There maybe a bug in the 1.43.1 cargo, so we need install rust back
to 1.42.0 to avoid the failure when make the rust agent using the latest
rust.
Fixes: #202
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
It's better to check whether the sandbox's get_container
result instead of unwrap it directly, otherwise it would
crash the agent if the conainer id is invalid.
Fixes: #178
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
When kill a process, if the exec id is empty, then
it means to kill all processes in the container, if
the exec id isn't empty, then it will only kill the
specific exec process.
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
Add the container id and exec id to start container's log
which would make it clearly to check the log.
Fixes: #173
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
In the previous implementation, create a container process
by forking the parent process as the container process,
and then at the forked child process do much more setting,
such as rootfs mounting, drop capabilities and so on, at
last exec the container entry cmd to switch into container
process.
But since the parent is a muti thread process, which would
cause a dead lock in the forked child. For example, if one
of the parent process's thread do some malloc operation, which
would take a mutex lock, and at the same time, the parent forked
a child process, since the mutex lock status would be inherited
by the child process but there's no chance to release the lock
in the child since the child process only has a single thread
which would meet a dead lock if it would do some malloc operation.
Thus, the new implementation would do exec directly after forked
and then do the setting in the exec process. Of course, this requred
a data communication between parent and child since the child cannot
depends on the shared memory by fork way.
Fixes: #166Fixes: #133
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
Adds a cmdline option to configure the stdout/stderr pipe sizes.
Uses `F_SETPIPE_SZ` to resize the write side of the pipe after
creation.
Example Cmdline option: `agent.container_pipe_size=2097152`
fixes#152
Signed-off-by: Alex Price <aprice@atlassian.com>
I add another sub-command `build-service` in Makefile to
generate rust-agent-related systemd service files, which
are necessary for building guest rootfs image.
The whole design is following the one in go-agent.
Fixes: #144
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
It's better to catch the error of couldn't find the process
in tty_win_resize service, other wise, an invalid process id
could crash the agent.
Fixes: #137
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
This reverts commit a3e46a369f.
There is still problem with static link, built binary will
segmentfault on clearlinux. So revert this patch for now.
Depends-on: github.com/kata-containers/tests#2293
Fixes: #69
Signed-off-by: Yang Bo <bo@hyper.sh>
Since the codes in logging.rs is weakly related to the project,
separating it from the project will reduce coupling and make it reusable.
Fixes: #131
Signed-off-by: Tim Zhang <tim@hyper.sh>
It should restore to it's previous cwd after it
create container in which it would change it's
cwd to container's bundle path.
Fixes: #126
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
To check is the oci spec passed in, other wise,
it would crash the agent unwrap it directly.
Fixes: #124
Signed-off-by: fupan.lfp <fupan.lfp@antfin.com>
add oci compatibility test case for src/agent/oci/src/lib.rs
follow by Open Container Initiative Runtime Specification
Fixes: #118
Signed-off-by: quanweiZhou <quanweiZhou@linux.alibaba.com>
When using default cc linker, we will have segfault.
Debugging with `rust-gdb`, the specific error is as follows:
src/string/memcpy.c: No such file or directory.
Only changing linker with `aarch64-linux-musl-gcc`, the
`rust-agent` could be totally statically linked and run successfully.
Fixes: #107
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
The __addtf3, __subtf3 and __multf3 symbols are used by aarch64-musl,
but are not provided by rust compiler-builtins.
For now, the only temporary but functional workaround accepted by rust
communities is to get them from libgcc.
Fixes: #107
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
These are the unit tests for the sandbox struct. This is the summary
of the most important changes:
- To test containers it was needed to create a `LinuxContainer` type
and this requires root privileges. So, some tests now requires root
user to be run.
- There was a bug in the `unset_sandbox_storage` method. The return
type was wrapped in a `Result` to avoid this problem.
Fixes: #50
Signed-off-by: Erich Cordoba <erich.cordoba.malibran@intel.com>
1) pass reference instead of value when possible.
2) simplify code.
3) rename get_device_pci_address() as get_pci_device_address() to keep
consistency get_pci_device_name().
4) refine get_device_name() for maintenance.
Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
Function set_sandbox_storage() is designed to return true when the
reference count drops from 1 to 0. But current implementation always
return true no matter the reference count is, which may cause removing
an in use mountpoint.
Fixes: #88
Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
Refine uevent.rs for better maintenance:
1) use dedicated function to handle uevents.
2) use dedicated function to handle blk add events.
Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
Improve loger implementation by:
1) avoid unnecessary clone() operations.
2) change Arc<Mutex<slog::Level>> to Mutex<slog::Level>. We should use
atomic<usize> instead of Mutex<slog::Level> for better performance here.
But with slog_async::Async drainer in the pipeline, RuntimeLevelFilter
drainer will only get from a single-thread context, so keep it as is.
3) minor syntax cleanups.
Signed-off-by: Liu Jiang <gerry@linux.alibaba.com>
It's should use string.eq() to match option's
key words exactly instead of using string.starts_with()
for single key options and for "key=value" options it's
bettet to match "key=" instead of "key" with string.starts_with()
which would match wrongly such as passed options "agent.log_vsock"
which would match "agent.log" with string.starts_with()
and trigger parsing issues.
Fixes: #96
Signed-off-by: lifupan <lifupan@gmail.com>
When call "C" func directly, it's needed to change the string to
CString. To avoid using the unsafe calling, replace it with the
rust safe function to set mode for a file/dir.
Signed-off-by: lifupan <lifupan@gmail.com>
