With `disable_netns=true`, we should never scan the sandbox netns which
is the host netns in such case.
Fixes: #6021
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Cherry-picked: 12fd6ff
This PR fixes a misspelling in the error message when it tries to run
a system without Confidential computing support.
Fixes#6042
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
With `disable_netns=true`, we should never scan the sandbox netns which
is the host netns in such case.
Fixes: #6021
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
There is a broken release of cgroup-rs, but cargo install will not use
the version in Cargo.lock, so add the `--locked` option to use the version
specified in the Cargo.toml
Fixes: #5376
Signed-off-by: Bin Liu <bin@hyper.sh>
As the toolchain is installed in the image itself, we *must* take the
toolchain into consideration when deciding whether to use a cached image
or building a new one.
Fixes: #6033
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
In TestHandleHugepages it will do a mount operation with different pagesizes,
but some systems only support 2M pagesize, test for a 1g pagesize will fail.
This commit try to fix by only mount pagesizes under `/sys/kernel/mm/hugepages`, which are
supported to mount by the OS.
Fixes: #6029
Signed-off-by: Bin Liu <bin@hyper.sh>
Bug fix for #5651. Faulty bash syntax let a initrd build complete, but not copy the kernel module.
This change fixes the if logic to work as an 'or' as intended.
Fixes: #6024
Signed-off-by: Alex Carter <Alex.Carter@ibm.com>
Move PROC_CPUINFO into check.rs. This file is used accross
architectures and does not need to be in arch-specific files.
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
This PR fixes the indentation for setup aks script being used
in tools.
Fixes#6013
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
In `src/tools/kata-ctl/src/check.rs`, there is a function
`get_kata_version_by_url` in the tests mod,
indeed we can use the `get_kata_all_releases_by_url` in the main mod
to replace it.
Fixes: #5981
Signed-off-by: Bin Liu <bin@hyper.sh>
Process single_container like pod_sandbox when create container but like
pod_container when get the size info of memory/cpu from oci/spec.
Fixes: #6006
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
For now, only pod_sandbox and pod_container are supported. It doesn't cover
the case that container started by ctr which is a single_container defined
in kata 2.0. port the single_container kata type from kata 2.0 to kata 3.0.
Fixes: #6006
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
Fixes: #6004
A Virtualization.framework based Hypervisor implementation.
This is just stubs for now to eventually get this building.
Signed-off-by: Samuel Ortiz <s.ortiz@apple.com>
Signed-off-by: Danny Canter <danny@dcantah.dev>
Fixes: #6002
As a first pass for testing, let's add a skeleton for filesystem
sharing support on Darwin..
Signed-off-by: Eric Ernst <eric_ernst@apple.com>
Signed-off-by: Danny Canter <danny@dcantah.dev>
Fixes: #5993
Several tests utilize linux'isms like Mounts, bindmounts, vsock etc.
Let's ensure that these are still tested on Linux, but that we also skip
these tests when on other operating systems (Darwin). This commit just
moves tests; there shouldn't be any functional test changes. While the
tests still won't be runnable on Darwin/other hosts yet, this is a necessary
step forward.
Signed-off-by: Eric Ernst <eric_ernst@apple.com>
Signed-off-by: Danny Canter <danny@dcantah.dev>
This is needed in order to have Moby / Docker working properly with
Cloud Hypervisor, as Moby / Docker relies on hotplugging a network
device to the VM as a preStartHook.
Fixes: #5997
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
THe only bit needed for having the vmAddNetPutRequest() capable of
dealing with hotplugs, instead of only coldplugs, is making sure it
doesn't error out in case a `200` response is returned.
The 200 response means:
"""
The new device was successfully added to the VM instance.
"""
Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
