VhostUserDeviceAttrs::PCIAddr didn't actually store a PCI address
(DDDD:BB:DD.F), but rather a PCI path. Use the PciPath type and
rename things to make that clearer.
TestHandleBlockVolume previously used the bizarre value "0001:01"
which is neither a PCI address nor a PCI path for this value. Change
it to a valid PCI path - it appears the actual value didn't matter for
that test, as long as it was consistent.
Forward port of
3596058c67fixes#1040
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
BlockDrive::PCIAddr doesn't actually store a PCI address
(DDDD:BB:DD.F) but a PCI path. Use the PciPath type and rename things
to make that clearer.
TestHandleBlockVolume() previously used a bizarre value "0002:01" for
the "PCI address" which was neither an actual PCI address, nor a PCI
path. Update it to use a PCI path - the actual value appears not to
matter in this test, as long as its consistent throughout.
Forward port of
64751f377bfixes#1040
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
The "PCI address" returned by Endpoint::PciPath() isn't actually a PCI
address (DDDD:BB:DD.F), but rather a PCI path. Rename and use the
PciPath type to clean this up and the various parts of the network
code connected to it.
Forward port of
3e589713cffixes#1040
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Currently pcipath_to_sysfs() generates the path to the root bus node in
sysfs via create_pci_root_bus_path(). This is inconvenient for testing,
though, so instead make it take this as a parameter and generate the path
in the (single) caller. As a bonus this will make life a bit easier when
we want to support machines with multiple PCI roots.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
pcipath_to_sysfs takes a PCI path, with a particular format. A number of
places implicitly need strings in that format, many of them repeat the
description. To make things safer and briefer use the pci::Path type for
the purpose more widely, and just describe the string formatting of it at
the type definition.
Then, update variable names and comments throughout to call things in
this format "PCI path", rather than "PCI identifier", which is vague,
or "PCI address" which is just plain wrong. Likewise we change names and
comments which incorrectly refer to sysfs paths as a "PCI address".
This changes the grpc proto definitions, but because it's just
changing the name of a field without changing the field number, it
shouldn't change the actual protocol.
A loose forward port of
da4bc1d184
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Currently pcipath_to_sysfs(), which translates PCI paths into sysfs paths
accepts only pci paths with exactly 2 components; which represents PCI
devices separated from the root bus by exactly one PCI to PCI bridge (which
could be a virtual P2P bridge, such as a PCI-E root port).
There are cases we might reasonably want to support which have devices
either plugged directly into the root bus (zero bridges), or under
multiple layers of P2P bridge (a PCI-E switch would require at least 2
layers).
So, generalize pcipath_to_sysfs to support any number of components in the
PCI path. We also make it use the new type for PCI paths internally rather
than plain strings.
This is a loose forward port of
9804b1e55dfixes#1040
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
get_pci_device_address() has pretty confusing semantics. Both its input
and output are in other parts of the code described as a "PCI address", but
neither is *actually* a PCI address (in the standard DDDD:BB:DD.F format).
What it's really about is resolving a "PCI path" - that is way to locate a
PCI device by using it's slot number and the slot number of the bridge
leading to it - into a sysfs path.
Rename the function, and change a bunch of variable names to make those
semantics clearer.
Forward port of
https://github.com/kata-containers/agent/pull/855/commits/0eb612f06484
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Now that we have types to represent PCI paths on both the agent and
runtime sides, we can update the protocol definitionto use clearer
terminology.
Note that this doesn't actually change the agent protocol, because it just
renames a field without changing its field ID or type.
While we're there fix a trivial rustfmt error in
src/agent/protocols/build.rs
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This is a dedicated data type for representing PCI paths, that is, PCI
devices described by the slot numbers of the bridges we need to reach
them.
There are a number of places that uses strings with that structure for
things. The plan is to use this data type to consolidate their
handling. These are essentially Go equivalents of the pci::Slot and
pci::Path types introduced in the Rust agent.
Forward port of
185b3ab044
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Introduce a Rust type to represent a "PCI path" - that is a way of
locating a PCI device from a given root by listing the slots of all
the bridges leading to it and finally the slot of the device itself.
It's implemented as a vector of the previously added pci::Slot type,
and includes the necessary validation and conversions to/from strings.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Add a Rust type for representing a PCI slot on a single bus. This is
essentially just an integer from 0..31 (inclusive), but includes the
code for converting from integers with appropriate validation and
formatting back to a string.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Update the Intel QAT Dockerfile to work with the 2.0 repos, fix some
bugs with building Debian/Ubuntu rootfs, and update the latest QAT
driver. Updated copyright.
Fixes: #1419
Signed-off-by: Adams, Eric <eric.adams@intel.com>
For building rootfs with docker, glibc based rust target should be installed on ppc64le.
Additionally, protobuf-compiler would be required on ppc64le as it is not present by default.
Fixes: #1417
Signed-off-by: Amulya Meka <amulmek1@in.ibm.com>
Remove loading of configuration from New() because we do not know the
correct configuration file for the runtime until Create() and so that it
is not loaded more than once. Start tracer in create() so that it is
created after the runtime config is loaded in its original location.
Fixes#1411
Signed-off-by: Chelsea Mafrica <chelsea.e.mafrica@intel.com>
Give the user chance to specify their own registry in event the default
provided are not accessible, desirable.
Fixes: #1393
Signed-off-by: Eric Ernst <eric.g.ernst@gmail.com>
This PR updates the licensing strategy document to use the proper
tests repository for kata 2.0
Fixes#1413
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
Today hooks are only described in the QEMU toml. This shouldn't be VMM
specific -- let's make sure these are advertised for Cloud Hypervisor as
well.
Fixes: #1401
Signed-off-by: Eric Ernst <eric.g.ernst@gmail.com>
kernel setup fails when `yes "n"` is used and `make oldconfig` doesn't
read anything from STDIN, `yes "n"` was added in the past as a
workaround to fix incomplete kernel configs.
Enable `build-kernel.sh` debug.
Signed-off-by: Julio Montes <julio.montes@intel.com>
`sudo` is required to build the image, once the image has been built
the permission of some directories may change, let's build first the
targerts that not need `sudo`
Signed-off-by: Julio Montes <julio.montes@intel.com>
This PR fixes wrong serialization of OCI state object.
OCI hooks end up with a JSON string with double quotes in `state` field.
This happens because of confusion `Debug` and `Display` traits. Debug trait
returns a string representation with double quotes.
Ideally we should not use Debug as a part of serialization process, so a bit
more safer fix would be to move container states to `oci` crate and simply
disallow wrong values in that field.
`ContainerState` in go spec: https://github.com/opencontainers/runtime-spec/blob/master/specs-go/state.go#L4Fixes: #1404
Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
Today we only clear out the cpuset details when doing an update call on
existing container/pods. This works in the case of Kubernetes, but not
in the case where we are explicitly setting the cpuset details at boot
time. For example, if you are running a single container via docker ala:
docker run --cpuset-cpus 0-3 -it alpine sh
What would happen is the cpuset info would be passed in with the
container spec for create container request to the agent. At that point
in time, there'd only be the defualt number of CPUs available in the
guest (1), so you'd be left with cpusets set to 0. Next, we'd hotplug
the vCPUs, providing 0-4 CPUs in the guest, but the cpuset would never
be updated, leaving the application tied to CPU 0.
Ouch.
Until the day we support cpusets in the guest, let's make sure that we
start off clearing the cpuset fields.
Fixes: #1405
Signed-off-by: Eric Ernst <eric.g.ernst@gmail.com>
Seccomp configuration should be updated to prepare for the future seccomp support based on the latest OCI specification.
Add:
- flags which is used with seccomp(2) in struct LinuxSeccomp
- errnoRet which is errno return code in struct LinuxSyscall
- some new seccomp actions and an architecture
Fixes: #1391
Signed-off-by: Manabu Sugimoto <Manabu.Sugimoto@sony.com>
The unit test for list_interfaces() checks that the hardware address
returned for each interface has non-zero length. However, that need not be
the case. Point-to-point devices, such as ppp, or tun devices in certain
configurations may not have a hardware address, which is represented as
a zero length address here.
This happens on my machine with a tun0 device created by OpenVPN.
fixes#1377
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Remove the old config options from the documentation and replace them
with the new form (without the redundant `kata-` prefix).
Signed-off-by: Daniel Knittl-Frank <knittl89+git@googlemail.com>
Update all tools/packaging scripts to prefer the new options over the
old ones (e.g. `--config` instead of `--kata-config`).
Signed-off-by: Daniel Knittl-Frank <knittl89+git@googlemail.com>
Remove `kata-` prefix from options `kata-config` and
`kata-show-default-config-paths`.
Fixes#1011
Signed-off-by: Daniel Knittl-Frank <knittl89+git@googlemail.com>
* CONFIG_OVERLAY_FS_METACOPY is needed to have reasonable performance
for chmod and similar calls;
* CONFIG_OVERLAY_FS_XINO_AUTO is recommended for POSIX compliance.
Fixes: #1075
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
- Install the required protobuf-compiler on Ubuntu
- Install correct libc Rust target (glibc on s390x)
- Do not skip Rust installation on s390x
Fixes: #1266
Signed-off-by: Jakob Naucke <jakob.naucke@ibm.com>
