From 9ef59488d9d7424a9dd6ac44de348e445c7f9944 Mon Sep 17 00:00:00 2001 From: "James O. D. Hunt" Date: Wed, 13 Mar 2024 16:17:07 +0000 Subject: [PATCH] agent: Show features enabled at build time The agent now has a number of optional build-time features that can be enabled. Add details of these features to the following areas: - Version output (`kata-agent --version`) - Announce message (so that the details are always added to the journal at agent startup). - The response message returned by the ttRPC `GetGuestDetails()` API. Fixes: #9285. Signed-off-by: James O. D. Hunt --- src/agent/Cargo.lock | 1 + src/agent/src/features.rs | 22 +++++++++++++++++++ src/agent/src/main.rs | 8 ++++++- src/agent/src/rpc.rs | 2 ++ src/libs/protocols/protos/agent.proto | 3 +++ src/runtime-rs/Cargo.lock | 1 + src/runtime-rs/crates/agent/src/kata/trans.rs | 1 + src/runtime-rs/crates/agent/src/types.rs | 1 + 8 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 src/agent/src/features.rs diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index 990281af38..e7d9801d31 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -1357,6 +1357,7 @@ dependencies = [ "chrono", "common-path", "fail", + "hex", "kata-types", "lazy_static", "libc", diff --git a/src/agent/src/features.rs b/src/agent/src/features.rs new file mode 100644 index 0000000000..c5f1b00e28 --- /dev/null +++ b/src/agent/src/features.rs @@ -0,0 +1,22 @@ +// Copyright (c) 2024 Intel Corporation +// +// SPDX-License-Identifier: Apache-2.0 +// + +// Returns a sorted list of optional features enabled at agent build time. +pub fn get_build_features() -> Vec { + let features: Vec<&str> = vec![ + #[cfg(feature = "agent-policy")] + "agent-policy", + #[cfg(feature = "seccomp")] + "seccomp", + #[cfg(feature = "standard-oci-runtime")] + "standard-oci-runtime", + ]; + + let mut sorted: Vec = features.into_iter().map(String::from).collect(); + + sorted.sort(); + + sorted +} diff --git a/src/agent/src/main.rs b/src/agent/src/main.rs index 1b7324e549..31482eb25b 100644 --- a/src/agent/src/main.rs +++ b/src/agent/src/main.rs @@ -38,6 +38,7 @@ use tracing::{instrument, span}; mod config; mod console; mod device; +mod features; mod linux_abi; mod metrics; mod mount; @@ -121,11 +122,14 @@ enum SubCommand { #[instrument] fn announce(logger: &Logger, config: &AgentConfig) { + let extra_features = features::get_build_features(); + info!(logger, "announce"; "agent-commit" => version::VERSION_COMMIT, "agent-version" => version::AGENT_VERSION, "api-version" => version::API_VERSION, "config" => format!("{:?}", config), + "extra-features" => format!("{extra_features:?}"), ); } @@ -293,8 +297,10 @@ fn main() -> std::result::Result<(), Box> { let args = AgentOpts::parse(); if args.version { + let extra_features = features::get_build_features(); + println!( - "{} version {} (api version: {}, commit version: {}, type: rust)", + "{} version {} (api version: {}, commit version: {}, type: rust, extra-features: {extra_features:?})", NAME, version::AGENT_VERSION, version::API_VERSION, diff --git a/src/agent/src/rpc.rs b/src/agent/src/rpc.rs index 0068eb9292..bd760db941 100644 --- a/src/agent/src/rpc.rs +++ b/src/agent/src/rpc.rs @@ -53,6 +53,7 @@ use nix::unistd::{self, Pid}; use rustjail::process::ProcessOperations; use crate::device::{add_devices, get_virtio_blk_pci_device_name, update_env_pci}; +use crate::features::get_build_features; use crate::linux_abi::*; use crate::metrics::get_metrics; use crate::mount::baremount; @@ -1563,6 +1564,7 @@ fn get_agent_details() -> AgentDetails { detail.device_handlers = Vec::new(); detail.storage_handlers = STORAGE_HANDLERS.get_handlers(); + detail.extra_features = get_build_features(); detail } diff --git a/src/libs/protocols/protos/agent.proto b/src/libs/protocols/protos/agent.proto index ff44a46f81..f40794f4b6 100644 --- a/src/libs/protocols/protos/agent.proto +++ b/src/libs/protocols/protos/agent.proto @@ -417,6 +417,9 @@ message AgentDetails { // Set only if the agent is built with seccomp support and the guest // environment supports seccomp. bool supports_seccomp = 5; + + // List of additional features enabled at agent build time. + repeated string extra_features = 6; } message GuestDetailsRequest { diff --git a/src/runtime-rs/Cargo.lock b/src/runtime-rs/Cargo.lock index 06791f5915..971b92e358 100644 --- a/src/runtime-rs/Cargo.lock +++ b/src/runtime-rs/Cargo.lock @@ -3690,6 +3690,7 @@ dependencies = [ "hyperlocal", "kata-sys-util", "kata-types", + "nix 0.24.3", "tokio", ] diff --git a/src/runtime-rs/crates/agent/src/kata/trans.rs b/src/runtime-rs/crates/agent/src/kata/trans.rs index 24fdda492f..bb2aa72504 100644 --- a/src/runtime-rs/crates/agent/src/kata/trans.rs +++ b/src/runtime-rs/crates/agent/src/kata/trans.rs @@ -747,6 +747,7 @@ impl From for AgentDetails { device_handlers: trans_vec(src.device_handlers), storage_handlers: trans_vec(src.storage_handlers), supports_seccomp: src.supports_seccomp, + extra_features: trans_vec(src.extra_features), } } } diff --git a/src/runtime-rs/crates/agent/src/types.rs b/src/runtime-rs/crates/agent/src/types.rs index bd7b9ff10a..5cdccbc6ee 100644 --- a/src/runtime-rs/crates/agent/src/types.rs +++ b/src/runtime-rs/crates/agent/src/types.rs @@ -527,6 +527,7 @@ pub struct AgentDetails { pub device_handlers: Vec, pub storage_handlers: Vec, pub supports_seccomp: bool, + pub extra_features: Vec, } #[derive(PartialEq, Clone, Default)]