8126b243fc
chore(xenplatform): elf loader should async load the file
2024-06-23 04:46:32 -07:00
aa7d3e369a
fix(build): remove unused environment variables
2024-06-23 02:27:57 -07:00
349664abf1
chore(git): delete old gitmodules
2024-06-23 01:50:35 -07:00
ef068e790c
chore(xen): move device creation into transaction interface ( #196 )
...
* chore(xen): move domain creation to xenplatform
* chore(xen): move device transactions into separate interface
2024-06-21 17:38:19 +00:00
6f39f115b7
chore(xen): split platform support into separate crate ( #195 )
2024-06-21 08:10:45 +00:00
23c7302c04
docs: first pass of krata as an isolation engine
2024-06-20 19:57:18 -07:00
e219f3adf1
feature(xen): dynamic platform architecture ( #194 )
...
* wip hvm
* feat: move platform stuff all into it's own thing
* hvm work
* more hvm work
* more hvm work
* feat: rework to support multiple platforms
* hvm nonredist
* more hvm work
* more hvm work
* pvh work
* work on loading cmdline
* implement initrd loading for pvh
* partially working pvh support
* fix merge issues
* pvh works!
* swap over to pv support
* remove old kernel stuff
* fix support for pv
* pvh is gone for now
* fix(runtime): debug should be respected
* fix(xen): arm64 is currently unsupported, treat it as such at runtime
* fix(examples): use architecture cfg for boot example
* fix(x86): use IOMMU only when needed for passthrough
* chore(build): print kernel architecture during fetch
2024-06-21 02:42:45 +00:00
2c7210d85e
build(deps): bump prost-build from 0.12.4 to 0.12.6 ( #170 )
...
Bumps [prost-build](https://github.com/tokio-rs/prost ) from 0.12.4 to 0.12.6.
- [Release notes](https://github.com/tokio-rs/prost/releases )
- [Commits](https://github.com/tokio-rs/prost/compare/v0.12.4...v0.12.6 )
---
updated-dependencies:
- dependency-name: prost-build
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-04 19:24:00 +00:00
ade37e92f3
build(deps): bump serde from 1.0.202 to 1.0.203 ( #172 )
...
Bumps [serde](https://github.com/serde-rs/serde ) from 1.0.202 to 1.0.203.
- [Release notes](https://github.com/serde-rs/serde/releases )
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.202...v1.0.203 )
---
updated-dependencies:
- dependency-name: serde
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-04 19:23:52 +00:00
ef3bc83069
build(deps): bump async-compression from 0.4.10 to 0.4.11 ( #175 )
...
Bumps [async-compression](https://github.com/Nullus157/async-compression ) from 0.4.10 to 0.4.11.
- [Release notes](https://github.com/Nullus157/async-compression/releases )
- [Changelog](https://github.com/Nullus157/async-compression/blob/main/CHANGELOG.md )
- [Commits](https://github.com/Nullus157/async-compression/compare/v0.4.10...v0.4.11 )
---
updated-dependencies:
- dependency-name: async-compression
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-04 19:23:43 +00:00
14084f13d8
build(deps): bump tokio from 1.37.0 to 1.38.0 ( #176 )
...
Bumps [tokio](https://github.com/tokio-rs/tokio ) from 1.37.0 to 1.38.0.
- [Release notes](https://github.com/tokio-rs/tokio/releases )
- [Commits](https://github.com/tokio-rs/tokio/compare/tokio-1.37.0...tokio-1.38.0 )
---
updated-dependencies:
- dependency-name: tokio
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-04 19:23:35 +00:00
fbc953cf46
build(deps): bump actions/create-github-app-token from 1.10.0 to 1.10.1 ( #177 )
...
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token ) from 1.10.0 to 1.10.1.
- [Release notes](https://github.com/actions/create-github-app-token/releases )
- [Commits](a0de6af839...c8f55efbd4support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-04 19:23:26 +00:00
fd7974fc98
build(deps): bump MarcoIeni/release-plz-action from 0.5.58 to 0.5.61 ( #178 )
...
Bumps [MarcoIeni/release-plz-action](https://github.com/marcoieni/release-plz-action ) from 0.5.58 to 0.5.61.
- [Release notes](https://github.com/marcoieni/release-plz-action/releases )
- [Commits](7fe60ae5d7...7566221bbasupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-04 19:23:18 +00:00
d17769d69f
build(deps): bump toml from 0.8.13 to 0.8.14 ( #179 )
...
Bumps [toml](https://github.com/toml-rs/toml ) from 0.8.13 to 0.8.14.
- [Commits](https://github.com/toml-rs/toml/compare/toml-v0.8.13...toml-v0.8.14 )
---
updated-dependencies:
- dependency-name: toml
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-04 19:23:11 +00:00
7ba04f26a3
fix(os): alpine v3.20 requires copying kernel config before grub-mkconfig ( #180 )
...
There is currently a bug in the Xen support for Alpine where /boot/config-lts
is expected to exist but in Alpine /boot/config-VERSION-lts is the only file
available. This change copies the config to /boot/config-lts to fix the build.
2024-06-04 17:00:49 +00:00
11235b6837
--- ( #168 )
...
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-22 06:29:06 +00:00
e8849048db
--- ( #167 )
...
updated-dependencies:
- dependency-name: prost-types
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-22 06:29:03 +00:00
cd15337ad8
build(deps): bump libc from 0.2.154 to 0.2.155 ( #163 )
...
Bumps [libc](https://github.com/rust-lang/libc ) from 0.2.154 to 0.2.155.
- [Release notes](https://github.com/rust-lang/libc/releases )
- [Commits](https://github.com/rust-lang/libc/compare/0.2.154...0.2.155 )
---
updated-dependencies:
- dependency-name: libc
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-22 04:44:36 +00:00
037261991a
build(deps): bump anyhow from 1.0.83 to 1.0.86 ( #164 )
...
Bumps [anyhow](https://github.com/dtolnay/anyhow ) from 1.0.83 to 1.0.86.
- [Release notes](https://github.com/dtolnay/anyhow/releases )
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.83...1.0.86 )
---
updated-dependencies:
- dependency-name: anyhow
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-22 04:44:33 +00:00
67fb5891e4
build(deps): bump prost from 0.12.4 to 0.12.6 ( #165 )
...
Bumps [prost](https://github.com/tokio-rs/prost ) from 0.12.4 to 0.12.6.
- [Release notes](https://github.com/tokio-rs/prost/releases )
- [Commits](https://github.com/tokio-rs/prost/compare/v0.12.4...v0.12.6 )
---
updated-dependencies:
- dependency-name: prost
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-22 04:44:30 +00:00
d1f6d1e742
--- ( #166 )
...
updated-dependencies:
- dependency-name: ratatui
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-22 04:44:27 +00:00
18fc2c3a7e
build(deps): bump thiserror from 1.0.60 to 1.0.61 ( #162 )
...
Bumps [thiserror](https://github.com/dtolnay/thiserror ) from 1.0.60 to 1.0.61.
- [Release notes](https://github.com/dtolnay/thiserror/releases )
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.60...1.0.61 )
---
updated-dependencies:
- dependency-name: thiserror
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-22 04:44:24 +00:00
54486b119b
build(deps): bump actions/checkout from 4.1.5 to 4.1.6 ( #161 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.5 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](44c2b7a8a4...a5ac7e51b4support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-17 17:48:51 +00:00
04a633d501
build(deps): bump MarcoIeni/release-plz-action from 0.5.57 to 0.5.58 ( #152 )
...
Bumps [MarcoIeni/release-plz-action](https://github.com/marcoieni/release-plz-action ) from 0.5.57 to 0.5.58.
- [Release notes](https://github.com/marcoieni/release-plz-action/releases )
- [Commits](a290444218...7fe60ae5d7support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-16 19:11:46 +00:00
612203f014
build(deps): bump serde from 1.0.201 to 1.0.202 ( #154 )
...
Bumps [serde](https://github.com/serde-rs/serde ) from 1.0.201 to 1.0.202.
- [Release notes](https://github.com/serde-rs/serde/releases )
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.201...v1.0.202 )
---
updated-dependencies:
- dependency-name: serde
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-16 19:09:33 +00:00
e9ba336f68
build(deps): bump toml from 0.8.12 to 0.8.13 ( #155 )
...
Bumps [toml](https://github.com/toml-rs/toml ) from 0.8.12 to 0.8.13.
- [Commits](https://github.com/toml-rs/toml/compare/toml-v0.8.12...toml-v0.8.13 )
---
updated-dependencies:
- dependency-name: toml
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-16 19:09:14 +00:00
94790ce7dc
fix(build): kernel fetch should use host target ( #159 )
2024-05-16 18:13:04 +00:00
023063327f
fix(build): use host resolv.conf in os build chroot ( #153 )
...
The resolv.conf that the stage1 os script generates is fine for actual use,
but our GitHub workflows now uses the Step Security hardened runner action.
This action replaces the nameserver so that all lookups go through that,
but because the chroot calls apk add, it needs to contact the internet.
On the GitHub workflows, the OS build currently fails since the hardened
runner cannot access other nameservers.
2024-05-16 08:41:42 +00:00
d46aa878af
feat(build): fetch kernels from image registry instead of building the kernel ( #156 )
...
Now that we have the kernel build infrastructure at https://github.com/edera-dev/kernels
it makes sense to drop building the kernel and download the kernel images directly.
This change introduces a ./hack/kernel/fetch.sh script which is backed by crates/build
We utilize the OCI infrastructure itself to download the kernel image. The DEV guide
has been updated to include calling the fetch script, and the OS builder now uses this
method instead. Due to the lack of need for the kernel build infra to exist here now,
it has also been removed. This should significantly speed up full builds.
This change will also enable us to turn on os build workflows for all PRs. We should
likely make the OS status checks required once this is merged.
2024-05-16 08:40:58 +00:00
2462a99fdc
chore(dependabot): group some dependency updates ( #157 )
...
We have a need to ensure great security while also ensuring that dependabot
does not constantly provide multiple PRs. After all, when something becomes
too time consuming it risks not being handled with care. With grouped updates,
version bumps will get grouped together, but security updates will still be
indvidualized. This makes it safer for us to enable grouped dependency updates.
2024-05-16 08:39:50 +00:00
fc18bc6a18
feat(runtime): concurrent ip allocation ( #151 )
...
Previously, krata runtime allowed a single permit when performing operations.
This was necessary because the only IP allocation storage was xenstore, and
the commit of xenstore data happens after allocation. This commit introduces
IpVendor, a service which vends IPv4 and IPv6 addresses to guests using a
linear address strategy within an IP network space. The IpVendor table is
initialized from xenstore, and from there on out, the in-memory table
is the source of truth. This implementation is not perfect, but it will allow
us to lift the single permit limit, allowing guests to start concurrently.
2024-05-14 18:29:12 +00:00
b0f0934fa4
build(deps): bump async-compression from 0.4.9 to 0.4.10 ( #145 )
...
Bumps [async-compression](https://github.com/Nullus157/async-compression ) from 0.4.9 to 0.4.10.
- [Release notes](https://github.com/Nullus157/async-compression/releases )
- [Changelog](https://github.com/Nullus157/async-compression/blob/main/CHANGELOG.md )
- [Commits](https://github.com/Nullus157/async-compression/commits/v0.4.10 )
---
updated-dependencies:
- dependency-name: async-compression
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-13 19:23:40 +00:00
f6721d5e2c
build(deps): bump actions/checkout from 4.1.4 to 4.1.5 ( #149 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](0ad4b8fada...44c2b7a8a4support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-13 19:23:24 +00:00
0d43a8be54
build(deps): bump MarcoIeni/release-plz-action from 0.5.55 to 0.5.57 ( #150 )
...
Bumps [MarcoIeni/release-plz-action](https://github.com/marcoieni/release-plz-action ) from 0.5.55 to 0.5.57.
- [Release notes](https://github.com/marcoieni/release-plz-action/releases )
- [Commits](76e66a600f...a290444218support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-13 19:23:08 +00:00
0193921053
Pin actions to digests and introduce Step Security Harden Runners ( #137 )
...
Signed-off-by: Jed Salazar <jedsalazar@gmail.com >
2024-05-11 00:00:56 +00:00
485f6e8319
chore(kernel): upgrade to kernel 6.8.9 ( #143 )
2024-05-10 17:30:06 +00:00
09ee251c9e
Fix typo and nit ( #144 )
...
Signed-off-by: Jed Salazar <jed@edera.dev >
2024-05-10 01:44:42 +00:00
75011ef8cb
fix(oci): use mirror.gcr.io as a mirror to docker hub ( #141 )
2024-05-09 17:30:27 +00:00
69c7af5220
build(deps): bump thiserror from 1.0.59 to 1.0.60 ( #135 )
...
Bumps [thiserror](https://github.com/dtolnay/thiserror ) from 1.0.59 to 1.0.60.
- [Release notes](https://github.com/dtolnay/thiserror/releases )
- [Commits](https://github.com/dtolnay/thiserror/compare/1.0.59...1.0.60 )
---
updated-dependencies:
- dependency-name: thiserror
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-08 19:14:17 +00:00
a364abe887
build(deps): bump anyhow from 1.0.82 to 1.0.83 ( #136 )
...
Bumps [anyhow](https://github.com/dtolnay/anyhow ) from 1.0.82 to 1.0.83.
- [Release notes](https://github.com/dtolnay/anyhow/releases )
- [Commits](https://github.com/dtolnay/anyhow/compare/1.0.82...1.0.83 )
---
updated-dependencies:
- dependency-name: anyhow
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-08 19:14:00 +00:00
95accc6d3f
build(deps): bump serde from 1.0.200 to 1.0.201 ( #139 )
...
Bumps [serde](https://github.com/serde-rs/serde ) from 1.0.200 to 1.0.201.
- [Release notes](https://github.com/serde-rs/serde/releases )
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.200...v1.0.201 )
---
updated-dependencies:
- dependency-name: serde
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-08 19:13:44 +00:00
04fb6cce8e
build(deps): bump serde_json from 1.0.116 to 1.0.117 ( #140 )
...
Bumps [serde_json](https://github.com/serde-rs/json ) from 1.0.116 to 1.0.117.
- [Release notes](https://github.com/serde-rs/json/releases )
- [Commits](https://github.com/serde-rs/json/compare/v1.0.116...v1.0.117 )
---
updated-dependencies:
- dependency-name: serde_json
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-08 19:13:27 +00:00
5420214bdd
build(deps): bump sysinfo from 0.30.11 to 0.30.12 ( #131 )
...
Bumps [sysinfo](https://github.com/GuillaumeGomez/sysinfo ) from 0.30.11 to 0.30.12.
- [Changelog](https://github.com/GuillaumeGomez/sysinfo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/GuillaumeGomez/sysinfo/commits )
---
updated-dependencies:
- dependency-name: sysinfo
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-08 19:13:11 +00:00
b4f26787d4
fix(oci): remove file size limit ( #142 )
...
the addons.squashfs file often is fairly large due to the GPU modules containing a lot of code
2024-05-08 19:09:33 +00:00
51dff0361d
fix(xenclient): use a single transaction for device setup ( #130 )
2024-05-05 20:39:53 +00:00
3187830ff5
build(deps): bump serde from 1.0.199 to 1.0.200 ( #129 )
...
Bumps [serde](https://github.com/serde-rs/serde ) from 1.0.199 to 1.0.200.
- [Release notes](https://github.com/serde-rs/serde/releases )
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.199...v1.0.200 )
---
updated-dependencies:
- dependency-name: serde
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-02 17:19:20 +00:00
338322619c
build(deps): bump base64 from 0.22.0 to 0.22.1 ( #128 )
...
Bumps [base64](https://github.com/marshallpierce/rust-base64 ) from 0.22.0 to 0.22.1.
- [Changelog](https://github.com/marshallpierce/rust-base64/blob/master/RELEASE-NOTES.md )
- [Commits](https://github.com/marshallpierce/rust-base64/compare/v0.22.0...v0.22.1 )
---
updated-dependencies:
- dependency-name: base64
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-01 16:27:53 +00:00
511f83bfd9
fix: dev guide should mention copying kernel addons ( fixes #125 ) ( #126 )
2024-04-30 21:46:45 +00:00
b0f5c38fb0
build(deps): bump async-compression from 0.4.8 to 0.4.9 ( #120 )
...
Bumps [async-compression](https://github.com/Nullus157/async-compression ) from 0.4.8 to 0.4.9.
- [Release notes](https://github.com/Nullus157/async-compression/releases )
- [Changelog](https://github.com/Nullus157/async-compression/blob/main/CHANGELOG.md )
- [Commits](https://github.com/Nullus157/async-compression/commits )
---
updated-dependencies:
- dependency-name: async-compression
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-30 16:31:41 +00:00
520018a86d
build(deps): bump serde from 1.0.198 to 1.0.199 ( #122 )
...
Bumps [serde](https://github.com/serde-rs/serde ) from 1.0.198 to 1.0.199.
- [Release notes](https://github.com/serde-rs/serde/releases )
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.198...v1.0.199 )
---
updated-dependencies:
- dependency-name: serde
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-30 16:31:20 +00:00
