diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index 66e91d96e3..75c4cc0fd5 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -276,14 +276,15 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "cgroups-rs" -version = "0.2.10" +version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf5525f2cf84d5113ab26bfb6474180eb63224b4b1e4be31ee87be4098f11399" +checksum = "4b97b639839204a6eb727ffbbd68e1dcfc55488c3a26cb0cda1d662b7a186e79" dependencies = [ "libc", "log", - "nix 0.24.2", + "nix 0.25.1", "regex", + "thiserror", ] [[package]] @@ -896,9 +897,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.126" +version = "0.2.139" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "349d5a591cd28b49e1d1037471617a32ddcda5731b99419008085f72d5a53836" +checksum = "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79" [[package]] name = "libseccomp" @@ -1102,6 +1103,18 @@ dependencies = [ "memoffset", ] +[[package]] +name = "nix" +version = "0.25.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f346ff70e7dbfd675fe90590b92d59ef2de15a8779ae305ebcbfd3f0caf59be4" +dependencies = [ + "autocfg", + "bitflags", + "cfg-if 1.0.0", + "libc", +] + [[package]] name = "num-integer" version = "0.1.45" diff --git a/src/agent/Cargo.toml b/src/agent/Cargo.toml index 042c9579e7..1c391492c8 100644 --- a/src/agent/Cargo.toml +++ b/src/agent/Cargo.toml @@ -51,7 +51,7 @@ log = "0.4.11" prometheus = { version = "0.13.0", features = ["process"] } procfs = "0.12.0" anyhow = "1.0.32" -cgroups = { package = "cgroups-rs", version = "0.2.10" } +cgroups = { package = "cgroups-rs", version = "0.3.0" } # Tracing tracing = "0.1.26" diff --git a/src/agent/rustjail/Cargo.toml b/src/agent/rustjail/Cargo.toml index 25511157d4..4d60c11dc1 100644 --- a/src/agent/rustjail/Cargo.toml +++ b/src/agent/rustjail/Cargo.toml @@ -25,7 +25,7 @@ scan_fmt = "0.2.6" regex = "1.5.6" path-absolutize = "1.2.0" anyhow = "1.0.32" -cgroups = { package = "cgroups-rs", version = "0.2.10" } +cgroups = { package = "cgroups-rs", version = "0.3.0" } rlimit = "0.5.3" cfg-if = "0.1.0" diff --git a/src/agent/rustjail/src/cgroups/fs/mod.rs b/src/agent/rustjail/src/cgroups/fs/mod.rs index 55f657afe9..f9a7b845d2 100644 --- a/src/agent/rustjail/src/cgroups/fs/mod.rs +++ b/src/agent/rustjail/src/cgroups/fs/mod.rs @@ -76,7 +76,7 @@ macro_rules! set_resource { impl CgroupManager for Manager { fn apply(&self, pid: pid_t) -> Result<()> { - self.cgroup.add_task(CgroupPid::from(pid as u64))?; + self.cgroup.add_task_by_tgid(CgroupPid::from(pid as u64))?; Ok(()) } @@ -236,7 +236,7 @@ impl CgroupManager for Manager { .unwrap() .trim_start_matches(root_path.to_str().unwrap()); info!(sl!(), "updating cpuset for parent path {:?}", &r_path); - let cg = new_cgroup(cgroups::hierarchies::auto(), r_path); + let cg = new_cgroup(cgroups::hierarchies::auto(), r_path)?; let cpuset_controller: &CpuSetController = cg.controller_of().unwrap(); cpuset_controller.set_cpus(guest_cpuset)?; } @@ -1023,9 +1023,9 @@ pub fn get_mounts(paths: &HashMap) -> Result, path: &str) -> Cgroup { +fn new_cgroup(h: Box, path: &str) -> Result { let valid_path = path.trim_start_matches('/').to_string(); - cgroups::Cgroup::new(h, valid_path.as_str()) + cgroups::Cgroup::new(h, valid_path.as_str()).map_err(anyhow::Error::from) } impl Manager { @@ -1047,12 +1047,14 @@ impl Manager { m.insert(key.to_string(), p); } + let cg = new_cgroup(cgroups::hierarchies::auto(), cpath)?; + Ok(Self { paths: m, mounts, // rels: paths, cpath: cpath.to_string(), - cgroup: new_cgroup(cgroups::hierarchies::auto(), cpath), + cgroup: cg, }) } } diff --git a/src/libs/kata-sys-util/Cargo.toml b/src/libs/kata-sys-util/Cargo.toml index fffaa676e8..a4b67e2c09 100644 --- a/src/libs/kata-sys-util/Cargo.toml +++ b/src/libs/kata-sys-util/Cargo.toml @@ -12,7 +12,7 @@ edition = "2018" [dependencies] byteorder = "1.4.3" -cgroups = { package = "cgroups-rs", version = "0.2.7" } +cgroups = { package = "cgroups-rs", version = "0.3.0" } chrono = "0.4.0" common-path = "=1.0.0" fail = "0.5.0" diff --git a/src/runtime-rs/Cargo.lock b/src/runtime-rs/Cargo.lock index ea373c6445..bb43258616 100644 --- a/src/runtime-rs/Cargo.lock +++ b/src/runtime-rs/Cargo.lock @@ -401,14 +401,15 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "cgroups-rs" -version = "0.2.9" +version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cdae996d9638ba03253ffa1c93345a585974a97abbdeab9176c77922f3efc1e8" +checksum = "4b97b639839204a6eb727ffbbd68e1dcfc55488c3a26cb0cda1d662b7a186e79" dependencies = [ "libc", "log", - "nix 0.23.1", + "nix 0.25.1", "regex", + "thiserror", ] [[package]] @@ -1438,9 +1439,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.126" +version = "0.2.139" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "349d5a591cd28b49e1d1037471617a32ddcda5731b99419008085f72d5a53836" +checksum = "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79" [[package]] name = "linux-loader" @@ -1657,6 +1658,18 @@ dependencies = [ "memoffset", ] +[[package]] +name = "nix" +version = "0.25.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f346ff70e7dbfd675fe90590b92d59ef2de15a8779ae305ebcbfd3f0caf59be4" +dependencies = [ + "autocfg", + "bitflags", + "cfg-if 1.0.0", + "libc", +] + [[package]] name = "no-std-compat" version = "0.4.1" diff --git a/src/runtime-rs/crates/resource/Cargo.toml b/src/runtime-rs/crates/resource/Cargo.toml index f1957755c9..98714a7c23 100644 --- a/src/runtime-rs/crates/resource/Cargo.toml +++ b/src/runtime-rs/crates/resource/Cargo.toml @@ -14,7 +14,7 @@ anyhow = "^1.0" async-trait = "0.1.48" bitflags = "1.2.1" byte-unit = "4.0.14" -cgroups-rs = "0.2.9" +cgroups-rs = "0.3.0" futures = "0.3.11" lazy_static = "1.4.0" libc = ">=0.2.39" diff --git a/src/runtime-rs/crates/resource/src/cgroups/mod.rs b/src/runtime-rs/crates/resource/src/cgroups/mod.rs index 7bcb394492..8dbef7f64d 100644 --- a/src/runtime-rs/crates/resource/src/cgroups/mod.rs +++ b/src/runtime-rs/crates/resource/src/cgroups/mod.rs @@ -69,7 +69,7 @@ impl CgroupsResource { // will either hold all the pod threads (sandbox_cgroup_only is true) // or only the virtual CPU ones (sandbox_cgroup_only is false). let hier = cgroups_rs::hierarchies::auto(); - let cgroup_manager = CgroupBuilder::new(&config.path).build(hier); + let cgroup_manager = CgroupBuilder::new(&config.path).build(hier)?; // The shim configuration is requesting that we do not put all threads // into the sandbox resource controller. @@ -77,7 +77,7 @@ impl CgroupsResource { // the vCPU threads will eventually make it there. let overhead_cgroup_manager = if !config.sandbox_cgroup_only { let hier = cgroups_rs::hierarchies::auto(); - Some(CgroupBuilder::new(&config.overhead_path).build(hier)) + Some(CgroupBuilder::new(&config.overhead_path).build(hier)?) } else { None }; @@ -109,7 +109,7 @@ impl CgroupsResource { /// overhead_cgroup_manager to the parent and then delete the cgroups. pub async fn delete(&self) -> Result<()> { for cg_pid in self.cgroup_manager.tasks() { - self.cgroup_manager.remove_task(cg_pid); + self.cgroup_manager.remove_task(cg_pid)?; } self.cgroup_manager @@ -118,7 +118,7 @@ impl CgroupsResource { if let Some(overhead) = self.overhead_cgroup_manager.as_ref() { for cg_pid in overhead.tasks() { - overhead.remove_task(cg_pid); + overhead.remove_task(cg_pid)?; } overhead.delete().context("delete overhead")?; } diff --git a/src/tools/runk/Cargo.lock b/src/tools/runk/Cargo.lock index 6c498c3282..9160ff8620 100644 --- a/src/tools/runk/Cargo.lock +++ b/src/tools/runk/Cargo.lock @@ -233,14 +233,15 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "cgroups-rs" -version = "0.2.10" +version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf5525f2cf84d5113ab26bfb6474180eb63224b4b1e4be31ee87be4098f11399" +checksum = "4b97b639839204a6eb727ffbbd68e1dcfc55488c3a26cb0cda1d662b7a186e79" dependencies = [ "libc", "log", - "nix 0.24.2", + "nix 0.25.1", "regex", + "thiserror", ] [[package]] @@ -1000,6 +1001,18 @@ dependencies = [ "memoffset", ] +[[package]] +name = "nix" +version = "0.25.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f346ff70e7dbfd675fe90590b92d59ef2de15a8779ae305ebcbfd3f0caf59be4" +dependencies = [ + "autocfg", + "bitflags", + "cfg-if 1.0.0", + "libc", +] + [[package]] name = "ntapi" version = "0.3.7" @@ -1529,6 +1542,7 @@ dependencies = [ "slog", "slog-scope", "tokio", + "xattr", "zbus", ] @@ -2142,6 +2156,15 @@ version = "0.36.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680" +[[package]] +name = "xattr" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6d1526bbe5aaeb5eb06885f4d987bcdfa5e23187055de9b83fe00156a821fabc" +dependencies = [ + "libc", +] + [[package]] name = "zbus" version = "2.3.2" diff --git a/src/tools/runk/libcontainer/Cargo.toml b/src/tools/runk/libcontainer/Cargo.toml index 5c92a5b979..83f6a3699d 100644 --- a/src/tools/runk/libcontainer/Cargo.toml +++ b/src/tools/runk/libcontainer/Cargo.toml @@ -20,7 +20,7 @@ chrono = { version = "0.4.19", features = ["serde"] } serde = { version = "1.0.133", features = ["derive"] } serde_json = "1.0.74" scopeguard = "1.1.0" -cgroups = { package = "cgroups-rs", version = "0.2.10" } +cgroups = { package = "cgroups-rs", version = "0.3.0" } procfs = "0.14.0" [dev-dependencies] diff --git a/src/tools/runk/libcontainer/src/utils.rs b/src/tools/runk/libcontainer/src/utils.rs index de4caa5e83..b5e9d83770 100644 --- a/src/tools/runk/libcontainer/src/utils.rs +++ b/src/tools/runk/libcontainer/src/utils.rs @@ -235,7 +235,7 @@ pub(crate) mod test_utils { } pub fn create_dummy_cgroup(cpath: &Path) -> cgroups::Cgroup { - cgroups::Cgroup::new(cgroups::hierarchies::auto(), cpath) + cgroups::Cgroup::new(cgroups::hierarchies::auto(), cpath).unwrap() } pub fn clean_up_cgroup(cpath: &Path) {