From 9a561f1f614a8d1e3b6b2dc49e6a5687f7150beb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Dec 2024 00:56:40 +0000 Subject: [PATCH 01/37] Bump thiserror from 2.0.4 to 2.0.6 in the patch group Bumps the patch group with 1 update: [thiserror](https://github.com/dtolnay/thiserror). Updates `thiserror` from 2.0.4 to 2.0.6 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](https://github.com/dtolnay/thiserror/compare/2.0.4...2.0.6) --- updated-dependencies: - dependency-name: thiserror dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 16 ++++++++-------- crates/libcgroups/Cargo.toml | 2 +- crates/libcontainer/Cargo.toml | 2 +- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 2439e54b7..281c62e57 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1982,7 +1982,7 @@ dependencies = [ "serde_json", "serial_test", "tempfile", - "thiserror 2.0.4", + "thiserror 2.0.6", "tracing", ] @@ -2012,7 +2012,7 @@ dependencies = [ "serde_json", "serial_test", "tempfile", - "thiserror 2.0.4", + "thiserror 2.0.6", "tracing", ] @@ -2440,7 +2440,7 @@ dependencies = [ "serde_json", "strum", "strum_macros", - "thiserror 2.0.4", + "thiserror 2.0.6", ] [[package]] @@ -3997,11 +3997,11 @@ dependencies = [ [[package]] name = "thiserror" -version = "2.0.4" +version = "2.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f49a1853cf82743e3b7950f77e0f4d622ca36cf4317cba00c767838bac8d490" +checksum = "8fec2a1820ebd077e2b90c4df007bebf344cd394098a13c563957d0afc83ea47" dependencies = [ - "thiserror-impl 2.0.4", + "thiserror-impl 2.0.6", ] [[package]] @@ -4017,9 +4017,9 @@ dependencies = [ [[package]] name = "thiserror-impl" -version = "2.0.4" +version = "2.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8381894bb3efe0c4acac3ded651301ceee58a15d47c2e34885ed1908ad667061" +checksum = "d65750cab40f4ff1929fb1ba509e9914eb756131cef4210da8d5d700d26f6312" dependencies = [ "proc-macro2", "quote", diff --git a/crates/libcgroups/Cargo.toml b/crates/libcgroups/Cargo.toml index b104899fd..2564369bc 100644 --- a/crates/libcgroups/Cargo.toml +++ b/crates/libcgroups/Cargo.toml @@ -29,7 +29,7 @@ rbpf = { version = "0.3.0", optional = true } libbpf-sys = { version = "1.5.0", optional = true } errno = { version = "0.3.10", optional = true } libc = { version = "0.2.167", optional = true } -thiserror = "2.0.4" +thiserror = "2.0.6" tracing = { version = "0.1.41", features = ["attributes"] } [dev-dependencies] diff --git a/crates/libcontainer/Cargo.toml b/crates/libcontainer/Cargo.toml index 8428fe264..c5d3e6cc6 100644 --- a/crates/libcontainer/Cargo.toml +++ b/crates/libcontainer/Cargo.toml @@ -47,7 +47,7 @@ serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" rust-criu = "0.4.0" regex = { version = "1.10.6", default-features = false, features = ["std", "unicode-perl"] } -thiserror = "2.0.4" +thiserror = "2.0.6" tracing = { version = "0.1.41", features = ["attributes"] } safe-path = "0.1.0" nc = "0.9.5" From 9951d7d4d12f22d65e520c727e2668c9351191db Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Dec 2024 00:57:14 +0000 Subject: [PATCH 02/37] Bump fastrand from 2.2.0 to 2.3.0 Bumps [fastrand](https://github.com/smol-rs/fastrand) from 2.2.0 to 2.3.0. - [Release notes](https://github.com/smol-rs/fastrand/releases) - [Changelog](https://github.com/smol-rs/fastrand/blob/master/CHANGELOG.md) - [Commits](https://github.com/smol-rs/fastrand/compare/v2.2.0...v2.3.0) --- updated-dependencies: - dependency-name: fastrand dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Cargo.lock | 4 ++-- crates/libcontainer/Cargo.toml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 2439e54b7..984df8533 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1271,9 +1271,9 @@ checksum = "2acce4a10f12dc2fb14a218589d4f1f62ef011b2d0cc4b3cb1bba8e94da14649" [[package]] name = "fastrand" -version = "2.2.0" +version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "486f806e73c5707928240ddc295403b1b93c96a02038563881c4a2fd84b81ac4" +checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" [[package]] name = "fd-lock" diff --git a/crates/libcontainer/Cargo.toml b/crates/libcontainer/Cargo.toml index 8428fe264..1f37915b2 100644 --- a/crates/libcontainer/Cargo.toml +++ b/crates/libcontainer/Cargo.toml @@ -25,7 +25,7 @@ chrono = { version = "0.4", default-features = false, features = [ "clock", "serde", ] } -fastrand = "^2.1.1" +fastrand = "^2.3.0" libc = "0.2.167" nix = { version = "0.28.0", features = [ "socket", From ae3f11bc8b8675e0312422203089799f461f1867 Mon Sep 17 00:00:00 2001 From: Jorge Prendes Date: Mon, 9 Dec 2024 11:35:14 +0000 Subject: [PATCH 03/37] Add option to spawn processes as siblings (#3012) * Add option to spawn processes as siblings Signed-off-by: Jorge Prendes * add spawning as sibling integration test Signed-off-by: Jorge Prendes --------- Signed-off-by: Jorge Prendes --- Cargo.lock | 1 + crates/libcontainer/Cargo.toml | 1 + .../src/container/builder_impl.rs | 3 + .../src/container/init_builder.rs | 10 ++ .../src/container/tenant_builder.rs | 10 ++ crates/libcontainer/src/process/args.rs | 2 + .../src/process/container_main_process.rs | 8 +- crates/libcontainer/tests/as_sibling.rs | 115 ++++++++++++++++++ 8 files changed, 149 insertions(+), 1 deletion(-) create mode 100644 crates/libcontainer/tests/as_sibling.rs diff --git a/Cargo.lock b/Cargo.lock index add817825..078a6f90d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2008,6 +2008,7 @@ dependencies = [ "regex", "rust-criu", "safe-path", + "scopeguard", "serde", "serde_json", "serial_test", diff --git a/crates/libcontainer/Cargo.toml b/crates/libcontainer/Cargo.toml index eadaa0fd6..0f6c677d9 100644 --- a/crates/libcontainer/Cargo.toml +++ b/crates/libcontainer/Cargo.toml @@ -59,3 +59,4 @@ serial_test = "3.1.1" tempfile = "3" anyhow = "1.0" rand = { version = "0.8.5" } +scopeguard = "1" diff --git a/crates/libcontainer/src/container/builder_impl.rs b/crates/libcontainer/src/container/builder_impl.rs index 9c185978e..8d8494bd7 100644 --- a/crates/libcontainer/src/container/builder_impl.rs +++ b/crates/libcontainer/src/container/builder_impl.rs @@ -57,6 +57,8 @@ pub(super) struct ContainerBuilderImpl { pub stdout: Option, // RawFd set to stderr of the container init process. pub stderr: Option, + // Indicate if the init process should be a sibling of the main process. + pub as_sibling: bool, } impl ContainerBuilderImpl { @@ -172,6 +174,7 @@ impl ContainerBuilderImpl { stdin: self.stdin.as_ref().map(|x| x.as_raw_fd()), stdout: self.stdout.as_ref().map(|x| x.as_raw_fd()), stderr: self.stderr.as_ref().map(|x| x.as_raw_fd()), + as_sibling: self.as_sibling, }; let (init_pid, need_to_clean_up_intel_rdt_dir) = diff --git a/crates/libcontainer/src/container/init_builder.rs b/crates/libcontainer/src/container/init_builder.rs index 4ff2094ed..86e728802 100644 --- a/crates/libcontainer/src/container/init_builder.rs +++ b/crates/libcontainer/src/container/init_builder.rs @@ -21,6 +21,7 @@ pub struct InitContainerBuilder { use_systemd: bool, detached: bool, no_pivot: bool, + as_sibling: bool, } impl InitContainerBuilder { @@ -33,6 +34,7 @@ impl InitContainerBuilder { use_systemd: true, detached: true, no_pivot: false, + as_sibling: false, } } @@ -42,6 +44,13 @@ impl InitContainerBuilder { self } + /// Sets if the init process should be run as a child or a sibling of + /// the calling process + pub fn as_sibling(mut self, as_sibling: bool) -> Self { + self.as_sibling = as_sibling; + self + } + pub fn with_detach(mut self, detached: bool) -> Self { self.detached = detached; self @@ -106,6 +115,7 @@ impl InitContainerBuilder { stdin: self.base.stdin, stdout: self.base.stdout, stderr: self.base.stderr, + as_sibling: self.as_sibling, }; builder_impl.create()?; diff --git a/crates/libcontainer/src/container/tenant_builder.rs b/crates/libcontainer/src/container/tenant_builder.rs index 22b7eff2a..845c1af3d 100644 --- a/crates/libcontainer/src/container/tenant_builder.rs +++ b/crates/libcontainer/src/container/tenant_builder.rs @@ -43,6 +43,7 @@ pub struct TenantContainerBuilder { capabilities: Vec, process: Option, detached: bool, + as_sibling: bool, } impl TenantContainerBuilder { @@ -59,6 +60,7 @@ impl TenantContainerBuilder { capabilities: Vec::new(), process: None, detached: false, + as_sibling: false, } } @@ -95,6 +97,13 @@ impl TenantContainerBuilder { self } + /// Sets if the init process should be run as a child or a sibling of + /// the calling process + pub fn as_sibling(mut self, as_sibling: bool) -> Self { + self.as_sibling = as_sibling; + self + } + pub fn with_detach(mut self, detached: bool) -> Self { self.detached = detached; self @@ -145,6 +154,7 @@ impl TenantContainerBuilder { stdin: self.base.stdin, stdout: self.base.stdout, stderr: self.base.stderr, + as_sibling: self.as_sibling, }; let pid = builder_impl.create()?; diff --git a/crates/libcontainer/src/process/args.rs b/crates/libcontainer/src/process/args.rs index 2ea0dc974..4e7b1ca89 100644 --- a/crates/libcontainer/src/process/args.rs +++ b/crates/libcontainer/src/process/args.rs @@ -50,4 +50,6 @@ pub struct ContainerArgs { pub stdout: Option, // RawFd set to stderr of the container init process. pub stderr: Option, + // Indicate if the init process should be a sibling of the main process. + pub as_sibling: bool, } diff --git a/crates/libcontainer/src/process/container_main_process.rs b/crates/libcontainer/src/process/container_main_process.rs index fd5dfcb1c..a900f8db5 100644 --- a/crates/libcontainer/src/process/container_main_process.rs +++ b/crates/libcontainer/src/process/container_main_process.rs @@ -84,7 +84,13 @@ pub fn container_main_process(container_args: &ContainerArgs) -> Result<(Pid, bo ProcessError::SyscallOther(err) })?; - let intermediate_pid = fork::container_clone(cb).map_err(|err| { + let container_clone_fn = if container_args.as_sibling { + fork::container_clone_sibling + } else { + fork::container_clone + }; + + let intermediate_pid = container_clone_fn(cb).map_err(|err| { tracing::error!("failed to fork intermediate process: {}", err); ProcessError::IntermediateProcessFailed(err) })?; diff --git a/crates/libcontainer/tests/as_sibling.rs b/crates/libcontainer/tests/as_sibling.rs new file mode 100644 index 000000000..570f2b932 --- /dev/null +++ b/crates/libcontainer/tests/as_sibling.rs @@ -0,0 +1,115 @@ +use std::collections::HashMap; +use std::fs::create_dir; +use std::hash::{DefaultHasher, Hash, Hasher}; +use std::path::Path; + +use anyhow::Result; +use libcontainer::container::builder::ContainerBuilder; +use libcontainer::syscall::syscall::SyscallType; +use libcontainer::workload::{ + Executor, ExecutorError, ExecutorSetEnvsError, ExecutorValidationError, +}; +use nix::unistd::{getegid, geteuid}; +use oci_spec::runtime::{RootBuilder, Spec}; +use procfs::process::Process; +use serial_test::serial; +use tempfile::tempdir; + +fn prepare_container_root(root: impl AsRef) -> Result<()> { + let root = root.as_ref(); + create_dir(root.join("rootfs"))?; + + let uid = geteuid().as_raw(); + let gid = getegid().as_raw(); + + let mut spec = Spec::rootless(uid, gid); + spec.set_root( + RootBuilder::default() + .path("rootfs") + .readonly(false) + .build() + .ok(), + ); + + spec.save(root.join("config.json"))?; + + Ok(()) +} + +fn hash(v: impl Hash) -> u64 { + let mut hasher = DefaultHasher::default(); + v.hash(&mut hasher); + hasher.finish() +} + +#[derive(Clone)] +struct SomeExecutor; + +impl Executor for SomeExecutor { + fn setup_envs(&self, _: HashMap) -> Result<(), ExecutorSetEnvsError> { + Ok(()) + } + + fn validate(&self, _: &Spec) -> Result<(), ExecutorValidationError> { + Ok(()) + } + + fn exec(&self, _: &Spec) -> Result<(), ExecutorError> { + Ok(()) + } +} + +#[test] +#[serial] +fn run_init_process_as_child() -> Result<()> { + let root = tempdir()?; + prepare_container_root(&root)?; + + let id = format!("test-container-{:x}", hash(root.as_ref())); + let container = ContainerBuilder::new(id, SyscallType::Linux) + .with_executor(SomeExecutor) + .with_root_path(root.as_ref())? + .as_init(root.as_ref()) + .build()?; + + let container = scopeguard::guard(container, |mut container| { + let _ = container.delete(true); + }); + + let init_pid = container.pid().unwrap().as_raw(); + + let init_ppid = Process::new(init_pid)?.stat()?.ppid; + let this_pid = Process::myself()?.pid(); + + assert_eq!(init_ppid, this_pid); + + Ok(()) +} + +#[test] +#[serial] +fn run_init_process_as_sibling() -> Result<()> { + let root = tempdir()?; + prepare_container_root(&root)?; + + let id = format!("test-container-{:x}", hash(root.as_ref())); + let container = ContainerBuilder::new(id, SyscallType::Linux) + .with_executor(SomeExecutor) + .with_root_path(root.as_ref())? + .as_init(root.as_ref()) + .as_sibling(true) + .build()?; + + let container = scopeguard::guard(container, |mut container| { + let _ = container.delete(true); + }); + + let init_pid = container.pid().unwrap().as_raw(); + + let init_ppid = Process::new(init_pid)?.stat()?.ppid; + let this_ppid = Process::myself()?.stat()?.ppid; + + assert_eq!(init_ppid, this_ppid); + + Ok(()) +} From 2e0343015e0daee8c9cddae7647372e725275ecd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Dec 2024 00:27:35 +0000 Subject: [PATCH 04/37] Bump the patch group with 2 updates Bumps the patch group with 2 updates: [libc](https://github.com/rust-lang/libc) and [chrono](https://github.com/chronotope/chrono). Updates `libc` from 0.2.167 to 0.2.168 - [Release notes](https://github.com/rust-lang/libc/releases) - [Changelog](https://github.com/rust-lang/libc/blob/0.2.168/CHANGELOG.md) - [Commits](https://github.com/rust-lang/libc/compare/0.2.167...0.2.168) Updates `chrono` from 0.4.38 to 0.4.39 - [Release notes](https://github.com/chronotope/chrono/releases) - [Changelog](https://github.com/chronotope/chrono/blob/main/CHANGELOG.md) - [Commits](https://github.com/chronotope/chrono/compare/v0.4.38...v0.4.39) --- updated-dependencies: - dependency-name: libc dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: chrono dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 8 ++++---- crates/libcgroups/Cargo.toml | 2 +- crates/libcontainer/Cargo.toml | 2 +- tests/contest/runtimetest/Cargo.toml | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 078a6f90d..071586acd 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -450,9 +450,9 @@ checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724" [[package]] name = "chrono" -version = "0.4.38" +version = "0.4.39" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a21f936df1771bf62b77f047b726c4625ff2e8aa607c01ec06e5a05bd8463401" +checksum = "7e36cc9d416881d2e24f9a963be5fb1cd90966419ac844274161d10488b3e825" dependencies = [ "android-tzdata", "iana-time-zone", @@ -1957,9 +1957,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.167" +version = "0.2.168" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "09d6582e104315a817dff97f75133544b2e094ee22447d2acf4a74e189ba06fc" +checksum = "5aaeb2981e0606ca11d79718f8bb01164f1d6ed75080182d3abf017e6d244b6d" [[package]] name = "libcgroups" diff --git a/crates/libcgroups/Cargo.toml b/crates/libcgroups/Cargo.toml index 2564369bc..fae074b68 100644 --- a/crates/libcgroups/Cargo.toml +++ b/crates/libcgroups/Cargo.toml @@ -28,7 +28,7 @@ serde = { version = "1.0", features = ["derive"] } rbpf = { version = "0.3.0", optional = true } libbpf-sys = { version = "1.5.0", optional = true } errno = { version = "0.3.10", optional = true } -libc = { version = "0.2.167", optional = true } +libc = { version = "0.2.168", optional = true } thiserror = "2.0.6" tracing = { version = "0.1.41", features = ["attributes"] } diff --git a/crates/libcontainer/Cargo.toml b/crates/libcontainer/Cargo.toml index 0f6c677d9..41a116ba5 100644 --- a/crates/libcontainer/Cargo.toml +++ b/crates/libcontainer/Cargo.toml @@ -26,7 +26,7 @@ chrono = { version = "0.4", default-features = false, features = [ "serde", ] } fastrand = "^2.3.0" -libc = "0.2.167" +libc = "0.2.168" nix = { version = "0.28.0", features = [ "socket", "sched", diff --git a/tests/contest/runtimetest/Cargo.toml b/tests/contest/runtimetest/Cargo.toml index cd0ceaebf..4c547f246 100644 --- a/tests/contest/runtimetest/Cargo.toml +++ b/tests/contest/runtimetest/Cargo.toml @@ -7,5 +7,5 @@ edition = "2021" oci-spec = { version = "0.7.1", features = ["runtime"] } nix = "0.28.0" anyhow = "1.0" -libc = "0.2.167" # TODO (YJDoc2) upgrade to latest +libc = "0.2.168" # TODO (YJDoc2) upgrade to latest nc = "0.9.5" From 90da32ed1d75be8d08502df66efc009b65bd60be Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Dec 2024 15:21:48 +0000 Subject: [PATCH 05/37] Bump wasmtime and wasi-common from 26.0.1 to 27.0.0 (#3003) * Bump wasi-common from 26.0.1 to 27.0.0 Bumps [wasi-common](https://github.com/bytecodealliance/wasmtime) from 26.0.1 to 27.0.0. - [Release notes](https://github.com/bytecodealliance/wasmtime/releases) - [Changelog](https://github.com/bytecodealliance/wasmtime/blob/v27.0.0/RELEASES.md) - [Commits](https://github.com/bytecodealliance/wasmtime/compare/v26.0.1...v27.0.0) --- updated-dependencies: - dependency-name: wasi-common dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * Bump wasmtime from 26.0.1 to 27.0.0 Bumps [wasmtime](https://github.com/bytecodealliance/wasmtime) from 26.0.1 to 27.0.0. - [Release notes](https://github.com/bytecodealliance/wasmtime/releases) - [Changelog](https://github.com/bytecodealliance/wasmtime/blob/v27.0.0/RELEASES.md) - [Commits](https://github.com/bytecodealliance/wasmtime/compare/v26.0.1...v27.0.0) --- updated-dependencies: - dependency-name: wasmtime dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * fix Cargo.lock Signed-off-by: Yashodhan Joshi --------- Signed-off-by: dependabot[bot] Signed-off-by: Yashodhan Joshi Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yashodhan Joshi --- Cargo.lock | 216 ++++++++++++++++++---------------------- crates/youki/Cargo.toml | 4 +- 2 files changed, 100 insertions(+), 120 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 071586acd..f312f8fcb 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -650,18 +650,18 @@ dependencies = [ [[package]] name = "cranelift-bforest" -version = "0.113.1" +version = "0.114.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "540b193ff98b825a1f250a75b3118911af918a734154c69d80bcfcf91e7e9522" +checksum = "2ba4f80548f22dc9c43911907b5e322c5555544ee85f785115701e6a28c9abe1" dependencies = [ - "cranelift-entity 0.113.1", + "cranelift-entity 0.114.0", ] [[package]] name = "cranelift-bitset" -version = "0.113.1" +version = "0.114.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7cb269598b9557ab942d687d3c1086d77c4b50dcf35813f3a65ba306fd42279" +checksum = "005884e3649c3e5ff2dc79e8a94b138f11569cc08a91244a292714d2a86e9156" dependencies = [ "serde", "serde_derive", @@ -690,23 +690,24 @@ dependencies = [ [[package]] name = "cranelift-codegen" -version = "0.113.1" +version = "0.114.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46566d7c83a8bff4150748d66020f4c7224091952aa4b4df1ec4959c39d937a1" +checksum = "fe4036255ec33ce9a37495dfbcfc4e1118fd34e693eff9a1e106336b7cd16a9b" dependencies = [ "bumpalo", - "cranelift-bforest 0.113.1", + "cranelift-bforest 0.114.0", "cranelift-bitset", - "cranelift-codegen-meta 0.113.1", - "cranelift-codegen-shared 0.113.1", + "cranelift-codegen-meta 0.114.0", + "cranelift-codegen-shared 0.114.0", "cranelift-control", - "cranelift-entity 0.113.1", - "cranelift-isle 0.113.1", + "cranelift-entity 0.114.0", + "cranelift-isle 0.114.0", "gimli 0.31.1", "hashbrown 0.14.3", "log", "regalloc2 0.10.2", "rustc-hash 2.0.0", + "serde", "smallvec", "target-lexicon", ] @@ -722,11 +723,11 @@ dependencies = [ [[package]] name = "cranelift-codegen-meta" -version = "0.113.1" +version = "0.114.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2df8a86a34236cc75a8a6a271973da779c2aeb36c43b6e14da474cf931317082" +checksum = "f7ca74f4b68319da11d39e894437cb6e20ec7c2e11fbbda823c3bf207beedff7" dependencies = [ - "cranelift-codegen-shared 0.113.1", + "cranelift-codegen-shared 0.114.0", ] [[package]] @@ -737,15 +738,15 @@ checksum = "278e52e29c53fcf32431ef08406c295699a70306d05a0715c5b1bf50e33a9ab7" [[package]] name = "cranelift-codegen-shared" -version = "0.113.1" +version = "0.114.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf75340b6a57b7c7c1b74f10d3d90883ee6d43a554be8131a4046c2ebcf5eb65" +checksum = "897e54f433a0269c4187871aa06d452214d5515d228d5bdc22219585e9eef895" [[package]] name = "cranelift-control" -version = "0.113.1" +version = "0.114.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2e84495bc5d23d86aad8c86f8ade4af765b94882af60d60e271d3153942f1978" +checksum = "29cb4018f5bf59fb53f515fa9d80e6f8c5ce19f198dc538984ebd23ecf8965ec" dependencies = [ "arbitrary", ] @@ -772,9 +773,9 @@ checksum = "9a59bcbca89c3f1b70b93ab3cbba5e5e0cbf3e63dadb23c7525cb142e21a9d4c" [[package]] name = "cranelift-entity" -version = "0.113.1" +version = "0.114.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "963c17147b80df351965e57c04d20dbedc85bcaf44c3436780a59a3f1ff1b1c2" +checksum = "305399fd781a2953ac78c1396f02ff53144f39c33eb7fc7789cf4e8936d13a96" dependencies = [ "cranelift-bitset", "serde", @@ -795,11 +796,11 @@ dependencies = [ [[package]] name = "cranelift-frontend" -version = "0.113.1" +version = "0.114.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "727f02acbc4b4cb2ba38a6637101d579db50190df1dd05168c68e762851a3dd5" +checksum = "9230b460a128d53653456137751d27baf567947a3ab8c0c4d6e31fd08036d81e" dependencies = [ - "cranelift-codegen 0.113.1", + "cranelift-codegen 0.114.0", "log", "smallvec", "target-lexicon", @@ -813,17 +814,17 @@ checksum = "393bc73c451830ff8dbb3a07f61843d6cb41a084f9996319917c0b291ed785bb" [[package]] name = "cranelift-isle" -version = "0.113.1" +version = "0.114.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32b00cc2e03c748f2531eea01c871f502b909d30295fdcad43aec7bf5c5b4667" +checksum = "b961e24ae3ec9813a24a15ae64bbd2a42e4de4d79a7f3225a412e3b94e78d1c8" [[package]] name = "cranelift-native" -version = "0.113.1" +version = "0.114.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bbeaf978dc7c1a2de8bbb9162510ed218eb156697bc45590b8fbdd69bb08e8de" +checksum = "4d5bd76df6c9151188dfa428c863b33da5b34561b67f43c0cf3f24a794f9fa1f" dependencies = [ - "cranelift-codegen 0.113.1", + "cranelift-codegen 0.114.0", "libc", "target-lexicon", ] @@ -2917,9 +2918,9 @@ dependencies = [ [[package]] name = "pulley-interpreter" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df33e7f8a43ccc7f93b330fef4baf271764674926f3f4d40f4a196d54de8af26" +checksum = "a3b8d81cf799e20564931e9867ca32de545188c6ee4c2e0f6e41d32f0c7dc6fb" dependencies = [ "cranelift-bitset", "log", @@ -4673,9 +4674,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasi-common" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "165a969c7b4ac223150e2819df36d58b8f24b06320dc314503f90300e5e18bc1" +checksum = "829f6c8c15912907b472bd9d195893bcdb1bde9cd8de55f134f6ab8aa507bf10" dependencies = [ "anyhow", "bitflags 2.6.0", @@ -4687,7 +4688,6 @@ dependencies = [ "io-extras", "io-lifetimes", "log", - "once_cell", "rustix", "system-interface", "thiserror 1.0.69", @@ -4786,15 +4786,6 @@ version = "0.2.84" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0046fef7e28c3804e5e38bfa31ea2a0f73905319b677e57ebe37e49358989b5d" -[[package]] -name = "wasm-encoder" -version = "0.218.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22b896fa8ceb71091ace9bcb81e853f54043183a1c9667cf93422c40252ffa0a" -dependencies = [ - "leb128", -] - [[package]] name = "wasm-encoder" version = "0.219.1" @@ -5112,9 +5103,9 @@ dependencies = [ [[package]] name = "wasmparser" -version = "0.218.0" +version = "0.219.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b09e46c7fceceaa72b2dd1a8a137ea7fd8f93dfaa69806010a709918e496c5dc" +checksum = "5c771866898879073c53b565a6c7b49953795159836714ac56a5befb581227c5" dependencies = [ "ahash 0.8.11", "bitflags 2.6.0", @@ -5124,32 +5115,22 @@ dependencies = [ "serde", ] -[[package]] -name = "wasmparser" -version = "0.219.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5c771866898879073c53b565a6c7b49953795159836714ac56a5befb581227c5" -dependencies = [ - "bitflags 2.6.0", - "indexmap 2.2.6", -] - [[package]] name = "wasmprinter" -version = "0.218.0" +version = "0.219.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0ace089155491837b75f474bf47c99073246d1b737393fe722d6dee311595ddc" +checksum = "228cdc1f30c27816da225d239ce4231f28941147d34713dee8f1fff7cb330e54" dependencies = [ "anyhow", "termcolor", - "wasmparser 0.218.0", + "wasmparser 0.219.1", ] [[package]] name = "wasmtime" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51e762e163fd305770c6c341df3290f0cabb3c264e7952943018e9a1ced8d917" +checksum = "5b79302e3e084713249cc5622e8608e7410afdeeea8c8026d04f491d1fab0b4b" dependencies = [ "addr2line 0.24.2", "anyhow", @@ -5184,9 +5165,9 @@ dependencies = [ "smallvec", "sptr", "target-lexicon", - "wasm-encoder 0.218.0", - "wasmparser 0.218.0", - "wasmtime-asm-macros 26.0.1", + "wasm-encoder", + "wasmparser 0.219.1", + "wasmtime-asm-macros 27.0.0", "wasmtime-cache", "wasmtime-component-macro", "wasmtime-component-util", @@ -5196,7 +5177,7 @@ dependencies = [ "wasmtime-jit-debug", "wasmtime-jit-icache-coherence", "wasmtime-slab", - "wasmtime-versioned-export-macros 26.0.1", + "wasmtime-versioned-export-macros 27.0.0", "wasmtime-winch", "wat", "windows-sys 0.59.0", @@ -5213,18 +5194,18 @@ dependencies = [ [[package]] name = "wasmtime-asm-macros" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "63caa7aebb546374e26257a1900fb93579171e7c02514cde26805b9ece3ef812" +checksum = "fe53a24e7016a5222875d8ca3ad6024b464465985693c42098cd0bb710002c28" dependencies = [ "cfg-if", ] [[package]] name = "wasmtime-cache" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7192f71e3afe32e858729454d9d90d6e927bd92427d688a9507d8220bddb256" +checksum = "0677a7e76c24746b68e3657f7cc50c0ff122ee7e97bbda6e710c1b790ebc93cb" dependencies = [ "anyhow", "base64", @@ -5242,9 +5223,9 @@ dependencies = [ [[package]] name = "wasmtime-component-macro" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d61a4b5ce2ad9c15655e830f0eac0c38b8def30c74ecac71f452d3901e491b68" +checksum = "e118acbd2bc09b32ad8606bc7cef793bf5019c1b107772e64dc6c76b5055d40b" dependencies = [ "anyhow", "proc-macro2", @@ -5257,22 +5238,22 @@ dependencies = [ [[package]] name = "wasmtime-component-util" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "35e87a1212270dbb84a49af13d82594e00a92769d6952b0ea7fc4366c949f6ad" +checksum = "4a6db4f3ee18c699629eabb9c64e77efe5a93a5137f098db7cab295037ba41c2" [[package]] name = "wasmtime-cranelift" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7cb40dddf38c6a5eefd5ce7c1baf43b00fe44eada11a319fab22e993a960262f" +checksum = "8b87e6c78f562b50aff1afd87ff32a57e241424c846c1c8f3c5fd352d2d62906" dependencies = [ "anyhow", "cfg-if", - "cranelift-codegen 0.113.1", + "cranelift-codegen 0.114.0", "cranelift-control", - "cranelift-entity 0.113.1", - "cranelift-frontend 0.113.1", + "cranelift-entity 0.114.0", + "cranelift-frontend 0.114.0", "cranelift-native", "gimli 0.31.1", "itertools", @@ -5281,21 +5262,21 @@ dependencies = [ "smallvec", "target-lexicon", "thiserror 1.0.69", - "wasmparser 0.218.0", + "wasmparser 0.219.1", "wasmtime-environ", - "wasmtime-versioned-export-macros 26.0.1", + "wasmtime-versioned-export-macros 27.0.0", ] [[package]] name = "wasmtime-environ" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8613075e89e94a48c05862243c2b718eef1b9c337f51493ebf951e149a10fa19" +checksum = "c25bfeaa16432d59a0706e2463d315ef4c9ebcfaf5605670b99d46373bdf9f27" dependencies = [ "anyhow", "cpp_demangle", "cranelift-bitset", - "cranelift-entity 0.113.1", + "cranelift-entity 0.114.0", "gimli 0.31.1", "indexmap 2.2.6", "log", @@ -5307,44 +5288,43 @@ dependencies = [ "serde_derive", "smallvec", "target-lexicon", - "wasm-encoder 0.218.0", - "wasmparser 0.218.0", + "wasm-encoder", + "wasmparser 0.219.1", "wasmprinter", "wasmtime-component-util", ] [[package]] name = "wasmtime-fiber" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "77acabfbcd89a4d47ad117fb31e340c824e2f49597105402c3127457b6230995" +checksum = "759ab0caa3821a6211743fe1eed448ab9df439e3af6c60dea15486c055611806" dependencies = [ "anyhow", "cc", "cfg-if", "rustix", - "wasmtime-asm-macros 26.0.1", - "wasmtime-versioned-export-macros 26.0.1", + "wasmtime-asm-macros 27.0.0", + "wasmtime-versioned-export-macros 27.0.0", "windows-sys 0.59.0", ] [[package]] name = "wasmtime-jit-debug" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f02a0118d471de665565ed200bc56673eaa10cc8e223dfe2cef5d50ed0d9d143" +checksum = "ab2a056056e9ac6916c2b8e4743408560300c1355e078c344211f13210d449b3" dependencies = [ "object 0.36.0", - "once_cell", "rustix", - "wasmtime-versioned-export-macros 26.0.1", + "wasmtime-versioned-export-macros 27.0.0", ] [[package]] name = "wasmtime-jit-icache-coherence" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da47fba49af72581bc0dc67c8faaf5ee550e6f106e285122a184a675193701a5" +checksum = "91b218a92866f74f35162f5d03a4e0f62cd0e1cc624285b1014275e5d4575fad" dependencies = [ "anyhow", "cfg-if", @@ -5354,9 +5334,9 @@ dependencies = [ [[package]] name = "wasmtime-slab" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "770e10cdefb15f2b6304152978e115bd062753c1ebe7221c0b6b104fa0419ff6" +checksum = "4d5f8acf677ee6b3b8ba400dd9753ea4769e56a95c4b30b045ac6d2d54b2f8ea" [[package]] name = "wasmtime-versioned-export-macros" @@ -5371,9 +5351,9 @@ dependencies = [ [[package]] name = "wasmtime-versioned-export-macros" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "db8efb877c9e5e67239d4553bb44dd2a34ae5cfb728f3cf2c5e64439c6ca6ee7" +checksum = "df09be00c38f49172ca9936998938476e3f2df782673a39ae2ef9fb0838341b6" dependencies = [ "proc-macro2", "quote", @@ -5382,16 +5362,16 @@ dependencies = [ [[package]] name = "wasmtime-winch" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f7a267367382ceec3e7f7ace63a63b83d86f4a680846743dead644e10f08150" +checksum = "89d6b5297bea14d8387c3974b2b011de628cc9b188f135cec752b74fd368964b" dependencies = [ "anyhow", - "cranelift-codegen 0.113.1", + "cranelift-codegen 0.114.0", "gimli 0.31.1", "object 0.36.0", "target-lexicon", - "wasmparser 0.218.0", + "wasmparser 0.219.1", "wasmtime-cranelift", "wasmtime-environ", "winch-codegen", @@ -5399,9 +5379,9 @@ dependencies = [ [[package]] name = "wasmtime-wit-bindgen" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4bef2a726fd8d1ee9b0144655e16c492dc32eb4c7c9f7e3309fcffe637870933" +checksum = "bf3963c9c29df91564d8bd181eb00d0dbaeafa1b2a01e15952bb7391166b704e" dependencies = [ "anyhow", "heck 0.5.0", @@ -5428,7 +5408,7 @@ dependencies = [ "leb128", "memchr", "unicode-width", - "wasm-encoder 0.219.1", + "wasm-encoder", ] [[package]] @@ -5520,9 +5500,9 @@ dependencies = [ [[package]] name = "wiggle" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b0f25588cf5ea16f56c1af13244486d50c5a2cf67cc0c4e990c665944d741546" +checksum = "80e0f6ef83a263c0fa11957c363aeaa76dc84832484d0e119f22810d4d0e09a7" dependencies = [ "anyhow", "async-trait", @@ -5535,9 +5515,9 @@ dependencies = [ [[package]] name = "wiggle-generate" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "28ff23bed568b335dac6a324b8b167318a0c60555199445fcc89745a5eb42452" +checksum = "dd266b290a0fdace3af6a05c6ebbcc54de303a774448ecf5a98cd0bc12d89c52" dependencies = [ "anyhow", "heck 0.5.0", @@ -5550,9 +5530,9 @@ dependencies = [ [[package]] name = "wiggle-macro" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f13be83541aa0b033ac5ec8a8b59c9a8d8b32305845b8466dd066e722cb0004" +checksum = "9b8eb1a5783540696c59cefbfc9e52570c2d5e62bd47bdf0bdcef29231879db2" dependencies = [ "proc-macro2", "quote", @@ -5593,17 +5573,17 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "winch-codegen" -version = "26.0.1" +version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "07ab957fc71a36c63834b9b51cc2e087c4260d5ff810a5309ab99f7fbeb19567" +checksum = "8b42b678c8651ec4900d7600037d235429fc985c31cbc33515885ec0d2a9e158" dependencies = [ "anyhow", - "cranelift-codegen 0.113.1", + "cranelift-codegen 0.114.0", "gimli 0.31.1", "regalloc2 0.10.2", "smallvec", "target-lexicon", - "wasmparser 0.218.0", + "wasmparser 0.219.1", "wasmtime-cranelift", "wasmtime-environ", ] @@ -5854,9 +5834,9 @@ dependencies = [ [[package]] name = "wit-parser" -version = "0.218.0" +version = "0.219.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d3d1066ab761b115f97fef2b191090faabcb0f37b555b758d3caf42d4ed9e55" +checksum = "4a86f669283257e8e424b9a4fc3518e3ade0b95deb9fbc0f93a1876be3eda598" dependencies = [ "anyhow", "id-arena", @@ -5867,7 +5847,7 @@ dependencies = [ "serde_derive", "serde_json", "unicode-xid", - "wasmparser 0.218.0", + "wasmparser 0.219.1", ] [[package]] diff --git a/crates/youki/Cargo.toml b/crates/youki/Cargo.toml index 742e173a6..a17d11dcb 100644 --- a/crates/youki/Cargo.toml +++ b/crates/youki/Cargo.toml @@ -43,8 +43,8 @@ caps = "0.5.5" wasmer = { version = "4.0.0", optional = true } wasmer-wasix = { version = "0.9.0", optional = true } wasmedge-sdk = { version = "0.14.0", optional = true } -wasmtime = { version = "26.0.1", optional = true } -wasi-common = { version = "26.0.1", optional = true } +wasmtime = { version = "27.0.0", optional = true } +wasi-common = { version = "27.0.0", optional = true } tracing = { version = "0.1.41", features = ["attributes"] } tracing-subscriber = { version = "0.3.19", features = ["json", "env-filter"] } tracing-journald = "0.3.1" From 59a8620b9f9db3db38e215f5488831f0e93b1195 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Dec 2024 00:13:04 +0000 Subject: [PATCH 06/37] Bump serde from 1.0.215 to 1.0.216 in the patch group Bumps the patch group with 1 update: [serde](https://github.com/serde-rs/serde). Updates `serde` from 1.0.215 to 1.0.216 - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](https://github.com/serde-rs/serde/compare/v1.0.215...v1.0.216) --- updated-dependencies: - dependency-name: serde dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index f312f8fcb..73bd3a6c7 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3457,9 +3457,9 @@ checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" [[package]] name = "serde" -version = "1.0.215" +version = "1.0.216" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6513c1ad0b11a9376da888e3e0baa0077f1aed55c17f50e7b2397136129fb88f" +checksum = "0b9781016e935a97e8beecf0c933758c97a5520d32930e460142b4cd80c6338e" dependencies = [ "serde_derive", ] @@ -3487,9 +3487,9 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.215" +version = "1.0.216" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ad1e866f866923f252f05c889987993144fb74e722403468a4ebd70c3cd756c0" +checksum = "46f859dbbf73865c6627ed570e78961cd3ac92407a2d117204c49232485da55e" dependencies = [ "proc-macro2", "quote", From 891089c6c5a430aa715a11fc4feabfaaefffcc1e Mon Sep 17 00:00:00 2001 From: Yashodhan <54112038+YJDoc2@users.noreply.github.com> Date: Sat, 14 Dec 2024 10:03:44 +0530 Subject: [PATCH 07/37] fix duplicate gids in container creation (#3019) Signed-off-by: Yashodhan Joshi --- .../src/process/container_init_process.rs | 17 ++++++--- crates/libcontainer/src/syscall/test.rs | 6 ++-- .../tests/process_user/process_user_test.rs | 36 +++++++++++++++---- 3 files changed, 45 insertions(+), 14 deletions(-) diff --git a/crates/libcontainer/src/process/container_init_process.rs b/crates/libcontainer/src/process/container_init_process.rs index 0d16e6094..f09f04dcc 100644 --- a/crates/libcontainer/src/process/container_init_process.rs +++ b/crates/libcontainer/src/process/container_init_process.rs @@ -1,4 +1,4 @@ -use std::collections::HashMap; +use std::collections::{HashMap, HashSet}; use std::os::unix::io::AsRawFd; use std::path::{Path, PathBuf}; use std::{env, fs, mem}; @@ -761,6 +761,9 @@ fn set_supplementary_gids( let gids: Vec = additional_gids .iter() + // this is to remove duplicate ids, so we behave similar to runc + .collect::>() + .into_iter() .map(|gid| Gid::from_raw(*gid)) .collect(); @@ -1031,7 +1034,7 @@ mod tests { .additional_gids(vec![33, 34]) .build()?, None::, - vec![vec![Gid::from_raw(33), Gid::from_raw(34)]], + vec![Gid::from_raw(33), Gid::from_raw(34)], ), // unreachable case ( @@ -1052,7 +1055,7 @@ mod tests { user_namespace: None, ..Default::default() }), - vec![vec![Gid::from_raw(37), Gid::from_raw(38)]], + vec![Gid::from_raw(37), Gid::from_raw(38)], ), ]; for (user, ns_config, want) in tests.into_iter() { @@ -1069,7 +1072,13 @@ mod tests { .downcast_ref::() .unwrap() .get_groups_args(); - assert_eq!(want, got); + // set set_supplementary_gids uses hashset internally + // so we cannot be sure of the order, hence compare the + // length and includes + assert_eq!(want.len(), got.len()); + for gid in &want { + assert!(got.contains(gid)); + } } _ => unreachable!("setgroups value unknown"), } diff --git a/crates/libcontainer/src/syscall/test.rs b/crates/libcontainer/src/syscall/test.rs index 6e2e01977..ad218b492 100644 --- a/crates/libcontainer/src/syscall/test.rs +++ b/crates/libcontainer/src/syscall/test.rs @@ -369,13 +369,13 @@ impl TestHelperSyscall { .collect::>() } - pub fn get_groups_args(&self) -> Vec> { + pub fn get_groups_args(&self) -> Vec { self.mocks .fetch(ArgName::Groups) .values .iter() - .map(|x| x.downcast_ref::>().unwrap().clone()) - .collect::>>() + .flat_map(|x| x.downcast_ref::>().unwrap().clone()) + .collect::>() } pub fn get_io_priority_args(&self) -> Vec { diff --git a/tests/contest/contest/src/tests/process_user/process_user_test.rs b/tests/contest/contest/src/tests/process_user/process_user_test.rs index 5329ccbbf..1d7787d6d 100644 --- a/tests/contest/contest/src/tests/process_user/process_user_test.rs +++ b/tests/contest/contest/src/tests/process_user/process_user_test.rs @@ -1,4 +1,4 @@ -use anyhow::{Context, Ok, Result}; +use anyhow::{anyhow, Context, Ok, Result}; use oci_spec::runtime::{ProcessBuilder, Spec, SpecBuilder, UserBuilder}; use rand::Rng; use test_framework::{test_result, Test, TestGroup, TestResult}; @@ -21,12 +21,12 @@ fn generate_unique_random_vec() -> Vec { ret } -fn create_spec() -> Result { +fn create_spec(gids: Vec) -> Result { let umask = 0o002; let user = UserBuilder::default() .uid(10u32) .gid(10u32) - .additional_gids(generate_unique_random_vec()) + .additional_gids(gids) .umask(umask as u32) .build()?; @@ -42,16 +42,38 @@ fn create_spec() -> Result { .context("failed to build spec")?; Ok(spec) } -fn process_user_test() -> TestResult { - let spec = test_result!(create_spec()); + +fn process_user_test_unique_gids() -> TestResult { + let gids = generate_unique_random_vec(); + let spec = test_result!(create_spec(gids)); test_inside_container(spec, &CreateOptions::default(), &|_| Ok(())) } +fn process_user_test_duplicate_gids() -> TestResult { + let mut gids = generate_unique_random_vec(); + let duplicate = gids[0]; + gids.push(duplicate); + let spec = test_result!(create_spec(gids)); + match test_inside_container(spec, &CreateOptions::default(), &|_| Ok(())) { + TestResult::Passed => TestResult::Failed(anyhow!( + "expected test with duplicate gids to fail, but it passed instead" + )), + _ => TestResult::Passed, + } +} + pub fn get_process_user_test() -> TestGroup { let mut process_user_test_group = TestGroup::new("process_user"); - let test = Test::new("process_user_test", Box::new(process_user_test)); - process_user_test_group.add(vec![Box::new(test)]); + let test1 = Test::new( + "process_user_unique_gids_test", + Box::new(process_user_test_unique_gids), + ); + let test2 = Test::new( + "process_user_duplicate_gids_test", + Box::new(process_user_test_duplicate_gids), + ); + process_user_test_group.add(vec![Box::new(test1), Box::new(test2)]); process_user_test_group } From ba2d180ebf75b8ee3b695348dba602fab55252ca Mon Sep 17 00:00:00 2001 From: Jorge Prendes Date: Sun, 15 Dec 2024 11:31:05 +0000 Subject: [PATCH 08/37] switch from license-file to license (#3023) Signed-off-by: Jorge Prendes --- crates/libcgroups/Cargo.toml | 2 +- crates/libcontainer/Cargo.toml | 2 +- crates/liboci-cli/Cargo.toml | 2 +- crates/youki/Cargo.toml | 2 +- experiment/seccomp/Cargo.toml | 2 +- experiment/selinux/Cargo.toml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/crates/libcgroups/Cargo.toml b/crates/libcgroups/Cargo.toml index fae074b68..d0c5daf81 100644 --- a/crates/libcgroups/Cargo.toml +++ b/crates/libcgroups/Cargo.toml @@ -2,7 +2,7 @@ name = "libcgroups" version = "0.4.1" # MARK: Version description = "Library for cgroup" -license-file = "../../LICENSE" +license = "Apache-2.0" repository = "https://github.com/containers/youki" homepage = "https://youki-dev.github.io/youki/" readme = "README.md" diff --git a/crates/libcontainer/Cargo.toml b/crates/libcontainer/Cargo.toml index 41a116ba5..61842ebc0 100644 --- a/crates/libcontainer/Cargo.toml +++ b/crates/libcontainer/Cargo.toml @@ -2,7 +2,7 @@ name = "libcontainer" version = "0.4.1" # MARK: Version description = "Library for container control" -license-file = "../../LICENSE" +license = "Apache-2.0" repository = "https://github.com/containers/youki" homepage = "https://youki-dev.github.io/youki/" readme = "README.md" diff --git a/crates/liboci-cli/Cargo.toml b/crates/liboci-cli/Cargo.toml index 9835a45b7..1ad8b6d75 100644 --- a/crates/liboci-cli/Cargo.toml +++ b/crates/liboci-cli/Cargo.toml @@ -2,7 +2,7 @@ name = "liboci-cli" version = "0.4.1" # MARK: Version description = "Parse command line arguments for OCI container runtimes" -license-file = "../../LICENSE" +license = "Apache-2.0" repository = "https://github.com/containers/youki" homepage = "https://youki-dev.github.io/youki/" readme = "README.md" diff --git a/crates/youki/Cargo.toml b/crates/youki/Cargo.toml index a17d11dcb..b3e444a6d 100644 --- a/crates/youki/Cargo.toml +++ b/crates/youki/Cargo.toml @@ -2,7 +2,7 @@ name = "youki" version = "0.4.1" # MARK: Version description = "A container runtime written in Rust" -license-file = "../../LICENSE" +license = "Apache-2.0" repository = "https://github.com/containers/youki" homepage = "https://youki-dev.github.io/youki/" readme = "../../README.md" diff --git a/experiment/seccomp/Cargo.toml b/experiment/seccomp/Cargo.toml index dd44c72cf..36044f609 100644 --- a/experiment/seccomp/Cargo.toml +++ b/experiment/seccomp/Cargo.toml @@ -2,7 +2,7 @@ name = "seccomp" version = "0.0.0" description = "Library for seccomp" -license-file = "../../LICENSE" +license = "Apache-2.0" repository = "https://github.com/containers/youki" homepage = "https://youki-dev.github.io/youki/" readme = "README.md" diff --git a/experiment/selinux/Cargo.toml b/experiment/selinux/Cargo.toml index d02d4a6bd..749363208 100644 --- a/experiment/selinux/Cargo.toml +++ b/experiment/selinux/Cargo.toml @@ -2,7 +2,7 @@ name = "selinux" version = "0.1.0" description = "Library for selinux" -license-file = "../../LICENSE" +license = "Apache-2.0" repository = "https://github.com/containers/youki" homepage = "https://youki-dev.github.io/youki/" readme = "README.md" From 2c5965ff18e4efff035213f3d4d7010b03457eeb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 01:03:35 +0000 Subject: [PATCH 09/37] Bump thiserror from 2.0.6 to 2.0.7 in the patch group Bumps the patch group with 1 update: [thiserror](https://github.com/dtolnay/thiserror). Updates `thiserror` from 2.0.6 to 2.0.7 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](https://github.com/dtolnay/thiserror/compare/2.0.6...2.0.7) --- updated-dependencies: - dependency-name: thiserror dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 16 ++++++++-------- crates/libcgroups/Cargo.toml | 2 +- crates/libcontainer/Cargo.toml | 2 +- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 73bd3a6c7..69cc38845 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1983,7 +1983,7 @@ dependencies = [ "serde_json", "serial_test", "tempfile", - "thiserror 2.0.6", + "thiserror 2.0.7", "tracing", ] @@ -2014,7 +2014,7 @@ dependencies = [ "serde_json", "serial_test", "tempfile", - "thiserror 2.0.6", + "thiserror 2.0.7", "tracing", ] @@ -2442,7 +2442,7 @@ dependencies = [ "serde_json", "strum", "strum_macros", - "thiserror 2.0.6", + "thiserror 2.0.7", ] [[package]] @@ -3999,11 +3999,11 @@ dependencies = [ [[package]] name = "thiserror" -version = "2.0.6" +version = "2.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8fec2a1820ebd077e2b90c4df007bebf344cd394098a13c563957d0afc83ea47" +checksum = "93605438cbd668185516ab499d589afb7ee1859ea3d5fc8f6b0755e1c7443767" dependencies = [ - "thiserror-impl 2.0.6", + "thiserror-impl 2.0.7", ] [[package]] @@ -4019,9 +4019,9 @@ dependencies = [ [[package]] name = "thiserror-impl" -version = "2.0.6" +version = "2.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d65750cab40f4ff1929fb1ba509e9914eb756131cef4210da8d5d700d26f6312" +checksum = "e1d8749b4531af2117677a5fcd12b1348a3fe2b81e36e61ffeac5c4aa3273e36" dependencies = [ "proc-macro2", "quote", diff --git a/crates/libcgroups/Cargo.toml b/crates/libcgroups/Cargo.toml index d0c5daf81..f27b754a1 100644 --- a/crates/libcgroups/Cargo.toml +++ b/crates/libcgroups/Cargo.toml @@ -29,7 +29,7 @@ rbpf = { version = "0.3.0", optional = true } libbpf-sys = { version = "1.5.0", optional = true } errno = { version = "0.3.10", optional = true } libc = { version = "0.2.168", optional = true } -thiserror = "2.0.6" +thiserror = "2.0.7" tracing = { version = "0.1.41", features = ["attributes"] } [dev-dependencies] diff --git a/crates/libcontainer/Cargo.toml b/crates/libcontainer/Cargo.toml index 61842ebc0..a3eeee403 100644 --- a/crates/libcontainer/Cargo.toml +++ b/crates/libcontainer/Cargo.toml @@ -47,7 +47,7 @@ serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" rust-criu = "0.4.0" regex = { version = "1.10.6", default-features = false, features = ["std", "unicode-perl"] } -thiserror = "2.0.6" +thiserror = "2.0.7" tracing = { version = "0.1.41", features = ["attributes"] } safe-path = "0.1.0" nc = "0.9.5" From 2b94fb4926ae11cd1ad9923ea3e018494c4ac2d3 Mon Sep 17 00:00:00 2001 From: Crismar Mejia Date: Wed, 18 Dec 2024 00:50:07 -0400 Subject: [PATCH 10/37] Adding chat/Discord link to docs (#3005) * adding discord link to docs; updating GH link Signed-off-by: Crismar Mejia * changing name from Discord to Chat Signed-off-by: Crismar Mejia --------- Signed-off-by: Crismar Mejia --- CODE-OF-CONDUCT.md | 2 +- docs/src/SUMMARY.md | 1 + docs/src/community/chat.md | 3 +++ docs/src/community/introduction.md | 1 + 4 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 docs/src/community/chat.md diff --git a/CODE-OF-CONDUCT.md b/CODE-OF-CONDUCT.md index c271cb419..85aa0a812 100644 --- a/CODE-OF-CONDUCT.md +++ b/CODE-OF-CONDUCT.md @@ -1 +1 @@ -Move to containers.github.io/youki/community/governance.html#code-of-conduct +Move to youki-dev.github.io/youki/community/governance.html#code-of-conduct diff --git a/docs/src/SUMMARY.md b/docs/src/SUMMARY.md index c024bd347..b787d9f0b 100644 --- a/docs/src/SUMMARY.md +++ b/docs/src/SUMMARY.md @@ -20,6 +20,7 @@ - [Maintainer](./community/maintainer.md) - [Governance](./community/governance.md) - [Contributing](./community/contributing.md) + - [Chat](./community/chat.md) --- diff --git a/docs/src/community/chat.md b/docs/src/community/chat.md new file mode 100644 index 000000000..d644adb21 --- /dev/null +++ b/docs/src/community/chat.md @@ -0,0 +1,3 @@ +# Chat +Please join our chat find help or discuss issues: +- [Discord invite](https://discord.gg/zHnyXKSQFD) diff --git a/docs/src/community/introduction.md b/docs/src/community/introduction.md index 65c4165d4..d300bedeb 100644 --- a/docs/src/community/introduction.md +++ b/docs/src/community/introduction.md @@ -3,3 +3,4 @@ - [Maintainer](./maintainer.md) - [Governance](./goversance.md) - [Contributing](./contributing.md) +- [Chat](./chat.md) From 53697fb9eb13768fc69d1a0a85505a1c65a7ed12 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Dec 2024 00:57:59 +0000 Subject: [PATCH 11/37] Bump thiserror from 2.0.7 to 2.0.8 in the patch group Bumps the patch group with 1 update: [thiserror](https://github.com/dtolnay/thiserror). Updates `thiserror` from 2.0.7 to 2.0.8 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](https://github.com/dtolnay/thiserror/compare/2.0.7...2.0.8) --- updated-dependencies: - dependency-name: thiserror dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 16 ++++++++-------- crates/libcgroups/Cargo.toml | 2 +- crates/libcontainer/Cargo.toml | 2 +- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 69cc38845..d73bd520d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1983,7 +1983,7 @@ dependencies = [ "serde_json", "serial_test", "tempfile", - "thiserror 2.0.7", + "thiserror 2.0.8", "tracing", ] @@ -2014,7 +2014,7 @@ dependencies = [ "serde_json", "serial_test", "tempfile", - "thiserror 2.0.7", + "thiserror 2.0.8", "tracing", ] @@ -2442,7 +2442,7 @@ dependencies = [ "serde_json", "strum", "strum_macros", - "thiserror 2.0.7", + "thiserror 2.0.8", ] [[package]] @@ -3999,11 +3999,11 @@ dependencies = [ [[package]] name = "thiserror" -version = "2.0.7" +version = "2.0.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "93605438cbd668185516ab499d589afb7ee1859ea3d5fc8f6b0755e1c7443767" +checksum = "08f5383f3e0071702bf93ab5ee99b52d26936be9dedd9413067cbdcddcb6141a" dependencies = [ - "thiserror-impl 2.0.7", + "thiserror-impl 2.0.8", ] [[package]] @@ -4019,9 +4019,9 @@ dependencies = [ [[package]] name = "thiserror-impl" -version = "2.0.7" +version = "2.0.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e1d8749b4531af2117677a5fcd12b1348a3fe2b81e36e61ffeac5c4aa3273e36" +checksum = "f2f357fcec90b3caef6623a099691be676d033b40a058ac95d2a6ade6fa0c943" dependencies = [ "proc-macro2", "quote", diff --git a/crates/libcgroups/Cargo.toml b/crates/libcgroups/Cargo.toml index f27b754a1..09c880d55 100644 --- a/crates/libcgroups/Cargo.toml +++ b/crates/libcgroups/Cargo.toml @@ -29,7 +29,7 @@ rbpf = { version = "0.3.0", optional = true } libbpf-sys = { version = "1.5.0", optional = true } errno = { version = "0.3.10", optional = true } libc = { version = "0.2.168", optional = true } -thiserror = "2.0.7" +thiserror = "2.0.8" tracing = { version = "0.1.41", features = ["attributes"] } [dev-dependencies] diff --git a/crates/libcontainer/Cargo.toml b/crates/libcontainer/Cargo.toml index a3eeee403..7c66634ea 100644 --- a/crates/libcontainer/Cargo.toml +++ b/crates/libcontainer/Cargo.toml @@ -47,7 +47,7 @@ serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" rust-criu = "0.4.0" regex = { version = "1.10.6", default-features = false, features = ["std", "unicode-perl"] } -thiserror = "2.0.7" +thiserror = "2.0.8" tracing = { version = "0.1.41", features = ["attributes"] } safe-path = "0.1.0" nc = "0.9.5" From 60c18568dcbebe7f665a41fb6b961251e9aa5224 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 20 Dec 2024 00:21:42 +0000 Subject: [PATCH 12/37] Bump the patch group with 2 updates Bumps the patch group with 2 updates: [libc](https://github.com/rust-lang/libc) and [which](https://github.com/harryfei/which-rs). Updates `libc` from 0.2.168 to 0.2.169 - [Release notes](https://github.com/rust-lang/libc/releases) - [Changelog](https://github.com/rust-lang/libc/blob/0.2.169/CHANGELOG.md) - [Commits](https://github.com/rust-lang/libc/compare/0.2.168...0.2.169) Updates `which` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/harryfei/which-rs/releases) - [Changelog](https://github.com/harryfei/which-rs/blob/master/CHANGELOG.md) - [Commits](https://github.com/harryfei/which-rs/compare/7.0.0...7.0.1) --- updated-dependencies: - dependency-name: libc dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: which dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 18 ++++++++++++------ crates/libcgroups/Cargo.toml | 2 +- crates/libcontainer/Cargo.toml | 2 +- tests/contest/contest/Cargo.toml | 2 +- tests/contest/runtimetest/Cargo.toml | 2 +- 5 files changed, 16 insertions(+), 10 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index d73bd520d..efedcdfce 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -583,7 +583,7 @@ dependencies = [ "tracing", "tracing-subscriber", "uuid", - "which 7.0.0", + "which 7.0.1", ] [[package]] @@ -1219,6 +1219,12 @@ dependencies = [ "regex", ] +[[package]] +name = "env_home" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c7f84e12ccf0a7ddc17a6c41c93326024c42920d7ee630d04950e6926645c0fe" + [[package]] name = "env_logger" version = "0.8.4" @@ -1958,9 +1964,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.168" +version = "0.2.169" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5aaeb2981e0606ca11d79718f8bb01164f1d6ed75080182d3abf017e6d244b6d" +checksum = "b5aba8db14291edd000dfcc4d620c7ebfb122c613afb886ca8803fa4e128a20a" [[package]] name = "libcgroups" @@ -5488,12 +5494,12 @@ dependencies = [ [[package]] name = "which" -version = "7.0.0" +version = "7.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c9cad3279ade7346b96e38731a641d7343dd6a53d55083dd54eadfa5a1b38c6b" +checksum = "fb4a9e33648339dc1642b0e36e21b3385e6148e289226f657c809dee59df5028" dependencies = [ "either", - "home", + "env_home", "rustix", "winsafe", ] diff --git a/crates/libcgroups/Cargo.toml b/crates/libcgroups/Cargo.toml index 09c880d55..d9b1f0427 100644 --- a/crates/libcgroups/Cargo.toml +++ b/crates/libcgroups/Cargo.toml @@ -28,7 +28,7 @@ serde = { version = "1.0", features = ["derive"] } rbpf = { version = "0.3.0", optional = true } libbpf-sys = { version = "1.5.0", optional = true } errno = { version = "0.3.10", optional = true } -libc = { version = "0.2.168", optional = true } +libc = { version = "0.2.169", optional = true } thiserror = "2.0.8" tracing = { version = "0.1.41", features = ["attributes"] } diff --git a/crates/libcontainer/Cargo.toml b/crates/libcontainer/Cargo.toml index 7c66634ea..88776c239 100644 --- a/crates/libcontainer/Cargo.toml +++ b/crates/libcontainer/Cargo.toml @@ -26,7 +26,7 @@ chrono = { version = "0.4", default-features = false, features = [ "serde", ] } fastrand = "^2.3.0" -libc = "0.2.168" +libc = "0.2.169" nix = { version = "0.28.0", features = [ "socket", "sched", diff --git a/tests/contest/contest/Cargo.toml b/tests/contest/contest/Cargo.toml index 52197e94c..3ead4c636 100644 --- a/tests/contest/contest/Cargo.toml +++ b/tests/contest/contest/Cargo.toml @@ -20,7 +20,7 @@ serde_json = "1.0" tar = "0.4" test_framework = { path = "../test_framework" } uuid = "1.11" -which = "7.0.0" +which = "7.0.1" tempfile = "3" scopeguard = "1.2.0" tracing = { version = "0.1.41", features = ["attributes"]} diff --git a/tests/contest/runtimetest/Cargo.toml b/tests/contest/runtimetest/Cargo.toml index 4c547f246..d3d7b9ec1 100644 --- a/tests/contest/runtimetest/Cargo.toml +++ b/tests/contest/runtimetest/Cargo.toml @@ -7,5 +7,5 @@ edition = "2021" oci-spec = { version = "0.7.1", features = ["runtime"] } nix = "0.28.0" anyhow = "1.0" -libc = "0.2.168" # TODO (YJDoc2) upgrade to latest +libc = "0.2.169" # TODO (YJDoc2) upgrade to latest nc = "0.9.5" From 9eae62035098389445f05a94c56c980ac165d30e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Dec 2024 00:29:10 +0000 Subject: [PATCH 13/37] Bump the patch group with 4 updates Bumps the patch group with 4 updates: [thiserror](https://github.com/dtolnay/thiserror), [anyhow](https://github.com/dtolnay/anyhow), [serde_json](https://github.com/serde-rs/json) and [env_logger](https://github.com/rust-cli/env_logger). Updates `thiserror` from 2.0.8 to 2.0.9 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](https://github.com/dtolnay/thiserror/compare/2.0.8...2.0.9) Updates `anyhow` from 1.0.94 to 1.0.95 - [Release notes](https://github.com/dtolnay/anyhow/releases) - [Commits](https://github.com/dtolnay/anyhow/compare/1.0.94...1.0.95) Updates `serde_json` from 1.0.133 to 1.0.134 - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](https://github.com/serde-rs/json/compare/v1.0.133...v1.0.134) Updates `env_logger` from 0.11.5 to 0.11.6 - [Release notes](https://github.com/rust-cli/env_logger/releases) - [Changelog](https://github.com/rust-cli/env_logger/blob/main/CHANGELOG.md) - [Commits](https://github.com/rust-cli/env_logger/compare/v0.11.5...v0.11.6) --- updated-dependencies: - dependency-name: thiserror dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: anyhow dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: serde_json dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: env_logger dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 30 ++++++++++++------------- crates/libcgroups/Cargo.toml | 2 +- crates/libcontainer/Cargo.toml | 2 +- crates/youki/Cargo.toml | 4 ++-- tests/contest/test_framework/Cargo.toml | 2 +- 5 files changed, 20 insertions(+), 20 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index efedcdfce..9af6c9a80 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -141,9 +141,9 @@ checksum = "70033777eb8b5124a81a1889416543dddef2de240019b674c81285a2635a7e1e" [[package]] name = "anyhow" -version = "1.0.94" +version = "1.0.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c1fd03a028ef38ba2276dce7e33fcd6369c158a1bca17946c4b1b701891c1ff7" +checksum = "34ac096ce696dc2fcabef30516bb13c0a68a11d30131d3df6f04711467681b04" [[package]] name = "arbitrary" @@ -1237,9 +1237,9 @@ dependencies = [ [[package]] name = "env_logger" -version = "0.11.5" +version = "0.11.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e13fa619b91fb2381732789fc5de83b45675e882f66623b7d8cb4f643017018d" +checksum = "dcaee3d8e3cfc3fd92428d477bc97fc29ec8716d180c0d74c643bb26166660e0" dependencies = [ "anstream", "anstyle", @@ -1974,7 +1974,7 @@ version = "0.4.1" dependencies = [ "anyhow", "clap", - "env_logger 0.11.5", + "env_logger 0.11.6", "errno", "fixedbitset 0.5.7", "libbpf-sys", @@ -1989,7 +1989,7 @@ dependencies = [ "serde_json", "serial_test", "tempfile", - "thiserror 2.0.8", + "thiserror 2.0.9", "tracing", ] @@ -2020,7 +2020,7 @@ dependencies = [ "serde_json", "serial_test", "tempfile", - "thiserror 2.0.8", + "thiserror 2.0.9", "tracing", ] @@ -2448,7 +2448,7 @@ dependencies = [ "serde_json", "strum", "strum_macros", - "thiserror 2.0.8", + "thiserror 2.0.9", ] [[package]] @@ -3504,9 +3504,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.133" +version = "1.0.134" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c7fceb2473b9166b2294ef05efcb65a3db80803f0b03ef86a5fc88a2b85ee377" +checksum = "d00f4175c42ee48b15416f6193a959ba3a0d67fc699a0db9ad12df9f83991c7d" dependencies = [ "itoa", "memchr", @@ -4005,11 +4005,11 @@ dependencies = [ [[package]] name = "thiserror" -version = "2.0.8" +version = "2.0.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08f5383f3e0071702bf93ab5ee99b52d26936be9dedd9413067cbdcddcb6141a" +checksum = "f072643fd0190df67a8bab670c20ef5d8737177d6ac6b2e9a236cb096206b2cc" dependencies = [ - "thiserror-impl 2.0.8", + "thiserror-impl 2.0.9", ] [[package]] @@ -4025,9 +4025,9 @@ dependencies = [ [[package]] name = "thiserror-impl" -version = "2.0.8" +version = "2.0.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f2f357fcec90b3caef6623a099691be676d033b40a058ac95d2a6ade6fa0c943" +checksum = "7b50fa271071aae2e6ee85f842e2e28ba8cd2c5fb67f11fcb1fd70b276f9e7d4" dependencies = [ "proc-macro2", "quote", diff --git a/crates/libcgroups/Cargo.toml b/crates/libcgroups/Cargo.toml index d9b1f0427..52701c332 100644 --- a/crates/libcgroups/Cargo.toml +++ b/crates/libcgroups/Cargo.toml @@ -29,7 +29,7 @@ rbpf = { version = "0.3.0", optional = true } libbpf-sys = { version = "1.5.0", optional = true } errno = { version = "0.3.10", optional = true } libc = { version = "0.2.169", optional = true } -thiserror = "2.0.8" +thiserror = "2.0.9" tracing = { version = "0.1.41", features = ["attributes"] } [dev-dependencies] diff --git a/crates/libcontainer/Cargo.toml b/crates/libcontainer/Cargo.toml index 88776c239..c5e215025 100644 --- a/crates/libcontainer/Cargo.toml +++ b/crates/libcontainer/Cargo.toml @@ -47,7 +47,7 @@ serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" rust-criu = "0.4.0" regex = { version = "1.10.6", default-features = false, features = ["std", "unicode-perl"] } -thiserror = "2.0.8" +thiserror = "2.0.9" tracing = { version = "0.1.41", features = ["attributes"] } safe-path = "0.1.0" nc = "0.9.5" diff --git a/crates/youki/Cargo.toml b/crates/youki/Cargo.toml index b3e444a6d..f854b4106 100644 --- a/crates/youki/Cargo.toml +++ b/crates/youki/Cargo.toml @@ -28,7 +28,7 @@ default-features = false features = ["std", "suggestions", "derive", "cargo", "help", "usage", "error-context"] [dependencies] -anyhow = "1.0.94" +anyhow = "1.0.95" chrono = { version = "0.4", default-features = false, features = ["clock", "serde"] } libcgroups = { path = "../libcgroups", default-features = false, version = "0.4.1" } # MARK: Version libcontainer = { path = "../libcontainer", default-features = false, version = "0.4.1" } # MARK: Version @@ -55,5 +55,5 @@ tempfile = "3" scopeguard = "1.2.0" [build-dependencies] -anyhow = "1.0.94" +anyhow = "1.0.95" vergen-gitcl = { version = "1.0.2", features = ["build"] } diff --git a/tests/contest/test_framework/Cargo.toml b/tests/contest/test_framework/Cargo.toml index e10d7f907..ab522ef85 100644 --- a/tests/contest/test_framework/Cargo.toml +++ b/tests/contest/test_framework/Cargo.toml @@ -6,5 +6,5 @@ edition = "2021" # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html [dependencies] -anyhow = "1.0.94" +anyhow = "1.0.95" crossbeam = "0.8.4" From 2eee37b23caf03ab9dc7831b442cbdfb1c537f93 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Dec 2024 00:29:34 +0000 Subject: [PATCH 14/37] Bump wasmtime from 27.0.0 to 28.0.0 Bumps [wasmtime](https://github.com/bytecodealliance/wasmtime) from 27.0.0 to 28.0.0. - [Release notes](https://github.com/bytecodealliance/wasmtime/releases) - [Changelog](https://github.com/bytecodealliance/wasmtime/blob/v28.0.0/RELEASES.md) - [Commits](https://github.com/bytecodealliance/wasmtime/compare/v27.0.0...v28.0.0) --- updated-dependencies: - dependency-name: wasmtime dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- Cargo.lock | 445 +++++++++++++++++++++++++++++----------- crates/youki/Cargo.toml | 2 +- 2 files changed, 321 insertions(+), 126 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index efedcdfce..440d95ee3 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -64,6 +64,12 @@ dependencies = [ "memchr", ] +[[package]] +name = "allocator-api2" +version = "0.2.21" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "683d7910e743518b0e34f1186f92494becacb047c7b6bf616c96772180fef923" + [[package]] name = "ambient-authority" version = "0.0.2" @@ -294,9 +300,12 @@ dependencies = [ [[package]] name = "bumpalo" -version = "3.15.4" +version = "3.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ff69b9dd49fd426c69a0db9fc04dd934cdb6645ff000864d98f7e2af8830eaa" +checksum = "79296716171880943b8470b5f8d03aa55eb2e645a4874bdbb28adb49162e012c" +dependencies = [ + "allocator-api2", +] [[package]] name = "bytecheck" @@ -650,11 +659,11 @@ dependencies = [ [[package]] name = "cranelift-bforest" -version = "0.114.0" +version = "0.115.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2ba4f80548f22dc9c43911907b5e322c5555544ee85f785115701e6a28c9abe1" +checksum = "ac89549be94911dd0e839b4a7db99e9ed29c17517e1c026f61066884c168aa3c" dependencies = [ - "cranelift-entity 0.114.0", + "cranelift-entity 0.115.0", ] [[package]] @@ -667,6 +676,16 @@ dependencies = [ "serde_derive", ] +[[package]] +name = "cranelift-bitset" +version = "0.115.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9bd49369f76c77e34e641af85d0956869237832c118964d08bf5f51f210875a" +dependencies = [ + "serde", + "serde_derive", +] + [[package]] name = "cranelift-codegen" version = "0.91.1" @@ -690,22 +709,22 @@ dependencies = [ [[package]] name = "cranelift-codegen" -version = "0.114.0" +version = "0.115.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe4036255ec33ce9a37495dfbcfc4e1118fd34e693eff9a1e106336b7cd16a9b" +checksum = "fd96ce9cf8efebd7f5ab8ced5a0ce44250280bbae9f593d74a6d7effc3582a35" dependencies = [ "bumpalo", - "cranelift-bforest 0.114.0", - "cranelift-bitset", - "cranelift-codegen-meta 0.114.0", - "cranelift-codegen-shared 0.114.0", + "cranelift-bforest 0.115.0", + "cranelift-bitset 0.115.0", + "cranelift-codegen-meta 0.115.0", + "cranelift-codegen-shared 0.115.0", "cranelift-control", - "cranelift-entity 0.114.0", - "cranelift-isle 0.114.0", + "cranelift-entity 0.115.0", + "cranelift-isle 0.115.0", "gimli 0.31.1", "hashbrown 0.14.3", "log", - "regalloc2 0.10.2", + "regalloc2 0.11.1", "rustc-hash 2.0.0", "serde", "smallvec", @@ -723,11 +742,11 @@ dependencies = [ [[package]] name = "cranelift-codegen-meta" -version = "0.114.0" +version = "0.115.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f7ca74f4b68319da11d39e894437cb6e20ec7c2e11fbbda823c3bf207beedff7" +checksum = "5a68e358827afe4bfb6239fcbf6fbd5ac56206ece8a99c8f5f9bbd518773281a" dependencies = [ - "cranelift-codegen-shared 0.114.0", + "cranelift-codegen-shared 0.115.0", ] [[package]] @@ -738,15 +757,15 @@ checksum = "278e52e29c53fcf32431ef08406c295699a70306d05a0715c5b1bf50e33a9ab7" [[package]] name = "cranelift-codegen-shared" -version = "0.114.0" +version = "0.115.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "897e54f433a0269c4187871aa06d452214d5515d228d5bdc22219585e9eef895" +checksum = "e184c9767afbe73d50c55ec29abcf4c32f9baf0d9d22b86d58c4d55e06dee181" [[package]] name = "cranelift-control" -version = "0.114.0" +version = "0.115.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "29cb4018f5bf59fb53f515fa9d80e6f8c5ce19f198dc538984ebd23ecf8965ec" +checksum = "5cc7664f2a66f053e33f149e952bb5971d138e3af637f5097727ed6dc0ed95dd" dependencies = [ "arbitrary", ] @@ -777,7 +796,18 @@ version = "0.114.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "305399fd781a2953ac78c1396f02ff53144f39c33eb7fc7789cf4e8936d13a96" dependencies = [ - "cranelift-bitset", + "cranelift-bitset 0.114.0", + "serde", + "serde_derive", +] + +[[package]] +name = "cranelift-entity" +version = "0.115.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "118597e3a9cf86c3556fa579a7a23b955fa18231651a52a77a2475d305a9cf84" +dependencies = [ + "cranelift-bitset 0.115.0", "serde", "serde_derive", ] @@ -796,11 +826,11 @@ dependencies = [ [[package]] name = "cranelift-frontend" -version = "0.114.0" +version = "0.115.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9230b460a128d53653456137751d27baf567947a3ab8c0c4d6e31fd08036d81e" +checksum = "7638ea1efb069a0aa18d8ee67401b6b0d19f6bfe5de5e9ede348bfc80bb0d8c7" dependencies = [ - "cranelift-codegen 0.114.0", + "cranelift-codegen 0.115.0", "log", "smallvec", "target-lexicon", @@ -814,17 +844,17 @@ checksum = "393bc73c451830ff8dbb3a07f61843d6cb41a084f9996319917c0b291ed785bb" [[package]] name = "cranelift-isle" -version = "0.114.0" +version = "0.115.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b961e24ae3ec9813a24a15ae64bbd2a42e4de4d79a7f3225a412e3b94e78d1c8" +checksum = "15c53e1152a0b01c4ed2b1e0535602b8e86458777dd9d18b28732b16325c7dc0" [[package]] name = "cranelift-native" -version = "0.114.0" +version = "0.115.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d5bd76df6c9151188dfa428c863b33da5b34561b67f43c0cf3f24a794f9fa1f" +checksum = "7b7d8f895444fa52dd7bdd0bed11bf007a7fb43af65a6deac8fcc4094c6372f7" dependencies = [ - "cranelift-codegen 0.114.0", + "cranelift-codegen 0.115.0", "libc", "target-lexicon", ] @@ -1347,6 +1377,12 @@ version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" +[[package]] +name = "foldhash" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a0d2fde1f7b3d48b8395d5f2de76c18a528bd6a9cdde438df747bfcba3e05d6f" + [[package]] name = "foreign-types" version = "0.3.2" @@ -1570,7 +1606,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "07e28edb80900c19c28f1072f2e8aeca7fa06b23cd4169cefe1af5aa3260783f" dependencies = [ "fallible-iterator 0.3.0", - "indexmap 2.2.6", + "indexmap 2.7.0", "stable_deref_trait", ] @@ -1592,7 +1628,7 @@ dependencies = [ "futures-sink", "futures-util", "http", - "indexmap 2.2.6", + "indexmap 2.7.0", "slab", "tokio", "tokio-util", @@ -1633,6 +1669,16 @@ dependencies = [ "serde", ] +[[package]] +name = "hashbrown" +version = "0.15.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf151400ff0baff5465007dd2f3e717f3fe502074ca563069ce3a6629d07b289" +dependencies = [ + "foldhash", + "serde", +] + [[package]] name = "heapless" version = "0.7.17" @@ -1831,12 +1877,12 @@ dependencies = [ [[package]] name = "indexmap" -version = "2.2.6" +version = "2.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "168fb715dda47215e360912c096649d23d58bf392ac62f73919e831745e40f26" +checksum = "62f822373a4fe84d4bb149bf54e584a7f4abec90e072ed49cda0edea5b95471f" dependencies = [ "equivalent", - "hashbrown 0.14.3", + "hashbrown 0.15.2", "serde", ] @@ -2424,13 +2470,13 @@ dependencies = [ [[package]] name = "object" -version = "0.36.0" +version = "0.36.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "576dfe1fc8f9df304abb159d767a29d0476f7750fbf8aa7ad07816004a207434" +checksum = "62948e14d923ea95ea2c7c86c71013138b66525b86bdc08d2dcc262bdb497b87" dependencies = [ "crc32fast", - "hashbrown 0.14.3", - "indexmap 2.2.6", + "hashbrown 0.15.2", + "indexmap 2.7.0", "memchr", ] @@ -2583,7 +2629,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e1d3afd2628e69da2be385eb6f2fd57c8ac7977ceeff6dc166ff1657b0e386a9" dependencies = [ "fixedbitset 0.4.2", - "indexmap 2.2.6", + "indexmap 2.7.0", ] [[package]] @@ -2928,7 +2974,18 @@ version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a3b8d81cf799e20564931e9867ca32de545188c6ee4c2e0f6e41d32f0c7dc6fb" dependencies = [ - "cranelift-bitset", + "cranelift-bitset 0.114.0", + "log", + "sptr", +] + +[[package]] +name = "pulley-interpreter" +version = "28.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "403a1a95f4c18a45c86c7bff13df00347afd0abcbf2e54af273c837339ffcf77" +dependencies = [ + "cranelift-bitset 0.115.0", "log", "sptr", ] @@ -3056,14 +3113,15 @@ dependencies = [ [[package]] name = "regalloc2" -version = "0.10.2" +version = "0.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12908dbeb234370af84d0579b9f68258a0f67e201412dd9a2814e6f45b2fc0f0" +checksum = "145c1c267e14f20fb0f88aa76a1c5ffec42d592c1d28b3cd9148ae35916158d3" dependencies = [ - "hashbrown 0.14.3", + "allocator-api2", + "bumpalo", + "hashbrown 0.15.2", "log", "rustc-hash 2.0.0", - "slice-group-by", "smallvec", ] @@ -3553,7 +3611,7 @@ version = "0.9.34+deprecated" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47" dependencies = [ - "indexmap 2.2.6", + "indexmap 2.7.0", "itoa", "ryu", "serde", @@ -3913,7 +3971,7 @@ version = "1.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a327282c4f64f6dc37e3bba4c2b6842cc3a992f204fa58d917696a89f691e5f6" dependencies = [ - "unicode-width", + "unicode-width 0.1.11", ] [[package]] @@ -4233,7 +4291,7 @@ version = "0.19.15" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1b5bb770da30e5cbfde35a2d7b9b8a2c4b8ef89548a7a6aeab5c9a576e3e7421" dependencies = [ - "indexmap 2.2.6", + "indexmap 2.7.0", "serde", "serde_spanned", "toml_datetime", @@ -4246,7 +4304,7 @@ version = "0.22.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8e40bb779c5187258fd7aad0eb68cb8706a0a81fa712fbea808ab43c4b8374c4" dependencies = [ - "indexmap 2.2.6", + "indexmap 2.7.0", "serde", "serde_spanned", "toml_datetime", @@ -4399,6 +4457,12 @@ version = "0.1.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e51733f11c9c4f72aa0c160008246859e340b00807569a0da0e7a1079b27ba85" +[[package]] +name = "unicode-width" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1fc81956842c57dac11422a97c3b8195a1ff727f06e85c84ed2e8aa277c9a0fd" + [[package]] name = "unicode-xid" version = "0.2.4" @@ -4698,7 +4762,7 @@ dependencies = [ "system-interface", "thiserror 1.0.69", "tracing", - "wasmtime", + "wasmtime 27.0.0", "wiggle", "windows-sys 0.59.0", ] @@ -4794,12 +4858,22 @@ checksum = "0046fef7e28c3804e5e38bfa31ea2a0f73905319b677e57ebe37e49358989b5d" [[package]] name = "wasm-encoder" -version = "0.219.1" +version = "0.221.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "29cbbd772edcb8e7d524a82ee8cef8dd046fc14033796a754c3ad246d019fa54" +checksum = "c17a3bd88f2155da63a1f2fcb8a56377a24f0b6dfed12733bb5f544e86f690c5" dependencies = [ "leb128", - "wasmparser 0.219.1", + "wasmparser 0.221.2", +] + +[[package]] +name = "wasm-encoder" +version = "0.222.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3432682105d7e994565ef928ccf5856cf6af4ba3dddebedb737f61caed70f956" +dependencies = [ + "leb128", + "wasmparser 0.222.0", ] [[package]] @@ -4964,7 +5038,7 @@ checksum = "d21472954ee9443235ca32522b17fc8f0fe58e2174556266a0d9766db055cc52" dependencies = [ "anyhow", "derive_builder 0.12.0", - "indexmap 2.2.6", + "indexmap 2.7.0", "semver 1.0.22", "serde", "serde_cbor", @@ -5116,20 +5190,44 @@ dependencies = [ "ahash 0.8.11", "bitflags 2.6.0", "hashbrown 0.14.3", - "indexmap 2.2.6", + "indexmap 2.7.0", "semver 1.0.22", "serde", ] +[[package]] +name = "wasmparser" +version = "0.221.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9845c470a2e10b61dd42c385839cdd6496363ed63b5c9e420b5488b77bd22083" +dependencies = [ + "bitflags 2.6.0", + "hashbrown 0.15.2", + "indexmap 2.7.0", + "semver 1.0.22", + "serde", +] + +[[package]] +name = "wasmparser" +version = "0.222.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4adf50fde1b1a49c1add6a80d47aea500c88db70551805853aa8b88f3ea27ab5" +dependencies = [ + "bitflags 2.6.0", + "indexmap 2.7.0", + "semver 1.0.22", +] + [[package]] name = "wasmprinter" -version = "0.219.1" +version = "0.221.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "228cdc1f30c27816da225d239ce4231f28941147d34713dee8f1fff7cb330e54" +checksum = "a80742ff1b9e6d8c231ac7c7247782c6fc5bce503af760bca071811e5fc9ee56" dependencies = [ "anyhow", "termcolor", - "wasmparser 0.219.1", + "wasmparser 0.221.2", ] [[package]] @@ -5137,6 +5235,44 @@ name = "wasmtime" version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5b79302e3e084713249cc5622e8608e7410afdeeea8c8026d04f491d1fab0b4b" +dependencies = [ + "anyhow", + "bitflags 2.6.0", + "bumpalo", + "cc", + "cfg-if", + "hashbrown 0.14.3", + "indexmap 2.7.0", + "libc", + "libm", + "log", + "mach2", + "memfd", + "object 0.36.7", + "paste", + "postcard", + "psm", + "pulley-interpreter 27.0.0", + "rustix", + "serde", + "serde_derive", + "smallvec", + "sptr", + "target-lexicon", + "wasmparser 0.219.1", + "wasmtime-asm-macros 27.0.0", + "wasmtime-environ 27.0.0", + "wasmtime-jit-icache-coherence 27.0.0", + "wasmtime-slab 27.0.0", + "wasmtime-versioned-export-macros 27.0.0", + "windows-sys 0.59.0", +] + +[[package]] +name = "wasmtime" +version = "28.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f639ecae347b9a2227e453a7b7671e84370a0b61f47a15e0390fe9b7725e47b3" dependencies = [ "addr2line 0.24.2", "anyhow", @@ -5149,19 +5285,19 @@ dependencies = [ "fxprof-processed-profile", "gimli 0.31.1", "hashbrown 0.14.3", - "indexmap 2.2.6", + "indexmap 2.7.0", "ittapi", "libc", "libm", "log", "mach2", "memfd", - "object 0.36.0", + "object 0.36.7", "once_cell", "paste", "postcard", "psm", - "pulley-interpreter", + "pulley-interpreter 28.0.0", "rayon", "rustix", "semver 1.0.22", @@ -5171,19 +5307,19 @@ dependencies = [ "smallvec", "sptr", "target-lexicon", - "wasm-encoder", - "wasmparser 0.219.1", - "wasmtime-asm-macros 27.0.0", + "wasm-encoder 0.221.2", + "wasmparser 0.221.2", + "wasmtime-asm-macros 28.0.0", "wasmtime-cache", "wasmtime-component-macro", "wasmtime-component-util", "wasmtime-cranelift", - "wasmtime-environ", + "wasmtime-environ 28.0.0", "wasmtime-fiber", "wasmtime-jit-debug", - "wasmtime-jit-icache-coherence", - "wasmtime-slab", - "wasmtime-versioned-export-macros 27.0.0", + "wasmtime-jit-icache-coherence 28.0.0", + "wasmtime-slab 28.0.0", + "wasmtime-versioned-export-macros 28.0.0", "wasmtime-winch", "wat", "windows-sys 0.59.0", @@ -5207,11 +5343,20 @@ dependencies = [ "cfg-if", ] +[[package]] +name = "wasmtime-asm-macros" +version = "28.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "882a18800471cfc063c8b3ccf75723784acc3fd534009ac09421f2fac2fcdcec" +dependencies = [ + "cfg-if", +] + [[package]] name = "wasmtime-cache" -version = "27.0.0" +version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0677a7e76c24746b68e3657f7cc50c0ff122ee7e97bbda6e710c1b790ebc93cb" +checksum = "368d974999abe6095341da9b9e2c0908a6272e796001e06b7022ad60b2d19710" dependencies = [ "anyhow", "base64", @@ -5229,9 +5374,9 @@ dependencies = [ [[package]] name = "wasmtime-component-macro" -version = "27.0.0" +version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e118acbd2bc09b32ad8606bc7cef793bf5019c1b107772e64dc6c76b5055d40b" +checksum = "eb5c0a77c9e1927c3d471f53cc13767c3d3438e5d5ffd394e3eb31c86445fd60" dependencies = [ "anyhow", "proc-macro2", @@ -5244,33 +5389,33 @@ dependencies = [ [[package]] name = "wasmtime-component-util" -version = "27.0.0" +version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4a6db4f3ee18c699629eabb9c64e77efe5a93a5137f098db7cab295037ba41c2" +checksum = "43702ca98bf5162eca0573db691ed9ecd36d716f8c6688410fe26ec16b6f9bcb" [[package]] name = "wasmtime-cranelift" -version = "27.0.0" +version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b87e6c78f562b50aff1afd87ff32a57e241424c846c1c8f3c5fd352d2d62906" +checksum = "20070aa5b75080a8932ec328419faf841df2bc6ceb16b55b0df2b952098392a2" dependencies = [ "anyhow", "cfg-if", - "cranelift-codegen 0.114.0", + "cranelift-codegen 0.115.0", "cranelift-control", - "cranelift-entity 0.114.0", - "cranelift-frontend 0.114.0", + "cranelift-entity 0.115.0", + "cranelift-frontend 0.115.0", "cranelift-native", "gimli 0.31.1", "itertools", "log", - "object 0.36.0", + "object 0.36.7", "smallvec", "target-lexicon", "thiserror 1.0.69", - "wasmparser 0.219.1", - "wasmtime-environ", - "wasmtime-versioned-export-macros 27.0.0", + "wasmparser 0.221.2", + "wasmtime-environ 28.0.0", + "wasmtime-versioned-export-macros 28.0.0", ] [[package]] @@ -5280,13 +5425,34 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c25bfeaa16432d59a0706e2463d315ef4c9ebcfaf5605670b99d46373bdf9f27" dependencies = [ "anyhow", - "cpp_demangle", - "cranelift-bitset", + "cranelift-bitset 0.114.0", "cranelift-entity 0.114.0", "gimli 0.31.1", - "indexmap 2.2.6", + "indexmap 2.7.0", "log", - "object 0.36.0", + "object 0.36.7", + "postcard", + "serde", + "serde_derive", + "smallvec", + "target-lexicon", + "wasmparser 0.219.1", +] + +[[package]] +name = "wasmtime-environ" +version = "28.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2604ddb24879d4dc1dedcb7081d7a8e017259bce916fdae097a97db52cbaab80" +dependencies = [ + "anyhow", + "cpp_demangle", + "cranelift-bitset 0.115.0", + "cranelift-entity 0.115.0", + "gimli 0.31.1", + "indexmap 2.7.0", + "log", + "object 0.36.7", "postcard", "rustc-demangle", "semver 1.0.22", @@ -5294,36 +5460,36 @@ dependencies = [ "serde_derive", "smallvec", "target-lexicon", - "wasm-encoder", - "wasmparser 0.219.1", + "wasm-encoder 0.221.2", + "wasmparser 0.221.2", "wasmprinter", "wasmtime-component-util", ] [[package]] name = "wasmtime-fiber" -version = "27.0.0" +version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "759ab0caa3821a6211743fe1eed448ab9df439e3af6c60dea15486c055611806" +checksum = "98593412d2b167ebe2b59d4a17a184978a72f976b53b3a0ec05629451079ac1d" dependencies = [ "anyhow", "cc", "cfg-if", "rustix", - "wasmtime-asm-macros 27.0.0", - "wasmtime-versioned-export-macros 27.0.0", + "wasmtime-asm-macros 28.0.0", + "wasmtime-versioned-export-macros 28.0.0", "windows-sys 0.59.0", ] [[package]] name = "wasmtime-jit-debug" -version = "27.0.0" +version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ab2a056056e9ac6916c2b8e4743408560300c1355e078c344211f13210d449b3" +checksum = "2caed0122664573c2bbcde649515f9e1bc783b14f2ba74b999720cf0225e234d" dependencies = [ - "object 0.36.0", + "object 0.36.7", "rustix", - "wasmtime-versioned-export-macros 27.0.0", + "wasmtime-versioned-export-macros 28.0.0", ] [[package]] @@ -5338,12 +5504,30 @@ dependencies = [ "windows-sys 0.59.0", ] +[[package]] +name = "wasmtime-jit-icache-coherence" +version = "28.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d40d7722b9e1fbeae135715710a8a2570b1e6cf72b74dd653962d89831c6c70d" +dependencies = [ + "anyhow", + "cfg-if", + "libc", + "windows-sys 0.59.0", +] + [[package]] name = "wasmtime-slab" version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4d5f8acf677ee6b3b8ba400dd9753ea4769e56a95c4b30b045ac6d2d54b2f8ea" +[[package]] +name = "wasmtime-slab" +version = "28.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8579c335220b4ece9aa490a0e8b46de78cd342b195ab21ff981d095e14b52383" + [[package]] name = "wasmtime-versioned-export-macros" version = "14.0.4" @@ -5366,32 +5550,43 @@ dependencies = [ "syn 2.0.87", ] +[[package]] +name = "wasmtime-versioned-export-macros" +version = "28.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d7de0a56fb0a69b185968f2d7a9ba54750920a806470dff7ad8de91ac06d277e" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.87", +] + [[package]] name = "wasmtime-winch" -version = "27.0.0" +version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89d6b5297bea14d8387c3974b2b011de628cc9b188f135cec752b74fd368964b" +checksum = "abd309943c443f5590d12f9aba9ba63c481091c955a0a14de0c2a9e0e3aaeca9" dependencies = [ "anyhow", - "cranelift-codegen 0.114.0", + "cranelift-codegen 0.115.0", "gimli 0.31.1", - "object 0.36.0", + "object 0.36.7", "target-lexicon", - "wasmparser 0.219.1", + "wasmparser 0.221.2", "wasmtime-cranelift", - "wasmtime-environ", + "wasmtime-environ 28.0.0", "winch-codegen", ] [[package]] name = "wasmtime-wit-bindgen" -version = "27.0.0" +version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf3963c9c29df91564d8bd181eb00d0dbaeafa1b2a01e15952bb7391166b704e" +checksum = "969f83022dac3435d6469edb582ceed04cfe32aa44dc3ef16e5cb55574633df8" dependencies = [ "anyhow", "heck 0.5.0", - "indexmap 2.2.6", + "indexmap 2.7.0", "wit-parser", ] @@ -5406,24 +5601,24 @@ dependencies = [ [[package]] name = "wast" -version = "219.0.1" +version = "222.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4f79a9d9df79986a68689a6b40bcc8d5d40d807487b235bebc2ac69a242b54a1" +checksum = "5ce7191f4b7da0dd300cc32476abae6457154e4625d9b1bc26890828a9a26f6e" dependencies = [ "bumpalo", "leb128", "memchr", - "unicode-width", - "wasm-encoder", + "unicode-width 0.2.0", + "wasm-encoder 0.222.0", ] [[package]] name = "wat" -version = "1.219.1" +version = "1.222.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8bc3cf014fb336883a411cd662f987abf6a1d2a27f2f0008616a0070bbf6bd0d" +checksum = "8fde61b4b52f9a84ae31b5e8902a2cd3162ea45d8bf564c729c3288fe52f4334" dependencies = [ - "wast 219.0.1", + "wast 222.0.0", ] [[package]] @@ -5515,7 +5710,7 @@ dependencies = [ "bitflags 2.6.0", "thiserror 1.0.69", "tracing", - "wasmtime", + "wasmtime 27.0.0", "wiggle-macro", ] @@ -5579,19 +5774,19 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "winch-codegen" -version = "27.0.0" +version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b42b678c8651ec4900d7600037d235429fc985c31cbc33515885ec0d2a9e158" +checksum = "9110decc2983ed94de904804dcd979ba59cbabc78a94fec6b1d8468ec513d0f6" dependencies = [ "anyhow", - "cranelift-codegen 0.114.0", + "cranelift-codegen 0.115.0", "gimli 0.31.1", - "regalloc2 0.10.2", + "regalloc2 0.11.1", "smallvec", "target-lexicon", - "wasmparser 0.219.1", + "wasmparser 0.221.2", "wasmtime-cranelift", - "wasmtime-environ", + "wasmtime-environ 28.0.0", ] [[package]] @@ -5840,20 +6035,20 @@ dependencies = [ [[package]] name = "wit-parser" -version = "0.219.1" +version = "0.221.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4a86f669283257e8e424b9a4fc3518e3ade0b95deb9fbc0f93a1876be3eda598" +checksum = "fbe1538eea6ea5ddbe5defd0dc82539ad7ba751e1631e9185d24a931f0a5adc8" dependencies = [ "anyhow", "id-arena", - "indexmap 2.2.6", + "indexmap 2.7.0", "log", "semver 1.0.22", "serde", "serde_derive", "serde_json", "unicode-xid", - "wasmparser 0.219.1", + "wasmparser 0.221.2", ] [[package]] @@ -5925,7 +6120,7 @@ dependencies = [ "wasmedge-sdk", "wasmer", "wasmer-wasix", - "wasmtime", + "wasmtime 28.0.0", ] [[package]] diff --git a/crates/youki/Cargo.toml b/crates/youki/Cargo.toml index b3e444a6d..8db8dee4c 100644 --- a/crates/youki/Cargo.toml +++ b/crates/youki/Cargo.toml @@ -43,7 +43,7 @@ caps = "0.5.5" wasmer = { version = "4.0.0", optional = true } wasmer-wasix = { version = "0.9.0", optional = true } wasmedge-sdk = { version = "0.14.0", optional = true } -wasmtime = { version = "27.0.0", optional = true } +wasmtime = { version = "28.0.0", optional = true } wasi-common = { version = "27.0.0", optional = true } tracing = { version = "0.1.41", features = ["attributes"] } tracing-subscriber = { version = "0.3.19", features = ["json", "env-filter"] } From cc73aea6fd5fe8f0c82a3225ee0373a79ff16ba4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Dec 2024 00:29:57 +0000 Subject: [PATCH 15/37] Bump wasi-common from 27.0.0 to 28.0.0 Bumps [wasi-common](https://github.com/bytecodealliance/wasmtime) from 27.0.0 to 28.0.0. - [Release notes](https://github.com/bytecodealliance/wasmtime/releases) - [Changelog](https://github.com/bytecodealliance/wasmtime/blob/v28.0.0/RELEASES.md) - [Commits](https://github.com/bytecodealliance/wasmtime/compare/v27.0.0...v28.0.0) --- updated-dependencies: - dependency-name: wasi-common dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- Cargo.lock | 202 ++++++++++++++++++++++++++++++++++------ crates/youki/Cargo.toml | 2 +- 2 files changed, 174 insertions(+), 30 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index efedcdfce..312fde2a1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -667,6 +667,16 @@ dependencies = [ "serde_derive", ] +[[package]] +name = "cranelift-bitset" +version = "0.115.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9bd49369f76c77e34e641af85d0956869237832c118964d08bf5f51f210875a" +dependencies = [ + "serde", + "serde_derive", +] + [[package]] name = "cranelift-codegen" version = "0.91.1" @@ -696,7 +706,7 @@ checksum = "fe4036255ec33ce9a37495dfbcfc4e1118fd34e693eff9a1e106336b7cd16a9b" dependencies = [ "bumpalo", "cranelift-bforest 0.114.0", - "cranelift-bitset", + "cranelift-bitset 0.114.0", "cranelift-codegen-meta 0.114.0", "cranelift-codegen-shared 0.114.0", "cranelift-control", @@ -777,7 +787,18 @@ version = "0.114.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "305399fd781a2953ac78c1396f02ff53144f39c33eb7fc7789cf4e8936d13a96" dependencies = [ - "cranelift-bitset", + "cranelift-bitset 0.114.0", + "serde", + "serde_derive", +] + +[[package]] +name = "cranelift-entity" +version = "0.115.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "118597e3a9cf86c3556fa579a7a23b955fa18231651a52a77a2475d305a9cf84" +dependencies = [ + "cranelift-bitset 0.115.0", "serde", "serde_derive", ] @@ -1347,6 +1368,12 @@ version = "1.0.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" +[[package]] +name = "foldhash" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a0d2fde1f7b3d48b8395d5f2de76c18a528bd6a9cdde438df747bfcba3e05d6f" + [[package]] name = "foreign-types" version = "0.3.2" @@ -1633,6 +1660,16 @@ dependencies = [ "serde", ] +[[package]] +name = "hashbrown" +version = "0.15.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bf151400ff0baff5465007dd2f3e717f3fe502074ca563069ce3a6629d07b289" +dependencies = [ + "foldhash", + "serde", +] + [[package]] name = "heapless" version = "0.7.17" @@ -2424,12 +2461,12 @@ dependencies = [ [[package]] name = "object" -version = "0.36.0" +version = "0.36.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "576dfe1fc8f9df304abb159d767a29d0476f7750fbf8aa7ad07816004a207434" +checksum = "62948e14d923ea95ea2c7c86c71013138b66525b86bdc08d2dcc262bdb497b87" dependencies = [ "crc32fast", - "hashbrown 0.14.3", + "hashbrown 0.15.2", "indexmap 2.2.6", "memchr", ] @@ -2928,7 +2965,18 @@ version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a3b8d81cf799e20564931e9867ca32de545188c6ee4c2e0f6e41d32f0c7dc6fb" dependencies = [ - "cranelift-bitset", + "cranelift-bitset 0.114.0", + "log", + "sptr", +] + +[[package]] +name = "pulley-interpreter" +version = "28.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "403a1a95f4c18a45c86c7bff13df00347afd0abcbf2e54af273c837339ffcf77" +dependencies = [ + "cranelift-bitset 0.115.0", "log", "sptr", ] @@ -4680,9 +4728,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasi-common" -version = "27.0.0" +version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "829f6c8c15912907b472bd9d195893bcdb1bde9cd8de55f134f6ab8aa507bf10" +checksum = "6cb8b6f1ca9cc40aeca0f398163ce2c1305d0661f3311a25abcda1fc6012d8f2" dependencies = [ "anyhow", "bitflags 2.6.0", @@ -4698,7 +4746,7 @@ dependencies = [ "system-interface", "thiserror 1.0.69", "tracing", - "wasmtime", + "wasmtime 28.0.0", "wiggle", "windows-sys 0.59.0", ] @@ -5121,6 +5169,18 @@ dependencies = [ "serde", ] +[[package]] +name = "wasmparser" +version = "0.221.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9845c470a2e10b61dd42c385839cdd6496363ed63b5c9e420b5488b77bd22083" +dependencies = [ + "bitflags 2.6.0", + "hashbrown 0.15.2", + "indexmap 2.2.6", + "serde", +] + [[package]] name = "wasmprinter" version = "0.219.1" @@ -5156,12 +5216,12 @@ dependencies = [ "log", "mach2", "memfd", - "object 0.36.0", + "object 0.36.7", "once_cell", "paste", "postcard", "psm", - "pulley-interpreter", + "pulley-interpreter 27.0.0", "rayon", "rustix", "semver 1.0.22", @@ -5178,17 +5238,54 @@ dependencies = [ "wasmtime-component-macro", "wasmtime-component-util", "wasmtime-cranelift", - "wasmtime-environ", + "wasmtime-environ 27.0.0", "wasmtime-fiber", "wasmtime-jit-debug", "wasmtime-jit-icache-coherence", - "wasmtime-slab", + "wasmtime-slab 27.0.0", "wasmtime-versioned-export-macros 27.0.0", "wasmtime-winch", "wat", "windows-sys 0.59.0", ] +[[package]] +name = "wasmtime" +version = "28.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f639ecae347b9a2227e453a7b7671e84370a0b61f47a15e0390fe9b7725e47b3" +dependencies = [ + "anyhow", + "bitflags 2.6.0", + "bumpalo", + "cc", + "cfg-if", + "hashbrown 0.14.3", + "indexmap 2.2.6", + "libc", + "libm", + "log", + "mach2", + "memfd", + "object 0.36.7", + "paste", + "postcard", + "psm", + "pulley-interpreter 28.0.0", + "rustix", + "serde", + "serde_derive", + "smallvec", + "sptr", + "target-lexicon", + "wasmparser 0.221.2", + "wasmtime-asm-macros 28.0.0", + "wasmtime-environ 28.0.0", + "wasmtime-slab 28.0.0", + "wasmtime-versioned-export-macros 28.0.0", + "windows-sys 0.59.0", +] + [[package]] name = "wasmtime-asm-macros" version = "14.0.4" @@ -5207,6 +5304,15 @@ dependencies = [ "cfg-if", ] +[[package]] +name = "wasmtime-asm-macros" +version = "28.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "882a18800471cfc063c8b3ccf75723784acc3fd534009ac09421f2fac2fcdcec" +dependencies = [ + "cfg-if", +] + [[package]] name = "wasmtime-cache" version = "27.0.0" @@ -5264,12 +5370,12 @@ dependencies = [ "gimli 0.31.1", "itertools", "log", - "object 0.36.0", + "object 0.36.7", "smallvec", "target-lexicon", "thiserror 1.0.69", "wasmparser 0.219.1", - "wasmtime-environ", + "wasmtime-environ 27.0.0", "wasmtime-versioned-export-macros 27.0.0", ] @@ -5281,12 +5387,12 @@ checksum = "c25bfeaa16432d59a0706e2463d315ef4c9ebcfaf5605670b99d46373bdf9f27" dependencies = [ "anyhow", "cpp_demangle", - "cranelift-bitset", + "cranelift-bitset 0.114.0", "cranelift-entity 0.114.0", "gimli 0.31.1", "indexmap 2.2.6", "log", - "object 0.36.0", + "object 0.36.7", "postcard", "rustc-demangle", "semver 1.0.22", @@ -5300,6 +5406,27 @@ dependencies = [ "wasmtime-component-util", ] +[[package]] +name = "wasmtime-environ" +version = "28.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2604ddb24879d4dc1dedcb7081d7a8e017259bce916fdae097a97db52cbaab80" +dependencies = [ + "anyhow", + "cranelift-bitset 0.115.0", + "cranelift-entity 0.115.0", + "gimli 0.31.1", + "indexmap 2.2.6", + "log", + "object 0.36.7", + "postcard", + "serde", + "serde_derive", + "smallvec", + "target-lexicon", + "wasmparser 0.221.2", +] + [[package]] name = "wasmtime-fiber" version = "27.0.0" @@ -5321,7 +5448,7 @@ version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ab2a056056e9ac6916c2b8e4743408560300c1355e078c344211f13210d449b3" dependencies = [ - "object 0.36.0", + "object 0.36.7", "rustix", "wasmtime-versioned-export-macros 27.0.0", ] @@ -5344,6 +5471,12 @@ version = "27.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4d5f8acf677ee6b3b8ba400dd9753ea4769e56a95c4b30b045ac6d2d54b2f8ea" +[[package]] +name = "wasmtime-slab" +version = "28.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "8579c335220b4ece9aa490a0e8b46de78cd342b195ab21ff981d095e14b52383" + [[package]] name = "wasmtime-versioned-export-macros" version = "14.0.4" @@ -5366,6 +5499,17 @@ dependencies = [ "syn 2.0.87", ] +[[package]] +name = "wasmtime-versioned-export-macros" +version = "28.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d7de0a56fb0a69b185968f2d7a9ba54750920a806470dff7ad8de91ac06d277e" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.87", +] + [[package]] name = "wasmtime-winch" version = "27.0.0" @@ -5375,11 +5519,11 @@ dependencies = [ "anyhow", "cranelift-codegen 0.114.0", "gimli 0.31.1", - "object 0.36.0", + "object 0.36.7", "target-lexicon", "wasmparser 0.219.1", "wasmtime-cranelift", - "wasmtime-environ", + "wasmtime-environ 27.0.0", "winch-codegen", ] @@ -5506,24 +5650,24 @@ dependencies = [ [[package]] name = "wiggle" -version = "27.0.0" +version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "80e0f6ef83a263c0fa11957c363aeaa76dc84832484d0e119f22810d4d0e09a7" +checksum = "17bccfa2095b348aa6de0efcc4c621ba14d6ecc2371433232f337b1d2f089fa3" dependencies = [ "anyhow", "async-trait", "bitflags 2.6.0", "thiserror 1.0.69", "tracing", - "wasmtime", + "wasmtime 28.0.0", "wiggle-macro", ] [[package]] name = "wiggle-generate" -version = "27.0.0" +version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd266b290a0fdace3af6a05c6ebbcc54de303a774448ecf5a98cd0bc12d89c52" +checksum = "5a1fda112fc9de89fc4af51ea8b4c8e745ce1f01cd19f08c36c37aa11563ad41" dependencies = [ "anyhow", "heck 0.5.0", @@ -5536,9 +5680,9 @@ dependencies = [ [[package]] name = "wiggle-macro" -version = "27.0.0" +version = "28.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9b8eb1a5783540696c59cefbfc9e52570c2d5e62bd47bdf0bdcef29231879db2" +checksum = "fc9a143339de27ff05ce30366c58b741afb38c803b5ffb68e9546fd2e0629c4a" dependencies = [ "proc-macro2", "quote", @@ -5591,7 +5735,7 @@ dependencies = [ "target-lexicon", "wasmparser 0.219.1", "wasmtime-cranelift", - "wasmtime-environ", + "wasmtime-environ 27.0.0", ] [[package]] @@ -5925,7 +6069,7 @@ dependencies = [ "wasmedge-sdk", "wasmer", "wasmer-wasix", - "wasmtime", + "wasmtime 27.0.0", ] [[package]] diff --git a/crates/youki/Cargo.toml b/crates/youki/Cargo.toml index b3e444a6d..49bc9e714 100644 --- a/crates/youki/Cargo.toml +++ b/crates/youki/Cargo.toml @@ -44,7 +44,7 @@ wasmer = { version = "4.0.0", optional = true } wasmer-wasix = { version = "0.9.0", optional = true } wasmedge-sdk = { version = "0.14.0", optional = true } wasmtime = { version = "27.0.0", optional = true } -wasi-common = { version = "27.0.0", optional = true } +wasi-common = { version = "28.0.0", optional = true } tracing = { version = "0.1.41", features = ["attributes"] } tracing-subscriber = { version = "0.3.19", features = ["json", "env-filter"] } tracing-journald = "0.3.1" From 83d87a28c34f0720575cdf6c760d82cb1a3d7d38 Mon Sep 17 00:00:00 2001 From: Aidan Hobson Sayers Date: Mon, 30 Dec 2024 11:19:32 +0000 Subject: [PATCH 16/37] Fix --preserve-fds, eliminate stray FD being passed into container (#2893) * Fix preserve-fds flag Signed-off-by: Aidan Hobson Sayers * Fix a stray FD leaking in containers when using preserve-fd Signed-off-by: Aidan Hobson Sayers * Add tests for preserve-fds, extend test harness Test harness additionally needed to support 1. tests that cannot run in parallel 2. tests that need to customise create arguments Signed-off-by: Aidan Hobson Sayers * Opt-out a test from runc that it errors on Signed-off-by: Aidan Hobson Sayers * chore: minor cleanup of comments Signed-off-by: Yashodhan Joshi --------- Signed-off-by: Aidan Hobson Sayers Signed-off-by: Yashodhan Joshi Co-authored-by: Yashodhan Joshi --- .../src/process/container_init_process.rs | 3 + .../src/process/container_main_process.rs | 9 -- crates/libcontainer/src/syscall/linux.rs | 21 +++- tests/contest/contest/src/main.rs | 3 + .../contest/src/tests/fd_control/mod.rs | 113 ++++++++++++++++++ .../src/tests/lifecycle/container_create.rs | 4 + .../tests/lifecycle/container_lifecycle.rs | 4 + tests/contest/contest/src/tests/mod.rs | 1 + .../contest/src/tests/pidfile/pidfile_test.rs | 31 ++--- tests/contest/contest/src/utils/mod.rs | 2 +- tests/contest/contest/src/utils/test_utils.rs | 14 ++- tests/contest/runtimetest/src/main.rs | 1 + tests/contest/runtimetest/src/tests.rs | 45 +++++++ .../contest/test_framework/src/test_group.rs | 90 +++++++++----- .../test_framework/src/test_manager.rs | 29 +++++ tests/contest/test_framework/src/testable.rs | 1 + 16 files changed, 303 insertions(+), 68 deletions(-) create mode 100644 tests/contest/contest/src/tests/fd_control/mod.rs diff --git a/crates/libcontainer/src/process/container_init_process.rs b/crates/libcontainer/src/process/container_init_process.rs index f09f04dcc..f7c7d4e94 100644 --- a/crates/libcontainer/src/process/container_init_process.rs +++ b/crates/libcontainer/src/process/container_init_process.rs @@ -580,6 +580,9 @@ pub fn container_init_process( // will be closed after execve into the container payload. We can't close the // fds immediately since we at least still need it for the pipe used to wait on // starting the container. + // + // Note: this should happen very late, in order to avoid accidentally leaking FDs + // Please refer to https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv for more details. syscall.close_range(preserve_fds).map_err(|err| { tracing::error!(?err, "failed to cleanup extra fds"); InitProcessError::SyscallOther(err) diff --git a/crates/libcontainer/src/process/container_main_process.rs b/crates/libcontainer/src/process/container_main_process.rs index a900f8db5..d4b1ade6b 100644 --- a/crates/libcontainer/src/process/container_main_process.rs +++ b/crates/libcontainer/src/process/container_main_process.rs @@ -75,15 +75,6 @@ pub fn container_main_process(container_args: &ContainerArgs) -> Result<(Pid, bo }) }; - // Before starting the intermediate process, mark all non-stdio open files as O_CLOEXEC - // to ensure we don't leak any file descriptors to the intermediate process. - // Please refer to https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv for more details. - let syscall = container_args.syscall.create_syscall(); - syscall.close_range(0).map_err(|err| { - tracing::error!(?err, "failed to cleanup extra fds"); - ProcessError::SyscallOther(err) - })?; - let container_clone_fn = if container_args.as_sibling { fork::container_clone_sibling } else { diff --git a/crates/libcontainer/src/syscall/linux.rs b/crates/libcontainer/src/syscall/linux.rs index ed68e104a..1b6d702e1 100644 --- a/crates/libcontainer/src/syscall/linux.rs +++ b/crates/libcontainer/src/syscall/linux.rs @@ -17,7 +17,7 @@ use nix::fcntl::{open, OFlag}; use nix::mount::{mount, umount2, MntFlags, MsFlags}; use nix::sched::{unshare, CloneFlags}; use nix::sys::stat::{mknod, Mode, SFlag}; -use nix::unistd::{chown, chroot, fchdir, pivot_root, sethostname, Gid, Uid}; +use nix::unistd::{chown, chroot, close, fchdir, pivot_root, sethostname, Gid, Uid}; use oci_spec::runtime::PosixRlimit; use super::{Result, Syscall, SyscallError}; @@ -232,11 +232,15 @@ impl Syscall for LinuxSyscall { /// Function to set given path as root path inside process fn pivot_rootfs(&self, path: &Path) -> Result<()> { // open the path as directory and read only - let newroot = - open(path, OFlag::O_DIRECTORY | OFlag::O_RDONLY, Mode::empty()).map_err(|errno| { - tracing::error!(?errno, ?path, "failed to open the new root for pivot root"); - errno - })?; + let newroot = open( + path, + OFlag::O_DIRECTORY | OFlag::O_RDONLY | OFlag::O_CLOEXEC, + Mode::empty(), + ) + .map_err(|errno| { + tracing::error!(?errno, ?path, "failed to open the new root for pivot root"); + errno + })?; // make the given path as the root directory for the container // see https://man7.org/linux/man-pages/man2/pivot_root.2.html, specially the notes @@ -279,6 +283,11 @@ impl Syscall for LinuxSyscall { errno })?; + close(newroot).map_err(|errno| { + tracing::error!(?errno, ?newroot, "failed to close new root directory"); + errno + })?; + Ok(()) } diff --git a/tests/contest/contest/src/main.rs b/tests/contest/contest/src/main.rs index bb1019ca8..7c2708624 100644 --- a/tests/contest/contest/src/main.rs +++ b/tests/contest/contest/src/main.rs @@ -12,6 +12,7 @@ use tests::cgroups; use crate::tests::devices::get_devices_test; use crate::tests::domainname::get_domainname_tests; use crate::tests::example::get_example_test; +use crate::tests::fd_control::get_fd_control_test; use crate::tests::hooks::get_hooks_tests; use crate::tests::hostname::get_hostname_test; use crate::tests::intel_rdt::get_intel_rdt_test; @@ -125,6 +126,7 @@ fn main() -> Result<()> { let process_rlimtis = get_process_rlimits_test(); let no_pivot = get_no_pivot_test(); let process_oom_score_adj = get_process_oom_score_adj_test(); + let fd_control = get_fd_control_test(); tm.add_test_group(Box::new(cl)); tm.add_test_group(Box::new(cc)); @@ -154,6 +156,7 @@ fn main() -> Result<()> { tm.add_test_group(Box::new(process_rlimtis)); tm.add_test_group(Box::new(no_pivot)); tm.add_test_group(Box::new(process_oom_score_adj)); + tm.add_test_group(Box::new(fd_control)); tm.add_test_group(Box::new(io_priority_test)); tm.add_cleanup(Box::new(cgroups::cleanup_v1)); diff --git a/tests/contest/contest/src/tests/fd_control/mod.rs b/tests/contest/contest/src/tests/fd_control/mod.rs new file mode 100644 index 000000000..3d76fe105 --- /dev/null +++ b/tests/contest/contest/src/tests/fd_control/mod.rs @@ -0,0 +1,113 @@ +use std::fs; +use std::os::fd::{AsRawFd, RawFd}; + +use anyhow::{anyhow, Context, Result}; +use oci_spec::runtime::{ProcessBuilder, Spec, SpecBuilder}; +use test_framework::{test_result, ConditionalTest, Test, TestGroup, TestResult}; + +use crate::utils::{is_runtime_runc, test_inside_container, CreateOptions}; + +fn create_spec() -> Result { + SpecBuilder::default() + .process( + ProcessBuilder::default() + .args( + ["runtimetest", "fd_control"] + .iter() + .map(|s| s.to_string()) + .collect::>(), + ) + .build()?, + ) + .build() + .context("failed to create spec") +} + +fn open_devnull_no_cloexec() -> Result<(fs::File, RawFd)> { + // Rust std by default sets cloexec, so we undo it + let devnull = fs::File::open("/dev/null")?; + let devnull_fd = devnull.as_raw_fd(); + let flags = nix::fcntl::fcntl(devnull_fd, nix::fcntl::FcntlArg::F_GETFD)?; + let mut flags = nix::fcntl::FdFlag::from_bits_retain(flags); + flags.remove(nix::fcntl::FdFlag::FD_CLOEXEC); + nix::fcntl::fcntl(devnull_fd, nix::fcntl::FcntlArg::F_SETFD(flags))?; + Ok((devnull, devnull_fd)) +} + +// If not opening any other FDs, verify youki itself doesnt open anything that gets +// leaked in if passing --preserve-fds with a large number +// NOTE: this will also fail if the test harness itself starts leaking FDs +fn only_stdio_test() -> TestResult { + let spec = test_result!(create_spec()); + test_inside_container( + spec, + &CreateOptions::default().with_extra_args(&["--preserve-fds".as_ref(), "100".as_ref()]), + &|bundle_path| { + fs::write(bundle_path.join("num-fds"), "0".as_bytes())?; + Ok(()) + }, + ) +} + +// If we know we have an open FD without cloexec, it should be closed if preserve-fds +// is 0 (the default) +fn closes_fd_test() -> TestResult { + // Open this before the setup function so it's kept alive for the container lifetime + let (_devnull, _devnull_fd) = match open_devnull_no_cloexec() { + Ok(v) => v, + Err(e) => return TestResult::Failed(anyhow!("failed to open dev null: {}", e)), + }; + + let spec = test_result!(create_spec()); + test_inside_container( + spec, + &CreateOptions::default().with_extra_args(&["--preserve-fds".as_ref(), "0".as_ref()]), + &|bundle_path| { + fs::write(bundle_path.join("num-fds"), "0".as_bytes())?; + Ok(()) + }, + ) +} + +// Given an open FD, verify it can be passed down with preserve-fds +fn pass_single_fd_test() -> TestResult { + // Open this before the setup function so it's kept alive for the container lifetime + let (_devnull, devnull_fd) = match open_devnull_no_cloexec() { + Ok(v) => v, + Err(e) => return TestResult::Failed(anyhow!("failed to open dev null: {}", e)), + }; + + let spec = test_result!(create_spec()); + test_inside_container( + spec, + &CreateOptions::default().with_extra_args(&[ + "--preserve-fds".as_ref(), + (devnull_fd - 2).to_string().as_ref(), // relative to stdio + ]), + &|bundle_path| { + fs::write(bundle_path.join("num-fds"), "1".as_bytes())?; + Ok(()) + }, + ) +} + +pub fn get_fd_control_test() -> TestGroup { + let mut test_group = TestGroup::new("fd_control"); + test_group.set_nonparallel(); // fds are process-wide state + let test_only_stdio = ConditionalTest::new( + "only_stdio", + // runc errors if any of the N passed FDs via preserve-fd are not currently open + Box::new(|| !is_runtime_runc()), + Box::new(only_stdio_test), + ); + let test_closes_fd = Test::new("closes_fd", Box::new(closes_fd_test)); + let test_pass_single_fd = Test::new("pass_single_fd", Box::new(pass_single_fd_test)); + // adding separately as one is conditional test and others are normal + test_group.add(vec![Box::new(test_only_stdio)]); + test_group.add(vec![ + Box::new(test_closes_fd), + Box::new(test_pass_single_fd), + ]); + + test_group +} diff --git a/tests/contest/contest/src/tests/lifecycle/container_create.rs b/tests/contest/contest/src/tests/lifecycle/container_create.rs index a2021bff7..2f2050b04 100644 --- a/tests/contest/contest/src/tests/lifecycle/container_create.rs +++ b/tests/contest/contest/src/tests/lifecycle/container_create.rs @@ -82,6 +82,10 @@ impl TestableGroup for ContainerCreate { "create" } + fn parallel(&self) -> bool { + true + } + fn run_all(&self) -> Vec<(&'static str, TestResult)> { vec![ ("empty_id", self.create_empty_id()), diff --git a/tests/contest/contest/src/tests/lifecycle/container_lifecycle.rs b/tests/contest/contest/src/tests/lifecycle/container_lifecycle.rs index 6b925feea..b33f3364c 100644 --- a/tests/contest/contest/src/tests/lifecycle/container_lifecycle.rs +++ b/tests/contest/contest/src/tests/lifecycle/container_lifecycle.rs @@ -93,6 +93,10 @@ impl TestableGroup for ContainerLifecycle { "lifecycle" } + fn parallel(&self) -> bool { + true + } + fn run_all(&self) -> Vec<(&'static str, TestResult)> { vec![ ("create", self.create()), diff --git a/tests/contest/contest/src/tests/mod.rs b/tests/contest/contest/src/tests/mod.rs index 6e8e39be8..ac7f6e0ee 100644 --- a/tests/contest/contest/src/tests/mod.rs +++ b/tests/contest/contest/src/tests/mod.rs @@ -2,6 +2,7 @@ pub mod cgroups; pub mod devices; pub mod domainname; pub mod example; +pub mod fd_control; pub mod hooks; pub mod hostname; pub mod intel_rdt; diff --git a/tests/contest/contest/src/tests/pidfile/pidfile_test.rs b/tests/contest/contest/src/tests/pidfile/pidfile_test.rs index 3d545bfd4..08362a034 100644 --- a/tests/contest/contest/src/tests/pidfile/pidfile_test.rs +++ b/tests/contest/contest/src/tests/pidfile/pidfile_test.rs @@ -1,13 +1,12 @@ use std::fs::File; -use std::process::{Command, Stdio}; use anyhow::anyhow; use test_framework::{Test, TestGroup, TestResult}; use uuid::Uuid; use crate::utils::{ - delete_container, generate_uuid, get_runtime_path, get_state, kill_container, prepare_bundle, - State, + create_container, delete_container, generate_uuid, get_state, kill_container, prepare_bundle, + CreateOptions, State, }; #[inline] @@ -17,8 +16,6 @@ fn cleanup(id: &Uuid, bundle: &tempfile::TempDir) { delete_container(&str_id, bundle).unwrap().wait().unwrap(); } -// here we have to manually create and manage the container -// as the test_inside container does not provide a way to set the pid file argument fn test_pidfile() -> TestResult { // create id for the container and pidfile let container_id = generate_uuid(); @@ -30,22 +27,14 @@ fn test_pidfile() -> TestResult { let _ = File::create(&pidfile_path).unwrap(); // start the container - Command::new(get_runtime_path()) - .stdin(Stdio::null()) - .stdout(Stdio::null()) - .stderr(Stdio::null()) - .arg("--root") - .arg(bundle.as_ref().join("runtime")) - .arg("create") - .arg(container_id.to_string()) - .arg("--bundle") - .arg(bundle.as_ref().join("bundle")) - .arg("--pid-file") - .arg(pidfile_path) - .spawn() - .unwrap() - .wait() - .unwrap(); + create_container( + &container_id.to_string(), + &bundle, + &CreateOptions::default().with_extra_args(&["--pid-file".as_ref(), pidfile_path.as_ref()]), + ) + .unwrap() + .wait() + .unwrap(); let (out, err) = get_state(&container_id.to_string(), &bundle).unwrap(); diff --git a/tests/contest/contest/src/utils/mod.rs b/tests/contest/contest/src/utils/mod.rs index 9f7c3eccb..9088ac27d 100644 --- a/tests/contest/contest/src/utils/mod.rs +++ b/tests/contest/contest/src/utils/mod.rs @@ -7,5 +7,5 @@ pub use support::{ }; pub use test_utils::{ create_container, delete_container, get_state, kill_container, test_inside_container, - test_outside_container, State, + test_outside_container, CreateOptions, State, }; diff --git a/tests/contest/contest/src/utils/test_utils.rs b/tests/contest/contest/src/utils/test_utils.rs index 0964a9a04..9da480923 100644 --- a/tests/contest/contest/src/utils/test_utils.rs +++ b/tests/contest/contest/src/utils/test_utils.rs @@ -1,6 +1,7 @@ //! Contains utility functions for testing //! Similar to https://github.com/opencontainers/runtime-tools/blob/master/validation/util/test.go use std::collections::HashMap; +use std::ffi::OsStr; use std::path::{Path, PathBuf}; use std::process::{Child, Command, ExitStatus, Stdio}; use std::thread::sleep; @@ -43,11 +44,17 @@ pub struct ContainerData { } #[derive(Debug, Default)] -pub struct CreateOptions { +pub struct CreateOptions<'a> { + extra_args: &'a [&'a OsStr], no_pivot: bool, } -impl CreateOptions { +impl<'a> CreateOptions<'a> { + pub fn with_extra_args(mut self, extra_args: &'a [&'a OsStr]) -> Self { + self.extra_args = extra_args; + self + } + pub fn with_no_pivot_root(mut self) -> Self { self.no_pivot = true; self @@ -64,7 +71,8 @@ fn create_container_command>(id: &str, dir: P, options: &CreateOp .arg("create") .arg(id) .arg("--bundle") - .arg(dir.as_ref().join("bundle")); + .arg(dir.as_ref().join("bundle")) + .args(options.extra_args); if options.no_pivot { command.arg("--no-pivot"); } diff --git a/tests/contest/runtimetest/src/main.rs b/tests/contest/runtimetest/src/main.rs index ef85a35cb..62f8372b4 100644 --- a/tests/contest/runtimetest/src/main.rs +++ b/tests/contest/runtimetest/src/main.rs @@ -50,6 +50,7 @@ fn main() { "process_rlimits" => tests::validate_process_rlimits(&spec), "no_pivot" => tests::validate_rootfs(), "process_oom_score_adj" => tests::validate_process_oom_score_adj(&spec), + "fd_control" => tests::validate_fd_control(&spec), _ => eprintln!("error due to unexpected execute test name: {execute_test}"), } } diff --git a/tests/contest/runtimetest/src/tests.rs b/tests/contest/runtimetest/src/tests.rs index 721141aaf..46f6f270e 100644 --- a/tests/contest/runtimetest/src/tests.rs +++ b/tests/contest/runtimetest/src/tests.rs @@ -1,4 +1,5 @@ use std::env; +use std::ffi::OsStr; use std::fs::{self, read_dir}; use std::os::linux::fs::MetadataExt; use std::os::unix::fs::{FileTypeExt, PermissionsExt}; @@ -775,3 +776,47 @@ pub fn validate_process_oom_score_adj(spec: &Spec) { eprintln!("Unexpected oom_score_adj, expected: {expected_value} found: {actual_value}"); } } + +pub fn validate_fd_control(_spec: &Spec) { + // --preserve-fds does not get passed via the spec so we have to communicate information + // via the root filesystem + let expected_num_fds: usize = fs::read_to_string("/num-fds").unwrap().parse().unwrap(); + + let mut entries = vec![]; + let stdio: &[&OsStr] = &["0".as_ref(), "1".as_ref(), "2".as_ref()]; + for entry in fs::read_dir("/proc/self/fd").unwrap() { + let entry = entry.unwrap(); + let name = entry.file_name(); + if stdio.contains(&name.as_os_str()) { + // Ignore stdio + continue; + } + entries.push((entry.path(), fs::read_link(entry.path()))) + } + + // NOTE: we do this in a separate loop so we can filter out the dirfd used behind + // the scenes in 'fs::read_dir'. It is important to *not* store the full DirEntry + // type, as that keeps the dirfd open. + let mut fd_details = vec![]; + let mut found_dirfd = false; + for (path, linkpath) in &entries { + println!("found fd in container {} {:?}", path.display(), linkpath); + // The difference between metadata.unwrap() and fs::metadata is that the latter + // will now try to follow the symlink + match fs::metadata(path) { + Ok(m) => fd_details.push((path, linkpath, m)), + Err(e) if e.kind() == std::io::ErrorKind::NotFound && !found_dirfd => { + // Expected for the dirfd + println!("(ignoring dirfd)"); + found_dirfd = true + } + Err(e) => { + eprintln!("unexpected error reading metadata: {}", e) + } + } + } + + if fd_details.len() != expected_num_fds { + eprintln!("mismatched fds inside container! {:?}", fd_details); + } +} diff --git a/tests/contest/test_framework/src/test_group.rs b/tests/contest/test_framework/src/test_group.rs index b5a01ec6b..771041165 100644 --- a/tests/contest/test_framework/src/test_group.rs +++ b/tests/contest/test_framework/src/test_group.rs @@ -9,6 +9,9 @@ use crate::testable::{TestResult, Testable, TestableGroup}; pub struct TestGroup { /// name of the test group name: &'static str, + /// can the test group be executed in parallel (both the tests + /// within it, and alongside other test groups) + parallel: bool, /// tests belonging to this group tests: BTreeMap<&'static str, Box>, } @@ -18,10 +21,16 @@ impl TestGroup { pub fn new(name: &'static str) -> Self { TestGroup { name, + parallel: true, tests: BTreeMap::new(), } } + /// mark the test group as unsuitable for parallel execution + pub fn set_nonparallel(&mut self) { + self.parallel = false + } + /// add a test to the group pub fn add(&mut self, tests: Vec>) { tests.into_iter().for_each(|t| { @@ -36,26 +45,41 @@ impl TestableGroup for TestGroup { self.name } + /// can this test group be executed (within itself, and alongside other groups) + fn parallel(&self) -> bool { + self.parallel + } + /// run all the test from the test group fn run_all(&self) -> Vec<(&'static str, TestResult)> { let mut ret = Vec::with_capacity(self.tests.len()); - thread::scope(|s| { - let mut collector = Vec::with_capacity(self.tests.len()); + if self.parallel { + thread::scope(|s| { + let mut collector = Vec::with_capacity(self.tests.len()); + for (_, t) in self.tests.iter() { + let _t = s.spawn(move |_| { + if t.can_run() { + (t.get_name(), t.run()) + } else { + (t.get_name(), TestResult::Skipped) + } + }); + collector.push(_t); + } + for handle in collector { + ret.push(handle.join().unwrap()); + } + }) + .unwrap(); + } else { for (_, t) in self.tests.iter() { - let _t = s.spawn(move |_| { - if t.can_run() { - (t.get_name(), t.run()) - } else { - (t.get_name(), TestResult::Skipped) - } + ret.push(if t.can_run() { + (t.get_name(), t.run()) + } else { + (t.get_name(), TestResult::Skipped) }); - collector.push(_t); } - for handle in collector { - ret.push(handle.join().unwrap()); - } - }) - .unwrap(); + } ret } @@ -66,23 +90,33 @@ impl TestableGroup for TestGroup { .iter() .filter(|(name, _)| selected.contains(name)); let mut ret = Vec::with_capacity(selected.len()); - thread::scope(|s| { - let mut collector = Vec::with_capacity(selected.len()); + if self.parallel { + thread::scope(|s| { + let mut collector = Vec::with_capacity(selected.len()); + for (_, t) in selected_tests { + let _t = s.spawn(move |_| { + if t.can_run() { + (t.get_name(), t.run()) + } else { + (t.get_name(), TestResult::Skipped) + } + }); + collector.push(_t); + } + for handle in collector { + ret.push(handle.join().unwrap()); + } + }) + .unwrap(); + } else { for (_, t) in selected_tests { - let _t = s.spawn(move |_| { - if t.can_run() { - (t.get_name(), t.run()) - } else { - (t.get_name(), TestResult::Skipped) - } + ret.push(if t.can_run() { + (t.get_name(), t.run()) + } else { + (t.get_name(), TestResult::Skipped) }); - collector.push(_t); } - for handle in collector { - ret.push(handle.join().unwrap()); - } - }) - .unwrap(); + } ret } } diff --git a/tests/contest/test_framework/src/test_manager.rs b/tests/contest/test_framework/src/test_manager.rs index 0bccdefd9..2971e24b6 100644 --- a/tests/contest/test_framework/src/test_manager.rs +++ b/tests/contest/test_framework/src/test_manager.rs @@ -64,6 +64,9 @@ impl TestManager { thread::scope(|s| { let mut collector = Vec::with_capacity(self.test_groups.len()); for (name, tg) in &self.test_groups { + if !tg.parallel() { + continue; + } let r = s.spawn(move |_| tg.run_all()); collector.push((name, r)); } @@ -72,6 +75,13 @@ impl TestManager { } }) .unwrap(); + for (name, tg) in &self.test_groups { + if tg.parallel() { + continue; + } + self.print_test_result(name, &tg.run_all()) + } + for cleaner in &self.cleanup { if let Err(e) = cleaner() { print!("Failed to cleanup: {e}"); @@ -85,6 +95,9 @@ impl TestManager { let mut collector = Vec::with_capacity(tests.len()); for (test_group_name, tests) in &tests { if let Some(tg) = self.test_groups.get(test_group_name) { + if !tg.parallel() { + continue; + } let r = match tests { None => s.spawn(move |_| tg.run_all()), Some(tests) => s.spawn(move |_| tg.run_selected(tests)), @@ -99,6 +112,22 @@ impl TestManager { } }) .unwrap(); + for (test_group_name, tests) in &tests { + if let Some(tg) = self.test_groups.get(test_group_name) { + if tg.parallel() { + continue; + } + self.print_test_result( + test_group_name, + &match tests { + None => tg.run_all(), + Some(tests) => tg.run_selected(tests), + }, + ); + } else { + // We've already printed errors for not finding tests + } + } for cleaner in &self.cleanup { if let Err(e) = cleaner() { diff --git a/tests/contest/test_framework/src/testable.rs b/tests/contest/test_framework/src/testable.rs index 2c90986b8..b1e15e311 100644 --- a/tests/contest/test_framework/src/testable.rs +++ b/tests/contest/test_framework/src/testable.rs @@ -39,6 +39,7 @@ pub trait Testable { /// Test groups are used to group tests in sensible manner as well as provide namespacing to tests pub trait TestableGroup { fn get_name(&self) -> &'static str; + fn parallel(&self) -> bool; fn run_all(&self) -> Vec<(&'static str, TestResult)>; fn run_selected(&self, selected: &[&str]) -> Vec<(&'static str, TestResult)>; } From aeb652545d5c6e8e5b73c71d0a3d25a821c4d520 Mon Sep 17 00:00:00 2001 From: Toru Komatsu Date: Tue, 31 Dec 2024 10:27:26 +0900 Subject: [PATCH 17/37] Prepare for v0.5.0 (#3016) Signed-off-by: utam0k --- .tagpr | 2 +- justfile | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.tagpr b/.tagpr index 994afd208..977c0a27e 100644 --- a/.tagpr +++ b/.tagpr @@ -2,6 +2,6 @@ vPrefix = true releaseBranch = main versionFile = .tagpr - command = just version-up 0.4.1 + command = just version-up 0.5.0 release = false changelog = true diff --git a/justfile b/justfile index 7b6027a25..aafefc89d 100644 --- a/justfile +++ b/justfile @@ -198,3 +198,5 @@ version-up version: git grep -l "^version = .* # MARK: Version" | xargs sed -i 's/version = "[0-9]\.[0-9]\.[0-9]" # MARK: Version/version = "{{version}}" # MARK: Version/g' git grep -l "} # MARK: Version" | grep -v justfile | xargs sed -i 's/version = "[0-9]\.[0-9]\.[0-9]" } # MARK: Version/version = "{{version}}" } # MARK: Version/g' {{ cwd }}/scripts/release_tag.sh {{version}} + NEXT_VERSION=$(echo {{version}} | awk -F. -v OFS=. '{$NF += 1 ; print}') + sed -i "s/{{version}}/$NEXT_VERSION/g" .tagpr From 846625cc82cecf689b66241de3ea3256da015b28 Mon Sep 17 00:00:00 2001 From: Kotaro Inoue Date: Wed, 1 Jan 2025 20:18:32 +0900 Subject: [PATCH 18/37] Use later stable rust version 1.81.0 to fix the CI (#3033) * Use rust 1.81.0 Signed-off-by: Kotaro Inoue * Fix linter issue Signed-off-by: Kotaro Inoue --------- Signed-off-by: Kotaro Inoue --- crates/libcontainer/src/utils.rs | 5 +---- rust-toolchain.toml | 2 +- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/crates/libcontainer/src/utils.rs b/crates/libcontainer/src/utils.rs index 62ace463b..1718a4734 100644 --- a/crates/libcontainer/src/utils.rs +++ b/crates/libcontainer/src/utils.rs @@ -132,10 +132,7 @@ pub fn parse_env(envs: &[String]) -> HashMap { /// Get a nix::unistd::User via UID. Potential errors will be ignored. pub fn get_unix_user(uid: Uid) -> Option { - match User::from_uid(uid) { - Ok(x) => x, - Err(_) => None, - } + User::from_uid(uid).unwrap_or_default() } /// Get home path of a User via UID. diff --git a/rust-toolchain.toml b/rust-toolchain.toml index 77f0d2750..e56463845 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,3 +1,3 @@ [toolchain] profile="default" -channel="1.80.0" +channel="1.81.0" From c795d92e054843e3266727d673a0ff5e81ac72d9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 Jan 2025 11:21:51 +0000 Subject: [PATCH 19/37] Bump serde from 1.0.216 to 1.0.217 in the patch group Bumps the patch group with 1 update: [serde](https://github.com/serde-rs/serde). Updates `serde` from 1.0.216 to 1.0.217 - [Release notes](https://github.com/serde-rs/serde/releases) - [Commits](https://github.com/serde-rs/serde/compare/v1.0.216...v1.0.217) --- updated-dependencies: - dependency-name: serde dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 9af6c9a80..7cda0356b 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3463,9 +3463,9 @@ checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" [[package]] name = "serde" -version = "1.0.216" +version = "1.0.217" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b9781016e935a97e8beecf0c933758c97a5520d32930e460142b4cd80c6338e" +checksum = "02fc4265df13d6fa1d00ecff087228cc0a2b5f3c0e87e258d8b94a156e984c70" dependencies = [ "serde_derive", ] @@ -3493,9 +3493,9 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.216" +version = "1.0.217" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46f859dbbf73865c6627ed570e78961cd3ac92407a2d117204c49232485da55e" +checksum = "5a9bf7cf98d04a2b28aead066b7496853d4779c9cc183c440dbac457641e19a0" dependencies = [ "proc-macro2", "quote", From 792f359c4634bd41912dc10df5398ee776cb2098 Mon Sep 17 00:00:00 2001 From: Toru Komatsu Date: Thu, 2 Jan 2025 14:10:52 +0900 Subject: [PATCH 20/37] Don't specify the versionFile for tagpr (#3036) Signed-off-by: utam0k --- .tagpr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.tagpr b/.tagpr index 977c0a27e..111bdd230 100644 --- a/.tagpr +++ b/.tagpr @@ -1,7 +1,7 @@ [tagpr] vPrefix = true releaseBranch = main - versionFile = .tagpr + versionFile = - command = just version-up 0.5.0 release = false changelog = true From dcb299f3310ef5ad40c6ebbe7bbafe34fc4ba8c2 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Thu, 2 Jan 2025 19:27:18 +0900 Subject: [PATCH 21/37] Release for v0.5.0 (#2906) * [tagpr] prepare for the next release * [tagpr] update CHANGELOG.md --------- Co-authored-by: github-actions[bot] --- .tagpr | 2 +- CHANGELOG.md | 44 ++++++++++++++++++++++++++++++++++ crates/libcgroups/Cargo.toml | 2 +- crates/libcontainer/Cargo.toml | 4 ++-- crates/liboci-cli/Cargo.toml | 2 +- crates/youki/Cargo.toml | 8 +++---- docs/src/user/basic_setup.md | 2 +- 7 files changed, 54 insertions(+), 10 deletions(-) diff --git a/.tagpr b/.tagpr index 111bdd230..0148217bc 100644 --- a/.tagpr +++ b/.tagpr @@ -2,6 +2,6 @@ vPrefix = true releaseBranch = main versionFile = - - command = just version-up 0.5.0 + command = just version-up 0.5.1 release = false changelog = true diff --git a/CHANGELOG.md b/CHANGELOG.md index 0f02715bf..48fdb3fff 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,49 @@ # Changelog +## [v0.5.0](https://github.com/youki-dev/youki/compare/v0.4.1...v0.5.0) - 2025-01-02 +### ๐Ÿ’ช Improvements +- libcontainer: support set stdios for container by @abel-von in https://github.com/youki-dev/youki/pull/2961 +- Add option to spawn processes as siblings by @jprendes in https://github.com/youki-dev/youki/pull/3012 +### ๐Ÿ’ฅ Breaking Changes +- libcontainer: use OwnedFd as console_socket in ContainerBuilder by @abel-von in https://github.com/youki-dev/youki/pull/2966 +### ๐Ÿ› Bug Fixes +- Fixed ENAMETOOLONG error in setup_console_socket by @morganllewellynjones in https://github.com/youki-dev/youki/pull/2915 +- fix(libcontainer) no_pivot args is not used by @xujihui1985 in https://github.com/youki-dev/youki/pull/2923 +- Fix/return multi errors on create failed by @xujihui1985 in https://github.com/youki-dev/youki/pull/2998 +- fix duplicate gids in container creation by @YJDoc2 in https://github.com/youki-dev/youki/pull/3019 +- Fix --preserve-fds, eliminate stray FD being passed into container by @aidanhs in https://github.com/youki-dev/youki/pull/2893 +### ๐Ÿ“– Documentation improvements +- Add the affiliations of youki maintainers by @utam0k in https://github.com/youki-dev/youki/pull/2947 +- docs: update github pages links by @tskxz in https://github.com/youki-dev/youki/pull/2969 +- switch from license-file to license by @jprendes in https://github.com/youki-dev/youki/pull/3023 +### ๐Ÿงช Test improvements and Misc Fixes +- ci: update action versions to fix deprecation warnings by @YJDoc2 in https://github.com/youki-dev/youki/pull/2918 +- deps: update wasmedge to 0.14.0 by @YJDoc2 in https://github.com/youki-dev/youki/pull/2928 +- Bump oci-spec to 0.7.0 by @kiokuless in https://github.com/youki-dev/youki/pull/2934 +- remove incorrect dependency in readme by @YJDoc2 in https://github.com/youki-dev/youki/pull/2940 +- Add seccomp into feature flags of youki to be compiled in by @musaprg in https://github.com/youki-dev/youki/pull/2924 +- Add unittest to expertiment seccomp programs by @sat0ken in https://github.com/youki-dev/youki/pull/2956 +- print "unknown" instead of defaults if we cannot get kernel config by @YJDoc2 in https://github.com/youki-dev/youki/pull/2964 +- Add test process rlimits by @sat0ken in https://github.com/youki-dev/youki/pull/2977 +- Add test process user by @sat0ken in https://github.com/youki-dev/youki/pull/2978 +- add test process_oom_score_adj by @saku3 in https://github.com/youki-dev/youki/pull/2987 +- Add process test by @sat0ken in https://github.com/youki-dev/youki/pull/2968 +- refactor(test): refine function create_container by @xujihui1985 in https://github.com/youki-dev/youki/pull/2973 +- Add test root readonly by @sat0ken in https://github.com/youki-dev/youki/pull/2976 +- Adding Discord link to docs by @crmejia in https://github.com/youki-dev/youki/pull/3005 +- Prepare for v0.5.0 by @utam0k in https://github.com/youki-dev/youki/pull/3016 +- Use later stable rust version 1.81.0 to fix the CI by @musaprg in https://github.com/youki-dev/youki/pull/3033 +- Don't specify the versionFile for tagpr by @utam0k in https://github.com/youki-dev/youki/pull/3036 +### Other Changes +- selinux: create Vagrantfile for SELinux by @Gekko0114 in https://github.com/youki-dev/youki/pull/2900 +- Cargo.toml: remove unused dependnecies by @Mossaka in https://github.com/youki-dev/youki/pull/2921 +- deps: update wasmtime by @YJDoc2 in https://github.com/youki-dev/youki/pull/2929 +- selinux: fix xattr and remove anyhow by @Gekko0114 in https://github.com/youki-dev/youki/pull/2936 +- .github/workflows/basic: check unused deps on 'check' job by @Mossaka in https://github.com/youki-dev/youki/pull/2941 +- seccomp: Update experiment seccomp program by @sat0ken in https://github.com/youki-dev/youki/pull/2946 +- create mount_rootfs method by @Gekko0114 in https://github.com/youki-dev/youki/pull/2953 +- Update deps: roll multiple dependabot PRs into one by @YJDoc2 in https://github.com/youki-dev/youki/pull/2993 + ## [v0.4.1](https://github.com/containers/youki/compare/v0.4.0...v0.4.1) - 2024-09-02 ### ๐Ÿงช Test improvements and Misc Fixes - prepare for version 0.4.1 by @YJDoc2 in https://github.com/containers/youki/pull/2897 diff --git a/crates/libcgroups/Cargo.toml b/crates/libcgroups/Cargo.toml index 52701c332..cae0385ad 100644 --- a/crates/libcgroups/Cargo.toml +++ b/crates/libcgroups/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "libcgroups" -version = "0.4.1" # MARK: Version +version = "0.5.0" # MARK: Version description = "Library for cgroup" license = "Apache-2.0" repository = "https://github.com/containers/youki" diff --git a/crates/libcontainer/Cargo.toml b/crates/libcontainer/Cargo.toml index c5e215025..a07a326a8 100644 --- a/crates/libcontainer/Cargo.toml +++ b/crates/libcontainer/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "libcontainer" -version = "0.4.1" # MARK: Version +version = "0.5.0" # MARK: Version description = "Library for container control" license = "Apache-2.0" repository = "https://github.com/containers/youki" @@ -41,7 +41,7 @@ oci-spec = { version = "0.7.1", features = ["runtime"] } once_cell = "1.20.2" procfs = "0.17.0" prctl = "1.0.0" -libcgroups = { path = "../libcgroups", default-features = false, version = "0.4.1" } # MARK: Version +libcgroups = { path = "../libcgroups", default-features = false, version = "0.5.0" } # MARK: Version libseccomp = { version = "0.3.0", optional = true } serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" diff --git a/crates/liboci-cli/Cargo.toml b/crates/liboci-cli/Cargo.toml index 1ad8b6d75..1b0795355 100644 --- a/crates/liboci-cli/Cargo.toml +++ b/crates/liboci-cli/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "liboci-cli" -version = "0.4.1" # MARK: Version +version = "0.5.0" # MARK: Version description = "Parse command line arguments for OCI container runtimes" license = "Apache-2.0" repository = "https://github.com/containers/youki" diff --git a/crates/youki/Cargo.toml b/crates/youki/Cargo.toml index 0fce9204a..bc52846dc 100644 --- a/crates/youki/Cargo.toml +++ b/crates/youki/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "youki" -version = "0.4.1" # MARK: Version +version = "0.5.0" # MARK: Version description = "A container runtime written in Rust" license = "Apache-2.0" repository = "https://github.com/containers/youki" @@ -30,9 +30,9 @@ features = ["std", "suggestions", "derive", "cargo", "help", "usage", "error-con [dependencies] anyhow = "1.0.95" chrono = { version = "0.4", default-features = false, features = ["clock", "serde"] } -libcgroups = { path = "../libcgroups", default-features = false, version = "0.4.1" } # MARK: Version -libcontainer = { path = "../libcontainer", default-features = false, version = "0.4.1" } # MARK: Version -liboci-cli = { path = "../liboci-cli", version = "0.4.1" } # MARK: Version +libcgroups = { path = "../libcgroups", default-features = false, version = "0.5.0" } # MARK: Version +libcontainer = { path = "../libcontainer", default-features = false, version = "0.5.0" } # MARK: Version +liboci-cli = { path = "../liboci-cli", version = "0.5.0" } # MARK: Version nix = "0.28.0" pentacle = "1.1.0" procfs = "0.17.0" diff --git a/docs/src/user/basic_setup.md b/docs/src/user/basic_setup.md index 96359345b..8f6338ebe 100644 --- a/docs/src/user/basic_setup.md +++ b/docs/src/user/basic_setup.md @@ -83,7 +83,7 @@ Install from the GitHub release as root: ```console -# curl -sSfL https://github.com/containers/youki/releases/download/v0.4.1/youki-0.4.1-$(uname -m)-musl.tar.gz | tar -xzvC /usr/bin/ youki +# curl -sSfL https://github.com/containers/youki/releases/download/v0.5.0/youki-0.5.0-$(uname -m)-musl.tar.gz | tar -xzvC /usr/bin/ youki ``` From d59ef9da8c8dfac171200f0d0fd8a9ffcca12444 Mon Sep 17 00:00:00 2001 From: Toru Komatsu Date: Mon, 6 Jan 2025 11:48:49 +0900 Subject: [PATCH 22/37] Do `cargo check` before releasing a new version (#3039) Signed-off-by: utam0k --- justfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/justfile b/justfile index aafefc89d..586134413 100644 --- a/justfile +++ b/justfile @@ -200,3 +200,5 @@ version-up version: {{ cwd }}/scripts/release_tag.sh {{version}} NEXT_VERSION=$(echo {{version}} | awk -F. -v OFS=. '{$NF += 1 ; print}') sed -i "s/{{version}}/$NEXT_VERSION/g" .tagpr + # Need to update the lockfile. + cargo check From 09613fc2c719d73bdd71a456dee40160402e89b2 Mon Sep 17 00:00:00 2001 From: Toru Komatsu Date: Mon, 6 Jan 2025 11:49:19 +0900 Subject: [PATCH 23/37] Fix building the wasmedge feature (#3041) Signed-off-by: utam0k --- Cargo.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index f380c87bf..17d92bd79 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1994,7 +1994,7 @@ checksum = "b5aba8db14291edd000dfcc4d620c7ebfb122c613afb886ca8803fa4e128a20a" [[package]] name = "libcgroups" -version = "0.4.1" +version = "0.5.0" dependencies = [ "anyhow", "clap", @@ -2019,7 +2019,7 @@ dependencies = [ [[package]] name = "libcontainer" -version = "0.4.1" +version = "0.5.0" dependencies = [ "anyhow", "caps", @@ -2066,7 +2066,7 @@ checksum = "4ec2a862134d2a7d32d7983ddcdd1c4923530833c9f2ea1a44fc5fa473989058" [[package]] name = "liboci-cli" -version = "0.4.1" +version = "0.5.0" dependencies = [ "clap", ] @@ -4877,9 +4877,9 @@ dependencies = [ [[package]] name = "wasmedge-sys" -version = "0.19.2" +version = "0.19.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8ebcb49955b8b2e08fe8c3416fe4df61ecf30654db4b8f6f2418a0450cb5ada3" +checksum = "88da93fb54be1deaa84bc68393f09ba8491e20113465c35a9446e14107f55a6e" dependencies = [ "async-wasi", "bindgen", @@ -5950,7 +5950,7 @@ dependencies = [ [[package]] name = "youki" -version = "0.4.1" +version = "0.5.0" dependencies = [ "anyhow", "caps", From a43aa44325a1df5b5a0a8549ef1ecfd6def5aff0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Jan 2025 02:51:57 +0000 Subject: [PATCH 24/37] Bump tabwriter from 1.4.0 to 1.4.1 in the patch group across 1 directory Bumps the patch group with 1 update in the / directory: [tabwriter](https://github.com/BurntSushi/tabwriter). Updates `tabwriter` from 1.4.0 to 1.4.1 - [Commits](https://github.com/BurntSushi/tabwriter/compare/1.4.0...1.4.1) --- updated-dependencies: - dependency-name: tabwriter dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 17d92bd79..e03701b9d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3934,11 +3934,11 @@ dependencies = [ [[package]] name = "tabwriter" -version = "1.4.0" +version = "1.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a327282c4f64f6dc37e3bba4c2b6842cc3a992f204fa58d917696a89f691e5f6" +checksum = "fce91f2f0ec87dff7e6bcbbeb267439aa1188703003c6055193c821487400432" dependencies = [ - "unicode-width 0.1.11", + "unicode-width", ] [[package]] @@ -4418,12 +4418,6 @@ version = "1.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d4c87d22b6e3f4a18d4d40ef354e97c90fcb14dd91d7dc0aa9d8a1172ebf7202" -[[package]] -name = "unicode-width" -version = "0.1.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e51733f11c9c4f72aa0c160008246859e340b00807569a0da0e7a1079b27ba85" - [[package]] name = "unicode-width" version = "0.2.0" @@ -5464,7 +5458,7 @@ dependencies = [ "bumpalo", "leb128", "memchr", - "unicode-width 0.2.0", + "unicode-width", "wasm-encoder 0.222.0", ] From 0ffbe85f438ec61ab76aa09e0a9cdc543d9d7657 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 Jan 2025 00:33:05 +0000 Subject: [PATCH 25/37] Bump serde_json from 1.0.134 to 1.0.135 in the patch group Bumps the patch group with 1 update: [serde_json](https://github.com/serde-rs/json). Updates `serde_json` from 1.0.134 to 1.0.135 - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](https://github.com/serde-rs/json/compare/v1.0.134...v1.0.135) --- updated-dependencies: - dependency-name: serde_json dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index e03701b9d..da3a99668 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3529,9 +3529,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.134" +version = "1.0.135" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d00f4175c42ee48b15416f6193a959ba3a0d67fc699a0db9ad12df9f83991c7d" +checksum = "2b0d7ba2887406110130a978386c4e1befb98c674b4fba677954e4db976630d9" dependencies = [ "itoa", "memchr", From 95b8a8a14e3402fe202dba0d8508f8edda418b2c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Jan 2025 00:23:59 +0000 Subject: [PATCH 26/37] Bump the patch group with 2 updates Bumps the patch group with 2 updates: [thiserror](https://github.com/dtolnay/thiserror) and [vergen-gitcl](https://github.com/rustyhorde/vergen). Updates `thiserror` from 2.0.9 to 2.0.10 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](https://github.com/dtolnay/thiserror/compare/2.0.9...2.0.10) Updates `vergen-gitcl` from 1.0.2 to 1.0.3 - [Release notes](https://github.com/rustyhorde/vergen/releases) - [Commits](https://github.com/rustyhorde/vergen/compare/vergen_gix_1.0.2...vergen_gix_1.0.3) --- updated-dependencies: - dependency-name: thiserror dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: vergen-gitcl dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 46 +++++++++++++++++----------------- crates/libcgroups/Cargo.toml | 2 +- crates/libcontainer/Cargo.toml | 2 +- crates/youki/Cargo.toml | 2 +- 4 files changed, 26 insertions(+), 26 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index da3a99668..16bb75fa3 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2013,7 +2013,7 @@ dependencies = [ "serde_json", "serial_test", "tempfile", - "thiserror 2.0.9", + "thiserror 2.0.10", "tracing", ] @@ -2044,7 +2044,7 @@ dependencies = [ "serde_json", "serial_test", "tempfile", - "thiserror 2.0.9", + "thiserror 2.0.10", "tracing", ] @@ -2472,7 +2472,7 @@ dependencies = [ "serde_json", "strum", "strum_macros", - "thiserror 2.0.9", + "thiserror 2.0.10", ] [[package]] @@ -3359,9 +3359,9 @@ dependencies = [ [[package]] name = "rustversion" -version = "1.0.18" +version = "1.0.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0e819f2bc632f285be6d7cd36e25940d45b2391dd6d9b939e79de557f7014248" +checksum = "f7c45b9784283f1b2e7fb61b42047c2fd678ef0960d4f6f1eba131594cc369d4" [[package]] name = "ryu" @@ -4030,11 +4030,11 @@ dependencies = [ [[package]] name = "thiserror" -version = "2.0.9" +version = "2.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f072643fd0190df67a8bab670c20ef5d8737177d6ac6b2e9a236cb096206b2cc" +checksum = "a3ac7f54ca534db81081ef1c1e7f6ea8a3ef428d2fc069097c079443d24124d3" dependencies = [ - "thiserror-impl 2.0.9", + "thiserror-impl 2.0.10", ] [[package]] @@ -4050,9 +4050,9 @@ dependencies = [ [[package]] name = "thiserror-impl" -version = "2.0.9" +version = "2.0.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b50fa271071aae2e6ee85f842e2e28ba8cd2c5fb67f11fcb1fd70b276f9e7d4" +checksum = "9e9465d30713b56a37ede7185763c3492a91be2f5fa68d958c44e41ab9248beb" dependencies = [ "proc-macro2", "quote", @@ -4086,9 +4086,9 @@ dependencies = [ [[package]] name = "time" -version = "0.3.36" +version = "0.3.37" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5dfd88e563464686c916c7e46e623e520ddc6d79fa6641390f2e3fa86e83e885" +checksum = "35e7868883861bd0e56d9ac6efcaaca0d6d5d82a2a7ec8209ff492c07cf37b21" dependencies = [ "deranged", "itoa", @@ -4098,7 +4098,7 @@ dependencies = [ "powerfmt", "serde", "time-core", - "time-macros 0.2.18", + "time-macros 0.2.19", ] [[package]] @@ -4119,9 +4119,9 @@ dependencies = [ [[package]] name = "time-macros" -version = "0.2.18" +version = "0.2.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f252a68540fde3a3877aeea552b832b40ab9a69e318efd078774a01ddee1ccf" +checksum = "2834e6017e3e5e4b9834939793b282bc03b37a3336245fa820e35e233e2a85de" dependencies = [ "num-conv", "time-core", @@ -4486,36 +4486,36 @@ checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" [[package]] name = "vergen" -version = "9.0.2" +version = "9.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "31f25fc8f8f05df455c7941e87f093ad22522a9ff33d7a027774815acf6f0639" +checksum = "5874b280b7018290bee73c03ff2437bcfcc25f637d6a74927790d309698963ed" dependencies = [ "anyhow", "derive_builder 0.20.2", "rustversion", - "time 0.3.36", + "time 0.3.37", "vergen-lib", ] [[package]] name = "vergen-gitcl" -version = "1.0.2" +version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0227006d09f98ab00ea69e9a5e055e676a813cfbed4232986176c86a6080b997" +checksum = "51fd85916a841d1a40cc97302c18788895cfe2893ae1163e54c54d02b7bd3971" dependencies = [ "anyhow", "derive_builder 0.20.2", "rustversion", - "time 0.3.36", + "time 0.3.37", "vergen", "vergen-lib", ] [[package]] name = "vergen-lib" -version = "0.1.5" +version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c0c767e6751c09fc85cde58722cf2f1007e80e4c8d5a4321fc90d83dc54ca147" +checksum = "9b07e6010c0f3e59fcb164e0163834597da68d1f864e2b8ca49f74de01e9c166" dependencies = [ "anyhow", "derive_builder 0.20.2", diff --git a/crates/libcgroups/Cargo.toml b/crates/libcgroups/Cargo.toml index cae0385ad..0461da868 100644 --- a/crates/libcgroups/Cargo.toml +++ b/crates/libcgroups/Cargo.toml @@ -29,7 +29,7 @@ rbpf = { version = "0.3.0", optional = true } libbpf-sys = { version = "1.5.0", optional = true } errno = { version = "0.3.10", optional = true } libc = { version = "0.2.169", optional = true } -thiserror = "2.0.9" +thiserror = "2.0.10" tracing = { version = "0.1.41", features = ["attributes"] } [dev-dependencies] diff --git a/crates/libcontainer/Cargo.toml b/crates/libcontainer/Cargo.toml index a07a326a8..d7ca6b185 100644 --- a/crates/libcontainer/Cargo.toml +++ b/crates/libcontainer/Cargo.toml @@ -47,7 +47,7 @@ serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" rust-criu = "0.4.0" regex = { version = "1.10.6", default-features = false, features = ["std", "unicode-perl"] } -thiserror = "2.0.9" +thiserror = "2.0.10" tracing = { version = "0.1.41", features = ["attributes"] } safe-path = "0.1.0" nc = "0.9.5" diff --git a/crates/youki/Cargo.toml b/crates/youki/Cargo.toml index bc52846dc..d8358bfd2 100644 --- a/crates/youki/Cargo.toml +++ b/crates/youki/Cargo.toml @@ -56,4 +56,4 @@ scopeguard = "1.2.0" [build-dependencies] anyhow = "1.0.95" -vergen-gitcl = { version = "1.0.2", features = ["build"] } +vergen-gitcl = { version = "1.0.3", features = ["build"] } From b3b9788ea8effebee5ceebfff212fbabf770a8f7 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 10 Jan 2025 20:32:26 +0900 Subject: [PATCH 27/37] Release for v0.5.1 (#3044) * [tagpr] prepare for the next release * [tagpr] update CHANGELOG.md --------- Co-authored-by: github-actions[bot] --- .tagpr | 2 +- CHANGELOG.md | 6 ++++++ Cargo.lock | 8 ++++---- crates/libcgroups/Cargo.toml | 2 +- crates/libcontainer/Cargo.toml | 4 ++-- crates/liboci-cli/Cargo.toml | 2 +- crates/youki/Cargo.toml | 8 ++++---- docs/src/user/basic_setup.md | 2 +- 8 files changed, 20 insertions(+), 14 deletions(-) diff --git a/.tagpr b/.tagpr index 0148217bc..b5bd433c5 100644 --- a/.tagpr +++ b/.tagpr @@ -2,6 +2,6 @@ vPrefix = true releaseBranch = main versionFile = - - command = just version-up 0.5.1 + command = just version-up 0.5.2 release = false changelog = true diff --git a/CHANGELOG.md b/CHANGELOG.md index 48fdb3fff..9410a787a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ # Changelog +## [v0.5.1](https://github.com/youki-dev/youki/compare/v0.5.0...v0.5.1) - 2025-01-06 +### ๐Ÿ› Bug Fixes +- Fix building the wasmedge feature by @utam0k in https://github.com/youki-dev/youki/pull/3041 +### ๐Ÿงช Test improvements and Misc Fixes +- Do `cargo check` before releasing a new version by @utam0k in https://github.com/youki-dev/youki/pull/3039 + ## [v0.5.0](https://github.com/youki-dev/youki/compare/v0.4.1...v0.5.0) - 2025-01-02 ### ๐Ÿ’ช Improvements - libcontainer: support set stdios for container by @abel-von in https://github.com/youki-dev/youki/pull/2961 diff --git a/Cargo.lock b/Cargo.lock index 16bb75fa3..bbf5292bf 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1994,7 +1994,7 @@ checksum = "b5aba8db14291edd000dfcc4d620c7ebfb122c613afb886ca8803fa4e128a20a" [[package]] name = "libcgroups" -version = "0.5.0" +version = "0.5.1" dependencies = [ "anyhow", "clap", @@ -2019,7 +2019,7 @@ dependencies = [ [[package]] name = "libcontainer" -version = "0.5.0" +version = "0.5.1" dependencies = [ "anyhow", "caps", @@ -2066,7 +2066,7 @@ checksum = "4ec2a862134d2a7d32d7983ddcdd1c4923530833c9f2ea1a44fc5fa473989058" [[package]] name = "liboci-cli" -version = "0.5.0" +version = "0.5.1" dependencies = [ "clap", ] @@ -5944,7 +5944,7 @@ dependencies = [ [[package]] name = "youki" -version = "0.5.0" +version = "0.5.1" dependencies = [ "anyhow", "caps", diff --git a/crates/libcgroups/Cargo.toml b/crates/libcgroups/Cargo.toml index 0461da868..5f96b1e2a 100644 --- a/crates/libcgroups/Cargo.toml +++ b/crates/libcgroups/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "libcgroups" -version = "0.5.0" # MARK: Version +version = "0.5.1" # MARK: Version description = "Library for cgroup" license = "Apache-2.0" repository = "https://github.com/containers/youki" diff --git a/crates/libcontainer/Cargo.toml b/crates/libcontainer/Cargo.toml index d7ca6b185..ff73ab0a6 100644 --- a/crates/libcontainer/Cargo.toml +++ b/crates/libcontainer/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "libcontainer" -version = "0.5.0" # MARK: Version +version = "0.5.1" # MARK: Version description = "Library for container control" license = "Apache-2.0" repository = "https://github.com/containers/youki" @@ -41,7 +41,7 @@ oci-spec = { version = "0.7.1", features = ["runtime"] } once_cell = "1.20.2" procfs = "0.17.0" prctl = "1.0.0" -libcgroups = { path = "../libcgroups", default-features = false, version = "0.5.0" } # MARK: Version +libcgroups = { path = "../libcgroups", default-features = false, version = "0.5.1" } # MARK: Version libseccomp = { version = "0.3.0", optional = true } serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" diff --git a/crates/liboci-cli/Cargo.toml b/crates/liboci-cli/Cargo.toml index 1b0795355..61e87e74d 100644 --- a/crates/liboci-cli/Cargo.toml +++ b/crates/liboci-cli/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "liboci-cli" -version = "0.5.0" # MARK: Version +version = "0.5.1" # MARK: Version description = "Parse command line arguments for OCI container runtimes" license = "Apache-2.0" repository = "https://github.com/containers/youki" diff --git a/crates/youki/Cargo.toml b/crates/youki/Cargo.toml index d8358bfd2..7b15c818e 100644 --- a/crates/youki/Cargo.toml +++ b/crates/youki/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "youki" -version = "0.5.0" # MARK: Version +version = "0.5.1" # MARK: Version description = "A container runtime written in Rust" license = "Apache-2.0" repository = "https://github.com/containers/youki" @@ -30,9 +30,9 @@ features = ["std", "suggestions", "derive", "cargo", "help", "usage", "error-con [dependencies] anyhow = "1.0.95" chrono = { version = "0.4", default-features = false, features = ["clock", "serde"] } -libcgroups = { path = "../libcgroups", default-features = false, version = "0.5.0" } # MARK: Version -libcontainer = { path = "../libcontainer", default-features = false, version = "0.5.0" } # MARK: Version -liboci-cli = { path = "../liboci-cli", version = "0.5.0" } # MARK: Version +libcgroups = { path = "../libcgroups", default-features = false, version = "0.5.1" } # MARK: Version +libcontainer = { path = "../libcontainer", default-features = false, version = "0.5.1" } # MARK: Version +liboci-cli = { path = "../liboci-cli", version = "0.5.1" } # MARK: Version nix = "0.28.0" pentacle = "1.1.0" procfs = "0.17.0" diff --git a/docs/src/user/basic_setup.md b/docs/src/user/basic_setup.md index 8f6338ebe..0c9dcdbee 100644 --- a/docs/src/user/basic_setup.md +++ b/docs/src/user/basic_setup.md @@ -83,7 +83,7 @@ Install from the GitHub release as root: ```console -# curl -sSfL https://github.com/containers/youki/releases/download/v0.5.0/youki-0.5.0-$(uname -m)-musl.tar.gz | tar -xzvC /usr/bin/ youki +# curl -sSfL https://github.com/containers/youki/releases/download/v0.5.1/youki-0.5.1-$(uname -m)-musl.tar.gz | tar -xzvC /usr/bin/ youki ``` From e370cea2bf53b0ed20a7b528ea39266693d6dcdd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Jan 2025 00:14:03 +0000 Subject: [PATCH 28/37] Bump the patch group with 3 updates Bumps the patch group with 3 updates: [thiserror](https://github.com/dtolnay/thiserror), [vergen-gitcl](https://github.com/rustyhorde/vergen) and [uuid](https://github.com/uuid-rs/uuid). Updates `thiserror` from 2.0.10 to 2.0.11 - [Release notes](https://github.com/dtolnay/thiserror/releases) - [Commits](https://github.com/dtolnay/thiserror/compare/2.0.10...2.0.11) Updates `vergen-gitcl` from 1.0.3 to 1.0.5 - [Release notes](https://github.com/rustyhorde/vergen/releases) - [Commits](https://github.com/rustyhorde/vergen/commits) Updates `uuid` from 1.11.0 to 1.11.1 - [Release notes](https://github.com/uuid-rs/uuid/releases) - [Commits](https://github.com/uuid-rs/uuid/compare/1.11.0...1.11.1) --- updated-dependencies: - dependency-name: thiserror dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: vergen-gitcl dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: uuid dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 28 ++++++++++++++-------------- crates/libcgroups/Cargo.toml | 2 +- crates/libcontainer/Cargo.toml | 2 +- crates/youki/Cargo.toml | 2 +- 4 files changed, 17 insertions(+), 17 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index bbf5292bf..4c709c99a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2013,7 +2013,7 @@ dependencies = [ "serde_json", "serial_test", "tempfile", - "thiserror 2.0.10", + "thiserror 2.0.11", "tracing", ] @@ -2044,7 +2044,7 @@ dependencies = [ "serde_json", "serial_test", "tempfile", - "thiserror 2.0.10", + "thiserror 2.0.11", "tracing", ] @@ -2472,7 +2472,7 @@ dependencies = [ "serde_json", "strum", "strum_macros", - "thiserror 2.0.10", + "thiserror 2.0.11", ] [[package]] @@ -4030,11 +4030,11 @@ dependencies = [ [[package]] name = "thiserror" -version = "2.0.10" +version = "2.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a3ac7f54ca534db81081ef1c1e7f6ea8a3ef428d2fc069097c079443d24124d3" +checksum = "d452f284b73e6d76dd36758a0c8684b1d5be31f92b89d07fd5822175732206fc" dependencies = [ - "thiserror-impl 2.0.10", + "thiserror-impl 2.0.11", ] [[package]] @@ -4050,9 +4050,9 @@ dependencies = [ [[package]] name = "thiserror-impl" -version = "2.0.10" +version = "2.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e9465d30713b56a37ede7185763c3492a91be2f5fa68d958c44e41ab9248beb" +checksum = "26afc1baea8a989337eeb52b6e72a039780ce45c3edfcc9c5b9d112feeb173c2" dependencies = [ "proc-macro2", "quote", @@ -4468,9 +4468,9 @@ checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a" [[package]] name = "uuid" -version = "1.11.0" +version = "1.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8c5f0a0af699448548ad1a2fbf920fb4bee257eae39953ba95cb84891a0446a" +checksum = "b913a3b5fe84142e269d63cc62b64319ccaf89b748fc31fe025177f767a756c4" [[package]] name = "valuable" @@ -4486,9 +4486,9 @@ checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" [[package]] name = "vergen" -version = "9.0.3" +version = "9.0.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5874b280b7018290bee73c03ff2437bcfcc25f637d6a74927790d309698963ed" +checksum = "e0d2f179f8075b805a43a2a21728a46f0cc2921b3c58695b28fa8817e103cd9a" dependencies = [ "anyhow", "derive_builder 0.20.2", @@ -4499,9 +4499,9 @@ dependencies = [ [[package]] name = "vergen-gitcl" -version = "1.0.3" +version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51fd85916a841d1a40cc97302c18788895cfe2893ae1163e54c54d02b7bd3971" +checksum = "b2f89d70a58a4506a6079cedf575c64cf51649ccbb4e02a63dac539b264b7711" dependencies = [ "anyhow", "derive_builder 0.20.2", diff --git a/crates/libcgroups/Cargo.toml b/crates/libcgroups/Cargo.toml index 5f96b1e2a..5df1dc7a4 100644 --- a/crates/libcgroups/Cargo.toml +++ b/crates/libcgroups/Cargo.toml @@ -29,7 +29,7 @@ rbpf = { version = "0.3.0", optional = true } libbpf-sys = { version = "1.5.0", optional = true } errno = { version = "0.3.10", optional = true } libc = { version = "0.2.169", optional = true } -thiserror = "2.0.10" +thiserror = "2.0.11" tracing = { version = "0.1.41", features = ["attributes"] } [dev-dependencies] diff --git a/crates/libcontainer/Cargo.toml b/crates/libcontainer/Cargo.toml index ff73ab0a6..855bd0d6c 100644 --- a/crates/libcontainer/Cargo.toml +++ b/crates/libcontainer/Cargo.toml @@ -47,7 +47,7 @@ serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" rust-criu = "0.4.0" regex = { version = "1.10.6", default-features = false, features = ["std", "unicode-perl"] } -thiserror = "2.0.10" +thiserror = "2.0.11" tracing = { version = "0.1.41", features = ["attributes"] } safe-path = "0.1.0" nc = "0.9.5" diff --git a/crates/youki/Cargo.toml b/crates/youki/Cargo.toml index 7b15c818e..c044b39f1 100644 --- a/crates/youki/Cargo.toml +++ b/crates/youki/Cargo.toml @@ -56,4 +56,4 @@ scopeguard = "1.2.0" [build-dependencies] anyhow = "1.0.95" -vergen-gitcl = { version = "1.0.3", features = ["build"] } +vergen-gitcl = { version = "1.0.5", features = ["build"] } From 72784e25df2a23f2232be61b413e38d9719e7ac1 Mon Sep 17 00:00:00 2001 From: Hiroyuki Moriya <41197469+Gekko0114@users.noreply.github.com> Date: Tue, 14 Jan 2025 21:00:50 +0900 Subject: [PATCH 29/37] add pr template (#3049) Signed-off-by: moriya <41197469+Gekko0114@users.noreply.github.com> --- .github/pull_request_template.md | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 .github/pull_request_template.md diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 000000000..04a58cabe --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,29 @@ +## Description + + +## Type of Change + +- [ ] Bug fix (non-breaking change that fixes an issue) +- [ ] New feature (non-breaking change that adds functionality) +- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) +- [ ] Documentation update +- [ ] Refactoring (no functional changes) +- [ ] Performance improvement +- [ ] Test updates +- [ ] CI/CD related changes +- [ ] Other (please describe): + +## Testing + +- [ ] Added new unit tests +- [ ] Added new integration tests +- [ ] Ran existing test suite +- [ ] Tested manually (please provide steps) + +## Related Issues + +Fixes # + +## Additional Context + From 9187951e46cc7d129cb7138d0f6fef66ab04400c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 15 Jan 2025 00:52:17 +0000 Subject: [PATCH 30/37] Bump the patch group with 2 updates Bumps the patch group with 2 updates: [wasmtime](https://github.com/bytecodealliance/wasmtime) and [wasi-common](https://github.com/bytecodealliance/wasmtime). Updates `wasmtime` from 28.0.0 to 28.0.1 - [Release notes](https://github.com/bytecodealliance/wasmtime/releases) - [Changelog](https://github.com/bytecodealliance/wasmtime/blob/v28.0.1/RELEASES.md) - [Commits](https://github.com/bytecodealliance/wasmtime/compare/v28.0.0...v28.0.1) Updates `wasi-common` from 28.0.0 to 28.0.1 - [Release notes](https://github.com/bytecodealliance/wasmtime/releases) - [Changelog](https://github.com/bytecodealliance/wasmtime/blob/v28.0.1/RELEASES.md) - [Commits](https://github.com/bytecodealliance/wasmtime/compare/v28.0.0...v28.0.1) --- updated-dependencies: - dependency-name: wasmtime dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch - dependency-name: wasi-common dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 162 ++++++++++++++++++++-------------------- crates/youki/Cargo.toml | 4 +- 2 files changed, 83 insertions(+), 83 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 4c709c99a..6ef392e70 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -659,18 +659,18 @@ dependencies = [ [[package]] name = "cranelift-bforest" -version = "0.115.0" +version = "0.115.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ac89549be94911dd0e839b4a7db99e9ed29c17517e1c026f61066884c168aa3c" +checksum = "88c1d02b72b6c411c0a2e92b25ed791ad5d071184193c08a34aa0fdcdf000b72" dependencies = [ - "cranelift-entity 0.115.0", + "cranelift-entity 0.115.1", ] [[package]] name = "cranelift-bitset" -version = "0.115.0" +version = "0.115.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b9bd49369f76c77e34e641af85d0956869237832c118964d08bf5f51f210875a" +checksum = "720b93bd86ebbb23ebfb2db1ed44d54b2ecbdbb2d034d485bc64aa605ee787ab" dependencies = [ "serde", "serde_derive", @@ -699,18 +699,18 @@ dependencies = [ [[package]] name = "cranelift-codegen" -version = "0.115.0" +version = "0.115.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd96ce9cf8efebd7f5ab8ced5a0ce44250280bbae9f593d74a6d7effc3582a35" +checksum = "aed3d2d9914d30b460eedd7fd507720203023997bef71452ce84873f9c93537c" dependencies = [ "bumpalo", - "cranelift-bforest 0.115.0", + "cranelift-bforest 0.115.1", "cranelift-bitset", - "cranelift-codegen-meta 0.115.0", - "cranelift-codegen-shared 0.115.0", + "cranelift-codegen-meta 0.115.1", + "cranelift-codegen-shared 0.115.1", "cranelift-control", - "cranelift-entity 0.115.0", - "cranelift-isle 0.115.0", + "cranelift-entity 0.115.1", + "cranelift-isle 0.115.1", "gimli 0.31.1", "hashbrown 0.14.3", "log", @@ -732,11 +732,11 @@ dependencies = [ [[package]] name = "cranelift-codegen-meta" -version = "0.115.0" +version = "0.115.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a68e358827afe4bfb6239fcbf6fbd5ac56206ece8a99c8f5f9bbd518773281a" +checksum = "888c188d32263ec9e048873ff0b68c700933600d553f4412417916828be25f8e" dependencies = [ - "cranelift-codegen-shared 0.115.0", + "cranelift-codegen-shared 0.115.1", ] [[package]] @@ -747,15 +747,15 @@ checksum = "278e52e29c53fcf32431ef08406c295699a70306d05a0715c5b1bf50e33a9ab7" [[package]] name = "cranelift-codegen-shared" -version = "0.115.0" +version = "0.115.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e184c9767afbe73d50c55ec29abcf4c32f9baf0d9d22b86d58c4d55e06dee181" +checksum = "4ddd5f4114d04ce7e073dd74e2ad16541fc61970726fcc8b2d5644a154ee4127" [[package]] name = "cranelift-control" -version = "0.115.0" +version = "0.115.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5cc7664f2a66f053e33f149e952bb5971d138e3af637f5097727ed6dc0ed95dd" +checksum = "92cc4c98d6a4256a1600d93ccd3536f3e77da9b4ca2c279de786ac22876e67d6" dependencies = [ "arbitrary", ] @@ -782,9 +782,9 @@ checksum = "9a59bcbca89c3f1b70b93ab3cbba5e5e0cbf3e63dadb23c7525cb142e21a9d4c" [[package]] name = "cranelift-entity" -version = "0.115.0" +version = "0.115.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "118597e3a9cf86c3556fa579a7a23b955fa18231651a52a77a2475d305a9cf84" +checksum = "760af4b5e051b5f82097a27274b917e3751736369fa73660513488248d27f23d" dependencies = [ "cranelift-bitset", "serde", @@ -805,11 +805,11 @@ dependencies = [ [[package]] name = "cranelift-frontend" -version = "0.115.0" +version = "0.115.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7638ea1efb069a0aa18d8ee67401b6b0d19f6bfe5de5e9ede348bfc80bb0d8c7" +checksum = "c0bf77ec0f470621655ec7539860b5c620d4f91326654ab21b075b83900f8831" dependencies = [ - "cranelift-codegen 0.115.0", + "cranelift-codegen 0.115.1", "log", "smallvec", "target-lexicon", @@ -823,17 +823,17 @@ checksum = "393bc73c451830ff8dbb3a07f61843d6cb41a084f9996319917c0b291ed785bb" [[package]] name = "cranelift-isle" -version = "0.115.0" +version = "0.115.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "15c53e1152a0b01c4ed2b1e0535602b8e86458777dd9d18b28732b16325c7dc0" +checksum = "4b665d0a6932c421620be184f9fc7f7adaf1b0bc2fa77bb7ac5177c49abf645b" [[package]] name = "cranelift-native" -version = "0.115.0" +version = "0.115.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b7d8f895444fa52dd7bdd0bed11bf007a7fb43af65a6deac8fcc4094c6372f7" +checksum = "bb2e75d1bd43dfec10924798f15e6474f1dbf63b0024506551aa19394dbe72ab" dependencies = [ - "cranelift-codegen 0.115.0", + "cranelift-codegen 0.115.1", "libc", "target-lexicon", ] @@ -2948,9 +2948,9 @@ dependencies = [ [[package]] name = "pulley-interpreter" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "403a1a95f4c18a45c86c7bff13df00347afd0abcbf2e54af273c837339ffcf77" +checksum = "8324e531de91a3c25021a30fb7862d39cc516b61fbb801176acb5ff279ea887b" dependencies = [ "cranelift-bitset", "log", @@ -4705,9 +4705,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasi-common" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6cb8b6f1ca9cc40aeca0f398163ce2c1305d0661f3311a25abcda1fc6012d8f2" +checksum = "403e18d3ccec169773155ef65d051f6a1bd9c50cfefbb4ab40b955fe85c146ac" dependencies = [ "anyhow", "bitflags 2.6.0", @@ -5179,9 +5179,9 @@ dependencies = [ [[package]] name = "wasmtime" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f639ecae347b9a2227e453a7b7671e84370a0b61f47a15e0390fe9b7725e47b3" +checksum = "edd30973c65eceb0f37dfcc430d83abd5eb24015fdfcab6912f52949287e04f0" dependencies = [ "addr2line 0.24.2", "anyhow", @@ -5218,7 +5218,7 @@ dependencies = [ "target-lexicon", "wasm-encoder 0.221.2", "wasmparser 0.221.2", - "wasmtime-asm-macros 28.0.0", + "wasmtime-asm-macros 28.0.1", "wasmtime-cache", "wasmtime-component-macro", "wasmtime-component-util", @@ -5228,7 +5228,7 @@ dependencies = [ "wasmtime-jit-debug", "wasmtime-jit-icache-coherence", "wasmtime-slab", - "wasmtime-versioned-export-macros 28.0.0", + "wasmtime-versioned-export-macros 28.0.1", "wasmtime-winch", "wat", "windows-sys 0.59.0", @@ -5245,18 +5245,18 @@ dependencies = [ [[package]] name = "wasmtime-asm-macros" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "882a18800471cfc063c8b3ccf75723784acc3fd534009ac09421f2fac2fcdcec" +checksum = "c6c21dd30d1f3f93ee390ac1a7ec304ecdbfdab6390e1add41a1f52727b0992b" dependencies = [ "cfg-if", ] [[package]] name = "wasmtime-cache" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "368d974999abe6095341da9b9e2c0908a6272e796001e06b7022ad60b2d19710" +checksum = "cabd563cfbfe75c5bf514081f624ca8d18391a37520d8c794abce702474e688c" dependencies = [ "anyhow", "base64", @@ -5274,9 +5274,9 @@ dependencies = [ [[package]] name = "wasmtime-component-macro" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb5c0a77c9e1927c3d471f53cc13767c3d3438e5d5ffd394e3eb31c86445fd60" +checksum = "9f948a6ef3119d52c9f12936970de28ddf3f9bea04bc65571f4a92d2e5ab38f4" dependencies = [ "anyhow", "proc-macro2", @@ -5289,22 +5289,22 @@ dependencies = [ [[package]] name = "wasmtime-component-util" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "43702ca98bf5162eca0573db691ed9ecd36d716f8c6688410fe26ec16b6f9bcb" +checksum = "b9275aa01ceaaa2fa6c0ecaa5267518d80b9d6e9ae7c7ea42f4c6e073e6a69ef" [[package]] name = "wasmtime-cranelift" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "20070aa5b75080a8932ec328419faf841df2bc6ceb16b55b0df2b952098392a2" +checksum = "0701a44a323267aae4499672dae422b266cee3135a23b640972ec8c0e10a44a2" dependencies = [ "anyhow", "cfg-if", - "cranelift-codegen 0.115.0", + "cranelift-codegen 0.115.1", "cranelift-control", - "cranelift-entity 0.115.0", - "cranelift-frontend 0.115.0", + "cranelift-entity 0.115.1", + "cranelift-frontend 0.115.1", "cranelift-native", "gimli 0.31.1", "itertools", @@ -5315,19 +5315,19 @@ dependencies = [ "thiserror 1.0.69", "wasmparser 0.221.2", "wasmtime-environ", - "wasmtime-versioned-export-macros 28.0.0", + "wasmtime-versioned-export-macros 28.0.1", ] [[package]] name = "wasmtime-environ" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2604ddb24879d4dc1dedcb7081d7a8e017259bce916fdae097a97db52cbaab80" +checksum = "264c968c1b81d340355ece2be0bc31a10f567ccb6ce08512c3b7d10e26f3cbe5" dependencies = [ "anyhow", "cpp_demangle", "cranelift-bitset", - "cranelift-entity 0.115.0", + "cranelift-entity 0.115.1", "gimli 0.31.1", "indexmap 2.7.0", "log", @@ -5347,35 +5347,35 @@ dependencies = [ [[package]] name = "wasmtime-fiber" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "98593412d2b167ebe2b59d4a17a184978a72f976b53b3a0ec05629451079ac1d" +checksum = "78505221fd5bd7b07b4e1fa2804edea49dc231e626ad6861adc8f531812973e6" dependencies = [ "anyhow", "cc", "cfg-if", "rustix", - "wasmtime-asm-macros 28.0.0", - "wasmtime-versioned-export-macros 28.0.0", + "wasmtime-asm-macros 28.0.1", + "wasmtime-versioned-export-macros 28.0.1", "windows-sys 0.59.0", ] [[package]] name = "wasmtime-jit-debug" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2caed0122664573c2bbcde649515f9e1bc783b14f2ba74b999720cf0225e234d" +checksum = "0cec0a8e5620ae71bfcaaec78e3076be5b6ebf869f4e6191925d73242224a915" dependencies = [ "object 0.36.7", "rustix", - "wasmtime-versioned-export-macros 28.0.0", + "wasmtime-versioned-export-macros 28.0.1", ] [[package]] name = "wasmtime-jit-icache-coherence" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d40d7722b9e1fbeae135715710a8a2570b1e6cf72b74dd653962d89831c6c70d" +checksum = "9bedb677ca1b549d98f95e9e1f9251b460090d99a2c196a0614228c064bf2e59" dependencies = [ "anyhow", "cfg-if", @@ -5385,9 +5385,9 @@ dependencies = [ [[package]] name = "wasmtime-slab" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8579c335220b4ece9aa490a0e8b46de78cd342b195ab21ff981d095e14b52383" +checksum = "564905638c132c275d365c1fa074f0b499790568f43148d29de84ccecfb5cb31" [[package]] name = "wasmtime-versioned-export-macros" @@ -5402,9 +5402,9 @@ dependencies = [ [[package]] name = "wasmtime-versioned-export-macros" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d7de0a56fb0a69b185968f2d7a9ba54750920a806470dff7ad8de91ac06d277e" +checksum = "1e91092e6cf77390eeccee273846a9327f3e8f91c3c6280f60f37809f0e62d29" dependencies = [ "proc-macro2", "quote", @@ -5413,12 +5413,12 @@ dependencies = [ [[package]] name = "wasmtime-winch" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abd309943c443f5590d12f9aba9ba63c481091c955a0a14de0c2a9e0e3aaeca9" +checksum = "b111d909dc604c741bd8ac2f4af373eaa5c68c34b5717271bcb687688212cef8" dependencies = [ "anyhow", - "cranelift-codegen 0.115.0", + "cranelift-codegen 0.115.1", "gimli 0.31.1", "object 0.36.7", "target-lexicon", @@ -5430,9 +5430,9 @@ dependencies = [ [[package]] name = "wasmtime-wit-bindgen" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "969f83022dac3435d6469edb582ceed04cfe32aa44dc3ef16e5cb55574633df8" +checksum = "5f38f7a5eb2f06f53fe943e7fb8bf4197f7cf279f1bc52c0ce56e9d3ffd750a4" dependencies = [ "anyhow", "heck 0.5.0", @@ -5551,9 +5551,9 @@ dependencies = [ [[package]] name = "wiggle" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "17bccfa2095b348aa6de0efcc4c621ba14d6ecc2371433232f337b1d2f089fa3" +checksum = "3b23e3dc273d1e35cab9f38a5f76487aeeedcfa6a3fb594e209ee7b6f8b41dcc" dependencies = [ "anyhow", "async-trait", @@ -5566,9 +5566,9 @@ dependencies = [ [[package]] name = "wiggle-generate" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a1fda112fc9de89fc4af51ea8b4c8e745ce1f01cd19f08c36c37aa11563ad41" +checksum = "8738c5a7ef3a9de0fae10f8b84091a2aa4e059d8fef23de202ab689812b6bc6e" dependencies = [ "anyhow", "heck 0.5.0", @@ -5581,9 +5581,9 @@ dependencies = [ [[package]] name = "wiggle-macro" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fc9a143339de27ff05ce30366c58b741afb38c803b5ffb68e9546fd2e0629c4a" +checksum = "e882267ac583e013a38a5aaeb83a49b219456ba3aa6e6772440f7213b176e8ff" dependencies = [ "proc-macro2", "quote", @@ -5624,12 +5624,12 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "winch-codegen" -version = "28.0.0" +version = "28.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9110decc2983ed94de904804dcd979ba59cbabc78a94fec6b1d8468ec513d0f6" +checksum = "6232f40a795be2ce10fc761ed3b403825126a60d12491ac556ea104a932fd18a" dependencies = [ "anyhow", - "cranelift-codegen 0.115.0", + "cranelift-codegen 0.115.1", "gimli 0.31.1", "regalloc2 0.11.1", "smallvec", diff --git a/crates/youki/Cargo.toml b/crates/youki/Cargo.toml index c044b39f1..59ac891d9 100644 --- a/crates/youki/Cargo.toml +++ b/crates/youki/Cargo.toml @@ -43,8 +43,8 @@ caps = "0.5.5" wasmer = { version = "4.0.0", optional = true } wasmer-wasix = { version = "0.9.0", optional = true } wasmedge-sdk = { version = "0.14.0", optional = true } -wasmtime = { version = "28.0.0", optional = true } -wasi-common = { version = "28.0.0", optional = true } +wasmtime = { version = "28.0.1", optional = true } +wasi-common = { version = "28.0.1", optional = true } tracing = { version = "0.1.41", features = ["attributes"] } tracing-subscriber = { version = "0.3.19", features = ["json", "env-filter"] } tracing-journald = "0.3.1" From 7ad35db7e4efd17fb4017bceee613f3bd01fc2fc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 15 Jan 2025 00:52:39 +0000 Subject: [PATCH 31/37] Bump uuid from 1.11.1 to 1.12.0 Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.11.1 to 1.12.0. - [Release notes](https://github.com/uuid-rs/uuid/releases) - [Commits](https://github.com/uuid-rs/uuid/compare/1.11.1...1.12.0) --- updated-dependencies: - dependency-name: uuid dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Cargo.lock | 4 ++-- tests/contest/contest/Cargo.toml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 4c709c99a..9e7bc15a6 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4468,9 +4468,9 @@ checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a" [[package]] name = "uuid" -version = "1.11.1" +version = "1.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b913a3b5fe84142e269d63cc62b64319ccaf89b748fc31fe025177f767a756c4" +checksum = "744018581f9a3454a9e15beb8a33b017183f1e7c0cd170232a2d1453b23a51c4" [[package]] name = "valuable" diff --git a/tests/contest/contest/Cargo.toml b/tests/contest/contest/Cargo.toml index 3ead4c636..633d2b804 100644 --- a/tests/contest/contest/Cargo.toml +++ b/tests/contest/contest/Cargo.toml @@ -19,7 +19,7 @@ serde = { version = "1.0", features = ["derive"] } serde_json = "1.0" tar = "0.4" test_framework = { path = "../test_framework" } -uuid = "1.11" +uuid = "1.12" which = "7.0.1" tempfile = "3" scopeguard = "1.2.0" From dad3c55ed0a256d5c162e8576bedf87a32c67dfc Mon Sep 17 00:00:00 2001 From: ntkm61027 <131166531+ntkm61027@users.noreply.github.com> Date: Thu, 16 Jan 2025 22:05:47 +0900 Subject: [PATCH 32/37] e2e: add process rlimits fail test (#3051) * add process rlimits fail test Signed-off-by: ntkm61027 <131166531+ntkm61027@users.noreply.github.com> * add comments to process_rlimits_fail test Signed-off-by: ntkm61027 <131166531+ntkm61027@users.noreply.github.com> * fix fmt Signed-off-by: ntkm61027 <131166531+ntkm61027@users.noreply.github.com> * fix comments to process_rlimits_fail test Signed-off-by: ntkm61027 <131166531+ntkm61027@users.noreply.github.com> * fix comments to process_rlimits_fail test Signed-off-by: ntkm61027 <131166531+ntkm61027@users.noreply.github.com> --------- Signed-off-by: ntkm61027 <131166531+ntkm61027@users.noreply.github.com> --- tests/contest/contest/src/main.rs | 3 + tests/contest/contest/src/tests/mod.rs | 1 + .../src/tests/process_rlimits_fail/mod.rs | 2 + .../process_rlimits_fail_test.rs | 66 +++++++++++++++++++ 4 files changed, 72 insertions(+) create mode 100644 tests/contest/contest/src/tests/process_rlimits_fail/mod.rs create mode 100644 tests/contest/contest/src/tests/process_rlimits_fail/process_rlimits_fail_test.rs diff --git a/tests/contest/contest/src/main.rs b/tests/contest/contest/src/main.rs index 7c2708624..f5824dd5b 100644 --- a/tests/contest/contest/src/main.rs +++ b/tests/contest/contest/src/main.rs @@ -25,6 +25,7 @@ use crate::tests::pidfile::get_pidfile_test; use crate::tests::process::get_process_test; use crate::tests::process_oom_score_adj::get_process_oom_score_adj_test; use crate::tests::process_rlimits::get_process_rlimits_test; +use crate::tests::process_rlimits_fail::get_process_rlimits_fail_test; use crate::tests::process_user::get_process_user_test; use crate::tests::readonly_paths::get_ro_paths_test; use crate::tests::root_readonly_true::get_root_readonly_test; @@ -124,6 +125,7 @@ fn main() -> Result<()> { let process = get_process_test(); let process_user = get_process_user_test(); let process_rlimtis = get_process_rlimits_test(); + let process_rlimits_fail = get_process_rlimits_fail_test(); let no_pivot = get_no_pivot_test(); let process_oom_score_adj = get_process_oom_score_adj_test(); let fd_control = get_fd_control_test(); @@ -154,6 +156,7 @@ fn main() -> Result<()> { tm.add_test_group(Box::new(process)); tm.add_test_group(Box::new(process_user)); tm.add_test_group(Box::new(process_rlimtis)); + tm.add_test_group(Box::new(process_rlimits_fail)); tm.add_test_group(Box::new(no_pivot)); tm.add_test_group(Box::new(process_oom_score_adj)); tm.add_test_group(Box::new(fd_control)); diff --git a/tests/contest/contest/src/tests/mod.rs b/tests/contest/contest/src/tests/mod.rs index ac7f6e0ee..7aefbfc7c 100644 --- a/tests/contest/contest/src/tests/mod.rs +++ b/tests/contest/contest/src/tests/mod.rs @@ -15,6 +15,7 @@ pub mod pidfile; pub mod process; pub mod process_oom_score_adj; pub mod process_rlimits; +pub mod process_rlimits_fail; pub mod process_user; pub mod readonly_paths; pub mod root_readonly_true; diff --git a/tests/contest/contest/src/tests/process_rlimits_fail/mod.rs b/tests/contest/contest/src/tests/process_rlimits_fail/mod.rs new file mode 100644 index 000000000..443ab968e --- /dev/null +++ b/tests/contest/contest/src/tests/process_rlimits_fail/mod.rs @@ -0,0 +1,2 @@ +mod process_rlimits_fail_test; +pub use process_rlimits_fail_test::get_process_rlimits_fail_test; diff --git a/tests/contest/contest/src/tests/process_rlimits_fail/process_rlimits_fail_test.rs b/tests/contest/contest/src/tests/process_rlimits_fail/process_rlimits_fail_test.rs new file mode 100644 index 000000000..91dcc6330 --- /dev/null +++ b/tests/contest/contest/src/tests/process_rlimits_fail/process_rlimits_fail_test.rs @@ -0,0 +1,66 @@ +use anyhow::{anyhow, Context, Result}; +use oci_spec::runtime::{PosixRlimitBuilder, PosixRlimitType, ProcessBuilder, Spec, SpecBuilder}; +use test_framework::{test_result, Test, TestGroup, TestResult}; + +use crate::utils::test_inside_container; +use crate::utils::test_utils::CreateOptions; + +/// Creates a spec with an invalid rlimit value. +/// +/// According to the OCI Runtime Spec, "The runtime MUST generate an error for any values +/// which cannot be mapped to a relevant kernel interface." +/// +/// While the original Go test in runtime-tools validates this by using an invalid rlimit type +/// (RLIMIT_TEST), this implementation takes a different approach due to Rust's type safety: +/// - Uses a valid rlimit type (RLIMIT_NOFILE) +/// - Sets its value to u64::MAX, which exceeds the system's maximum allowed value +/// defined in /proc/sys/fs/nr_open +/// - This causes the kernel to reject the value with EPERM +/// +/// See `man 2 setrlimit` for more details: +/// > EPERM The caller tried to increase the hard RLIMIT_NOFILE limit above +/// > the maximum defined by /proc/sys/fs/nr_open +/// > See also: https://docs.kernel.org/admin-guide/sysctl/fs.html#nr-open +fn create_spec() -> Result { + let invalid_rlimit = PosixRlimitBuilder::default() + .typ(PosixRlimitType::RlimitNofile) + .hard(u64::MAX) // Exceeds /proc/sys/fs/nr_open limit + .soft(u64::MAX) // Exceeds /proc/sys/fs/nr_open limit + .build()?; + + let spec = SpecBuilder::default() + .process( + ProcessBuilder::default() + .args(vec![ + "runtimetest".to_string(), + "process_rlimits".to_string(), + ]) + .rlimits(vec![invalid_rlimit]) + .build() + .context("failed to create process config")?, + ) + .build() + .context("failed to build spec")?; + + Ok(spec) +} + +fn process_rlimits_fail_test() -> TestResult { + let spec = test_result!(create_spec()); + match test_inside_container(spec, &CreateOptions::default(), &|_| Ok(())) { + TestResult::Passed => TestResult::Failed(anyhow!( + "expected test with invalid rlimit value to fail, but it passed instead" + )), + _ => TestResult::Passed, + } +} + +pub fn get_process_rlimits_fail_test() -> TestGroup { + let mut test_group = TestGroup::new("process_rlimits_fail"); + let test = Test::new( + "process_rlimits_fail_test", + Box::new(process_rlimits_fail_test), + ); + test_group.add(vec![Box::new(test)]); + test_group +} From 7902cc10da1e8ef0aaf0b4403484a4a0684b5ad4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Jan 2025 01:00:02 +0000 Subject: [PATCH 33/37] Bump serde_json from 1.0.135 to 1.0.137 in the patch group Bumps the patch group with 1 update: [serde_json](https://github.com/serde-rs/json). Updates `serde_json` from 1.0.135 to 1.0.137 - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](https://github.com/serde-rs/json/compare/v1.0.135...v1.0.137) --- updated-dependencies: - dependency-name: serde_json dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 0e48e2a65..0894b89dc 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3529,9 +3529,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.135" +version = "1.0.137" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b0d7ba2887406110130a978386c4e1befb98c674b4fba677954e4db976630d9" +checksum = "930cfb6e6abf99298aaad7d29abbef7a9999a9a8806a40088f55f0dcec03146b" dependencies = [ "itoa", "memchr", From 6513cca29ee392de13e6a5bfbe3c106a3a1b4524 Mon Sep 17 00:00:00 2001 From: Kotaro Inoue Date: Mon, 20 Jan 2025 21:05:52 +0900 Subject: [PATCH 34/37] Use MountOption enum to parse mount options defined in the spec (#2937) * Define MountOption enum Signed-off-by: Kotaro Inoue * Fix wrong test cases for mount options Signed-off-by: Kotaro Inoue * Add method to return known options for MountOption Signed-off-by: Kotaro Inoue * Revert unnecessary change Signed-off-by: Kotaro Inoue --------- Signed-off-by: Kotaro Inoue --- crates/libcontainer/src/rootfs/utils.rs | 81 ++++++------ crates/libcontainer/src/syscall/linux.rs | 153 ++++++++++++++++++++++- 2 files changed, 194 insertions(+), 40 deletions(-) diff --git a/crates/libcontainer/src/rootfs/utils.rs b/crates/libcontainer/src/rootfs/utils.rs index a30c0a917..7c847e570 100644 --- a/crates/libcontainer/src/rootfs/utils.rs +++ b/crates/libcontainer/src/rootfs/utils.rs @@ -6,7 +6,7 @@ use nix::sys::stat::SFlag; use oci_spec::runtime::{LinuxDevice, LinuxDeviceBuilder, LinuxDeviceType, Mount}; use super::mount::MountError; -use crate::syscall::linux::{self, MountRecursive}; +use crate::syscall::linux::{self, MountOption, MountRecursive}; #[derive(Debug, Clone, PartialEq, Eq)] pub struct MountOptionConfig { @@ -131,43 +131,45 @@ pub fn parse_mount(m: &Mount) -> std::result::Result Some((false, MsFlags::empty())), - "ro" => Some((false, MsFlags::MS_RDONLY)), - "rw" => Some((true, MsFlags::MS_RDONLY)), - "suid" => Some((true, MsFlags::MS_NOSUID)), - "nosuid" => Some((false, MsFlags::MS_NOSUID)), - "dev" => Some((true, MsFlags::MS_NODEV)), - "nodev" => Some((false, MsFlags::MS_NODEV)), - "exec" => Some((true, MsFlags::MS_NOEXEC)), - "noexec" => Some((false, MsFlags::MS_NOEXEC)), - "sync" => Some((false, MsFlags::MS_SYNCHRONOUS)), - "async" => Some((true, MsFlags::MS_SYNCHRONOUS)), - "dirsync" => Some((false, MsFlags::MS_DIRSYNC)), - "remount" => Some((false, MsFlags::MS_REMOUNT)), - "mand" => Some((false, MsFlags::MS_MANDLOCK)), - "nomand" => Some((true, MsFlags::MS_MANDLOCK)), - "atime" => Some((true, MsFlags::MS_NOATIME)), - "noatime" => Some((false, MsFlags::MS_NOATIME)), - "diratime" => Some((true, MsFlags::MS_NODIRATIME)), - "nodiratime" => Some((false, MsFlags::MS_NODIRATIME)), - "bind" => Some((false, MsFlags::MS_BIND)), - "rbind" => Some((false, MsFlags::MS_BIND | MsFlags::MS_REC)), - "unbindable" => Some((false, MsFlags::MS_UNBINDABLE)), - "runbindable" => Some((false, MsFlags::MS_UNBINDABLE | MsFlags::MS_REC)), - "private" => Some((true, MsFlags::MS_PRIVATE)), - "rprivate" => Some((true, MsFlags::MS_PRIVATE | MsFlags::MS_REC)), - "shared" => Some((true, MsFlags::MS_SHARED)), - "rshared" => Some((true, MsFlags::MS_SHARED | MsFlags::MS_REC)), - "slave" => Some((true, MsFlags::MS_SLAVE)), - "rslave" => Some((true, MsFlags::MS_SLAVE | MsFlags::MS_REC)), - "relatime" => Some((true, MsFlags::MS_RELATIME)), - "norelatime" => Some((true, MsFlags::MS_RELATIME)), - "strictatime" => Some((true, MsFlags::MS_STRICTATIME)), - "nostrictatime" => Some((true, MsFlags::MS_STRICTATIME)), - unknown => { + if let Some((is_clear, flag)) = match MountOption::from_str(option.as_ref()) { + Ok(v) => match v { + MountOption::Defaults(is_clear, flag) => Some((is_clear, flag)), + MountOption::Ro(is_clear, flag) => Some((is_clear, flag)), + MountOption::Rw(is_clear, flag) => Some((is_clear, flag)), + MountOption::Suid(is_clear, flag) => Some((is_clear, flag)), + MountOption::Nosuid(is_clear, flag) => Some((is_clear, flag)), + MountOption::Dev(is_clear, flag) => Some((is_clear, flag)), + MountOption::Nodev(is_clear, flag) => Some((is_clear, flag)), + MountOption::Exec(is_clear, flag) => Some((is_clear, flag)), + MountOption::Noexec(is_clear, flag) => Some((is_clear, flag)), + MountOption::Sync(is_clear, flag) => Some((is_clear, flag)), + MountOption::Async(is_clear, flag) => Some((is_clear, flag)), + MountOption::Dirsync(is_clear, flag) => Some((is_clear, flag)), + MountOption::Remount(is_clear, flag) => Some((is_clear, flag)), + MountOption::Mand(is_clear, flag) => Some((is_clear, flag)), + MountOption::Nomand(is_clear, flag) => Some((is_clear, flag)), + MountOption::Atime(is_clear, flag) => Some((is_clear, flag)), + MountOption::Noatime(is_clear, flag) => Some((is_clear, flag)), + MountOption::Diratime(is_clear, flag) => Some((is_clear, flag)), + MountOption::Nodiratime(is_clear, flag) => Some((is_clear, flag)), + MountOption::Bind(is_clear, flag) => Some((is_clear, flag)), + MountOption::Rbind(is_clear, flag) => Some((is_clear, flag)), + MountOption::Unbindable(is_clear, flag) => Some((is_clear, flag)), + MountOption::Runbindable(is_clear, flag) => Some((is_clear, flag)), + MountOption::Private(is_clear, flag) => Some((is_clear, flag)), + MountOption::Rprivate(is_clear, flag) => Some((is_clear, flag)), + MountOption::Shared(is_clear, flag) => Some((is_clear, flag)), + MountOption::Rshared(is_clear, flag) => Some((is_clear, flag)), + MountOption::Slave(is_clear, flag) => Some((is_clear, flag)), + MountOption::Rslave(is_clear, flag) => Some((is_clear, flag)), + MountOption::Relatime(is_clear, flag) => Some((is_clear, flag)), + MountOption::Norelatime(is_clear, flag) => Some((is_clear, flag)), + MountOption::Strictatime(is_clear, flag) => Some((is_clear, flag)), + MountOption::Nostrictatime(is_clear, flag) => Some((is_clear, flag)), + }, + Err(unknown) => { if unknown == "idmap" || unknown == "ridmap" { - return Err(MountError::UnsupportedMountOption(unknown.to_string())); + return Err(MountError::UnsupportedMountOption(unknown)); } None } @@ -243,7 +245,7 @@ mod tests { )?; assert_eq!( MountOptionConfig { - flags: MsFlags::MS_NOSUID, + flags: MsFlags::MS_NOSUID | MsFlags::MS_STRICTATIME, data: "mode=755,size=65536k".to_string(), rec_attr: None, }, @@ -364,7 +366,8 @@ mod tests { flags: MsFlags::MS_NOSUID | MsFlags::MS_NOEXEC | MsFlags::MS_NODEV - | MsFlags::MS_RDONLY, + | MsFlags::MS_RDONLY + | MsFlags::MS_RELATIME, data: "".to_string(), rec_attr: None }, diff --git a/crates/libcontainer/src/syscall/linux.rs b/crates/libcontainer/src/syscall/linux.rs index 1b6d702e1..ca1d2828e 100644 --- a/crates/libcontainer/src/syscall/linux.rs +++ b/crates/libcontainer/src/syscall/linux.rs @@ -38,6 +38,145 @@ const MOUNT_ATTR_STRICTATIME: u64 = 0x00000020; const MOUNT_ATTR_NODIRATIME: u64 = 0x00000080; const MOUNT_ATTR_NOSYMFOLLOW: u64 = 0x00200000; +/// Constants used by mount(2). +pub enum MountOption { + Defaults(bool, MsFlags), + Ro(bool, MsFlags), + Rw(bool, MsFlags), + Suid(bool, MsFlags), + Nosuid(bool, MsFlags), + Dev(bool, MsFlags), + Nodev(bool, MsFlags), + Exec(bool, MsFlags), + Noexec(bool, MsFlags), + Sync(bool, MsFlags), + Async(bool, MsFlags), + Dirsync(bool, MsFlags), + Remount(bool, MsFlags), + Mand(bool, MsFlags), + Nomand(bool, MsFlags), + Atime(bool, MsFlags), + Noatime(bool, MsFlags), + Diratime(bool, MsFlags), + Nodiratime(bool, MsFlags), + Bind(bool, MsFlags), + Rbind(bool, MsFlags), + Unbindable(bool, MsFlags), + Runbindable(bool, MsFlags), + Private(bool, MsFlags), + Rprivate(bool, MsFlags), + Shared(bool, MsFlags), + Rshared(bool, MsFlags), + Slave(bool, MsFlags), + Rslave(bool, MsFlags), + Relatime(bool, MsFlags), + Norelatime(bool, MsFlags), + Strictatime(bool, MsFlags), + Nostrictatime(bool, MsFlags), +} + +impl MountOption { + // Return all possible mount options + pub fn known_options() -> Vec { + [ + "defaults", + "ro", + "rw", + "suid", + "nosuid", + "dev", + "nodev", + "exec", + "noexec", + "sync", + "async", + "dirsync", + "remount", + "mand", + "nomand", + "atime", + "noatime", + "diratime", + "nodiratime", + "bind", + "rbind", + "unbindable", + "runbindable", + "private", + "rprivate", + "shared", + "rshared", + "slave", + "rslave", + "relatime", + "norelatime", + "strictatime", + "nostrictatime", + ] + .iter() + .map(|s| s.to_string()) + .collect() + } +} + +impl FromStr for MountOption { + type Err = String; + + fn from_str(option: &str) -> std::result::Result { + match option { + "defaults" => Ok(MountOption::Defaults(false, MsFlags::empty())), + "ro" => Ok(MountOption::Ro(false, MsFlags::MS_RDONLY)), + "rw" => Ok(MountOption::Rw(true, MsFlags::MS_RDONLY)), + "suid" => Ok(MountOption::Suid(true, MsFlags::MS_NOSUID)), + "nosuid" => Ok(MountOption::Nosuid(false, MsFlags::MS_NOSUID)), + "dev" => Ok(MountOption::Dev(true, MsFlags::MS_NODEV)), + "nodev" => Ok(MountOption::Nodev(false, MsFlags::MS_NODEV)), + "exec" => Ok(MountOption::Exec(true, MsFlags::MS_NOEXEC)), + "noexec" => Ok(MountOption::Noexec(false, MsFlags::MS_NOEXEC)), + "sync" => Ok(MountOption::Sync(false, MsFlags::MS_SYNCHRONOUS)), + "async" => Ok(MountOption::Async(true, MsFlags::MS_SYNCHRONOUS)), + "dirsync" => Ok(MountOption::Dirsync(false, MsFlags::MS_DIRSYNC)), + "remount" => Ok(MountOption::Remount(false, MsFlags::MS_REMOUNT)), + "mand" => Ok(MountOption::Mand(false, MsFlags::MS_MANDLOCK)), + "nomand" => Ok(MountOption::Nomand(true, MsFlags::MS_MANDLOCK)), + "atime" => Ok(MountOption::Atime(true, MsFlags::MS_NOATIME)), + "noatime" => Ok(MountOption::Noatime(false, MsFlags::MS_NOATIME)), + "diratime" => Ok(MountOption::Diratime(true, MsFlags::MS_NODIRATIME)), + "nodiratime" => Ok(MountOption::Nodiratime(false, MsFlags::MS_NODIRATIME)), + "bind" => Ok(MountOption::Bind(false, MsFlags::MS_BIND)), + "rbind" => Ok(MountOption::Rbind( + false, + MsFlags::MS_BIND | MsFlags::MS_REC, + )), + "unbindable" => Ok(MountOption::Unbindable(false, MsFlags::MS_UNBINDABLE)), + "runbindable" => Ok(MountOption::Runbindable( + false, + MsFlags::MS_UNBINDABLE | MsFlags::MS_REC, + )), + "private" => Ok(MountOption::Private(true, MsFlags::MS_PRIVATE)), + "rprivate" => Ok(MountOption::Rprivate( + true, + MsFlags::MS_PRIVATE | MsFlags::MS_REC, + )), + "shared" => Ok(MountOption::Shared(true, MsFlags::MS_SHARED)), + "rshared" => Ok(MountOption::Rshared( + true, + MsFlags::MS_SHARED | MsFlags::MS_REC, + )), + "slave" => Ok(MountOption::Slave(true, MsFlags::MS_SLAVE)), + "rslave" => Ok(MountOption::Rslave( + true, + MsFlags::MS_SLAVE | MsFlags::MS_REC, + )), + "relatime" => Ok(MountOption::Relatime(false, MsFlags::MS_RELATIME)), + "norelatime" => Ok(MountOption::Norelatime(true, MsFlags::MS_RELATIME)), + "strictatime" => Ok(MountOption::Strictatime(false, MsFlags::MS_STRICTATIME)), + "nostrictatime" => Ok(MountOption::Nostrictatime(true, MsFlags::MS_STRICTATIME)), + _ => Err(option.to_string()), + } + } +} + /// Constants used by mount_setattr(2). pub enum MountRecursive { /// Mount read-only. @@ -599,12 +738,13 @@ mod tests { use std::fs; use std::os::unix::prelude::AsRawFd; + use std::str::FromStr; use anyhow::{bail, Context, Result}; use nix::{fcntl, sys, unistd}; use serial_test::serial; - use super::LinuxSyscall; + use super::{LinuxSyscall, MountOption}; use crate::syscall::Syscall; #[test] @@ -666,4 +806,15 @@ mod tests { unistd::close(fd)?; Ok(()) } + + #[test] + fn test_known_mount_options_implemented() -> Result<()> { + for option in MountOption::known_options() { + match MountOption::from_str(&option) { + Ok(_) => {} + Err(e) => bail!("failed to parse mount option: {}", e), + } + } + Ok(()) + } } From ee4f16c47d79d07fb7e4b85eb1f940702b2d3446 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 Jan 2025 00:49:15 +0000 Subject: [PATCH 35/37] Bump uuid from 1.12.0 to 1.12.1 in the patch group Bumps the patch group with 1 update: [uuid](https://github.com/uuid-rs/uuid). Updates `uuid` from 1.12.0 to 1.12.1 - [Release notes](https://github.com/uuid-rs/uuid/releases) - [Commits](https://github.com/uuid-rs/uuid/compare/1.12.0...1.12.1) --- updated-dependencies: - dependency-name: uuid dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 0894b89dc..951ad36d9 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4468,9 +4468,9 @@ checksum = "711b9620af191e0cdc7468a8d14e709c3dcdb115b36f838e601583af800a370a" [[package]] name = "uuid" -version = "1.12.0" +version = "1.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "744018581f9a3454a9e15beb8a33b017183f1e7c0cd170232a2d1453b23a51c4" +checksum = "b3758f5e68192bb96cc8f9b7e2c2cfdabb435499a28499a42f8f984092adad4b" [[package]] name = "valuable" From 91def54c5330eb835cb5bda83ad99889022544b3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jan 2025 00:24:41 +0000 Subject: [PATCH 36/37] Bump serde_json from 1.0.137 to 1.0.138 in the patch group Bumps the patch group with 1 update: [serde_json](https://github.com/serde-rs/json). Updates `serde_json` from 1.0.137 to 1.0.138 - [Release notes](https://github.com/serde-rs/json/releases) - [Commits](https://github.com/serde-rs/json/compare/v1.0.137...v1.0.138) --- updated-dependencies: - dependency-name: serde_json dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch ... Signed-off-by: dependabot[bot] --- Cargo.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 951ad36d9..552d28e2a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -3529,9 +3529,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.137" +version = "1.0.138" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "930cfb6e6abf99298aaad7d29abbef7a9999a9a8806a40088f55f0dcec03146b" +checksum = "d434192e7da787e94a6ea7e9670b26a036d0ca41e0b7efb2676dd32bae872949" dependencies = [ "itoa", "memchr", From c7a10ac6f528c86d12e82d25ffed5d5305ab7697 Mon Sep 17 00:00:00 2001 From: Kotaro Inoue Date: Wed, 29 Jan 2025 21:17:20 +0900 Subject: [PATCH 37/37] Support feature subcommand (#2837) * try to create new struct for hardcoding Signed-off-by: Darrell Tang change struct name to resolve conflict Signed-off-by: Darrell Tang fix annotation references Signed-off-by: Darrell Tang set as Strings Signed-off-by: Darrell Tang use serde Signed-off-by: Darrell Tang pretty print Signed-off-by: Darrell Tang clean up names to match runc features output Signed-off-by: Darrell Tang rearrange structs and constants Signed-off-by: Darrell Tang fix lint issues Signed-off-by: Darrell Tang try to source caps dynamically Signed-off-by: Darrell Tang try to source namespaces dynamically Signed-off-by: Darrell Tang fix query_caps Signed-off-by: Darrell Tang fix match statements Signed-off-by: Darrell Tang fix linting issues Signed-off-by: Darrell Tang fix extra line for linting Signed-off-by: Darrell Tang Fix format Signed-off-by: Kotaro Inoue * Support feature subcommand Signed-off-by: Kotaro Inoue * fixup! Support feature subcommand Signed-off-by: Kotaro Inoue * fixup! Support feature subcommand Signed-off-by: Kotaro Inoue * fixup! Support feature subcommand Signed-off-by: Kotaro Inoue * fixup! Support feature subcommand Signed-off-by: Kotaro Inoue * fixup! Support feature subcommand Signed-off-by: Kotaro Inoue * fixup! Support feature subcommand Signed-off-by: Kotaro Inoue * fixup! Support feature subcommand Signed-off-by: Kotaro Inoue * Use MountOption::known_options Signed-off-by: Kotaro Inoue --------- Signed-off-by: Kotaro Inoue Co-authored-by: Darrell Tang --- crates/youki/src/commands/features.rs | 110 ++++++++++++++++++++++++++ 1 file changed, 110 insertions(+) diff --git a/crates/youki/src/commands/features.rs b/crates/youki/src/commands/features.rs index bf359bd0a..3bbb0423f 100644 --- a/crates/youki/src/commands/features.rs +++ b/crates/youki/src/commands/features.rs @@ -1,8 +1,118 @@ //! Contains Functionality of `features` container command use anyhow::Result; +use libcontainer::oci_spec::runtime::{ + version, ApparmorBuilder, CgroupBuilder, FeaturesBuilder, IDMapBuilder, IntelRdtBuilder, + LinuxFeatureBuilder, LinuxNamespaceType, MountExtensionsBuilder, SelinuxBuilder, +}; +use libcontainer::syscall::linux::MountOption; use liboci_cli::Features; +// Function to query and return capabilities +fn query_caps() -> Result> { + Ok(caps::all().iter().map(|cap| format!("{:?}", cap)).collect()) +} + +// Function to query and return namespaces +fn query_supported_namespaces() -> Result> { + Ok(vec![ + LinuxNamespaceType::Pid, + LinuxNamespaceType::Network, + LinuxNamespaceType::Uts, + LinuxNamespaceType::Ipc, + LinuxNamespaceType::Mount, + LinuxNamespaceType::User, + LinuxNamespaceType::Cgroup, + LinuxNamespaceType::Time, + ]) +} + +// Return a list of known hooks supported by youki +fn known_hooks() -> Vec { + [ + "prestart", + "createRuntime", + "createContainer", + "startContainer", + "poststart", + "poststop", + ] + .iter() + .map(|s| s.to_string()) + .collect() +} + /// lists all existing containers pub fn features(_: Features) -> Result<()> { + // Query supported namespaces + let namespaces = match query_supported_namespaces() { + Ok(ns) => ns, + Err(e) => { + eprintln!("Error querying supported namespaces: {}", e); + Vec::new() + } + }; + + // Query available capabilities + let capabilities = match query_caps() { + Ok(caps) => caps, + Err(e) => { + eprintln!("Error querying available capabilities: {}", e); + Vec::new() + } + }; + + let linux = LinuxFeatureBuilder::default() + .namespaces(namespaces) + .capabilities(capabilities) + .cgroup( + CgroupBuilder::default() + .v1(cfg!(feature = "v1")) + .v2(cfg!(feature = "v2")) + .systemd(cfg!(feature = "systemd")) + .systemd_user(cfg!(feature = "systemd")) + // cgroupv2 rdma controller is not implemented in youki. + .rdma(false) + .build() + .unwrap(), + ) + // TODO: Expose seccomp support information + .apparmor(ApparmorBuilder::default().enabled(true).build().unwrap()) + .mount_extensions( + MountExtensionsBuilder::default() + // idmapped mounts is not supported in youki + .idmap(IDMapBuilder::default().enabled(false).build().unwrap()) + .build() + .unwrap(), + ) + // SELinux is not supported in youki. + .selinux(SelinuxBuilder::default().enabled(false).build().unwrap()) + .intel_rdt(IntelRdtBuilder::default().enabled(true).build().unwrap()) + .build() + .unwrap(); + + let features = FeaturesBuilder::default() + .oci_version_max(version()) + .oci_version_min(String::from("1.0.0")) + .hooks(known_hooks()) + .mount_options(MountOption::known_options()) + .linux(linux) + .build() + .unwrap(); + + // Print out the created struct to verify + let pretty_json_str = serde_json::to_string_pretty(&features)?; + println!("{}", pretty_json_str); + Ok(()) } + +#[cfg(test)] +mod tests { + use super::*; + + #[test] + fn test_features() { + let features = Features {}; + assert!(crate::commands::features::features(features).is_ok()); + } +}