diff --git a/src/tools/agent-ctl/Cargo.lock b/src/tools/agent-ctl/Cargo.lock index 513594dabe..7ecbd1ac05 100644 --- a/src/tools/agent-ctl/Cargo.lock +++ b/src/tools/agent-ctl/Cargo.lock @@ -263,12 +263,6 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" -[[package]] -name = "bitflags" -version = "2.5.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf4b9d6a944f767f8e5e0db018570623c85f3d925ac718db4e06d0187adb21c1" - [[package]] name = "bitmask-enum" version = "2.1.0" @@ -384,6 +378,16 @@ version = "1.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" +[[package]] +name = "bytes" +version = "0.4.12" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "206fdffcfa2df7cbe15601ef46c813fce0965eb3286db6b56c583b814b51c81c" +dependencies = [ + "byteorder", + "iovec", +] + [[package]] name = "bytes" version = "1.4.0" @@ -396,7 +400,7 @@ version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fbdc32a78afc325d71a48d13084f1c3ddf67cc5dc06c6e5439a8630b14612cad" dependencies = [ - "bitflags 1.3.2", + "bitflags", "cfg-if 1.0.0", "libc", ] @@ -471,8 +475,8 @@ checksum = "a0610544180c38b88101fecf2dd634b174a62eef6946f84dfc6a7127512b381c" dependencies = [ "ansi_term", "atty", - "bitflags 1.3.2", - "strsim", + "bitflags", + "strsim 0.8.0", "textwrap", "unicode-width", "vec_map", @@ -589,8 +593,18 @@ version = "0.14.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7b750cb3417fd1b327431a470f388520309479ab0bf5e323505daf0290cd3850" dependencies = [ - "darling_core", - "darling_macro", + "darling_core 0.14.4", + "darling_macro 0.14.4", +] + +[[package]] +name = "darling" +version = "0.20.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83b2eb4d90d12bdda5ed17de686c2acb4c57914f8f921b8da7e112b5a36f3fe1" +dependencies = [ + "darling_core 0.20.9", + "darling_macro 0.20.9", ] [[package]] @@ -606,17 +620,42 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "darling_core" +version = "0.20.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "622687fe0bac72a04e5599029151f5796111b90f1baaa9b544d807a5e31cd120" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim 0.11.1", + "syn 2.0.18", +] + [[package]] name = "darling_macro" version = "0.14.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a4aab4dbc9f7611d8b55048a3a16d2d010c2c8334e46304b40ac1cc14bf3b48e" dependencies = [ - "darling_core", + "darling_core 0.14.4", "quote", "syn 1.0.109", ] +[[package]] +name = "darling_macro" +version = "0.20.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "733cabb43482b1a1b53eee8583c2b9e8684d592215ea83efd305dd31bc2f0178" +dependencies = [ + "darling_core 0.20.9", + "quote", + "syn 2.0.18", +] + [[package]] name = "derivative" version = "2.2.0" @@ -639,6 +678,37 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "derive_builder" +version = "0.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0350b5cb0331628a5916d6c5c0b72e97393b8b6b03b47a9284f4e7f5a405ffd7" +dependencies = [ + "derive_builder_macro", +] + +[[package]] +name = "derive_builder_core" +version = "0.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d48cda787f839151732d396ac69e3473923d54312c070ee21e9effcaa8ca0b1d" +dependencies = [ + "darling 0.20.9", + "proc-macro2", + "quote", + "syn 2.0.18", +] + +[[package]] +name = "derive_builder_macro" +version = "0.20.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "206868b8242f27cecce124c19fd88157fbd0dd334df2587f36417bafbc85097b" +dependencies = [ + "derive_builder_core", + "syn 2.0.18", +] + [[package]] name = "digest" version = "0.10.7" @@ -887,6 +957,18 @@ dependencies = [ "wasi 0.11.0+wasi-snapshot-preview1", ] +[[package]] +name = "getset" +version = "0.1.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e45727250e75cc04ff2846a66397da8ef2b3db8e40e0cef4df67950a07621eb9" +dependencies = [ + "proc-macro-error", + "proc-macro2", + "quote", + "syn 1.0.109", +] + [[package]] name = "gimli" version = "0.29.0" @@ -917,6 +999,12 @@ dependencies = [ "unicode-segmentation", ] +[[package]] +name = "heck" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" + [[package]] name = "hermit-abi" version = "0.1.19" @@ -998,7 +1086,7 @@ version = "0.9.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f8069d3ec154eb856955c1c0fbffefbf5f3c40a104ec912d4797314c1801abff" dependencies = [ - "bitflags 1.3.2", + "bitflags", "futures-core", "inotify-sys", "libc", @@ -1034,6 +1122,15 @@ dependencies = [ "windows-sys 0.48.0", ] +[[package]] +name = "iovec" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b2b3ea6ff95e175473f8ffe6a7eb7c00d054240321b84c57051175fe3c1e075e" +dependencies = [ + "libc", +] + [[package]] name = "itertools" version = "0.10.5" @@ -1071,7 +1168,7 @@ dependencies = [ "libc", "logging", "nix 0.23.2", - "oci", + "oci-spec", "protobuf 3.2.0", "protocols", "rand", @@ -1098,9 +1195,10 @@ dependencies = [ "lazy_static", "libc", "nix 0.24.3", - "oci", + "oci-spec", "once_cell", "rand", + "runtime-spec", "safe-path", "serde", "serde_json", @@ -1121,7 +1219,7 @@ dependencies = [ "glob", "lazy_static", "num_cpus", - "oci", + "oci-spec", "regex", "safe-path", "serde", @@ -1174,9 +1272,9 @@ dependencies = [ [[package]] name = "memchr" -version = "2.5.0" +version = "2.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" +checksum = "78ca9ab1a0babb1e7d5695e3530886289c18cf2f87ec19a575a0abdce112e3a3" [[package]] name = "memoffset" @@ -1196,15 +1294,6 @@ dependencies = [ "autocfg", ] -[[package]] -name = "memoffset" -version = "0.9.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "488016bfae457b036d996092f6cb448677611ce4449e970ceaf42695203f218a" -dependencies = [ - "autocfg", -] - [[package]] name = "miniz_oxide" version = "0.7.3" @@ -1237,7 +1326,7 @@ version = "0.23.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8f3790c00a0150112de0f4cd161e3d7fc4b2d8a5542ffc35f099a2562aecb35c" dependencies = [ - "bitflags 1.3.2", + "bitflags", "cc", "cfg-if 1.0.0", "libc", @@ -1250,7 +1339,7 @@ version = "0.24.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fa52e972a9a719cecb6864fb88568781eb706bac2cd1d4f04a648542dbf78069" dependencies = [ - "bitflags 1.3.2", + "bitflags", "cfg-if 1.0.0", "libc", "memoffset 0.6.5", @@ -1263,7 +1352,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f346ff70e7dbfd675fe90590b92d59ef2de15a8779ae305ebcbfd3f0caf59be4" dependencies = [ "autocfg", - "bitflags 1.3.2", + "bitflags", "cfg-if 1.0.0", "libc", ] @@ -1274,25 +1363,13 @@ version = "0.26.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "598beaf3cc6fdd9a5dfb1630c2800c7acd31df7aaf0f565796fba2b53ca1af1b" dependencies = [ - "bitflags 1.3.2", + "bitflags", "cfg-if 1.0.0", "libc", "memoffset 0.7.1", "pin-utils", ] -[[package]] -name = "nix" -version = "0.27.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2eb04e9c688eff1c89d72b407f168cf79bb9e867a9d3323ed6c01519eb9cc053" -dependencies = [ - "bitflags 2.5.0", - "cfg-if 1.0.0", - "libc", - "memoffset 0.9.1", -] - [[package]] name = "ntapi" version = "0.4.1" @@ -1340,20 +1417,27 @@ dependencies = [ ] [[package]] -name = "oci" -version = "0.1.0" +name = "oci-spec" +version = "0.6.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3f5a3fe998d50101ae009351fec56d88a69f4ed182e11000e711068c2f5abf72" dependencies = [ - "libc", + "derive_builder", + "getset", + "once_cell", + "regex", "serde", - "serde_derive", "serde_json", + "strum", + "strum_macros", + "thiserror", ] [[package]] name = "once_cell" -version = "1.18.0" +version = "1.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" +checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" [[package]] name = "ordered-stream" @@ -1419,7 +1503,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4b2d323e8ca7996b3e23126511a523f7e62924d93ecd5ae73b333815b0eb3dce" dependencies = [ "autocfg", - "bitflags 1.3.2", + "bitflags", "cfg-if 1.0.0", "concurrent-queue", "libc", @@ -1453,6 +1537,7 @@ dependencies = [ "proc-macro-error-attr", "proc-macro2", "quote", + "syn 1.0.109", "version_check", ] @@ -1482,7 +1567,7 @@ version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "de5e2533f59d08fcf364fd374ebda0692a70bd6d7e66ef97f306f45c6c5d8020" dependencies = [ - "bytes", + "bytes 1.4.0", "prost-derive", ] @@ -1492,8 +1577,8 @@ version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "355f634b43cdd80724ee7848f95770e7e70eefa6dcf14fea676216573b8fd603" dependencies = [ - "bytes", - "heck", + "bytes 1.4.0", + "heck 0.3.3", "itertools", "log", "multimap", @@ -1523,7 +1608,7 @@ version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "603bbd6394701d13f3f25aada59c7de9d35a6a5887cfc156181234a44002771b" dependencies = [ - "bytes", + "bytes 1.4.0", "prost", ] @@ -1597,7 +1682,8 @@ dependencies = [ name = "protocols" version = "0.1.0" dependencies = [ - "oci", + "kata-sys-util", + "oci-spec", "protobuf 3.2.0", "serde", "serde_json", @@ -1627,9 +1713,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.28" +version = "1.0.36" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b9ab9c7eadfd8df19006f1cf1a4aed13540ed5cbc047010ece5826e10825488" +checksum = "0fa76aaf39101c457836aec0ce2316dbdc3ab723cdda1c6bd4e6ad4208acaca7" dependencies = [ "proc-macro2", ] @@ -1696,7 +1782,7 @@ version = "0.2.16" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a" dependencies = [ - "bitflags 1.3.2", + "bitflags", ] [[package]] @@ -1705,7 +1791,7 @@ version = "0.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "567664f262709473930a4bf9e51bf2ebf3348f2e748ccc50dea20646858f8f29" dependencies = [ - "bitflags 1.3.2", + "bitflags", ] [[package]] @@ -1721,9 +1807,21 @@ dependencies = [ [[package]] name = "regex" -version = "1.8.3" +version = "1.10.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "81ca098a9821bd52d6b24fd8b10bd081f47d39c22778cafaa75a2857a62c6390" +checksum = "b91213439dad192326a0d7c6ee3955910425f441d7038e0d6933b0aec5c4517f" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata", + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.4.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "38caf58cc5ef2fed281f89292ef23f6365465ed9a41b7a7754eb4e26496c92df" dependencies = [ "aho-corasick", "memchr", @@ -1732,9 +1830,9 @@ dependencies = [ [[package]] name = "regex-syntax" -version = "0.7.2" +version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "436b050e76ed2903236f032a59761c1eb99e1b0aead2c257922771dab1fc8c78" +checksum = "7a66a03ae7c801facd77a29370b4faec201768915ac14a721ba36f20bc9c209b" [[package]] name = "rend" @@ -1753,7 +1851,7 @@ checksum = "527a97cdfef66f65998b5f3b637c26f5a5ec09cc52a3f9932313ac645f4190f5" dependencies = [ "bitvec", "bytecheck", - "bytes", + "bytes 1.4.0", "hashbrown", "ptr_meta", "rend", @@ -1783,6 +1881,16 @@ dependencies = [ "libc", ] +[[package]] +name = "runtime-spec" +version = "0.1.0" +dependencies = [ + "libc", + "serde", + "serde_derive", + "serde_json", +] + [[package]] name = "rust_decimal" version = "1.33.1" @@ -1791,7 +1899,7 @@ checksum = "06676aec5ccb8fc1da723cc8c0f9a46549f21ebb8753d3915c6c41db1e7f1dc4" dependencies = [ "arrayvec", "borsh", - "bytes", + "bytes 1.4.0", "num-traits", "rand", "rkyv", @@ -1811,7 +1919,7 @@ version = "0.37.19" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "acf8729d8542766f1b2cf77eb034d52f40d375bb8b615d0b147089946e16613d" dependencies = [ - "bitflags 1.3.2", + "bitflags", "errno", "io-lifetimes", "libc", @@ -1837,12 +1945,13 @@ dependencies = [ "lazy_static", "libc", "nix 0.24.3", - "oci", + "oci-spec", "path-absolutize", "protobuf 3.2.0", "protocols", "regex", "rlimit", + "runtime-spec", "scan_fmt", "scopeguard", "serde", @@ -1911,7 +2020,7 @@ version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6eb8ec7724e4e524b2492b510e66957fe1a2c76c26a6975ec80823f2439da685" dependencies = [ - "darling_core", + "darling_core 0.14.4", "serde-rename-rule", "syn 1.0.109", ] @@ -1922,7 +2031,7 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "26416dc95fcd46b0e4b12a3758043a229a6914050aaec2e8191949753ed4e9aa" dependencies = [ - "darling", + "darling 0.14.4", "proc-macro2", "quote", "serde-attributes", @@ -2105,6 +2214,31 @@ version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a" +[[package]] +name = "strsim" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" + +[[package]] +name = "strum" +version = "0.26.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8fec0f0aef304996cf250b31b5a10dee7980c85da9d759361292b8bca5a18f06" + +[[package]] +name = "strum_macros" +version = "0.26.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4c6bee85a5a24955dc440386795aa378cd9cf82acd5f764469152d2270e581be" +dependencies = [ + "heck 0.5.0", + "proc-macro2", + "quote", + "rustversion", + "syn 2.0.18", +] + [[package]] name = "subprocess" version = "0.2.9" @@ -2301,7 +2435,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ba4f4a02a7a80d6f274636f0aa95c7e383b912d41fe721a31f29e29698585a4a" dependencies = [ "backtrace", - "bytes", + "bytes 1.4.0", "libc", "mio", "pin-project-lite", @@ -2324,11 +2458,11 @@ dependencies = [ [[package]] name = "tokio-vsock" -version = "0.5.0" +version = "0.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2e336ac4b36df625d5429a735dd5847732fe5f62010e3ce0c50f3705d44730f8" +checksum = "9b33556828911d16e24d8b5d336446b0bf6b4b9bfda52cbdc2fa35b7a2862ebc" dependencies = [ - "bytes", + "bytes 0.4.12", "futures", "libc", "tokio", @@ -2497,12 +2631,12 @@ checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" [[package]] name = "vsock" -version = "0.4.0" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2dfb6e7a74830912f1f4a7655227c9ded1ea4e9136676311fedf54bedb412f35" +checksum = "e32675ee2b3ce5df274c0ab52d19b28789632406277ca26bffee79a8e27dc133" dependencies = [ "libc", - "nix 0.27.1", + "nix 0.23.2", ] [[package]] diff --git a/src/tools/agent-ctl/Cargo.toml b/src/tools/agent-ctl/Cargo.toml index 05489838f8..102f8d5645 100644 --- a/src/tools/agent-ctl/Cargo.toml +++ b/src/tools/agent-ctl/Cargo.toml @@ -13,7 +13,7 @@ license = "Apache-2.0" [dependencies] protocols = { path = "../../libs/protocols", features = ["with-serde"] } rustjail = { path = "../../agent/rustjail" } -oci = { path = "../../libs/oci" } +oci-spec = { version = "0.6.8", features = ["runtime"] } clap = "2.33.0" lazy_static = "1.4.0" diff --git a/src/tools/agent-ctl/src/utils.rs b/src/tools/agent-ctl/src/utils.rs index 59dba46f0f..4b1a537c22 100644 --- a/src/tools/agent-ctl/src/utils.rs +++ b/src/tools/agent-ctl/src/utils.rs @@ -5,23 +5,9 @@ use crate::types::{Config, Options}; use anyhow::{anyhow, Result}; -use oci::{ - Linux as ociLinux, Mount as ociMount, Process as ociProcess, Root as ociRoot, Spec as ociSpec, -}; -use protocols::oci::{ - Box as ttrpcBox, Linux as ttrpcLinux, LinuxBlockIO as ttrpcLinuxBlockIO, - LinuxCPU as ttrpcLinuxCPU, LinuxCapabilities as ttrpcLinuxCapabilities, - LinuxDevice as ttrpcLinuxDevice, LinuxDeviceCgroup as ttrpcLinuxDeviceCgroup, - LinuxHugepageLimit as ttrpcLinuxHugepageLimit, LinuxIDMapping as ttrpcLinuxIDMapping, - LinuxIntelRdt as ttrpcLinuxIntelRdt, LinuxInterfacePriority as ttrpcLinuxInterfacePriority, - LinuxMemory as ttrpcLinuxMemory, LinuxNamespace as ttrpcLinuxNamespace, - LinuxNetwork as ttrpcLinuxNetwork, LinuxPids as ttrpcLinuxPids, - LinuxResources as ttrpcLinuxResources, LinuxSeccomp as ttrpcLinuxSeccomp, - LinuxSeccompArg as ttrpcLinuxSeccompArg, LinuxSyscall as ttrpcLinuxSyscall, - LinuxThrottleDevice as ttrpcLinuxThrottleDevice, LinuxWeightDevice as ttrpcLinuxWeightDevice, - Mount as ttrpcMount, Process as ttrpcProcess, Root as ttrpcRoot, Spec as ttrpcSpec, - User as ttrpcUser, -}; +use oci::{Root as ociRoot, Spec as ociSpec}; +use oci_spec::runtime as oci; +use protocols::oci::{Mount as ttrpcMount, Root as ttrpcRoot, Spec as ttrpcSpec}; use rand::Rng; use serde::de::DeserializeOwned; use slog::{debug, warn}; @@ -251,7 +237,7 @@ fn config_file_from_bundle_dir(bundle_dir: &str) -> Result { } fn root_oci_to_ttrpc(bundle_dir: &str, root: &ociRoot) -> Result { - let root_dir = root.path.clone(); + let root_dir = root.path().clone().display().to_string(); let path = if root_dir.starts_with('/') { root_dir @@ -267,400 +253,20 @@ fn root_oci_to_ttrpc(bundle_dir: &str, root: &ociRoot) -> Result { let ttrpc_root = ttrpcRoot { Path: path, - Readonly: root.readonly, + Readonly: root.readonly().unwrap_or_default(), ..Default::default() }; Ok(ttrpc_root) } -fn process_oci_to_ttrpc(p: &ociProcess) -> ttrpcProcess { - let console_size = match &p.console_size { - Some(s) => { - let mut b = ttrpcBox::new(); - b.set_Width(s.width); - b.set_Height(s.height); - protobuf::MessageField::some(b) - } - None => protobuf::MessageField::none(), - }; - - let oom_score_adj: i64 = match p.oom_score_adj { - Some(s) => s.into(), - None => 0, - }; - - let mut user = ttrpcUser::new(); - user.set_UID(p.user.uid); - user.set_GID(p.user.gid); - user.set_AdditionalGids(p.user.additional_gids.clone()); - - // FIXME: Implement RLimits OCI spec handling (copy from p.rlimits) - //let rlimits = vec![ttrpcPOSIXRlimit::new()]; - let rlimits = Vec::new(); - - let capabilities = match &p.capabilities { - Some(c) => { - let mut gc = ttrpcLinuxCapabilities::new(); - gc.set_Bounding(c.bounding.clone()); - gc.set_Effective(c.effective.clone()); - gc.set_Inheritable(c.inheritable.clone()); - gc.set_Permitted(c.permitted.clone()); - gc.set_Ambient(c.ambient.clone()); - - protobuf::MessageField::some(gc) - } - None => protobuf::MessageField::none(), - }; - - let mut env = Vec::new(); - for pair in &p.env { - env.push(pair.to_string()); - } - - ttrpcProcess { - Terminal: p.terminal, - ConsoleSize: console_size, - User: protobuf::MessageField::some(user), - Args: p.args.clone(), - Env: env, - Cwd: p.cwd.clone(), - Capabilities: capabilities, - Rlimits: rlimits, - NoNewPrivileges: p.no_new_privileges, - ApparmorProfile: p.apparmor_profile.clone(), - OOMScoreAdj: oom_score_adj, - SelinuxLabel: p.selinux_label.clone(), - ..Default::default() - } -} - -fn mount_oci_to_ttrpc(m: &ociMount) -> ttrpcMount { - let mut ttrpc_options = Vec::new(); - for op in &m.options { - ttrpc_options.push(op.to_string()); - } - - ttrpcMount { - destination: m.destination.clone(), - source: m.source.clone(), - type_: m.r#type.clone(), - options: ttrpc_options, - ..Default::default() - } -} - -fn idmaps_oci_to_ttrpc(res: &[oci::LinuxIdMapping]) -> Vec { - let mut ttrpc_idmaps = Vec::new(); - for m in res.iter() { - let mut idmapping = ttrpcLinuxIDMapping::default(); - idmapping.set_HostID(m.host_id); - idmapping.set_ContainerID(m.container_id); - idmapping.set_Size(m.size); - ttrpc_idmaps.push(idmapping); - } - ttrpc_idmaps -} - -fn devices_oci_to_ttrpc(res: &[oci::LinuxDeviceCgroup]) -> Vec { - let mut ttrpc_devices = Vec::new(); - for d in res.iter() { - let mut device = ttrpcLinuxDeviceCgroup::default(); - device.set_Major(d.major.unwrap_or(0)); - device.set_Minor(d.minor.unwrap_or(0)); - device.set_Access(d.access.clone()); - device.set_Type(d.r#type.clone()); - device.set_Allow(d.allow); - ttrpc_devices.push(device); - } - ttrpc_devices -} - -fn memory_oci_to_ttrpc(res: &Option) -> protobuf::MessageField { - let memory = if res.is_some() { - let mem = res.as_ref().unwrap(); - protobuf::MessageField::some(ttrpcLinuxMemory { - Limit: mem.limit.unwrap_or(0), - Reservation: mem.reservation.unwrap_or(0), - Swap: mem.swap.unwrap_or(0), - Kernel: mem.kernel.unwrap_or(0), - KernelTCP: mem.kernel_tcp.unwrap_or(0), - Swappiness: mem.swappiness.unwrap_or(0), - DisableOOMKiller: mem.disable_oom_killer.unwrap_or(false), - ..Default::default() - }) - } else { - protobuf::MessageField::none() - }; - memory -} - -fn cpu_oci_to_ttrpc(res: &Option) -> protobuf::MessageField { - match &res { - Some(s) => { - let mut cpu = ttrpcLinuxCPU::default(); - cpu.set_Shares(s.shares.unwrap_or(0)); - cpu.set_Quota(s.quota.unwrap_or(0)); - cpu.set_Period(s.period.unwrap_or(0)); - cpu.set_RealtimeRuntime(s.realtime_runtime.unwrap_or(0)); - cpu.set_RealtimePeriod(s.realtime_period.unwrap_or(0)); - protobuf::MessageField::some(cpu) - } - None => protobuf::MessageField::none(), - } -} - -fn pids_oci_to_ttrpc(res: &Option) -> protobuf::MessageField { - match &res { - Some(s) => { - let mut b = ttrpcLinuxPids::new(); - b.set_Limit(s.limit); - protobuf::MessageField::some(b) - } - None => protobuf::MessageField::none(), - } -} - -fn hugepage_limits_oci_to_ttrpc(res: &[oci::LinuxHugepageLimit]) -> Vec { - let mut ttrpc_hugepage_limits = Vec::new(); - for h in res.iter() { - let mut hugepage_limit = ttrpcLinuxHugepageLimit::default(); - hugepage_limit.set_Limit(h.limit); - hugepage_limit.set_Pagesize(h.page_size.clone()); - ttrpc_hugepage_limits.push(hugepage_limit); - } - ttrpc_hugepage_limits -} - -fn network_oci_to_ttrpc( - res: &Option, -) -> protobuf::MessageField { - match &res { - Some(s) => { - let mut b = ttrpcLinuxNetwork::new(); - b.set_ClassID(s.class_id.unwrap_or(0)); - let mut priorities = Vec::new(); - for pr in s.priorities.iter() { - let mut lip = ttrpcLinuxInterfacePriority::new(); - lip.set_Name(pr.name.clone()); - lip.set_Priority(pr.priority); - priorities.push(lip); - } - protobuf::MessageField::some(b) - } - None => protobuf::MessageField::none(), - } -} - -fn weight_devices_oci_to_ttrpc(res: &[oci::LinuxWeightDevice]) -> Vec { - let mut ttrpc_weight_devices = Vec::new(); - for dev in res.iter() { - let mut device = ttrpcLinuxWeightDevice::default(); - device.set_Major(dev.blk.major); - device.set_Minor(dev.blk.minor); - let weight: u32 = match dev.weight { - Some(s) => s.into(), - None => 0, - }; - device.set_Weight(weight); - let leaf_weight: u32 = match dev.leaf_weight { - Some(s) => s.into(), - None => 0, - }; - device.set_LeafWeight(leaf_weight); - ttrpc_weight_devices.push(device); - } - ttrpc_weight_devices -} - -fn throttle_devices_oci_to_ttrpc( - res: &[oci::LinuxThrottleDevice], -) -> Vec { - let mut ttrpc_throttle_devices = Vec::new(); - for dev in res.iter() { - let mut device = ttrpcLinuxThrottleDevice::default(); - device.set_Major(dev.blk.major); - device.set_Minor(dev.blk.minor); - device.set_Rate(dev.rate); - ttrpc_throttle_devices.push(device); - } - ttrpc_throttle_devices -} - -fn block_io_oci_to_ttrpc( - res: &Option, -) -> protobuf::MessageField { - match &res { - Some(s) => { - let mut b = ttrpcLinuxBlockIO::new(); - let weight: u32 = match s.weight { - Some(s) => s.into(), - None => 0, - }; - let leaf_weight: u32 = match s.leaf_weight { - Some(s) => s.into(), - None => 0, - }; - - b.set_Weight(weight); - b.set_LeafWeight(leaf_weight); - b.set_WeightDevice(weight_devices_oci_to_ttrpc(&s.weight_device)); - b.set_ThrottleReadBpsDevice(throttle_devices_oci_to_ttrpc(&s.throttle_read_bps_device)); - b.set_ThrottleReadIOPSDevice(throttle_devices_oci_to_ttrpc( - &s.throttle_read_iops_device, - )); - b.set_ThrottleWriteBpsDevice(throttle_devices_oci_to_ttrpc( - &s.throttle_write_bps_device, - )); - b.set_ThrottleWriteIOPSDevice(throttle_devices_oci_to_ttrpc( - &s.throttle_write_iops_device, - )); - protobuf::MessageField::some(b) - } - None => protobuf::MessageField::none(), - } -} - -fn resources_oci_to_ttrpc(res: &oci::LinuxResources) -> ttrpcLinuxResources { - let devices = devices_oci_to_ttrpc(&res.devices); - let memory = memory_oci_to_ttrpc(&res.memory); - let cpu = cpu_oci_to_ttrpc(&res.cpu); - let pids = pids_oci_to_ttrpc(&res.pids); - let hugepage_limits = hugepage_limits_oci_to_ttrpc(&res.hugepage_limits); - let block_io = block_io_oci_to_ttrpc(&res.block_io); - - let network = network_oci_to_ttrpc(&res.network); - ttrpcLinuxResources { - Devices: devices, - Memory: memory, - CPU: cpu, - Pids: pids, - BlockIO: block_io, - HugepageLimits: hugepage_limits, - Network: network, - ..Default::default() - } -} - -fn namespace_oci_to_ttrpc(res: &[oci::LinuxNamespace]) -> Vec { - let mut ttrpc_namespace = Vec::new(); - for n in res.iter() { - let mut ns = ttrpcLinuxNamespace::default(); - ns.set_Path(n.path.clone()); - ns.set_Type(n.r#type.clone()); - ttrpc_namespace.push(ns); - } - ttrpc_namespace -} - -fn linux_devices_oci_to_ttrpc(res: &[oci::LinuxDevice]) -> Vec { - let mut ttrpc_linux_devices = Vec::new(); - for n in res.iter() { - let mut ld = ttrpcLinuxDevice::default(); - ld.set_FileMode(n.file_mode.unwrap_or(0)); - ld.set_GID(n.gid.unwrap_or(0)); - ld.set_UID(n.uid.unwrap_or(0)); - ld.set_Major(n.major); - ld.set_Minor(n.minor); - ld.set_Path(n.path.clone()); - ld.set_Type(n.r#type.clone()); - ttrpc_linux_devices.push(ld); - } - ttrpc_linux_devices -} - -fn seccomp_oci_to_ttrpc(sec: &oci::LinuxSeccomp) -> ttrpcLinuxSeccomp { - let mut ttrpc_seccomp = ttrpcLinuxSeccomp::default(); - let mut ttrpc_arch = Vec::new(); - for a in &sec.architectures { - ttrpc_arch.push(std::string::String::from(a)); - } - ttrpc_seccomp.set_Architectures(ttrpc_arch); - ttrpc_seccomp.set_DefaultAction(sec.default_action.clone()); - let mut ttrpc_flags = Vec::new(); - for f in &sec.flags { - ttrpc_flags.push(std::string::String::from(f)); - } - ttrpc_seccomp.set_Flags(ttrpc_flags); - let mut ttrpc_syscalls = Vec::new(); - for sys in &sec.syscalls { - let mut ttrpc_sys = ttrpcLinuxSyscall::default(); - ttrpc_sys.set_Action(sys.action.clone()); - let mut ttrpc_args = Vec::new(); - for arg in &sys.args { - let mut a = ttrpcLinuxSeccompArg::default(); - a.set_Index(arg.index as u64); - a.set_Op(arg.op.clone()); - a.set_Value(arg.value); - a.set_ValueTwo(arg.value_two); - ttrpc_args.push(a); - } - ttrpc_sys.set_Args(ttrpc_args); - ttrpc_syscalls.push(ttrpc_sys); - } - ttrpc_seccomp.set_Syscalls(ttrpc_syscalls); - ttrpc_seccomp -} -fn intel_rdt_oci_to_ttrpc(ir: &oci::LinuxIntelRdt) -> ttrpcLinuxIntelRdt { - let mut ttrpc_intel_rdt = ttrpcLinuxIntelRdt::default(); - ttrpc_intel_rdt.set_L3CacheSchema(ir.l3_cache_schema.clone()); - ttrpc_intel_rdt -} -fn linux_oci_to_ttrpc(l: &ociLinux) -> ttrpcLinux { - let uid_mappings = idmaps_oci_to_ttrpc(&l.uid_mappings); - let gid_mappings = idmaps_oci_to_ttrpc(&l.gid_mappings); - - let ttrpc_linux_resources = match &l.resources { - Some(s) => { - let b = resources_oci_to_ttrpc(s); - protobuf::MessageField::some(b) - } - None => protobuf::MessageField::none(), - }; - - let ttrpc_namespaces = namespace_oci_to_ttrpc(&l.namespaces); - let ttrpc_linux_devices = linux_devices_oci_to_ttrpc(&l.devices); - let ttrpc_seccomp = match &l.seccomp { - Some(s) => { - let b = seccomp_oci_to_ttrpc(s); - protobuf::MessageField::some(b) - } - None => protobuf::MessageField::none(), - }; - - let ttrpc_intel_rdt = match &l.intel_rdt { - Some(s) => { - let b = intel_rdt_oci_to_ttrpc(s); - protobuf::MessageField::some(b) - } - None => protobuf::MessageField::none(), - }; - - ttrpcLinux { - UIDMappings: uid_mappings, - GIDMappings: gid_mappings, - Sysctl: l.sysctl.clone(), - Resources: ttrpc_linux_resources, - CgroupsPath: l.cgroups_path.clone(), - Namespaces: ttrpc_namespaces, - Devices: ttrpc_linux_devices, - Seccomp: ttrpc_seccomp, - RootfsPropagation: l.rootfs_propagation.clone(), - MaskedPaths: l.masked_paths.clone(), - ReadonlyPaths: l.readonly_paths.clone(), - MountLabel: l.mount_label.clone(), - IntelRdt: ttrpc_intel_rdt, - ..Default::default() - } -} - fn oci_to_ttrpc(bundle_dir: &str, cid: &str, oci: &ociSpec) -> Result { - let process = match &oci.process { - Some(p) => protobuf::MessageField::some(process_oci_to_ttrpc(p)), + let process = match &oci.process() { + Some(p) => protobuf::MessageField::some(p.clone().into()), None => protobuf::MessageField::none(), }; - let root = match &oci.root { + let root = match &oci.root() { Some(r) => { let ttrpc_root = root_oci_to_ttrpc(bundle_dir, r)?; @@ -669,13 +275,14 @@ fn oci_to_ttrpc(bundle_dir: &str, cid: &str, oci: &ociSpec) -> Result None => protobuf::MessageField::none(), }; - let mut mounts = Vec::new(); - for m in &oci.mounts { - mounts.push(mount_oci_to_ttrpc(m)); + let mut mounts: Vec = Vec::new(); + let oci_mounts = oci.mounts().clone().unwrap_or_default(); + for m in oci_mounts { + mounts.push(m.clone().into()); } - let linux = match &oci.linux { - Some(l) => protobuf::MessageField::some(linux_oci_to_ttrpc(l)), + let linux = match &oci.linux() { + Some(l) => protobuf::MessageField::some(l.clone().into()), None => protobuf::MessageField::none(), }; @@ -688,7 +295,7 @@ fn oci_to_ttrpc(bundle_dir: &str, cid: &str, oci: &ociSpec) -> Result let hostname = "".to_string(); let ttrpc_spec = ttrpcSpec { - Version: oci.version.clone(), + Version: oci.version().clone(), Process: process, Root: root, Hostname: hostname, @@ -721,7 +328,7 @@ fn split_uri(uri: &str) -> Result<(String, String)> { } pub fn spec_file_to_string(spec_file: String) -> Result { - let oci_spec = ociSpec::load(&spec_file).map_err(|e| anyhow!(e))?; + let oci_spec = ociSpec::load(spec_file).map_err(|e| anyhow!(e))?; serde_json::to_string(&oci_spec).map_err(|e| anyhow!(e)) }