From 7006319d5cca9298ff291dd28fffef3bd8b26208 Mon Sep 17 00:00:00 2001 From: Tommy McCormick Date: Mon, 19 Jan 2026 14:06:06 -0500 Subject: [PATCH] chore(deps): upgrade youki, nix, and related crates --- Cargo.lock | 232 ++++++++++-------- Cargo.toml | 2 +- auraed/Cargo.toml | 9 +- .../cells/nested_auraed/isolation_controls.rs | 35 +-- .../cells/nested_auraed/nested_auraed.rs | 84 +++++-- auraed/src/cri/runtime_service.rs | 30 --- auraed/src/init/network/mod.rs | 2 +- auraed/src/init/power.rs | 2 +- auraed/src/vms/manager.rs | 2 +- auraed/src/vms/virtual_machines.rs | 1 + 10 files changed, 204 insertions(+), 195 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 128e32a64..33c6f6c28 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -170,7 +170,7 @@ dependencies = [ "linux-loader", "log", "serde", - "thiserror 2.0.12", + "thiserror 2.0.18", "uuid", "vm-fdt", "vm-memory", @@ -252,14 +252,13 @@ dependencies = [ "ipnetwork", "iter_tools", "lazy_static", - "libc", "libcgroups", "libcontainer", "log", "multi_log", "net_util", "netlink-packet-route", - "nix 0.28.0", + "nix 0.29.0", "oci-spec", "once_cell", "pretty_assertions", @@ -276,7 +275,7 @@ dependencies = [ "tempfile", "test-helpers", "test-helpers-macros", - "thiserror 2.0.12", + "thiserror 2.0.18", "tokio", "tokio-stream", "tonic", @@ -577,7 +576,7 @@ dependencies = [ "remain", "serde", "smallvec", - "thiserror 2.0.12", + "thiserror 2.0.18", "uuid", "virtio-bindings", "virtio-queue", @@ -668,12 +667,11 @@ dependencies = [ [[package]] name = "caps" -version = "0.5.5" +version = "0.5.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "190baaad529bcfbde9e1a19022c42781bdb6ff9de25721abdb8fd98c0807730b" +checksum = "fd1ddba47aba30b6a889298ad0109c3b8dcb0e8fc993b459daa7067d46f865e0" dependencies = [ "libc", - "thiserror 1.0.69", ] [[package]] @@ -687,10 +685,11 @@ dependencies = [ [[package]] name = "cc" -version = "1.2.16" +version = "1.2.53" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "be714c154be609ec7f5dad223a33bf1482fff90472de28f7362806e6d4832b8c" +checksum = "755d2fce177175ffca841e9a06afdb2c4ab0f593d53b4dee48147dfaade85932" dependencies = [ + "find-msvc-tools", "shlex", ] @@ -709,12 +708,6 @@ version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" -[[package]] -name = "cfg_aliases" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd16c4719339c4530435d38e511904438d07cce7950afa3718a84ac36c10e89e" - [[package]] name = "cfg_aliases" version = "0.2.1" @@ -796,7 +789,7 @@ dependencies = [ "hyper-util", "proto", "serde", - "thiserror 2.0.12", + "thiserror 2.0.18", "tokio", "toml", "tonic", @@ -866,6 +859,26 @@ version = "0.9.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c2459377285ad874054d797f3ccebf984978aa39129f6eafde5cdc8315b612f8" +[[package]] +name = "const_format" +version = "0.2.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7faa7469a93a566e9ccc1c73fe783b4a65c274c5ace346038dca9c39fe0030ad" +dependencies = [ + "const_format_proc_macros", +] + +[[package]] +name = "const_format_proc_macros" +version = "0.2.34" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d57c2eccfb16dbac1f4e61e206105db5820c9d26c3c472bc17c774259ef7744" +dependencies = [ + "proc-macro2", + "quote", + "unicode-xid", +] + [[package]] name = "cooked-waker" version = "5.0.0" @@ -1033,7 +1046,7 @@ dependencies = [ "swc_sourcemap", "swc_visit", "text_lines", - "thiserror 2.0.12", + "thiserror 2.0.18", "unicode-width 0.2.0", "url", ] @@ -1070,7 +1083,7 @@ dependencies = [ "smallvec", "sourcemap", "static_assertions", - "thiserror 2.0.12", + "thiserror 2.0.18", "tokio", "url", "v8", @@ -1129,11 +1142,11 @@ dependencies = [ "proc-macro2", "quote", "stringcase", - "strum 0.27.2", - "strum_macros 0.27.2", + "strum", + "strum_macros", "syn 2.0.100", "syn-match", - "thiserror 2.0.12", + "thiserror 2.0.18", ] [[package]] @@ -1145,7 +1158,7 @@ dependencies = [ "deno_error", "percent-encoding", "sys_traits", - "thiserror 2.0.12", + "thiserror 2.0.18", "url", ] @@ -1237,7 +1250,7 @@ dependencies = [ "num_enum", "pci", "serde", - "thiserror 2.0.12", + "thiserror 2.0.18", "tpm", "vm-allocator", "vm-device", @@ -1392,7 +1405,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6e24cb5a94bcae1e5408b0effca5cd7172ea3c5755049c5f3af4cd283a165298" dependencies = [ "bit-set", - "regex-automata 0.4.9", + "regex-automata 0.4.13", "regex-syntax 0.8.5", ] @@ -1408,6 +1421,12 @@ version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "784a4df722dc6267a04af36895398f59d21d07dce47232adf31ec0ff2fa45e67" +[[package]] +name = "find-msvc-tools" +version = "0.1.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8591b0bcc8a98a64310a2fae1bb3e9b8564dd10e381e6e28010fde8e8e8568db" + [[package]] name = "fixedbitset" version = "0.5.7" @@ -1841,7 +1860,7 @@ dependencies = [ "log", "serde", "serde_with", - "thiserror 2.0.12", + "thiserror 2.0.18", "vfio-ioctls", "vm-memory", "vmm-sys-util", @@ -2278,22 +2297,25 @@ checksum = "bcc35a38544a891a5f7c865aca548a982ccb3b8650a5b06d0fd33a10283c56fc" [[package]] name = "libcgroups" -version = "0.5.2" -source = "git+https://github.com/containers/youki?tag=v0.5.2#aa83910eaa41a300714bcb7b3ce5c915b162ecf7" +version = "0.5.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "acabc2d6b351af9406d5bddfe86697c3791fda2a6d6d03b90d86af1f0998751e" dependencies = [ "fixedbitset", - "nix 0.28.0", + "nix 0.29.0", "oci-spec", + "pathrs", "procfs", "serde", - "thiserror 2.0.12", + "thiserror 2.0.18", "tracing", ] [[package]] name = "libcontainer" -version = "0.5.2" -source = "git+https://github.com/containers/youki?tag=v0.5.2#aa83910eaa41a300714bcb7b3ce5c915b162ecf7" +version = "0.5.7" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a6320ae84435bed00efb3e0a7c2de8a38bba4d619e801d8ab3a8527fcf427709" dependencies = [ "caps", "chrono", @@ -2301,17 +2323,19 @@ dependencies = [ "libc", "libcgroups", "nc", - "nix 0.28.0", + "nix 0.29.0", "oci-spec", "once_cell", + "pathrs", "prctl", "procfs", + "protobuf", "regex", "rust-criu", "safe-path", "serde", "serde_json", - "thiserror 2.0.12", + "thiserror 2.0.18", "tracing", ] @@ -2348,9 +2372,9 @@ checksum = "d26c52dbd32dccf2d10cac7725f8eae5296885fb5703b261f7d0a0739ec807ab" [[package]] name = "linux-raw-sys" -version = "0.9.3" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe7db12097d22ec582439daf8618b8fdd1a7bef6270e9af3b1ebcd30893cf413" +checksum = "df1d3c3b53da64cf5760482273a98e575c651a67eec7f77df96b5b642de8f039" [[package]] name = "litemap" @@ -2471,9 +2495,9 @@ dependencies = [ [[package]] name = "nc" -version = "0.9.5" +version = "0.9.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34566634a278b9af0f62b872339d884ea689982514825ba306705f264038144e" +checksum = "44a4f56a68f96b49bca0ea29a91caa983bb5f37e064183436a45b80dc441cd55" dependencies = [ "cc", ] @@ -2498,7 +2522,7 @@ dependencies = [ "net_gen", "rate_limiter", "serde", - "thiserror 2.0.12", + "thiserror 2.0.18", "virtio-bindings", "virtio-queue", "vm-memory", @@ -2538,7 +2562,7 @@ dependencies = [ "log", "netlink-packet-core", "netlink-sys", - "thiserror 2.0.12", + "thiserror 2.0.18", ] [[package]] @@ -2560,19 +2584,6 @@ version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "650eef8c711430f1a879fdd01d4745a7deea475becfb90269c06775983bbf086" -[[package]] -name = "nix" -version = "0.28.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ab2156c4fce2f8df6c499cc1c763e4394b7482525bf2a9701c9d79d215f519e4" -dependencies = [ - "bitflags 2.9.0", - "cfg-if", - "cfg_aliases 0.1.1", - "libc", - "memoffset", -] - [[package]] name = "nix" version = "0.29.0" @@ -2581,8 +2592,9 @@ checksum = "71e2746dc3a24dd78b3cfcb7be93368c6de9963d30f43a6a73998a9cf4b17b46" dependencies = [ "bitflags 2.9.0", "cfg-if", - "cfg_aliases 0.2.1", + "cfg_aliases", "libc", + "memoffset", ] [[package]] @@ -2593,7 +2605,7 @@ checksum = "74523f3a35e05aba87a1d978330aef40f67b0304ac79c1c00b294c9830543db6" dependencies = [ "bitflags 2.9.0", "cfg-if", - "cfg_aliases 0.2.1", + "cfg_aliases", "libc", ] @@ -2707,18 +2719,19 @@ dependencies = [ [[package]] name = "oci-spec" -version = "0.7.1" +version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da406e58efe2eb5986a6139626d611ce426e5324a824133d76367c765cf0b882" +checksum = "fc3da52b83ce3258fbf29f66ac784b279453c2ac3c22c5805371b921ede0d308" dependencies = [ + "const_format", "derive_builder", "getset", "regex", "serde", "serde_json", - "strum 0.26.3", - "strum_macros 0.26.4", - "thiserror 2.0.12", + "strum", + "strum_macros", + "thiserror 2.0.18", ] [[package]] @@ -2788,6 +2801,24 @@ version = "0.2.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "df94ce210e5bc13cb6651479fa48d14f601d9858cfe0467f43ae157023b938d3" +[[package]] +name = "pathrs" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c7e1a93ab007fbfbd784b3015b60cae7fc564ed3dc44d3c9f9f4a5043040ad83" +dependencies = [ + "bitflags 2.9.0", + "itertools 0.14.0", + "libc", + "memchr", + "once_cell", + "rustix 1.1.3", + "rustversion", + "static_assertions", + "tempfile", + "thiserror 2.0.18", +] + [[package]] name = "pbjson" version = "0.9.0" @@ -2809,7 +2840,7 @@ dependencies = [ "libc", "log", "serde", - "thiserror 2.0.12", + "thiserror 2.0.18", "vfio-bindings", "vfio-ioctls", "vfio_user", @@ -2943,7 +2974,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "059a34f111a9dee2ce1ac2826a68b24601c4298cfeb1a587c3cb493d5ab46f52" dependencies = [ "libc", - "nix 0.29.0", + "nix 0.30.1", ] [[package]] @@ -3219,7 +3250,7 @@ dependencies = [ "epoll", "libc", "log", - "thiserror 2.0.12", + "thiserror 2.0.18", "vmm-sys-util", ] @@ -3234,13 +3265,13 @@ dependencies = [ [[package]] name = "regex" -version = "1.11.1" +version = "1.12.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b544ef1b4eac5dc2db33ea63606ae9ffcfac26c1416a2806ae0bf5f56b201191" +checksum = "843bc0191f75f3e22651ae5f1e72939ab2f72a4bc30fa80a066bd66edefc24d4" dependencies = [ "aho-corasick", "memchr", - "regex-automata 0.4.9", + "regex-automata 0.4.13", "regex-syntax 0.8.5", ] @@ -3255,9 +3286,9 @@ dependencies = [ [[package]] name = "regex-automata" -version = "0.4.9" +version = "0.4.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "809e8dc61f6de73b46c85f4c96486310fe304c434cfa43669d7b40f711150908" +checksum = "5276caf25ac86c8d810222b3dbb938e512c55c6831a10f3e6ed1c93b84041f1c" dependencies = [ "aho-corasick", "memchr", @@ -3368,15 +3399,15 @@ dependencies = [ [[package]] name = "rustix" -version = "1.0.2" +version = "1.1.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f7178faa4b75a30e269c71e61c353ce2748cf3d76f0c44c393f4e60abf49b825" +checksum = "146c9e247ccc180c1f61615433868c99f3de3ae256a30a43b49f67c2d9171f34" dependencies = [ "bitflags 2.9.0", "errno", "libc", - "linux-raw-sys 0.9.3", - "windows-sys 0.59.0", + "linux-raw-sys 0.11.0", + "windows-sys 0.60.2", ] [[package]] @@ -3560,7 +3591,7 @@ dependencies = [ "num-bigint", "serde", "smallvec", - "thiserror 2.0.12", + "thiserror 2.0.18", "v8", ] @@ -3845,32 +3876,13 @@ version = "0.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f" -[[package]] -name = "strum" -version = "0.26.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8fec0f0aef304996cf250b31b5a10dee7980c85da9d759361292b8bca5a18f06" - [[package]] name = "strum" version = "0.27.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "af23d6f6c1a224baef9d3f61e287d2761385a5b88fdab4eb4c6f11aeb54c4bcf" dependencies = [ - "strum_macros 0.27.2", -] - -[[package]] -name = "strum_macros" -version = "0.26.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c6bee85a5a24955dc440386795aa378cd9cf82acd5f764469152d2270e581be" -dependencies = [ - "heck", - "proc-macro2", - "quote", - "rustversion", - "syn 2.0.100", + "strum_macros", ] [[package]] @@ -4364,7 +4376,7 @@ dependencies = [ "fastrand", "getrandom 0.3.1", "once_cell", - "rustix 1.0.2", + "rustix 1.1.3", "windows-sys 0.59.0", ] @@ -4414,7 +4426,7 @@ dependencies = [ name = "test-helpers" version = "0.0.0" dependencies = [ - "nix 0.28.0", + "nix 0.29.0", "once_cell", ] @@ -4448,11 +4460,11 @@ dependencies = [ [[package]] name = "thiserror" -version = "2.0.12" +version = "2.0.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "567b8a2dae586314f7be2a752ec7474332959c6460e02bde30d702a66d488708" +checksum = "4288b5bcbc7920c07a1149a35cf9590a2aa808e0bc1eafaade0b80947865fbc4" dependencies = [ - "thiserror-impl 2.0.12", + "thiserror-impl 2.0.18", ] [[package]] @@ -4468,9 +4480,9 @@ dependencies = [ [[package]] name = "thiserror-impl" -version = "2.0.12" +version = "2.0.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f7cf42b4507d8ea322120659672cf1b9dbb93f8f2d4ecfd6e51350ff5b17a1d" +checksum = "ebc4ee7f67670e9b64d05fa4253e753e016c6c95ff35b89b7941d6b856dec1d5" dependencies = [ "proc-macro2", "quote", @@ -4775,7 +4787,7 @@ dependencies = [ "libc", "log", "net_gen", - "thiserror 2.0.12", + "thiserror 2.0.18", "vmm-sys-util", ] @@ -4940,6 +4952,12 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1fc81956842c57dac11422a97c3b8195a1ff727f06e85c84ed2e8aa277c9a0fd" +[[package]] +name = "unicode-xid" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853" + [[package]] name = "untrusted" version = "0.9.0" @@ -5026,7 +5044,7 @@ dependencies = [ "secrecy", "serde", "serde_json", - "thiserror 2.0.12", + "thiserror 2.0.18", "tonic", "url", "validator", @@ -5153,7 +5171,7 @@ dependencies = [ "serde_json", "serde_with", "serial_buffer", - "thiserror 2.0.12", + "thiserror 2.0.18", "vhost", "virtio-bindings", "virtio-queue", @@ -5195,7 +5213,7 @@ dependencies = [ "anyhow", "hypervisor", "serde", - "thiserror 2.0.12", + "thiserror 2.0.18", "vfio-ioctls", "vm-memory", "vmm-sys-util", @@ -5226,7 +5244,7 @@ dependencies = [ "anyhow", "serde", "serde_json", - "thiserror 2.0.12", + "thiserror 2.0.18", "vm-memory", ] @@ -5273,7 +5291,7 @@ dependencies = [ "serde_json", "serial_buffer", "signal-hook", - "thiserror 2.0.12", + "thiserror 2.0.18", "tracer", "uuid", "vfio-ioctls", @@ -5406,7 +5424,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a10e6b67c951a84de7029487e0e0a496860dae49f6699edd279d5ff35b8fbf54" dependencies = [ "deno_error", - "thiserror 2.0.12", + "thiserror 2.0.18", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index 0bf2a726a..1bfe2efe0 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -31,7 +31,7 @@ fancy-regex = "0.14.0" futures-util = "0.3.28" heck = "0.5.0" lazy_static = "1.4.0" -nix = "0.28.0" +nix = "0.29.0" proc-macro2 = "1.0" proto = { path = "./proto" } proto-reader = { path = "./crates/proto-reader" } diff --git a/auraed/Cargo.toml b/auraed/Cargo.toml index 2d63e851c..c78560c78 100644 --- a/auraed/Cargo.toml +++ b/auraed/Cargo.toml @@ -38,18 +38,17 @@ fancy-regex = { workspace = true } futures = "0.3.28" ipnetwork = "0.21.1" iter_tools = "0.24.0" -libc = "0.2.169" # TODO: Nix comes with libc, can we rely on that? lazy_static = { workspace = true } -libcgroups = { git = "https://github.com/containers/youki", tag = "v0.5.2", default-features = false, features = [ +libcgroups = { version = "0.5.7", default-features = false, features = [ "v2", ] } -libcontainer = { git = "https://github.com/containers/youki", tag = "v0.5.2", default-features = false, features = [ +libcontainer = { version = "0.5.7", default-features = false, features = [ "v2", ] } log = "0.4.21" netlink-packet-route = "0.28.0" -nix = { workspace = true, features = ["sched", "mount", "signal", "net"] } -oci-spec = "0.7.1" +nix = { workspace = true, features = ["sched", "mount", "signal", "net", "dir", "user", "process", "hostname"] } +oci-spec = "0.8.4" once_cell = "1" procfs = "0.17.0" proto = { workspace = true } diff --git a/auraed/src/cells/cell_service/cells/nested_auraed/isolation_controls.rs b/auraed/src/cells/cell_service/cells/nested_auraed/isolation_controls.rs index 93a8318b4..e0632066c 100644 --- a/auraed/src/cells/cell_service/cells/nested_auraed/isolation_controls.rs +++ b/auraed/src/cells/cell_service/cells/nested_auraed/isolation_controls.rs @@ -13,8 +13,8 @@ * SPDX-License-Identifier: Apache-2.0 * \* -------------------------------------------------------------------------- */ -use libc::c_char; -use std::io::{self}; +use nix::libc::{c_char, setdomainname}; +use std::io; use std::path::PathBuf; use tracing::info; @@ -43,13 +43,12 @@ impl Isolation { // Bind mount root:root with MS_REC and MS_PRIVATE flags // We are not sharing the mounts at this point (in other words we are in a new mount namespace) nix::mount::mount( - None::<&str>, // ignored + None::<&str>, "/", - None::<&str>, // ignored + None::<&str>, nix::mount::MsFlags::MS_PRIVATE | nix::mount::MsFlags::MS_REC, - None::<&str>, // ignored - ) - .map_err(|e| io::Error::from_raw_os_error(e as i32))?; + None::<&str>, + )?; info!("Isolation: Mounted root dir (/) in cell"); Ok(()) } @@ -62,7 +61,7 @@ impl Isolation { return Ok(()); } - //Mount proc in the new pid and mount namespace + // Mount proc in the new pid and mount namespace let target = PathBuf::from("/proc"); nix::mount::mount( Some("/proc"), @@ -70,29 +69,15 @@ impl Isolation { Some("proc"), nix::mount::MsFlags::empty(), None::<&str>, - ) - .map_err(|e| io::Error::from_raw_os_error(e as i32))?; + )?; // We are in a new UTS namespace so we manage hostname and domainname. - // hostname and domainname both allow null bytes and are not required to be null terminated. - if unsafe { - #[allow(trivial_casts)] - libc::sethostname( - self.name.as_ptr() as *const c_char, - self.name.len(), - ) - } == -1 - { - return Err(io::Error::last_os_error()); - } + nix::unistd::sethostname(&self.name)?; // Set domainname if unsafe { #[allow(trivial_casts)] - libc::setdomainname( - self.name.as_ptr() as *const c_char, - self.name.len(), - ) + setdomainname(self.name.as_ptr() as *const c_char, self.name.len()) } == -1 { return Err(io::Error::last_os_error()); diff --git a/auraed/src/cells/cell_service/cells/nested_auraed/nested_auraed.rs b/auraed/src/cells/cell_service/cells/nested_auraed/nested_auraed.rs index ee01e58ec..0d382936d 100644 --- a/auraed/src/cells/cell_service/cells/nested_auraed/nested_auraed.rs +++ b/auraed/src/cells/cell_service/cells/nested_auraed/nested_auraed.rs @@ -18,13 +18,17 @@ use crate::AURAED_RUNTIME; use client::AuraeSocket; use clone3::Flags; use nix::{ + errno::Errno, libc::SIGCHLD, - sys::signal::{Signal, Signal::SIGKILL, Signal::SIGTERM}, + sys::{ + signal::{Signal, Signal::SIGKILL, Signal::SIGTERM}, + wait::{WaitStatus, waitpid}, + }, unistd::Pid, }; use std::path::PathBuf; use std::{ - io::{self, ErrorKind}, + io, os::unix::process::{CommandExt, ExitStatusExt}, process::{Command, ExitStatus}, }; @@ -136,9 +140,7 @@ impl NestedAuraed { } // Execute the clone system call and create the new process with the relevant namespaces. - match unsafe { clone.call() } - .map_err(|e| io::Error::from_raw_os_error(e.0))? - { + match unsafe { clone.call() }? { 0 => { // child let command = { @@ -187,33 +189,67 @@ impl NestedAuraed { ) -> io::Result<()> { let signal = signal.into(); let pid = Pid::from_raw(self.process.pid); - - nix::sys::signal::kill(pid, signal) - .map_err(|e| io::Error::from_raw_os_error(e as i32)) + nix::sys::signal::kill(pid, signal)?; + Ok(()) } fn wait(&mut self) -> io::Result { let pid = Pid::from_raw(self.process.pid); - let mut exit_status = 0; - let _child_pid = loop { - let res = - unsafe { libc::waitpid(pid.as_raw(), &mut exit_status, 0) }; + let status = loop { + match waitpid(pid, None) { + Ok(status) => break status, + Err(Errno::EINTR) => continue, + Err(e) => return Err(e.into()), + } + }; - if res == -1 { - let err = io::Error::last_os_error(); - match err.kind() { - ErrorKind::Interrupted => continue, - _ => break Err(err), + let exit_status = match status { + WaitStatus::Exited(_, code) => { + trace!("Pid {pid} exited with code {code}"); + ExitStatus::from_raw(code << 8) + } + WaitStatus::Signaled(_, sig, core_dumped) => { + if core_dumped { + error!("Pid {pid} killed by signal {sig} (core dumped)"); + } else { + trace!("Pid {pid} killed by signal {sig}"); } + ExitStatus::from_raw(sig as i32) } - - break Ok(res); - }?; - - let exit_status = ExitStatus::from_raw(exit_status); - - trace!("Pid {pid} exited with status {exit_status}"); + WaitStatus::Stopped(_, sig) => { + error!("Pid {pid} unexpectedly stopped by signal {sig}"); + return Err(io::Error::other(format!( + "process {pid} stopped by signal {sig}" + ))); + } + WaitStatus::Continued(_) => { + error!("Pid {pid} unexpectedly continued"); + return Err(io::Error::other(format!( + "process {pid} continued unexpectedly" + ))); + } + WaitStatus::PtraceEvent(_, sig, event) => { + error!( + "Pid {pid} unexpected ptrace event {event} (signal {sig})" + ); + return Err(io::Error::other(format!( + "unexpected ptrace event for process {pid}" + ))); + } + WaitStatus::PtraceSyscall(_) => { + error!("Pid {pid} unexpected ptrace syscall-stop"); + return Err(io::Error::other(format!( + "unexpected ptrace syscall-stop for process {pid}" + ))); + } + WaitStatus::StillAlive => { + error!("Pid {pid} still alive after waitpid"); + return Err(io::Error::other(format!( + "process {pid} still alive after waitpid" + ))); + } + }; Ok(exit_status) } diff --git a/auraed/src/cri/runtime_service.rs b/auraed/src/cri/runtime_service.rs index e19fae72f..0633d410b 100644 --- a/auraed/src/cri/runtime_service.rs +++ b/auraed/src/cri/runtime_service.rs @@ -12,35 +12,6 @@ * Copyright 2022 - 2024, the aurae contributors * * SPDX-License-Identifier: Apache-2.0 * \* -------------------------------------------------------------------------- */ -/* -------------------------------------------------------------------------- *\ - * Apache 2.0 License Copyright © 2022-2023 The Aurae Authors * - * * - * +--------------------------------------------+ * - * | █████╗ ██╗ ██╗██████╗ █████╗ ███████╗ | * - * | ██╔══██╗██║ ██║██╔══██╗██╔══██╗██╔════╝ | * - * | ███████║██║ ██║██████╔╝███████║█████╗ | * - * | ██╔══██║██║ ██║██╔══██╗██╔══██║██╔══╝ | * - * | ██║ ██║╚██████╔╝██║ ██║██║ ██║███████╗ | * - * | ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚═╝╚══════╝ | * - * +--------------------------------------------+ * - * * - * Distributed Systems Runtime * - * * - * -------------------------------------------------------------------------- * - * * - * Licensed under the Apache License, Version 2.0 (the "License"); * - * you may not use this file except in compliance with the License. * - * You may obtain a copy of the License at * - * * - * http://www.apache.org/licenses/LICENSE-2.0 * - * * - * Unless required by applicable law or agreed to in writing, software * - * distributed under the License is distributed on an "AS IS" BASIS, * - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * - * See the License for the specific language governing permissions and * - * limitations under the License. * - * * -\* -------------------------------------------------------------------------- */ #[allow(unused_imports)] use crate::cri::oci::AuraeOCIBuilder; @@ -229,7 +200,6 @@ impl runtime_service_server::RuntimeService for RuntimeService { let container_status = proto::cri::ContainerStatus { id: sandbox_id, state: state as i32, - ..Default::default() }; Ok(Response::new(PodSandboxStatusResponse { diff --git a/auraed/src/init/network/mod.rs b/auraed/src/init/network/mod.rs index 58a0fed7b..05408b3c6 100644 --- a/auraed/src/init/network/mod.rs +++ b/auraed/src/init/network/mod.rs @@ -15,9 +15,9 @@ use futures::stream::TryStreamExt; use ipnetwork::{IpNetwork, Ipv4Network, Ipv6Network}; -use libc::EEXIST; use netlink_packet_route::address::AddressAttribute; use netlink_packet_route::link::LinkAttribute; +use nix::libc::EEXIST; use rtnetlink::{Handle, LinkUnspec, RouteMessageBuilder}; use std::collections::HashMap; use std::net::{IpAddr, Ipv4Addr, Ipv6Addr}; diff --git a/auraed/src/init/power.rs b/auraed/src/init/power.rs index 8c72440a2..d39779355 100644 --- a/auraed/src/init/power.rs +++ b/auraed/src/init/power.rs @@ -23,7 +23,7 @@ use std::{ }; use tracing::{info, trace, warn}; -use ::libc; +use nix::libc; pub(crate) fn syscall_reboot(action: i32) { unsafe { diff --git a/auraed/src/vms/manager.rs b/auraed/src/vms/manager.rs index cb6ee19d6..efb3e5490 100644 --- a/auraed/src/vms/manager.rs +++ b/auraed/src/vms/manager.rs @@ -18,7 +18,7 @@ use std::sync::{ }; use hypervisor::Hypervisor; -use libc::EFD_NONBLOCK; +use nix::libc::EFD_NONBLOCK; use vmm::{VmmThreadHandle, api::ApiRequest}; use vmm_sys_util::eventfd::EventFd; diff --git a/auraed/src/vms/virtual_machines.rs b/auraed/src/vms/virtual_machines.rs index 6bd45b6b2..887dab652 100644 --- a/auraed/src/vms/virtual_machines.rs +++ b/auraed/src/vms/virtual_machines.rs @@ -16,6 +16,7 @@ use std::{collections::HashMap, net::Ipv4Addr}; use anyhow::anyhow; use net_util::MacAddr; +use nix::libc; use tracing::error; use vmm_sys_util::{rand, signal::block_signal};