mirror of
https://github.com/kata-containers/kata-containers.git
synced 2025-10-21 11:58:41 +00:00
5a551a85b1
This imports the vfio test scripts github.com/kata-containers/tests. The test case doesn't work yet but doing the changes in a separate commit will make it easier to track the changes. The only change in this commit is renaming vfio_jenkins_job_build.sh -> vfio_fedora_vm_wrapper.sh Fixes: #6555 Signed-off-by: Jeremi Piotrowski <jpiotrowski@microsoft.com>
177 lines
3.1 KiB
JSON
177 lines
3.1 KiB
JSON
#
|
|
# Copyright (c) 2021 Intel Corporation
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
#
|
|
{
|
|
"ociVersion": "1.0.0-rc2-dev",
|
|
"platform": {
|
|
"os": "linux",
|
|
"arch": "amd64"
|
|
},
|
|
"annotations": {
|
|
"io.katacontainers.config.hypervisor.enable_iommu": "false",
|
|
"io.katacontainers.config.runtime.vfio_mode": "guest-kernel"
|
|
},
|
|
"process": {
|
|
"terminal": false,
|
|
"consoleSize": {
|
|
"height": 0,
|
|
"width": 0
|
|
},
|
|
"user": {
|
|
"uid": 0,
|
|
"gid": 0
|
|
},
|
|
"args": [ "/bin/tail", "-f", "/dev/null" ],
|
|
"env": [
|
|
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
|
|
"TERM=xterm"
|
|
],
|
|
"cwd": "/",
|
|
"rlimits": [{
|
|
"type": "RLIMIT_NOFILE",
|
|
"hard": 1024,
|
|
"soft": 1024
|
|
}],
|
|
"noNewPrivileges": true
|
|
},
|
|
"root": {
|
|
"path": "@ROOTFS@",
|
|
"readonly": false
|
|
},
|
|
"hostname": "vfio-test",
|
|
"mounts": [{
|
|
"destination": "/proc",
|
|
"type": "proc",
|
|
"source": "proc"
|
|
},
|
|
{
|
|
"destination": "/dev",
|
|
"type": "tmpfs",
|
|
"source": "tmpfs",
|
|
"options": [
|
|
"nosuid",
|
|
"strictatime",
|
|
"mode=755",
|
|
"size=65536k"
|
|
]
|
|
},
|
|
{
|
|
"destination": "/dev/pts",
|
|
"type": "devpts",
|
|
"source": "devpts",
|
|
"options": [
|
|
"nosuid",
|
|
"noexec",
|
|
"newinstance",
|
|
"ptmxmode=0666",
|
|
"mode=0620",
|
|
"gid=5"
|
|
]
|
|
},
|
|
{
|
|
"destination": "/dev/shm",
|
|
"type": "tmpfs",
|
|
"source": "shm",
|
|
"options": [
|
|
"nosuid",
|
|
"noexec",
|
|
"nodev",
|
|
"mode=1777",
|
|
"size=65536k"
|
|
]
|
|
},
|
|
{
|
|
"destination": "/dev/mqueue",
|
|
"type": "mqueue",
|
|
"source": "mqueue",
|
|
"options": [
|
|
"nosuid",
|
|
"noexec",
|
|
"nodev"
|
|
]
|
|
},
|
|
{
|
|
"destination": "/sys",
|
|
"type": "sysfs",
|
|
"source": "sysfs",
|
|
"options": [
|
|
"nosuid",
|
|
"noexec",
|
|
"nodev",
|
|
"ro"
|
|
]
|
|
},
|
|
{
|
|
"destination": "/sys/fs/cgroup",
|
|
"type": "cgroup",
|
|
"source": "cgroup",
|
|
"options": [
|
|
"nosuid",
|
|
"noexec",
|
|
"nodev",
|
|
"relatime",
|
|
"ro"
|
|
]
|
|
}
|
|
],
|
|
"hooks": {},
|
|
"linux": {
|
|
"devices": [{
|
|
"path": "@VFIO_PATH@",
|
|
"type": "c",
|
|
"major": @VFIO_MAJOR@,
|
|
"minor": @VFIO_MINOR@,
|
|
"fileMode": 384,
|
|
"uid": 0,
|
|
"gid": 0
|
|
}],
|
|
"cgroupsPath": "kata/vfiotest",
|
|
"resources": {
|
|
"devices": [
|
|
{"allow":false,"access":"rwm"},
|
|
{"allow":true,"type":"c","major":1,"minor":3,"access":"rwm"},
|
|
{"allow":true,"type":"c","major":1,"minor":5,"access":"rwm"},
|
|
{"allow":true,"type":"c","major":1,"minor":8,"access":"rwm"},
|
|
{"allow":true,"type":"c","major":1,"minor":9,"access":"rwm"},
|
|
{"allow":true,"type":"c","major":5,"minor":0,"access":"rwm"},
|
|
{"allow":true,"type":"c","major":5,"minor":1,"access":"rwm"},
|
|
{"allow": true,"access": "rwm","major": @VFIO_MAJOR@,"minor": @VFIO_MINOR@,"type": "c"}
|
|
]
|
|
},
|
|
"namespaces": [{
|
|
"type": "pid"
|
|
},
|
|
{
|
|
"type": "network"
|
|
},
|
|
{
|
|
"type": "ipc"
|
|
},
|
|
{
|
|
"type": "uts"
|
|
},
|
|
{
|
|
"type": "mount"
|
|
}
|
|
],
|
|
"maskedPaths": [
|
|
"/proc/kcore",
|
|
"/proc/latency_stats",
|
|
"/proc/timer_list",
|
|
"/proc/timer_stats",
|
|
"/proc/sched_debug",
|
|
"/sys/firmware"
|
|
],
|
|
"readonlyPaths": [
|
|
"/proc/asound",
|
|
"/proc/bus",
|
|
"/proc/fs",
|
|
"/proc/irq",
|
|
"/proc/sys",
|
|
"/proc/sysrq-trigger"
|
|
]
|
|
}
|
|
}
|