Update Microsoft/hcsshim vendor

Updates Microsoft/hcsshim vendor commit hash to a recent version that now:
1. Supports container stats via the Stats RuntimeV2 gRPC call.
2. Fixes a regression when issuing a resize of the pty after the container has
exited which previously in Docker was expected to be a non-error case.
3. Puts in a workaround when using a non-default sandbox size for Windows
containers due to a platform bug. This expansion now happens in the go library
itself.

Signed-off-by: Justin Terry (VM) <juterry@microsoft.com>

vendor/github.com/Microsoft/hcsshim/internal/cow/cow.go

@@ -5,6 +5,7 @@ import (
 	"io"
 
 	"github.com/Microsoft/hcsshim/internal/schema1"
+	hcsschema "github.com/Microsoft/hcsshim/internal/schema2"
 )
 
 // Process is the interface for an OS process running in a container or utility VM.
@@ -63,8 +64,10 @@ type Container interface {
 	Close() error
 	// ID returns the container ID.
 	ID() string
-	// Properties returns the requested container properties.
+	// Properties returns the requested container properties targeting a V1 schema container.
 	Properties(ctx context.Context, types ...schema1.PropertyType) (*schema1.ContainerProperties, error)
+	// PropertiesV2 returns the requested container properties targeting a V2 schema container.
+	PropertiesV2(ctx context.Context, types ...hcsschema.PropertyType) (*hcsschema.Properties, error)
 	// Start starts a container.
 	Start(ctx context.Context) error
 	// Shutdown sends a shutdown request to the container (but does not wait for

vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go

@@ -15,6 +15,7 @@ import (
 	"github.com/Microsoft/hcsshim/internal/log"
 	"github.com/Microsoft/hcsshim/internal/oc"
 	"github.com/Microsoft/hcsshim/internal/schema1"
+	hcsschema "github.com/Microsoft/hcsshim/internal/schema2"
 	"github.com/Microsoft/hcsshim/internal/timeout"
 	"github.com/Microsoft/hcsshim/internal/vmcompute"
 	"go.opencensus.io/trace"
@@ -345,6 +346,7 @@ func (computeSystem *System) ExitError() error {
 	}
 }
 
+// Properties returns the requested container properties targeting a V1 schema container.
 func (computeSystem *System) Properties(ctx context.Context, types ...schema1.PropertyType) (*schema1.ContainerProperties, error) {
 	computeSystem.handleLock.RLock()
 	defer computeSystem.handleLock.RUnlock()
@@ -373,6 +375,35 @@ func (computeSystem *System) Properties(ctx context.Context, types ...schema1.Pr
 	return properties, nil
 }
 
+// PropertiesV2 returns the requested container properties targeting a V2 schema container.
+func (computeSystem *System) PropertiesV2(ctx context.Context, types ...hcsschema.PropertyType) (*hcsschema.Properties, error) {
+	computeSystem.handleLock.RLock()
+	defer computeSystem.handleLock.RUnlock()
+
+	operation := "hcsshim::System::PropertiesV2"
+
+	queryBytes, err := json.Marshal(hcsschema.PropertyQuery{PropertyTypes: types})
+	if err != nil {
+		return nil, makeSystemError(computeSystem, operation, "", err, nil)
+	}
+
+	propertiesJSON, resultJSON, err := vmcompute.HcsGetComputeSystemProperties(ctx, computeSystem.handle, string(queryBytes))
+	events := processHcsResult(ctx, resultJSON)
+	if err != nil {
+		return nil, makeSystemError(computeSystem, operation, "", err, events)
+	}
+
+	if propertiesJSON == "" {
+		return nil, ErrUnexpectedValue
+	}
+	properties := &hcsschema.Properties{}
+	if err := json.Unmarshal([]byte(propertiesJSON), properties); err != nil {
+		return nil, makeSystemError(computeSystem, operation, "", err, nil)
+	}
+
+	return properties, nil
+}
+
 // Pause pauses the execution of the computeSystem. This feature is not enabled in TP5.
 func (computeSystem *System) Pause(ctx context.Context) (err error) {
 	operation := "hcsshim::System::Pause"

vendor/github.com/Microsoft/hcsshim/internal/hns/hnspolicy.go

@@ -55,8 +55,9 @@ type PaPolicy struct {
 
 type OutboundNatPolicy struct {
 	Policy
-	VIP        string   `json:"VIP,omitempty"`
-	Exceptions []string `json:"ExceptionList,omitempty"`
+	VIP          string   `json:"VIP,omitempty"`
+	Exceptions   []string `json:"ExceptionList,omitempty"`
+	Destinations []string `json:",omitempty"`
 }
 
 type ActionType string

vendor/github.com/Microsoft/hcsshim/internal/schema2/memory_2.go

@@ -22,4 +22,9 @@ type Memory2 struct {
 
 	// EnableDeferredCommit is private in the schema. If regenerated need to add back.
 	EnableDeferredCommit bool `json:"EnableDeferredCommit,omitempty"`
+
+	// EnableColdDiscardHint if enabled, then the memory cold discard hint feature is exposed
+	// to the VM, allowing it to trim non-zeroed pages from the working set (if supported by
+	// the guest operating system).
+	EnableColdDiscardHint bool `json:"EnableColdDiscardHint,omitempty"`
 }

vendor/github.com/Microsoft/hcsshim/internal/schema2/memory_information_for_vm.go

@@ -10,7 +10,7 @@
 package hcsschema
 
 type MemoryInformationForVm struct {
-	VirtualNodeCount int32 `json:"VirtualNodeCount,omitempty"`
+	VirtualNodeCount uint32 `json:"VirtualNodeCount,omitempty"`
 
 	VirtualMachineMemory *VmMemory `json:"VirtualMachineMemory,omitempty"`
 

vendor/github.com/Microsoft/hcsshim/internal/schema2/memory_stats.go

@@ -11,9 +11,9 @@ package hcsschema
 
 //  Memory runtime statistics
 type MemoryStats struct {
-	MemoryUsageCommitBytes int32 `json:"MemoryUsageCommitBytes,omitempty"`
+	MemoryUsageCommitBytes uint64 `json:"MemoryUsageCommitBytes,omitempty"`
 
-	MemoryUsageCommitPeakBytes int32 `json:"MemoryUsageCommitPeakBytes,omitempty"`
+	MemoryUsageCommitPeakBytes uint64 `json:"MemoryUsageCommitPeakBytes,omitempty"`
 
-	MemoryUsagePrivateWorkingSetBytes int32 `json:"MemoryUsagePrivateWorkingSetBytes,omitempty"`
+	MemoryUsagePrivateWorkingSetBytes uint64 `json:"MemoryUsagePrivateWorkingSetBytes,omitempty"`
 }

vendor/github.com/Microsoft/hcsshim/internal/schema2/processor_stats.go

@@ -11,9 +11,9 @@ package hcsschema
 
 //  CPU runtime statistics
 type ProcessorStats struct {
-	TotalRuntime100ns int32 `json:"TotalRuntime100ns,omitempty"`
+	TotalRuntime100ns uint64 `json:"TotalRuntime100ns,omitempty"`
 
-	RuntimeUser100ns int32 `json:"RuntimeUser100ns,omitempty"`
+	RuntimeUser100ns uint64 `json:"RuntimeUser100ns,omitempty"`
 
-	RuntimeKernel100ns int32 `json:"RuntimeKernel100ns,omitempty"`
+	RuntimeKernel100ns uint64 `json:"RuntimeKernel100ns,omitempty"`
 }

vendor/github.com/Microsoft/hcsshim/internal/schema2/properties.go

@@ -9,6 +9,10 @@
 
 package hcsschema
 
+import (
+	v1 "github.com/containerd/cgroups/stats/v1"
+)
+
 type Properties struct {
 	Id string `json:"Id,omitempty"`
 
@@ -43,4 +47,8 @@ type Properties struct {
 	SharedMemoryRegionInfo []SharedMemoryRegionInfo `json:"SharedMemoryRegionInfo,omitempty"`
 
 	GuestConnectionInfo *GuestConnectionInfo `json:"GuestConnectionInfo,omitempty"`
+
+	// Metrics is not part of the API for HCS but this is used for LCOW v2 to
+	// return the full cgroup metrics from the guest.
+	Metrics *v1.Metrics `json:"LCOWMetrics,omitempty"`
 }

vendor/github.com/Microsoft/hcsshim/internal/schema2/property_query.go

@@ -11,5 +11,5 @@ package hcsschema
 
 //   By default the basic properties will be returned. This query provides a way to  request specific properties.
 type PropertyQuery struct {
-	PropertyTypes []string `json:"PropertyTypes,omitempty"`
+	PropertyTypes []PropertyType `json:"PropertyTypes,omitempty"`
 }

vendor/github.com/Microsoft/hcsshim/internal/schema2/property_type.go

@@ -0,0 +1,23 @@
+/*
+ * HCS API
+ *
+ * No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen)
+ *
+ * API version: 2.1
+ * Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git)
+ */
+
+package hcsschema
+
+type PropertyType string
+
+const (
+	PTMemory                      PropertyType = "Memory"
+	PTGuestMemory                 PropertyType = "GuestMemory"
+	PTStatistics                  PropertyType = "Statistics"
+	PTProcessList                 PropertyType = "ProcessList"
+	PTTerminateOnLastHandleClosed PropertyType = "TerminateOnLastHandleClosed"
+	PTSharedMemoryRegion          PropertyType = "SharedMemoryRegion"
+	PTGuestConnection             PropertyType = "GuestConnection"
+	PTICHeartbeatStatus           PropertyType = "ICHeartbeatStatus"
+)

vendor/github.com/Microsoft/hcsshim/internal/schema2/statistics.go

@@ -19,7 +19,7 @@ type Statistics struct {
 
 	ContainerStartTime time.Time `json:"ContainerStartTime,omitempty"`
 
-	Uptime100ns int32 `json:"Uptime100ns,omitempty"`
+	Uptime100ns uint64 `json:"Uptime100ns,omitempty"`
 
 	Processor *ProcessorStats `json:"Processor,omitempty"`
 

vendor/github.com/Microsoft/hcsshim/internal/schema2/storage_stats.go

@@ -11,11 +11,11 @@ package hcsschema
 
 //  Storage runtime statistics
 type StorageStats struct {
-	ReadCountNormalized int32 `json:"ReadCountNormalized,omitempty"`
+	ReadCountNormalized uint64 `json:"ReadCountNormalized,omitempty"`
 
-	ReadSizeBytes int32 `json:"ReadSizeBytes,omitempty"`
+	ReadSizeBytes uint64 `json:"ReadSizeBytes,omitempty"`
 
-	WriteCountNormalized int32 `json:"WriteCountNormalized,omitempty"`
+	WriteCountNormalized uint64 `json:"WriteCountNormalized,omitempty"`
 
-	WriteSizeBytes int32 `json:"WriteSizeBytes,omitempty"`
+	WriteSizeBytes uint64 `json:"WriteSizeBytes,omitempty"`
 }

vendor/github.com/Microsoft/hcsshim/internal/schema2/vm_memory.go

@@ -14,9 +14,9 @@ type VmMemory struct {
 
 	AvailableMemoryBuffer int32 `json:"AvailableMemoryBuffer,omitempty"`
 
-	ReservedMemory int32 `json:"ReservedMemory,omitempty"`
+	ReservedMemory uint64 `json:"ReservedMemory,omitempty"`
 
-	AssignedMemory int32 `json:"AssignedMemory,omitempty"`
+	AssignedMemory uint64 `json:"AssignedMemory,omitempty"`
 
 	SlpActive bool `json:"SlpActive,omitempty"`
 

vendor/github.com/Microsoft/hcsshim/internal/wclayer/expandscratchsize.go

@@ -1,7 +1,13 @@
 package wclayer
 
 import (
+	"os"
+	"path/filepath"
+	"syscall"
+	"unsafe"
+
 	"github.com/Microsoft/hcsshim/internal/hcserror"
+	"github.com/Microsoft/hcsshim/osversion"
 	"github.com/sirupsen/logrus"
 )
 
@@ -26,5 +32,114 @@ func ExpandScratchSize(path string, size uint64) (err error) {
 	if err != nil {
 		return hcserror.New(err, title+" - failed", "")
 	}
+
+	// Manually expand the volume now in order to work around bugs in 19H1 and
+	// prerelease versions of Vb. Remove once this is fixed in Windows.
+	if build := osversion.Get().Build; build >= osversion.V19H1 && build < 19020 {
+		err = expandSandboxVolume(path)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+type virtualStorageType struct {
+	DeviceID uint32
+	VendorID [16]byte
+}
+
+type openVersion2 struct {
+	GetInfoOnly    int32    // bool but 4-byte aligned
+	ReadOnly       int32    // bool but 4-byte aligned
+	ResiliencyGUID [16]byte // GUID
+}
+
+type openVirtualDiskParameters struct {
+	Version  uint32 // Must always be set to 2
+	Version2 openVersion2
+}
+
+func attachVhd(path string) (syscall.Handle, error) {
+	var (
+		defaultType virtualStorageType
+		handle      syscall.Handle
+	)
+	parameters := openVirtualDiskParameters{Version: 2}
+	err := openVirtualDisk(
+		&defaultType,
+		path,
+		0,
+		0,
+		&parameters,
+		&handle)
+	if err != nil {
+		return 0, &os.PathError{Op: "OpenVirtualDisk", Path: path, Err: err}
+	}
+	err = attachVirtualDisk(handle, 0, 0, 0, 0, 0)
+	if err != nil {
+		syscall.Close(handle)
+		return 0, &os.PathError{Op: "AttachVirtualDisk", Path: path, Err: err}
+	}
+	return handle, nil
+}
+
+func expandSandboxVolume(path string) error {
+	// Mount the sandbox VHD temporarily.
+	vhdPath := filepath.Join(path, "sandbox.vhdx")
+	vhd, err := attachVhd(vhdPath)
+	if err != nil {
+		return &os.PathError{Op: "OpenVirtualDisk", Path: vhdPath, Err: err}
+	}
+	defer syscall.Close(vhd)
+
+	// Open the volume.
+	volumePath, err := GetLayerMountPath(path)
+	if err != nil {
+		return err
+	}
+	if volumePath[len(volumePath)-1] == '\\' {
+		volumePath = volumePath[:len(volumePath)-1]
+	}
+	volume, err := os.OpenFile(volumePath, os.O_RDWR, 0)
+	if err != nil {
+		return err
+	}
+	defer volume.Close()
+
+	// Get the volume's underlying partition size in NTFS clusters.
+	var (
+		partitionSize int64
+		bytes         uint32
+	)
+	const _IOCTL_DISK_GET_LENGTH_INFO = 0x0007405C
+	err = syscall.DeviceIoControl(syscall.Handle(volume.Fd()), _IOCTL_DISK_GET_LENGTH_INFO, nil, 0, (*byte)(unsafe.Pointer(&partitionSize)), 8, &bytes, nil)
+	if err != nil {
+		return &os.PathError{Op: "IOCTL_DISK_GET_LENGTH_INFO", Path: volume.Name(), Err: err}
+	}
+	const (
+		clusterSize = 4096
+		sectorSize  = 512
+	)
+	targetClusters := partitionSize / clusterSize
+
+	// Get the volume's current size in NTFS clusters.
+	var volumeSize int64
+	err = getDiskFreeSpaceEx(volume.Name()+"\\", nil, &volumeSize, nil)
+	if err != nil {
+		return &os.PathError{Op: "GetDiskFreeSpaceEx", Path: volume.Name(), Err: err}
+	}
+	volumeClusters := volumeSize / clusterSize
+
+	// Only resize the volume if there is space to grow, otherwise this will
+	// fail with invalid parameter. NTFS reserves one cluster.
+	if volumeClusters+1 < targetClusters {
+		targetSectors := targetClusters * (clusterSize / sectorSize)
+		const _FSCTL_EXTEND_VOLUME = 0x000900F0
+		err = syscall.DeviceIoControl(syscall.Handle(volume.Fd()), _FSCTL_EXTEND_VOLUME, (*byte)(unsafe.Pointer(&targetSectors)), 8, nil, 0, &bytes, nil)
+		if err != nil {
+			return &os.PathError{Op: "FSCTL_EXTEND_VOLUME", Path: volume.Name(), Err: err}
+		}
+	}
 	return nil
 }

vendor/github.com/Microsoft/hcsshim/internal/wclayer/wclayer.go

@@ -24,4 +24,9 @@ import "github.com/Microsoft/go-winio/pkg/guid"
 
 //sys grantVmAccess(vmid string, filepath string) (hr error) = vmcompute.GrantVmAccess?
 
+//sys openVirtualDisk(virtualStorageType *virtualStorageType, path string, virtualDiskAccessMask uint32, flags uint32, parameters *openVirtualDiskParameters, handle *syscall.Handle) (err error) [failretval != 0] = virtdisk.OpenVirtualDisk
+//sys attachVirtualDisk(handle syscall.Handle, sd uintptr, flags uint32, providerFlags uint32, params uintptr, overlapped uintptr) (err error) [failretval != 0] = virtdisk.AttachVirtualDisk
+
+//sys getDiskFreeSpaceEx(directoryName string, freeBytesAvailableToCaller *int64, totalNumberOfBytes *int64, totalNumberOfFreeBytes *int64) (err error) = GetDiskFreeSpaceExW
+
 type _guid = guid.GUID

vendor/github.com/Microsoft/hcsshim/internal/wclayer/zsyscall_windows.go

@@ -38,6 +38,8 @@ func errnoErr(e syscall.Errno) error {
 
 var (
 	modvmcompute = windows.NewLazySystemDLL("vmcompute.dll")
+	modvirtdisk  = windows.NewLazySystemDLL("virtdisk.dll")
+	modkernel32  = windows.NewLazySystemDLL("kernel32.dll")
 
 	procActivateLayer       = modvmcompute.NewProc("ActivateLayer")
 	procCopyLayer           = modvmcompute.NewProc("CopyLayer")
@@ -57,6 +59,9 @@ var (
 	procProcessBaseImage    = modvmcompute.NewProc("ProcessBaseImage")
 	procProcessUtilityImage = modvmcompute.NewProc("ProcessUtilityImage")
 	procGrantVmAccess       = modvmcompute.NewProc("GrantVmAccess")
+	procOpenVirtualDisk     = modvirtdisk.NewProc("OpenVirtualDisk")
+	procAttachVirtualDisk   = modvirtdisk.NewProc("AttachVirtualDisk")
+	procGetDiskFreeSpaceExW = modkernel32.NewProc("GetDiskFreeSpaceExW")
 )
 
 func activateLayer(info *driverInfo, id string) (hr error) {
@@ -508,3 +513,57 @@ func _grantVmAccess(vmid *uint16, filepath *uint16) (hr error) {
 	}
 	return
 }
+
+func openVirtualDisk(virtualStorageType *virtualStorageType, path string, virtualDiskAccessMask uint32, flags uint32, parameters *openVirtualDiskParameters, handle *syscall.Handle) (err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(path)
+	if err != nil {
+		return
+	}
+	return _openVirtualDisk(virtualStorageType, _p0, virtualDiskAccessMask, flags, parameters, handle)
+}
+
+func _openVirtualDisk(virtualStorageType *virtualStorageType, path *uint16, virtualDiskAccessMask uint32, flags uint32, parameters *openVirtualDiskParameters, handle *syscall.Handle) (err error) {
+	r1, _, e1 := syscall.Syscall6(procOpenVirtualDisk.Addr(), 6, uintptr(unsafe.Pointer(virtualStorageType)), uintptr(unsafe.Pointer(path)), uintptr(virtualDiskAccessMask), uintptr(flags), uintptr(unsafe.Pointer(parameters)), uintptr(unsafe.Pointer(handle)))
+	if r1 != 0 {
+		if e1 != 0 {
+			err = errnoErr(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}
+
+func attachVirtualDisk(handle syscall.Handle, sd uintptr, flags uint32, providerFlags uint32, params uintptr, overlapped uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall6(procAttachVirtualDisk.Addr(), 6, uintptr(handle), uintptr(sd), uintptr(flags), uintptr(providerFlags), uintptr(params), uintptr(overlapped))
+	if r1 != 0 {
+		if e1 != 0 {
+			err = errnoErr(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}
+
+func getDiskFreeSpaceEx(directoryName string, freeBytesAvailableToCaller *int64, totalNumberOfBytes *int64, totalNumberOfFreeBytes *int64) (err error) {
+	var _p0 *uint16
+	_p0, err = syscall.UTF16PtrFromString(directoryName)
+	if err != nil {
+		return
+	}
+	return _getDiskFreeSpaceEx(_p0, freeBytesAvailableToCaller, totalNumberOfBytes, totalNumberOfFreeBytes)
+}
+
+func _getDiskFreeSpaceEx(directoryName *uint16, freeBytesAvailableToCaller *int64, totalNumberOfBytes *int64, totalNumberOfFreeBytes *int64) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetDiskFreeSpaceExW.Addr(), 4, uintptr(unsafe.Pointer(directoryName)), uintptr(unsafe.Pointer(freeBytesAvailableToCaller)), uintptr(unsafe.Pointer(totalNumberOfBytes)), uintptr(unsafe.Pointer(totalNumberOfFreeBytes)), 0, 0)
+	if r1 == 0 {
+		if e1 != 0 {
+			err = errnoErr(e1)
+		} else {
+			err = syscall.EINVAL
+		}
+	}
+	return
+}