* chore(code): simple code cleanup
* chore(code): additional code cleanup
* feature(krata): rework api and make ip assignment persistent to database
* rework and cleanup
* fix daemon config references
This change addresses a race condition where the read-copy of a raw FD
is closed while the write-copy is still in use. Now the read-copy is not
closed, by utilizing mem::forget.
Co-authored-by: Alex Zenla <alex@edera.dev>
Mounting procfs with hidepid=1 denies access to procfs directories
for processes not accessible by the current user credentials.
Signed-off-by: Ariadne Conill <ariadne@ariadne.space>
* fix(hack): use sudo -E when running Rust binaries
This makes it possible to pass envvars to the Krata runtime
* feat(o11y): add fluent sink to logs
This change adds fluent logging as an opt-in feature. Setting
`KRATA_LOG_FLUENT` with an address:port will start a TCP connection,
sending logs.
A later changes will respect a URI scheme and use structured logging.
* wip hvm
* feat: move platform stuff all into it's own thing
* hvm work
* more hvm work
* more hvm work
* feat: rework to support multiple platforms
* hvm nonredist
* more hvm work
* more hvm work
* pvh work
* work on loading cmdline
* implement initrd loading for pvh
* partially working pvh support
* fix merge issues
* pvh works!
* swap over to pv support
* remove old kernel stuff
* fix support for pv
* pvh is gone for now
* fix(runtime): debug should be respected
* fix(xen): arm64 is currently unsupported, treat it as such at runtime
* fix(examples): use architecture cfg for boot example
* fix(x86): use IOMMU only when needed for passthrough
* chore(build): print kernel architecture during fetch
Now that we have the kernel build infrastructure at https://github.com/edera-dev/kernels
it makes sense to drop building the kernel and download the kernel images directly.
This change introduces a ./hack/kernel/fetch.sh script which is backed by crates/build
We utilize the OCI infrastructure itself to download the kernel image. The DEV guide
has been updated to include calling the fetch script, and the OS builder now uses this
method instead. Due to the lack of need for the kernel build infra to exist here now,
it has also been removed. This should significantly speed up full builds.
This change will also enable us to turn on os build workflows for all PRs. We should
likely make the OS status checks required once this is merged.
Previously, krata runtime allowed a single permit when performing operations.
This was necessary because the only IP allocation storage was xenstore, and
the commit of xenstore data happens after allocation. This commit introduces
IpVendor, a service which vends IPv4 and IPv6 addresses to guests using a
linear address strategy within an IP network space. The IpVendor table is
initialized from xenstore, and from there on out, the in-memory table
is the source of truth. This implementation is not perfect, but it will allow
us to lift the single permit limit, allowing guests to start concurrently.
* feat: pci passthrough
* feat: guest device management
* feat: addons mounting and kernel modules support
* feat: more pci work
* fix: kernel build squashfs fixes
* fix: e820entry should be available on all platforms
