Commit Graph

1297 Commits

Author SHA1 Message Date
Steve Horsman
f8c5aa6df6 Merge pull request #11259 from fitzthum/bump-gc-0140
Update Trustee and Guest Components for CoCo v0.14.0
2025-05-20 18:05:17 +01:00
Steve Horsman
711fcd8f51 Merge pull request #11251 from stevenhorsman/rust-vulns-9th-may-2025
Rust vulns 9th may 2025
2025-05-14 09:58:12 +01:00
Zvonko Kaiser
5cc098ae43 Merge pull request #11242 from houstar/qing/safe-path
agent: use safe-path to replace secure_join
2025-05-12 10:58:19 -04:00
Qingyuan Hou
c0ceaf661a agent: use safe-path to replace secure_join
This patch use safe-path library to safely handle filesystem paths.

Signed-off-by: Qingyuan Hou <qingyuan.hou@linux.alibaba.com>
2025-05-12 09:06:55 +00:00
Tobin Feldman-Fitzthum
d714eb2472 agent: update image-rs for CoCo v0.14.0
We might be able to eliminate this dependency soon, but for now let's
update image-rs.

I massaged the dependencies with:

cargo update idna_adapter@1.2.1 --precise 1.2.0
cargo update litemap@0.7.5 --precise 0.7.4
cargo update zerofrom@0.1.6 --precise 0.1.5
cargo update astral-tokio-tar@0.5.2 --precise 0.5.1
cargo update base64ct@1.7.3 --precise 1.6.0
cargo update generic-array@1.2.0 --precise 1.1.1

Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
2025-05-09 13:39:52 -05:00
stevenhorsman
7807e6c29a versions: Bump byte-unit and rust_decimal
Bump the crates to update them and pull in a
newer version of borsh to remediate RUSTSEC-2023-0033

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
2025-05-09 16:09:22 +01:00
stevenhorsman
787198f8bb versions: Update tempfile crate
Update the tempfile crate to resolve security issue
[WS-2023-0045](7247a8b6ee)
that came with the remove_dir_all dependency in prior versions

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
2025-05-09 09:57:28 +01:00
Hyounggyu Choi
a286a5aee8 Merge pull request #11076 from Jakob-Naucke/ap-bind-assoc
Bind/associate for VFIO-AP
2025-05-09 09:32:46 +02:00
RuoqingHe
d4d737a73e Merge pull request #10512 from ncppd/riscv64-agent
agent: Support RISC-V 64-bit architecture
2025-05-07 10:56:10 +08:00
RuoqingHe
4f97e5fed3 Merge pull request #11226 from kata-containers/dependabot/cargo/src/agent/tokio-1.44.2
build(deps): bump tokio from 1.44.0 to 1.44.2
2025-05-06 21:55:18 +08:00
Fabiano Fidêncio
78bf9d7500 Merge pull request #11232 from lifupan/mtu
runtime: add the mtu support for updating routes
2025-05-06 15:55:04 +02:00
stevenhorsman
6030a64f0c build(deps): bump tokio to 1.44.2
Bumps [tokio](https://github.com/tokio-rs/tokio) from to 1.44.2
in all components to resolve the security vuln throughout our repo

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
2025-05-06 11:38:52 +01:00
Nikos Ch. Papadopoulos
0f2c0d38f5 agent: Create pci_root_bus_path for riscv64
`create_pci_root_bus_path` needs to be enabled on riscv64 for agent to
compile and work on those platforms.

Signed-off-by: Nikos Ch. Papadopoulos <ncpapad@cslab.ece.ntua.gr>
2025-05-06 01:48:37 +00:00
ChengyuZhu6
d07b279bf1 agent:storage: Add directory creation support
Implementing directory creation logic in the OverlayfsHandler to process
driver options with the KATA_VOLUME_OVERLAYFS_CREATE_DIR prefix

Signed-off-by: ChengyuZhu6 <hudson@cyzhu.com>
2025-05-05 23:51:44 +02:00
Fupan Li
492329fc02 runtime: add the mtu support for updating routes
Some cni plugins will set the MTU of some routes, such as cilium will
modify the MTU of the default route. If the mtu of the route is not set
correctly, it may cause excessive fragmentation or even packet loss of
network packets. Therefore, this PR adds the setting of the MTU of the
route. First, when obtaining the route, if the MTU is set, the MTU will
also be obtained and set to the route in the guest.

Signed-off-by: Fupan Li <fupan.lfp@antgroup.com>
2025-05-04 23:12:57 +02:00
Fabiano Fidêncio
4ce00ea434 agent: netlink: Only add an ipv6 address if ipv6 is enabled
When running Kata Containers on CSPs, the CSPs may enforce their
clusters to be IPv4-only.

Checking the OCI spec passed down to container, on a GKE cluster, we can
see:
```
    "sysctl": {
      ...
      "net.ipv6.conf.all.disable_ipv6": "1",
      "net.ipv6.conf.default.disable_ipv6": "1",
      ...
    },
```

Even with ipv6 being explicitly disabled (behind our back ;-)), we've
noticed that IPv6 addresses would be received, but then as IPv6 was
disabled we'd break on CreatePodSandbox with the following error:
```
Warning  FailedCreatePodSandBox  4s    kubelet            Failed to
create pod sandbox: rpc error: code = Unknown desc = failed to create
containerd task: failed to create shim task: "update interface: Failed
to add address fe80::c44c:1cff:fe84:f6b7: NetlinkError(ErrorMessage {
code: Some(-13), header: [64, 0, 0, 0, 20, 0, 5, 5, 19, 0, 0, 0, 0, 0,
0, 0, 10, 64, 0, 0, 2, 0, 0, 0, 20, 0, 1, 0, 254, 128, 0, 0, 0, 0, 0, 0,
196, 76, 28, 255, 254, 132, 246, 183, 20, 0, 2, 0, 254, 128, 0, 0, 0, 0,
0, 0, 196, 76, 28, 255, 254, 132, 246, 183] })\n\nStack backtrace:\n
0: <unknown>\n   1: <unknown>\n   2: <unknown>\n   3: <unknown>\n   4:
<unknown>\n   5: <unknown>\n   6: <unknown>\n   7: <unknown>\n   8:
<unknown>\n   9: <unknown>\n  10: <unknown>": unknown
```

A huge shoutout to Fupan Li for helping with the debug on this one!

Fixes: #11200

Signed-off-by: Fabiano Fidêncio <fidencio@northflank.com>
2025-05-02 09:10:45 +02:00
Fabiano Fidêncio
e5cc9acab8 Merge pull request #11175 from kata-containers/dependabot/cargo/src/agent/crossbeam-channel-0.5.15
build(deps): bump crossbeam-channel from 0.5.14 to 0.5.15 in /src/agent
2025-04-29 14:13:25 +02:00
Alex Lyn
8b49564c01 Merge pull request #10610 from Xynnn007/faet-initdata-rbd
Feat | Implement initdata for bare-metal/qemu hypervisor
2025-04-24 09:59:14 +08:00
dependabot[bot]
463fd4eda4 build(deps): bump crossbeam-channel from 0.5.14 to 0.5.15 in /src/agent
Bumps [crossbeam-channel](https://github.com/crossbeam-rs/crossbeam) from 0.5.14 to 0.5.15.
- [Release notes](https://github.com/crossbeam-rs/crossbeam/releases)
- [Changelog](https://github.com/crossbeam-rs/crossbeam/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crossbeam-rs/crossbeam/compare/crossbeam-channel-0.5.14...crossbeam-channel-0.5.15)

---
updated-dependencies:
- dependency-name: crossbeam-channel
  dependency-version: 0.5.15
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-04-23 11:34:14 +00:00
Xynnn007
17d0db9865 agent: add initdata parse logic
Kata-agent now will check if a device /dev/vd* with 'initdata' magic
number exists. If it exists, kata-agent will try to read it. Bytes 9~16
are the length of the compressed initdata toml in little endine.
Bytes starting from 17 is the compressed initdata.

The initdata image device layout looks like

0        8      16    16+length ...         EOF
'initdata'  length gzip(initdata toml) paddings

The initdata will be parsed and put as aa.toml, cdh.toml and
policy.rego to /run/confidential-containers/initdata.

When AgentPolicy is initialized, the default policy will be overwritten
by that.

When AA is to be launched, if initdata is once processed, the launch arg
will include --initdata parameter.

Also, if
/run/confidential-containers/initdata/aa.toml exists, the launch args
will include -c /run/confidential-containers/initdata/aa.toml.

When CDH is to be launched, if initdata is once processed, the launch
args will include -c /run/confidential-containers/initdata/cdh.toml

Signed-off-by: Xynnn007 <xynnn@linux.alibaba.com>
2025-04-10 13:09:51 +08:00
stevenhorsman
6603cf7872 agent: Update vsock-exporter to use workspace settings
To reduce duplication, we could update
the vsock-exporter crate to use settings and versions
 from the agent, where applicable.
> [!NOTE]
> In order to use the workspace, this has bumped some crate versions

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
2025-04-09 12:02:43 +01:00
stevenhorsman
2cb9fd3c69 agent: Update rustjail to use workspace settings
- To reduce duplication, we could update
the rustjail crate to use settings and versions
from the agent, where applicable.
- Also switch to using the derive feature in serde crate
rather than the separate serde_derive to avoid keeping
both versions in sync

> [!NOTE]
> In order to use the workspace, this has bumped
some crate versions

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
2025-04-09 12:02:43 +01:00
stevenhorsman
655255b50c agent: Update policy to use workspace settings
To reduce duplication, we could update
the policy crate to use settings and versions
from the agent, where applicable.

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
2025-04-09 11:42:05 +01:00
stevenhorsman
1bec432ffa agent: Create workspace package and dependencies
- Create agent workspace dependencies and packge info
so that the packages in the workspace can use them
- Group the local dependencies together for clarity
(like in #11129)

Signed-off-by: stevenhorsman <steven@uk.ibm.com>
2025-04-09 11:42:00 +01:00
Fabiano Fidêncio
e3c98a5ac7 agent: Allow users to build without guest-pull
For those not interested in CoCo, let's at least allow them to easily
build the agent without the guest-pull feature.

This reduces the binary size (already stripped) from 25M to 18M.

Signed-off-by: Fabiano Fidêncio <fabiano@fidencio.org>
2025-04-04 22:58:43 +01:00
Zvonko Kaiser
e5c4cfb8a1 Merge pull request #11081 from BbolroC/unsealed-secret-fix
tests: Enable sealed secrets for all TEEs
2025-03-31 11:19:52 -04:00
Hyounggyu Choi
423ad8341d agent: Call cdh_handler for sealed secrets after add_storage()
As reported in #11011, mounted secrets are available after
a container image is pulled by add_storage() for IBM SE.
But secure mount should be handled before the `add_storage()`.
Therefore, this commit divides cdh_handler() into:

- cdh_handler_trusted_storage()
- cdh_handler_sealed_secrets()

and calls cdh_handler_sealed_secrets() after add_storage()
while keeping cdh_handler_trusted_storage() unchanged.

Signed-off-by: Hyounggyu Choi <Hyounggyu.Choi@ibm.com>
2025-03-26 17:50:41 +01:00
Jakob Naucke
d808cef2fb agent: AP bind-associate for Secure Execution
Kata Containers has support for both the IBM Secure Execution trusted
execution environment and the IBM Crypto Express hardware security
module (used via the Adjunct Processor bus), but using them together
requires specific steps.

In Secure Execution, the Acceleration and Enterprise PKCS11 modes of
Crypto Express are supported. Both modes require the domain to be
_bound_ in the guest, and the latter also requires the domain to be
_associated_ with a _guest secret_. Guest secrets must be submitted to
the ultravisor from within the guest.

Each EP11 domain has a master key verification pattern (MKVP) that can
be established at HSM setup time. The guest secret and its ID are to
be provided at `/vfio_ap/{mkvp}/secret` and
`/vfio_ap/{mkvp}/secret_id` via a key broker service respectively.

Bind each domain, and for each EP11 domain,
- get the secret and secret ID from the addresses above,
- submit the secret to the ultravisor,
- find the index of the secret corresponding to the ID, and
- associate the domain to the index of this secret.

To bind, add the secret, parse the info about the domain, and
associate, the s390_pv_core crate is used. The code from this crate
also does the AP online check, which can be removed from here.

Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
2025-03-26 16:37:23 +01:00
Jakob Naucke
683a482d64 protos: Add CDH GetResourceService
Add service to get arbitrary data from Confidential Data Hub. Taken from
https://github.com/confidential-containers/guest-components/tree/main/api-server-rest.
Marked as `#[allow(dead_code)]` because planned use is
architecture-specific at this time.

Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
2025-03-24 15:46:40 +00:00
Fupan Li
4b93176225 runtime-rs: update the protobuf to 3.7.1
Since some files generated by protobuf were share between
runtime-rs and kata agent, and the kata agent's dependency
image-rs dependened protobuf@3.7.1, thus we'd better to keep
the protobuf version aligned between runtime-rs and agent,
otherwise, we couldn't compile the runtime-rs and agent
at the same time.

Fixes: https://github.com/kata-containers/kata-containers/issues/10650

Signed-off-by: Fupan Li <fupan.lfp@antgroup.com>
2025-03-21 17:46:12 +08:00
Tobin Feldman-Fitzthum
b7786fbcf0 agent: update image-rs for coco v0.13.0
image-rs has gotten a number of significant updates, eliminating corner
cases with obscure containers, improving support for local certs, and
more.

Signed-off-by: Tobin Feldman-Fitzthum <tobin@ibm.com>
2025-03-14 10:44:10 -05:00
Hui Zhu
93cd30862d libs: Add AddSwapPath to service AgentService
AddSwap send the pci path to guest kernel to let it add swap device.
But some mmio device doesn't have pci path.  To support it add
AddSwapPath send virt_path to guest kernel as swap device.

Fixes: #10988

Signed-off-by: Hui Zhu <teawater@antgroup.com>
2025-03-11 16:02:48 +08:00
Fupan Li
9a4c0a5c5c agent: add the route flags support when adding routes
Get the route entry's flags passed from host and
set it in the add route request.

Fixes: #7934

Signed-off-by: Fupan Li <fupan.lfp@antgroup.com>
2025-03-07 09:56:08 +08:00
Fupan Li
d929bc0224 agent: refactor the code of update routes/interfaces
We can use the netlink update method to add a route or an interface
address. There is no need to delete it first and then add it. This can
save two system commissions.

Signed-off-by: Fupan Li <fupan.lfp@antgroup.com>
2025-03-07 09:56:08 +08:00
Fupan Li
aad915a7a1 agent: upgrade the netlink related crates
Upgrade rtnetlink and related crates to support
route flags.

Signed-off-by: Fupan Li <fupan.lfp@antgroup.com>
2025-03-07 09:56:08 +08:00
Zvonko Kaiser
3cea080185 agent: fix permisssion according to runc
The previous PR mistakenly set all perms to 0o666 we should follow
what runc does and fetch the permission from the guest aka host
if the file_mode == 0. If we do not find the device on the guest aka
host fallback to 0.

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
2025-03-05 17:33:40 +00:00
Zvonko Kaiser
a5629f9bfa Merge pull request #10971 from zvonkok/host-guest-mapping
agent: Enable VFIO and initContainers
2025-03-05 08:58:45 -05:00
Zvonko Kaiser
c73ff7518e agent: Fix default linux device permissions
We had the default permissions set to 0o000 if the file_mode was not
present, for most container devices this is the wrong default. Since
those devices are meant also to be accessed by users and others add a
sane default of 0o666 to devices that do not have any permissions set.

Otherwise only root can acess those and we cannot run containers as a
user.

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
2025-03-05 02:22:24 +00:00
Zvonko Kaiser
248d04c20c agent: Enable VFIO and initContainers
We had a static mapping of host guest PCI addresses, which prevented to
use VFIO devices in initContainers. We're tracking now the host-guest
mapping per container and removing this mapping if a container is
removed.

Signed-off-by: Zvonko Kaiser <zkaiser@nvidia.com>
2025-03-04 19:53:52 +00:00
Jakob Naucke
c146980bcd agent: Handle virtio-net-ccw devices separately
On s390x, a virtio-net device will use the CCW bus instead of PCI,
which impacts how its uevent should be handled. Take the respective
path accordingly.

Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
2025-02-26 11:36:43 +01:00
Jakob Naucke
b325069d72 agent: Update QEMU URL
Readthedocs URL was outdated.

Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
2025-02-26 11:36:42 +01:00
Jakob Naucke
9935f9ea7e proto: Rename Interface.pciPath to devicePath
Field is being used for both PCI and CCW devices. Name it devicePath
to avoid confusion when the device isn't a PCI device.

Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
2025-02-26 11:36:42 +01:00
Fabiano Fidêncio
b3b570e4c4 agent: Fix non-guest-pull build
As the guest-pull is a very Confidental Containers specific feature,
let's make sure we, at least, don't break folks who decide to build Kata
Containers' agent without having this feature enabled (for instance, for
the sake of the agent size).

Signed-off-by: Fabiano Fidêncio <fabiano@fidencio.org>
2025-02-25 21:48:41 +01:00
Fabiano Fidêncio
e09ae2cc0b Merge pull request #10921 from RuoqingHe/drop-redundant-override
build: Drop redundant ARCH override
2025-02-25 14:54:36 +01:00
Ruoqing He
265a751837 build: Drop redundant ARCH override
There are many `override ARCH = powerpc64le` after where `utils.mk` is
included, which are redundant.

Drop those redundant `override`s.

Signed-off-by: Ruoqing He <heruoqing@iscas.ac.cn>
2025-02-24 22:04:28 +08:00
Aurélien Bombo
a1ed923740 agent: Fix race condition with cgroup watchers
In the CI, test containers intermittently fail to start after creation,
with an error like below (see #10872 for more details):

  #     State:      Terminated
  #       Reason:   StartError
  #       Message:  failed to start containerd task "afd43e77fae0815afbc7205eac78f94859e247968a6a4e8bcbb987690fcf10a6": No such file or directory (os error 2)

I've observed this error to repro with the following containers, which
have in common that they're all *very short-lived* by design (more tests
might be affected):

 * k8s-job.bats
 * k8s-seccomp.bats
 * k8s-hostname.bats
 * k8s-policy-job.bats
 * k8s-policy-logs.bats

Furthermore, appending a `; sleep 1` to the command line for those
containers seemed to consistently get rid of the error.

Investigating further, I've uncovered a race between the end of the container
process and the setting up of the cgroup watchers (to report OOMs).

If the process terminates first, the agent will try to watch cgroup
paths that don't exist anymore, and it will fail to start the container.
The added error context in notifier.rs confirms that the error comes
from the missing cgroup:

  https://github.com/kata-containers/kata-containers/actions/runs/13450787436/job/37585901466#step:17:6536

The fix simply consists in creating the watchers *before* we start the
container but still *after* we create it -- this is non-blocking, and IIUC the
cgroup is guaranteed to already be present then.

Fixes: #10872

Signed-off-by: Aurélien Bombo <abombo@microsoft.com>
2025-02-21 17:52:11 -06:00
Dan Mihai
b90c537f79 Merge pull request #10881 from mythi/build-fixes
minor build fixes
2025-02-21 09:54:55 -08:00
Aurélien Bombo
601c403603 Merge pull request #10818 from burgerdev/plumbing
agent: clear log pipes if denied by policy
2025-02-19 16:28:58 -06:00
Mikko Ylinen
0d8242aee4 agent: rename cargo config
To mitigate:

warning: `.../kata-containers/src/agent/.cargo/config` is deprecated in favor of `config.toml`
note: if you need to support cargo 1.38 or earlier, you can symlink `config` to `config.toml`

Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
2025-02-19 09:34:13 +02:00
Paul Meyer
80af09aae9 agent: make policy feature optional again
This was messed up a little when factoring out the policy crate.
Removing the dependencies no longer used by the agent and making the
import of kata-agent-policy optional again.

Signed-off-by: Paul Meyer <katexochen0@gmail.com>
2025-02-18 15:28:06 +01:00