim_toolchain=$(get_from_kata_deps "externals.td-shim.toolchain" "${kata_version}")
 [ -n "${tdshim_repo}" ] || die "Failed to get TD-shim repo"
 [ -n "${tdshim_version}" ] || die "Failed to get TD-shim version or commit"
 [ -n "${tdshim_toolchain}" ] || die "Failed to get TD-shim toolchain to be used to build the project"
 sudo docker build \
 	--build-arg RUST_TOOLCHAIN="${tdshim_toolchain}" \
 	-t "${container_image}" "${script_dir}"
 sudo docker run --rm -i -v "${repo_root_dir}:${repo_root_dir}" \
 	-w "${PWD}" \
 	--env DESTDIR="${DESTDIR}" \
 	--env PREFIX="${PREFIX}" \
 	--env tdshim_repo="${tdshim_repo}" \
 	--env tdshim_version="${tdshim_version}" \
 	"${container_image}" \
 	bash -c "${tdshim_builder}"
--- a/versions.yaml
+++ b/versions.yaml
@@ -262,6 +262,12 @@ externals:
      package: "OvmfPkg/AmdSev/AmdSevX64.dsc"
      package_output_dir: "AmdSev"
  td-shim:
    description: "Confidential Containers Shim Firmware"
    url: "https://github.com/confidential-containers/td-shim"
    version: "5f62a0e367b1845a54e534d103ed4a697a599ac3"
    toolchain: "nightly-2022-04-07"
  virtiofsd:
    description: "vhost-user virtio-fs device backend written in Rust"
    url: "https://gitlab.com/virtio-fs/virtiofsd"
@@ -294,12 +300,12 @@ languages:
  rust:
    description: "Rust language"
    notes: "'version' is the default minimum version used by this project."
-    version: "1.58.1"
+    version: "1.62.0"
    meta:
      description: |
        'newest-version' is the latest version known to work when
        building Kata
-      newest-version: "1.58.1"
+      newest-version: "1.62.0"
  golangci-lint:
    description: "golangci-lint"