github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

go.mod: Bump hcsshim to v0.10.0-rc.1

Browse Source 
This contains quite a bit (also bumps google/uuid to 1.3.0). Some HostProcess
container improvements to get ready for whenever it goes to stable in
Kubernetes, Hyper-V (windows) container support for CRI, and a plethora of
other small additions and fixes.

Signed-off-by: Daniel Canter <dcanter@microsoft.com>
This commit is contained in:
Daniel Canter
2022-08-12 23:43:27 -07:00
parent a04268132e
commit 1f8db2467b
168 changed files with 3532 additions and 1131 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
vendor/github.com/Microsoft/hcsshim/internal/cni/doc.go generated vendored Normal file
View File

@@ -0,0 +1 @@
package cni

4
vendor/github.com/Microsoft/hcsshim/internal/cni/registry.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package cni
import (
@@ -84,7 +86,7 @@ func (pnc *PersistedNamespaceConfig) Store() error {
}
// Remove removes any persisted state associated with this config. If the config
// is not found in the registery `Remove` returns no error.
// is not found in the registry `Remove` returns no error.
func (pnc *PersistedNamespaceConfig) Remove() error {
if pnc.stored {
sk, err := regstate.Open(cniRoot, false)

2
vendor/github.com/Microsoft/hcsshim/internal/cow/cow.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package cow
import (

2
vendor/github.com/Microsoft/hcsshim/internal/hcs/callback.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hcs
import (

1
vendor/github.com/Microsoft/hcsshim/internal/hcs/doc.go generated vendored Normal file
View File

@@ -0,0 +1 @@
package hcs

35
vendor/github.com/Microsoft/hcsshim/internal/hcs/errors.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hcs
import (
@@ -51,6 +53,9 @@ var (
// ErrUnexpectedValue is an error encountered when hcs returns an invalid value
ErrUnexpectedValue = errors.New("unexpected value returned from hcs")
// ErrOperationDenied is an error when hcs attempts an operation that is explicitly denied
ErrOperationDenied = errors.New("operation denied")
// ErrVmcomputeAlreadyStopped is an error encountered when a shutdown or terminate request is made on a stopped container
ErrVmcomputeAlreadyStopped = syscall.Errno(0xc0370110)
@@ -252,8 +257,8 @@ func makeProcessError(process *Process, op string, err error, events []ErrorEven
// will currently return true when the error is ErrElementNotFound.
func IsNotExist(err error) bool {
err = getInnerError(err)
return err == ErrComputeSystemDoesNotExist ||
err == ErrElementNotFound
return errors.Is(err, ErrComputeSystemDoesNotExist) ||
errors.Is(err, ErrElementNotFound)
}
// IsErrorInvalidHandle checks whether the error is the result of an operation carried
@@ -261,21 +266,21 @@ func IsNotExist(err error) bool {
// stats on a container in the process of being stopped.
func IsErrorInvalidHandle(err error) bool {
err = getInnerError(err)
return err == ErrInvalidHandle
return errors.Is(err, ErrInvalidHandle)
}
// IsAlreadyClosed checks if an error is caused by the Container or Process having been
// already closed by a call to the Close() method.
func IsAlreadyClosed(err error) bool {
err = getInnerError(err)
return err == ErrAlreadyClosed
return errors.Is(err, ErrAlreadyClosed)
}
// IsPending returns a boolean indicating whether the error is that
// the requested operation is being completed in the background.
func IsPending(err error) bool {
err = getInnerError(err)
return err == ErrVmcomputeOperationPending
return errors.Is(err, ErrVmcomputeOperationPending)
}
// IsTimeout returns a boolean indicating whether the error is caused by
@@ -285,7 +290,7 @@ func IsTimeout(err error) bool {
return true
}
err = getInnerError(err)
return err == ErrTimeout
return errors.Is(err, ErrTimeout)
}
// IsAlreadyStopped returns a boolean indicating whether the error is caused by
@@ -295,9 +300,9 @@ func IsTimeout(err error) bool {
// will currently return true when the error is ErrElementNotFound.
func IsAlreadyStopped(err error) bool {
err = getInnerError(err)
return err == ErrVmcomputeAlreadyStopped ||
err == ErrProcessAlreadyStopped ||
err == ErrElementNotFound
return errors.Is(err, ErrVmcomputeAlreadyStopped) ||
errors.Is(err, ErrProcessAlreadyStopped) ||
errors.Is(err, ErrElementNotFound)
}
// IsNotSupported returns a boolean indicating whether the error is caused by
@@ -308,24 +313,24 @@ func IsAlreadyStopped(err error) bool {
func IsNotSupported(err error) bool {
err = getInnerError(err)
// If Platform doesn't recognize or support the request sent, below errors are seen
return err == ErrVmcomputeInvalidJSON ||
err == ErrInvalidData ||
err == ErrNotSupported ||
err == ErrVmcomputeUnknownMessage
return errors.Is(err, ErrVmcomputeInvalidJSON) ||
errors.Is(err, ErrInvalidData) ||
errors.Is(err, ErrNotSupported) ||
errors.Is(err, ErrVmcomputeUnknownMessage)
}
// IsOperationInvalidState returns true when err is caused by
// `ErrVmcomputeOperationInvalidState`.
func IsOperationInvalidState(err error) bool {
err = getInnerError(err)
return err == ErrVmcomputeOperationInvalidState
return errors.Is(err, ErrVmcomputeOperationInvalidState)
}
// IsAccessIsDenied returns true when err is caused by
// `ErrVmcomputeOperationAccessIsDenied`.
func IsAccessIsDenied(err error) bool {
err = getInnerError(err)
return err == ErrVmcomputeOperationAccessIsDenied
return errors.Is(err, ErrVmcomputeOperationAccessIsDenied)
}
func getInnerError(err error) error {

19
vendor/github.com/Microsoft/hcsshim/internal/hcs/process.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hcs
import (
@@ -114,9 +116,9 @@ func (process *Process) processSignalResult(ctx context.Context, err error) (boo
// Signal signals the process with `options`.
//
// For LCOW `guestrequest.SignalProcessOptionsLCOW`.
// For LCOW `guestresource.SignalProcessOptionsLCOW`.
//
// For WCOW `guestrequest.SignalProcessOptionsWCOW`.
// For WCOW `guestresource.SignalProcessOptionsWCOW`.
func (process *Process) Signal(ctx context.Context, options interface{}) (bool, error) {
process.handleLock.RLock()
defer process.handleLock.RUnlock()
@@ -201,7 +203,7 @@ func (process *Process) Kill(ctx context.Context) (bool, error) {
// call multiple times.
func (process *Process) waitBackground() {
operation := "hcs::Process::waitBackground"
ctx, span := trace.StartSpan(context.Background(), operation)
ctx, span := oc.StartSpan(context.Background(), operation)
defer span.End()
span.AddAttributes(
trace.StringAttribute("cid", process.SystemID()),
@@ -254,7 +256,7 @@ func (process *Process) waitBackground() {
}
// Wait waits for the process to exit. If the process has already exited returns
// the pervious error (if any).
// the previous error (if any).
func (process *Process) Wait() error {
<-process.waitBlock
return process.waitError
@@ -312,7 +314,7 @@ func (process *Process) ExitCode() (int, error) {
// are the responsibility of the caller to close.
func (process *Process) StdioLegacy() (_ io.WriteCloser, _ io.ReadCloser, _ io.ReadCloser, err error) {
operation := "hcs::Process::StdioLegacy"
ctx, span := trace.StartSpan(context.Background(), operation)
ctx, span := oc.StartSpan(context.Background(), operation)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(
@@ -398,7 +400,7 @@ func (process *Process) CloseStdin(ctx context.Context) error {
}
func (process *Process) CloseStdout(ctx context.Context) (err error) {
ctx, span := trace.StartSpan(ctx, "hcs::Process::CloseStdout") //nolint:ineffassign,staticcheck
ctx, span := oc.StartSpan(ctx, "hcs::Process::CloseStdout") //nolint:ineffassign,staticcheck
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(
@@ -422,7 +424,7 @@ func (process *Process) CloseStdout(ctx context.Context) (err error) {
}
func (process *Process) CloseStderr(ctx context.Context) (err error) {
ctx, span := trace.StartSpan(ctx, "hcs::Process::CloseStderr") //nolint:ineffassign,staticcheck
ctx, span := oc.StartSpan(ctx, "hcs::Process::CloseStderr") //nolint:ineffassign,staticcheck
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(
@@ -441,7 +443,6 @@ func (process *Process) CloseStderr(ctx context.Context) (err error) {
if process.stderr != nil {
process.stderr.Close()
process.stderr = nil
}
return nil
}
@@ -450,7 +451,7 @@ func (process *Process) CloseStderr(ctx context.Context) (err error) {
// or wait on it.
func (process *Process) Close() (err error) {
operation := "hcs::Process::Close"
ctx, span := trace.StartSpan(context.Background(), operation)
ctx, span := oc.StartSpan(context.Background(), operation)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(

4
vendor/github.com/Microsoft/hcsshim/internal/hcs/schema1/schema1.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package schema1
import (
@@ -101,7 +103,7 @@ type ContainerConfig struct {
HvRuntime *HvRuntime `json:",omitempty"` // Hyper-V container settings. Used by Hyper-V containers only. Format ImagePath=%root%\BaseLayerID\UtilityVM
Servicing bool `json:",omitempty"` // True if this container is for servicing
AllowUnqualifiedDNSQuery bool `json:",omitempty"` // True to allow unqualified DNS name resolution
DNSSearchList string `json:",omitempty"` // Comma seperated list of DNS suffixes to use for name resolution
DNSSearchList string `json:",omitempty"` // Comma separated list of DNS suffixes to use for name resolution
ContainerType string `json:",omitempty"` // "Linux" for Linux containers on Windows. Omitted otherwise.
TerminateOnLastHandleClosed bool `json:",omitempty"` // Should HCS terminate the container once all handles have been closed
MappedVirtualDisks []MappedVirtualDisk `json:",omitempty"` // Array of virtual disks to mount at start

8
vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/cpu_group_property.go generated vendored
View File

@@ -9,6 +9,14 @@
package hcsschema
type CPUGroupPropertyCode uint32
const (
CPUCapacityProperty = 0x00010000
CPUSchedulingPriorityProperty = 0x00020000
IdleLPReserveProperty = 0x00030000
)
type CpuGroupProperty struct {
PropertyCode uint32 `json:"PropertyCode,omitempty"`
PropertyValue uint32 `json:"PropertyValue,omitempty"`

3
vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/guest_state.go generated vendored
View File

@@ -14,6 +14,9 @@ type GuestState struct {
// The path to an existing file uses for persistent guest state storage. An empty string indicates the system should initialize new transient, in-memory guest state.
GuestStateFilePath string `json:"GuestStateFilePath,omitempty"`
// The guest state file type affected by different guest isolation modes - whether a file or block storage.
GuestStateFileType string `json:"GuestStateFileType,omitempty"`
// The path to an existing file for persistent runtime state storage. An empty string indicates the system should initialize new transient, in-memory runtime state.
RuntimeStateFilePath string `json:"RuntimeStateFilePath,omitempty"`

21
vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/isolation_settings.go generated vendored Normal file
View File

@@ -0,0 +1,21 @@
/*
* HCS API
*
* No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen)
*
* API version: 2.4
* Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git)
*/
package hcsschema
type IsolationSettings struct {
// Guest isolation type options to decide virtual trust levels of virtual machine
IsolationType string `json:"IsolationType,omitempty"`
// Configuration to debug HCL layer for HCS VM TODO: Task 31102306: Miss the way to prevent the exposure of private debug configuration in HCS TODO: Think about the secret configurations which are private in VMMS VM (only edit by hvsedit)
DebugHost string `json:"DebugHost,omitempty"`
DebugPort int64 `json:"DebugPort,omitempty"`
// Optional data passed by host on isolated virtual machine start
LaunchData string `json:"LaunchData,omitempty"`
HclEnabled bool `json:"HclEnabled,omitempty"`
}

4
vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/modify_setting_request.go generated vendored
View File

@@ -9,10 +9,12 @@
package hcsschema
import "github.com/Microsoft/hcsshim/internal/protocol/guestrequest"
type ModifySettingRequest struct {
ResourcePath string `json:"ResourcePath,omitempty"`
RequestType string `json:"RequestType,omitempty"`
RequestType guestrequest.RequestType `json:"RequestType,omitempty"` // NOTE: Swagger generated as string. Locally updated.
Settings interface{} `json:"Settings,omitempty"` // NOTE: Swagger generated as *interface{}. Locally updated

16
vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/security_settings.go generated vendored Normal file
View File

@@ -0,0 +1,16 @@
/*
* HCS API
*
* No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen)
*
* API version: 2.4
* Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git)
*/
package hcsschema
type SecuritySettings struct {
// Enablement of Trusted Platform Module on the computer system
EnableTpm bool `json:"EnableTpm,omitempty"`
Isolation *IsolationSettings `json:"Isolation,omitempty"`
}

28
vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/system_time.go generated vendored Normal file
View File

@@ -0,0 +1,28 @@
/*
* HCS API
*
* No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen)
*
* API version: 2.1
* Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git)
*/
package hcsschema
type SystemTime struct {
Year int32 `json:"Year,omitempty"`
Month int32 `json:"Month,omitempty"`
DayOfWeek int32 `json:"DayOfWeek,omitempty"`
Day int32 `json:"Day,omitempty"`
Hour int32 `json:"Hour,omitempty"`
Minute int32 `json:"Minute,omitempty"`
Second int32 `json:"Second,omitempty"`
Milliseconds int32 `json:"Milliseconds,omitempty"`
}

26
vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/time_zone_information.go generated vendored Normal file
View File

@@ -0,0 +1,26 @@
/*
* HCS API
*
* No description provided (generated by Swagger Codegen https://github.com/swagger-api/swagger-codegen)
*
* API version: 2.1
* Generated by: Swagger Codegen (https://github.com/swagger-api/swagger-codegen.git)
*/
package hcsschema
type TimeZoneInformation struct {
Bias int32 `json:"Bias,omitempty"`
StandardName string `json:"StandardName,omitempty"`
StandardDate *SystemTime `json:"StandardDate,omitempty"`
StandardBias int32 `json:"StandardBias,omitempty"`
DaylightName string `json:"DaylightName,omitempty"`
DaylightDate *SystemTime `json:"DaylightDate,omitempty"`
DaylightBias int32 `json:"DaylightBias,omitempty"`
}

2
vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/uefi.go generated vendored
View File

@@ -12,6 +12,8 @@ package hcsschema
type Uefi struct {
EnableDebugger bool `json:"EnableDebugger,omitempty"`
ApplySecureBootTemplate string `json:"ApplySecureBootTemplate,omitempty"`
SecureBootTemplateId string `json:"SecureBootTemplateId,omitempty"`
BootThis *UefiBootEntry `json:"BootThis,omitempty"`

2
vendor/github.com/Microsoft/hcsshim/internal/hcs/schema2/virtual_machine.go generated vendored
View File

@@ -29,4 +29,6 @@ type VirtualMachine struct {
StorageQoS *StorageQoS `json:"StorageQoS,omitempty"`
GuestConnection *GuestConnection `json:"GuestConnection,omitempty"`
SecuritySettings *SecuritySettings `json:"SecuritySettings,omitempty"`
}

2
vendor/github.com/Microsoft/hcsshim/internal/hcs/service.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hcs
import (

27
vendor/github.com/Microsoft/hcsshim/internal/hcs/system.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hcs
import (
@@ -55,7 +57,7 @@ func CreateComputeSystem(ctx context.Context, id string, hcsDocumentInterface in
// hcsCreateComputeSystemContext is an async operation. Start the outer span
// here to measure the full create time.
ctx, span := trace.StartSpan(ctx, operation)
ctx, span := oc.StartSpan(ctx, operation)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("cid", id))
@@ -190,7 +192,7 @@ func (computeSystem *System) Start(ctx context.Context) (err error) {
// hcsStartComputeSystemContext is an async operation. Start the outer span
// here to measure the full start time.
ctx, span := trace.StartSpan(ctx, operation)
ctx, span := oc.StartSpan(ctx, operation)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("cid", computeSystem.id))
@@ -265,7 +267,7 @@ func (computeSystem *System) Terminate(ctx context.Context) error {
// safe to call multiple times.
func (computeSystem *System) waitBackground() {
operation := "hcs::System::waitBackground"
ctx, span := trace.StartSpan(context.Background(), operation)
ctx, span := oc.StartSpan(context.Background(), operation)
defer span.End()
span.AddAttributes(trace.StringAttribute("cid", computeSystem.id))
@@ -495,7 +497,7 @@ func (computeSystem *System) PropertiesV2(ctx context.Context, types ...hcsschem
if err == nil && len(fallbackTypes) == 0 {
return properties, nil
} else if err != nil {
logEntry.WithError(fmt.Errorf("failed to query compute system properties in-proc: %w", err))
logEntry = logEntry.WithError(fmt.Errorf("failed to query compute system properties in-proc: %w", err))
fallbackTypes = types
}
@@ -529,7 +531,7 @@ func (computeSystem *System) Pause(ctx context.Context) (err error) {
// hcsPauseComputeSystemContext is an async peration. Start the outer span
// here to measure the full pause time.
ctx, span := trace.StartSpan(ctx, operation)
ctx, span := oc.StartSpan(ctx, operation)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("cid", computeSystem.id))
@@ -556,7 +558,7 @@ func (computeSystem *System) Resume(ctx context.Context) (err error) {
// hcsResumeComputeSystemContext is an async operation. Start the outer span
// here to measure the full restore time.
ctx, span := trace.StartSpan(ctx, operation)
ctx, span := oc.StartSpan(ctx, operation)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("cid", computeSystem.id))
@@ -581,9 +583,9 @@ func (computeSystem *System) Resume(ctx context.Context) (err error) {
func (computeSystem *System) Save(ctx context.Context, options interface{}) (err error) {
operation := "hcs::System::Save"
// hcsSaveComputeSystemContext is an async peration. Start the outer span
// hcsSaveComputeSystemContext is an async operation. Start the outer span
// here to measure the full save time.
ctx, span := trace.StartSpan(ctx, operation)
ctx, span := oc.StartSpan(ctx, operation)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("cid", computeSystem.id))
@@ -626,6 +628,11 @@ func (computeSystem *System) createProcess(ctx context.Context, operation string
processInfo, processHandle, resultJSON, err := vmcompute.HcsCreateProcess(ctx, computeSystem.handle, configuration)
events := processHcsResult(ctx, resultJSON)
if err != nil {
if v2, ok := c.(*hcsschema.ProcessParameters); ok {
operation += ": " + v2.CommandLine
} else if v1, ok := c.(*schema1.ProcessConfig); ok {
operation += ": " + v1.CommandLine
}
return nil, nil, makeSystemError(computeSystem, operation, err, events)
}
@@ -692,7 +699,7 @@ func (computeSystem *System) OpenProcess(ctx context.Context, pid int) (*Process
// Close cleans up any state associated with the compute system but does not terminate or wait for it.
func (computeSystem *System) Close() (err error) {
operation := "hcs::System::Close"
ctx, span := trace.StartSpan(context.Background(), operation)
ctx, span := oc.StartSpan(context.Background(), operation)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("cid", computeSystem.id))
@@ -762,7 +769,7 @@ func (computeSystem *System) unregisterCallback(ctx context.Context) error {
return nil
}
// hcsUnregisterComputeSystemCallback has its own syncronization
// hcsUnregisterComputeSystemCallback has its own synchronization
// to wait for all callbacks to complete. We must NOT hold the callbackMapLock.
err := vmcompute.HcsUnregisterComputeSystemCallback(ctx, handle)
if err != nil {

2
vendor/github.com/Microsoft/hcsshim/internal/hcs/utils.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hcs
import (

2
vendor/github.com/Microsoft/hcsshim/internal/hcs/waithelper.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hcs
import (

1
vendor/github.com/Microsoft/hcsshim/internal/hcserror/doc.go generated vendored Normal file
View File

@@ -0,0 +1 @@
package hcserror

2
vendor/github.com/Microsoft/hcsshim/internal/hcserror/hcserror.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hcserror
import (

1
vendor/github.com/Microsoft/hcsshim/internal/hns/doc.go generated vendored Normal file
View File

@@ -0,0 +1 @@
package hns

4
vendor/github.com/Microsoft/hcsshim/internal/hns/hnsendpoint.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hns
import (
@@ -146,7 +148,6 @@ func (endpoint *HNSEndpoint) IsAttached(vID string) (bool, error) {
}
return false, nil
}
// Create Endpoint by sending EndpointRequest to HNS. TODO: Create a separate HNS interface to place all these methods
@@ -281,7 +282,6 @@ func (endpoint *HNSEndpoint) HostAttach(compartmentID uint16) error {
return err
}
return hnsCall("POST", "/endpoints/"+endpoint.Id+"/attach", string(jsonString), &response)
}
// HostDetach detaches a nic on the host

2
vendor/github.com/Microsoft/hcsshim/internal/hns/hnsfuncs.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hns
import (

2
vendor/github.com/Microsoft/hcsshim/internal/hns/hnsglobals.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hns
type HNSGlobals struct {

9
vendor/github.com/Microsoft/hcsshim/internal/hns/hnsnetwork.go generated vendored
View File

@@ -1,13 +1,16 @@
//go:build windows
package hns
import (
"encoding/json"
"errors"
"github.com/sirupsen/logrus"
"net"
"github.com/sirupsen/logrus"
)
// Subnet is assoicated with a network and represents a list
// Subnet is associated with a network and represents a list
// of subnets available to the network
type Subnet struct {
AddressPrefix string `json:",omitempty"`
@@ -15,7 +18,7 @@ type Subnet struct {
Policies []json.RawMessage `json:",omitempty"`
}
// MacPool is assoicated with a network and represents a list
// MacPool is associated with a network and represents a list
// of macaddresses available to the network
type MacPool struct {
StartMacAddress string `json:",omitempty"`

18
vendor/github.com/Microsoft/hcsshim/internal/hns/hnspolicy.go generated vendored
View File

@@ -94,15 +94,15 @@ type ACLPolicy struct {
InternalPort uint16 `json:",omitempty"`
Action ActionType
Direction DirectionType
LocalAddresses string `json:",omitempty"`
RemoteAddresses string `json:",omitempty"`
LocalPorts string `json:"LocalPorts,omitempty"`
LocalPort uint16 `json:",omitempty"`
RemotePorts string `json:"RemotePorts,omitempty"`
RemotePort uint16 `json:",omitempty"`
RuleType RuleType `json:"RuleType,omitempty"`
Priority uint16 `json:",omitempty"`
ServiceName string `json:",omitempty"`
LocalAddresses string `json:",omitempty"`
RemoteAddresses string `json:",omitempty"`
LocalPorts string `json:"LocalPorts,omitempty"`
LocalPort uint16 `json:",omitempty"`
RemotePorts string `json:"RemotePorts,omitempty"`
RemotePort uint16 `json:",omitempty"`
RuleType RuleType `json:"RuleType,omitempty"`
Priority uint16 `json:",omitempty"`
ServiceName string `json:",omitempty"`
}
type Policy struct {

2
vendor/github.com/Microsoft/hcsshim/internal/hns/hnspolicylist.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hns
import (

2
vendor/github.com/Microsoft/hcsshim/internal/hns/hnssupport.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hns
import (

2
vendor/github.com/Microsoft/hcsshim/internal/hns/namespace.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package hns
import (

1
vendor/github.com/Microsoft/hcsshim/internal/interop/doc.go generated vendored Normal file
View File

@@ -0,0 +1 @@
package interop

2
vendor/github.com/Microsoft/hcsshim/internal/interop/interop.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package interop
import (

8
vendor/github.com/Microsoft/hcsshim/internal/jobobject/doc.go generated vendored Normal file
View File

@@ -0,0 +1,8 @@
// This package provides higher level constructs for the win32 job object API.
// Most of the core creation and management functions are already present in "golang.org/x/sys/windows"
// (CreateJobObject, AssignProcessToJobObject, etc.) as well as most of the limit information
// structs and associated limit flags. Whatever is not present from the job object API
// in golang.org/x/sys/windows is located in /internal/winapi.
//
// https://docs.microsoft.com/en-us/windows/win32/procthread/job-objects
package jobobject

2
vendor/github.com/Microsoft/hcsshim/internal/jobobject/iocp.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package jobobject
import (

155
vendor/github.com/Microsoft/hcsshim/internal/jobobject/jobobject.go generated vendored
View File

@@ -1,10 +1,15 @@
//go:build windows
package jobobject
import (
"context"
"errors"
"fmt"
"os"
"path/filepath"
"sync"
"sync/atomic"
"unsafe"
"github.com/Microsoft/hcsshim/internal/queue"
@@ -12,19 +17,14 @@ import (
"golang.org/x/sys/windows"
)
// This file provides higher level constructs for the win32 job object API.
// Most of the core creation and management functions are already present in "golang.org/x/sys/windows"
// (CreateJobObject, AssignProcessToJobObject, etc.) as well as most of the limit information
// structs and associated limit flags. Whatever is not present from the job object API
// in golang.org/x/sys/windows is located in /internal/winapi.
//
// https://docs.microsoft.com/en-us/windows/win32/procthread/job-objects
// JobObject is a high level wrapper around a Windows job object. Holds a handle to
// the job, a queue to receive iocp notifications about the lifecycle
// of the job and a mutex for synchronized handle access.
type JobObject struct {
handle windows.Handle
handle windows.Handle
// All accesses to this MUST be done atomically except in `Open` as the object
// is being created in the function. 1 signifies that this job is currently a silo.
silo uint32
mq *queue.MessageQueue
handleLock sync.RWMutex
}
@@ -56,6 +56,7 @@ const (
var (
ErrAlreadyClosed = errors.New("the handle has already been closed")
ErrNotRegistered = errors.New("job is not registered to receive notifications")
ErrNotSilo = errors.New("job is not a silo")
)
// Options represents the set of configurable options when making or opening a job object.
@@ -68,6 +69,9 @@ type Options struct {
// `UseNTVariant` specifies if we should use the `Nt` variant of Open/CreateJobObject.
// Defaults to false.
UseNTVariant bool
// `Silo` specifies to promote the job to a silo. This additionally sets the flag
// JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE as it is required for the upgrade to complete.
Silo bool
// `IOTracking` enables tracking I/O statistics on the job object. More specifically this
// calls SetInformationJobObject with the JobObjectIoAttribution class.
EnableIOTracking bool
@@ -143,6 +147,16 @@ func Create(ctx context.Context, options *Options) (_ *JobObject, err error) {
}
}
if options.Silo {
// This is a required setting for upgrading to a silo.
if err := job.SetTerminateOnLastHandleClose(); err != nil {
return nil, err
}
if err := job.PromoteToSilo(); err != nil {
return nil, err
}
}
return job, nil
}
@@ -163,7 +177,7 @@ func Open(ctx context.Context, options *Options) (_ *JobObject, err error) {
}
var jobHandle windows.Handle
if options != nil && options.UseNTVariant {
if options.UseNTVariant {
oa := winapi.ObjectAttributes{
Length: unsafe.Sizeof(winapi.ObjectAttributes{}),
ObjectName: unicodeJobName,
@@ -174,7 +188,7 @@ func Open(ctx context.Context, options *Options) (_ *JobObject, err error) {
return nil, winapi.RtlNtStatusToDosError(status)
}
} else {
jobHandle, err = winapi.OpenJobObject(winapi.JOB_OBJECT_ALL_ACCESS, false, unicodeJobName.Buffer)
jobHandle, err = winapi.OpenJobObject(winapi.JOB_OBJECT_ALL_ACCESS, 0, unicodeJobName.Buffer)
if err != nil {
return nil, err
}
@@ -190,9 +204,13 @@ func Open(ctx context.Context, options *Options) (_ *JobObject, err error) {
handle: jobHandle,
}
if isJobSilo(jobHandle) {
job.silo = 1
}
// If the IOCP we'll be using to receive messages for all jobs hasn't been
// created, create it and start polling.
if options != nil && options.Notifications {
if options.Notifications {
mq, err := setupNotifications(ctx, job)
if err != nil {
return nil, err
@@ -450,6 +468,119 @@ func (job *JobObject) QueryStorageStats() (*winapi.JOBOBJECT_IO_ATTRIBUTION_INFO
return &info, nil
}
// ApplyFileBinding makes a file binding using the Bind Filter from target to root. If the job has
// not been upgraded to a silo this call will fail. The binding is only applied and visible for processes
// running in the job, any processes on the host or in another job will not be able to see the binding.
func (job *JobObject) ApplyFileBinding(root, target string, merged bool) error {
job.handleLock.RLock()
defer job.handleLock.RUnlock()
if job.handle == 0 {
return ErrAlreadyClosed
}
if !job.isSilo() {
return ErrNotSilo
}
// The parent directory needs to exist for the bind to work. MkdirAll stats and
// returns nil if the directory exists internally so we should be fine to mkdirall
// every time.
if err := os.MkdirAll(filepath.Dir(root), 0); err != nil {
return err
}
rootPtr, err := windows.UTF16PtrFromString(root)
if err != nil {
return err
}
targetPtr, err := windows.UTF16PtrFromString(target)
if err != nil {
return err
}
flags := winapi.BINDFLT_FLAG_USE_CURRENT_SILO_MAPPING
if merged {
flags |= winapi.BINDFLT_FLAG_MERGED_BIND_MAPPING
}
if err := winapi.BfSetupFilter(
job.handle,
flags,
rootPtr,
targetPtr,
nil,
0,
); err != nil {
return fmt.Errorf("failed to bind target %q to root %q for job object: %w", target, root, err)
}
return nil
}
// isJobSilo is a helper to determine if a job object that was opened is a silo. This should ONLY be called
// from `Open` and any callers in this package afterwards should use `job.isSilo()`
func isJobSilo(h windows.Handle) bool {
// None of the information from the structure that this info class expects will be used, this is just used as
// the call will fail if the job hasn't been upgraded to a silo so we can use this to tell when we open a job
// if it's a silo or not. Because none of the info matters simply define a dummy struct with the size that the call
// expects which is 16 bytes.
type isSiloObj struct {
_ [16]byte
}
var siloInfo isSiloObj
err := winapi.QueryInformationJobObject(
h,
winapi.JobObjectSiloBasicInformation,
unsafe.Pointer(&siloInfo),
uint32(unsafe.Sizeof(siloInfo)),
nil,
)
return err == nil
}
// PromoteToSilo promotes a job object to a silo. There must be no running processess
// in the job for this to succeed. If the job is already a silo this is a no-op.
func (job *JobObject) PromoteToSilo() error {
job.handleLock.RLock()
defer job.handleLock.RUnlock()
if job.handle == 0 {
return ErrAlreadyClosed
}
if job.isSilo() {
return nil
}
pids, err := job.Pids()
if err != nil {
return err
}
if len(pids) != 0 {
return fmt.Errorf("job cannot have running processes to be promoted to a silo, found %d running processes", len(pids))
}
_, err = windows.SetInformationJobObject(
job.handle,
winapi.JobObjectCreateSilo,
0,
0,
)
if err != nil {
return fmt.Errorf("failed to promote job to silo: %w", err)
}
atomic.StoreUint32(&job.silo, 1)
return nil
}
// isSilo returns if the job object is a silo.
func (job *JobObject) isSilo() bool {
return atomic.LoadUint32(&job.silo) == 1
}
// QueryPrivateWorkingSet returns the private working set size for the job. This is calculated by adding up the
// private working set for every process running in the job.
func (job *JobObject) QueryPrivateWorkingSet() (uint64, error) {

2
vendor/github.com/Microsoft/hcsshim/internal/jobobject/limits.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package jobobject
import (

116
vendor/github.com/Microsoft/hcsshim/internal/log/context.go generated vendored Normal file
View File

@@ -0,0 +1,116 @@
package log
import (
"context"
"github.com/sirupsen/logrus"
"go.opencensus.io/trace"
)
type entryContextKeyType int
const _entryContextKey entryContextKeyType = iota
var (
// L is the default, blank logging entry. WithField and co. all return a copy
// of the original entry, so this will not leak fields between calls.
//
// Do NOT modify fields directly, as that will corrupt state for all users and
// is not thread safe.
// Instead, use `L.With*` or `L.Dup()`. Or `G(context.Background())`.
L = logrus.NewEntry(logrus.StandardLogger())
// G is an alias for GetEntry
G = GetEntry
// S is an alias for SetEntry
S = SetEntry
// U is an alias for UpdateContext
U = UpdateContext
)
// GetEntry returns a `logrus.Entry` stored in the context, if one exists.
// Otherwise, it returns a default entry that points to the current context.
//
// Note: if the a new entry is returned, it will reference the passed in context.
// However, existing contexts may be stored in parent contexts and additionally reference
// earlier contexts.
// Use `UpdateContext` to update the entry and context.
func GetEntry(ctx context.Context) *logrus.Entry {
entry := fromContext(ctx)
if entry == nil {
entry = L.WithContext(ctx)
}
return entry
}
// SetEntry updates the log entry in the context with the provided fields, and
// returns both. It is equivlent to:
// entry := GetEntry(ctx).WithFields(fields)
// ctx = WithContext(ctx, entry)
//
// See WithContext for more information.
func SetEntry(ctx context.Context, fields logrus.Fields) (context.Context, *logrus.Entry) {
e := GetEntry(ctx)
if len(fields) > 0 {
e = e.WithFields(fields)
}
return WithContext(ctx, e)
}
// UpdateContext extracts the log entry from the context, and, if the entry's
// context points to a parent's of the current context, ands the entry
// to the most recent context. It is equivlent to:
// entry :=GetEntry(ctx)
// ctx = WithContext(ctx, entry)
//
// This allows the entry to reference the most recent context and any new
// values (such as span contexts) added to it.
//
// See WithContext for more information.
func UpdateContext(ctx context.Context) context.Context {
// there is no way to check its ctx (and not one of its parents) that contains `e`
// so, at a slight cost, force add `e` to the context
ctx, _ = WithContext(ctx, GetEntry(ctx))
return ctx
}
// WithContext returns a context that contains the provided log entry.
// The entry can be extracted with `GetEntry` (`G`)
//
// The entry in the context is a copy of `entry` (generated by `entry.WithContext`)
func WithContext(ctx context.Context, entry *logrus.Entry) (context.Context, *logrus.Entry) {
// regardless of the order, entry.Context != GetEntry(ctx)
// here, the returned entry will reference the supplied context
entry = entry.WithContext(ctx)
ctx = context.WithValue(ctx, _entryContextKey, entry)
return ctx, entry
}
// Copy extracts the tracing Span and logging entry from the src Context, if they
// exist, and adds them to the dst Context.
//
// This is useful to share tracing and logging between contexts, but not the
// cancellation. For example, if the src Context has been cancelled but cleanup
// operations triggered by the cancellation require a non-cancelled context to
// execute.
func Copy(dst context.Context, src context.Context) context.Context {
if s := trace.FromContext(src); s != nil {
dst = trace.NewContext(dst, s)
}
if e := fromContext(src); e != nil {
dst, _ = WithContext(dst, e)
}
return dst
}
func fromContext(ctx context.Context) *logrus.Entry {
e, _ := ctx.Value(_entryContextKey).(*logrus.Entry)
return e
}

23
vendor/github.com/Microsoft/hcsshim/internal/log/g.go generated vendored
View File

@@ -1,23 +0,0 @@
package log
import (
"context"
"github.com/sirupsen/logrus"
"go.opencensus.io/trace"
)
// G returns a `logrus.Entry` with the `TraceID, SpanID` from `ctx` if `ctx`
// contains an OpenCensus `trace.Span`.
func G(ctx context.Context) *logrus.Entry {
span := trace.FromContext(ctx)
if span != nil {
sctx := span.SpanContext()
return logrus.WithFields(logrus.Fields{
"traceID": sctx.TraceID.String(),
"spanID": sctx.SpanID.String(),
// "parentSpanID": TODO: JTERRY75 - Try to convince OC to export this?
})
}
return logrus.NewEntry(logrus.StandardLogger())
}

45
vendor/github.com/Microsoft/hcsshim/internal/log/hook.go generated vendored Normal file
View File

@@ -0,0 +1,45 @@
package log
import (
"github.com/Microsoft/hcsshim/internal/logfields"
"github.com/sirupsen/logrus"
"go.opencensus.io/trace"
)
// Hook serves to intercept and format `logrus.Entry`s before they are passed
// to the ETW hook.
//
// The containerd shim discards the (formatted) logrus output, and outputs only via ETW.
// The Linux GCS outputs logrus entries over stdout, which is consumed by the shim and
// then re-output via the ETW hook.
type Hook struct{}
var _ logrus.Hook = &Hook{}
func NewHook() *Hook {
return &Hook{}
}
func (h *Hook) Levels() []logrus.Level {
return logrus.AllLevels
}
func (h *Hook) Fire(e *logrus.Entry) (err error) {
h.addSpanContext(e)
return nil
}
func (h *Hook) addSpanContext(e *logrus.Entry) {
ctx := e.Context
if ctx == nil {
return
}
span := trace.FromContext(ctx)
if span == nil {
return
}
sctx := span.SpanContext()
e.Data[logfields.TraceID] = sctx.TraceID.String()
e.Data[logfields.SpanID] = sctx.SpanID.String()
}

194
vendor/github.com/Microsoft/hcsshim/internal/log/scrub.go generated vendored Normal file
View File

@@ -0,0 +1,194 @@
package log
import (
"bytes"
"encoding/json"
"errors"
"strings"
"sync/atomic"
hcsschema "github.com/Microsoft/hcsshim/internal/hcs/schema2"
)
// This package scrubs objects of potentially sensitive information to pass to logging
type genMap = map[string]interface{}
type scrubberFunc func(genMap) error
const _scrubbedReplacement = "<scrubbed>"
var (
ErrUnknownType = errors.New("encoded object is of unknown type")
// case sensitive keywords, so "env" is not a substring on "Environment"
_scrubKeywords = [][]byte{[]byte("env"), []byte("Environment")}
_scrub int32
)
// SetScrubbing enables scrubbing
func SetScrubbing(enable bool) {
v := int32(0) // cant convert from bool to int32 directly
if enable {
v = 1
}
atomic.StoreInt32(&_scrub, v)
}
// IsScrubbingEnabled checks if scrubbing is enabled
func IsScrubbingEnabled() bool {
v := atomic.LoadInt32(&_scrub)
return v != 0
}
// ScrubProcessParameters scrubs HCS Create Process requests with config parameters of
// type internal/hcs/schema2.ScrubProcessParameters (aka hcsshema.ScrubProcessParameters)
func ScrubProcessParameters(s string) (string, error) {
// todo: deal with v1 ProcessConfig
b := []byte(s)
if !IsScrubbingEnabled() || !hasKeywords(b) || !json.Valid(b) {
return s, nil
}
pp := hcsschema.ProcessParameters{}
if err := json.Unmarshal(b, &pp); err != nil {
return "", err
}
pp.Environment = map[string]string{_scrubbedReplacement: _scrubbedReplacement}
buf := bytes.NewBuffer(b[:0])
if err := encode(buf, pp); err != nil {
return "", err
}
return strings.TrimSpace(buf.String()), nil
}
// ScrubBridgeCreate scrubs requests sent over the bridge of type
// internal/gcs/protocol.containerCreate wrapping an internal/hcsoci.linuxHostedSystem
func ScrubBridgeCreate(b []byte) ([]byte, error) {
return scrubBytes(b, scrubBridgeCreate)
}
func scrubBridgeCreate(m genMap) error {
if !isRequestBase(m) {
return ErrUnknownType
}
if ss, ok := m["ContainerConfig"]; ok {
// ContainerConfig is a json encoded struct passed as a regular string field
s, ok := ss.(string)
if !ok {
return ErrUnknownType
}
b, err := scrubBytes([]byte(s), scrubLinuxHostedSystem)
if err != nil {
return err
}
m["ContainerConfig"] = string(b)
return nil
}
return ErrUnknownType
}
func scrubLinuxHostedSystem(m genMap) error {
if m, ok := index(m, "OciSpecification"); ok {
if _, ok := m["annotations"]; ok {
m["annotations"] = map[string]string{_scrubbedReplacement: _scrubbedReplacement}
}
if m, ok := index(m, "process"); ok {
if _, ok := m["env"]; ok {
m["env"] = []string{_scrubbedReplacement}
return nil
}
}
}
return ErrUnknownType
}
// ScrubBridgeExecProcess scrubs requests sent over the bridge of type
// internal/gcs/protocol.containerExecuteProcess
func ScrubBridgeExecProcess(b []byte) ([]byte, error) {
return scrubBytes(b, scrubExecuteProcess)
}
func scrubExecuteProcess(m genMap) error {
if !isRequestBase(m) {
return ErrUnknownType
}
if m, ok := index(m, "Settings"); ok {
if ss, ok := m["ProcessParameters"]; ok {
// ProcessParameters is a json encoded struct passed as a regular sting field
s, ok := ss.(string)
if !ok {
return ErrUnknownType
}
s, err := ScrubProcessParameters(s)
if err != nil {
return err
}
m["ProcessParameters"] = s
return nil
}
}
return ErrUnknownType
}
func scrubBytes(b []byte, scrub scrubberFunc) ([]byte, error) {
if !IsScrubbingEnabled() || !hasKeywords(b) || !json.Valid(b) {
return b, nil
}
m := make(genMap)
if err := json.Unmarshal(b, &m); err != nil {
return nil, err
}
// could use regexp, but if the env strings contain braces, the regexp fails
// parsing into individual structs would require access to private structs
if err := scrub(m); err != nil {
return nil, err
}
buf := &bytes.Buffer{}
if err := encode(buf, m); err != nil {
return nil, err
}
return bytes.TrimSpace(buf.Bytes()), nil
}
func encode(buf *bytes.Buffer, v interface{}) error {
enc := json.NewEncoder(buf)
enc.SetEscapeHTML(false)
if err := enc.Encode(v); err != nil {
return err
}
return nil
}
func isRequestBase(m genMap) bool {
// neither of these are (currently) `omitempty`
_, a := m["ActivityId"]
_, c := m["ContainerId"]
return a && c
}
// combination `m, ok := m[s]` and `m, ok := m.(genMap)`
func index(m genMap, s string) (genMap, bool) {
if m, ok := m[s]; ok {
mm, ok := m.(genMap)
return mm, ok
}
return m, false
}
func hasKeywords(b []byte) bool {
for _, bb := range _scrubKeywords {
if bytes.Contains(b, bb) {
return true
}
}
return false
}

35
vendor/github.com/Microsoft/hcsshim/internal/logfields/fields.go generated vendored
View File

@@ -3,21 +3,44 @@ package logfields
const (
// Identifiers
Name = "name"
Namespace = "namespace"
Operation = "operation"
ID = "id"
SandboxID = "sid"
ContainerID = "cid"
UVMID = "uvm-id"
ExecID = "eid"
ProcessID = "pid"
TaskID = "tid"
UVMID = "uvm-id"
// networking and IO
File = "file"
Path = "path"
Bytes = "bytes"
Pipe = "pipe"
// Common Misc
// Timeout represents an operation timeout.
Timeout = "timeout"
Attempt = "attemptNo"
JSON = "json"
// Time
StartTime = "startTime"
EndTime = "endTime"
Duration = "duration"
Timeout = "timeout"
// Keys/values
Field = "field"
Key = "key"
OCIAnnotation = "oci-annotation"
Value = "value"
Options = "options"
// Golang type's
@@ -29,4 +52,10 @@ const (
// runhcs
VMShimOperation = "vmshim-op"
// logging and tracing
TraceID = "traceID"
SpanID = "spanID"
ParentSpanID = "parentSpanID"
)

316
vendor/github.com/Microsoft/hcsshim/internal/memory/pool.go generated vendored Normal file
View File

@@ -0,0 +1,316 @@
package memory
import (
"github.com/pkg/errors"
)
const (
minimumClassSize = MiB
maximumClassSize = 4 * GiB
memoryClassNumber = 7
)
var (
ErrInvalidMemoryClass = errors.New("invalid memory class")
ErrEarlyMerge = errors.New("not all children have been freed")
ErrEmptyPoolOperation = errors.New("operation on empty pool")
)
// GetMemoryClassType returns the minimum memory class type that can hold a device of
// a given size. The smallest class is 1MB and the largest one is 4GB with 2 bit offset
// intervals in between, for a total of 7 different classes. This function does not
// do a validity check
func GetMemoryClassType(s uint64) classType {
s = (s - 1) >> 20
memCls := uint32(0)
for s > 0 {
s = s >> 2
memCls++
}
return classType(memCls)
}
// GetMemoryClassSize returns size in bytes for a given memory class
func GetMemoryClassSize(memCls classType) (uint64, error) {
if memCls >= memoryClassNumber {
return 0, ErrInvalidMemoryClass
}
return minimumClassSize << (2 * memCls), nil
}
// region represents a contiguous memory block
type region struct {
// parent region that has been split into 4
parent *region
class classType
// offset represents offset in bytes
offset uint64
}
// memoryPool tracks free and busy (used) memory regions
type memoryPool struct {
free map[uint64]*region
busy map[uint64]*region
}
// PoolAllocator implements a memory allocation strategy similar to buddy-malloc https://github.com/evanw/buddy-malloc/blob/master/buddy-malloc.c
// We borrow the idea of spanning a tree of fixed size regions on top of a contiguous memory
// space.
//
// There are a total of 7 different region sizes that can be allocated, with the smallest
// being 1MB and the largest 4GB (the default maximum size of a Virtual PMem device).
//
// For efficiency and to reduce fragmentation an entire region is allocated when requested.
// When there's no available region of requested size, we try to allocate more memory for
// this particular size by splitting the next available larger region into smaller ones, e.g.
// if there's no region available for size class 0, we try splitting a region from class 1,
// then class 2 etc, until we are able to do so or hit the upper limit.
type PoolAllocator struct {
pools [memoryClassNumber]*memoryPool
}
var _ MappedRegion = &region{}
var _ Allocator = &PoolAllocator{}
func (r *region) Offset() uint64 {
return r.offset
}
func (r *region) Size() uint64 {
sz, err := GetMemoryClassSize(r.class)
if err != nil {
panic(err)
}
return sz
}
func (r *region) Type() classType {
return r.class
}
func newEmptyMemoryPool() *memoryPool {
return &memoryPool{
free: make(map[uint64]*region),
busy: make(map[uint64]*region),
}
}
func NewPoolMemoryAllocator() PoolAllocator {
pa := PoolAllocator{}
p := newEmptyMemoryPool()
// by default we allocate a single region with maximum possible size (class type)
p.free[0] = &region{
class: memoryClassNumber - 1,
offset: 0,
}
pa.pools[memoryClassNumber-1] = p
return pa
}
// Allocate checks memory region pool for the given `size` and returns a free region with
// minimal offset, if none available tries expanding matched memory pool.
//
// Internally it's done via moving a region from free pool into a busy pool
func (pa *PoolAllocator) Allocate(size uint64) (MappedRegion, error) {
memCls := GetMemoryClassType(size)
if memCls >= memoryClassNumber {
return nil, ErrInvalidMemoryClass
}
// find region with the smallest offset
nextCls, nextOffset, err := pa.findNextOffset(memCls)
if err != nil {
return nil, err
}
// this means that there are no more regions for the current class, try expanding
if nextCls != memCls {
if err := pa.split(memCls); err != nil {
if err == ErrInvalidMemoryClass {
return nil, ErrNotEnoughSpace
}
return nil, err
}
}
if err := pa.markBusy(memCls, nextOffset); err != nil {
return nil, err
}
// by this point memory pool for memCls should have been created,
// either prior or during split call
if r := pa.pools[memCls].busy[nextOffset]; r != nil {
return r, nil
}
return nil, ErrNotEnoughSpace
}
// Release marks a memory region of class `memCls` and offset `offset` as free and tries to merge smaller regions into
// a bigger one
func (pa *PoolAllocator) Release(reg MappedRegion) error {
mp := pa.pools[reg.Type()]
if mp == nil {
return ErrEmptyPoolOperation
}
err := pa.markFree(reg.Type(), reg.Offset())
if err != nil {
return err
}
n := mp.free[reg.Offset()]
if n == nil {
return ErrNotAllocated
}
if err := pa.merge(n.parent); err != nil {
if err != ErrEarlyMerge {
return err
}
}
return nil
}
// findNextOffset finds next region location for a given memCls
func (pa *PoolAllocator) findNextOffset(memCls classType) (classType, uint64, error) {
for mc := memCls; mc < memoryClassNumber; mc++ {
pi := pa.pools[mc]
if pi == nil || len(pi.free) == 0 {
continue
}
target := uint64(maximumClassSize)
for offset := range pi.free {
if offset < target {
target = offset
}
}
return mc, target, nil
}
return 0, 0, ErrNotEnoughSpace
}
// split tries to recursively split a bigger memory region into smaller ones until it succeeds or hits the upper limit
func (pa *PoolAllocator) split(clsType classType) error {
nextClsType := clsType + 1
if nextClsType >= memoryClassNumber {
return ErrInvalidMemoryClass
}
nextPool := pa.pools[nextClsType]
if nextPool == nil {
nextPool = newEmptyMemoryPool()
pa.pools[nextClsType] = nextPool
}
cls, offset, err := pa.findNextOffset(nextClsType)
if err != nil {
return err
}
// not enough memory in the next class, try to recursively expand
if cls != nextClsType {
if err := pa.split(nextClsType); err != nil {
return err
}
}
if err := pa.markBusy(nextClsType, offset); err != nil {
return err
}
// memCls validity has been checked already, we can ignore the error
clsSize, _ := GetMemoryClassSize(clsType)
nextReg := nextPool.busy[offset]
if nextReg == nil {
return ErrNotAllocated
}
// expand memCls
cp := pa.pools[clsType]
if cp == nil {
cp = newEmptyMemoryPool()
pa.pools[clsType] = cp
}
// create 4 smaller regions
for i := uint64(0); i < 4; i++ {
offset := nextReg.offset + i*clsSize
reg := &region{
parent: nextReg,
class: clsType,
offset: offset,
}
cp.free[offset] = reg
}
return nil
}
func (pa *PoolAllocator) merge(parent *region) error {
// nothing to merge
if parent == nil {
return nil
}
childCls := parent.class - 1
childPool := pa.pools[childCls]
// no child nodes to merge, try to merge parent
if childPool == nil {
return pa.merge(parent.parent)
}
childSize, err := GetMemoryClassSize(childCls)
if err != nil {
return err
}
// check if all the child nodes are free
var children []*region
for i := uint64(0); i < 4; i++ {
child, free := childPool.free[parent.offset+i*childSize]
if !free {
return ErrEarlyMerge
}
children = append(children, child)
}
// at this point all the child nodes will be free and we can merge
for _, child := range children {
delete(childPool.free, child.offset)
}
if err := pa.markFree(parent.class, parent.offset); err != nil {
return err
}
return pa.merge(parent.parent)
}
// markFree internally moves a region with `offset` from busy to free map
func (pa *PoolAllocator) markFree(memCls classType, offset uint64) error {
clsPool := pa.pools[memCls]
if clsPool == nil {
return ErrEmptyPoolOperation
}
if reg, exists := clsPool.busy[offset]; exists {
clsPool.free[offset] = reg
delete(clsPool.busy, offset)
return nil
}
return ErrNotAllocated
}
// markBusy internally moves a region with `offset` from free to busy map
func (pa *PoolAllocator) markBusy(memCls classType, offset uint64) error {
clsPool := pa.pools[memCls]
if clsPool == nil {
return ErrEmptyPoolOperation
}
if reg, exists := clsPool.free[offset]; exists {
clsPool.busy[offset] = reg
delete(clsPool.free, offset)
return nil
}
return ErrNotAllocated
}

28
vendor/github.com/Microsoft/hcsshim/internal/memory/types.go generated vendored Normal file
View File

@@ -0,0 +1,28 @@
package memory
import "github.com/pkg/errors"
type classType uint32
const (
MiB = 1024 * 1024
GiB = 1024 * MiB
)
var (
ErrNotEnoughSpace = errors.New("not enough space")
ErrNotAllocated = errors.New("no memory allocated at the given offset")
)
// MappedRegion represents a memory block with an offset
type MappedRegion interface {
Offset() uint64
Size() uint64
Type() classType
}
// Allocator is an interface for memory allocation
type Allocator interface {
Allocate(uint64) (MappedRegion, error)
Release(MappedRegion) error
}

31
vendor/github.com/Microsoft/hcsshim/internal/oc/span.go generated vendored
View File

@@ -1,9 +1,14 @@
package oc
import (
"context"
"github.com/Microsoft/hcsshim/internal/log"
"go.opencensus.io/trace"
)
var DefaultSampler = trace.AlwaysSample()
// SetSpanStatus sets `span.SetStatus` to the proper status depending on `err`. If
// `err` is `nil` assumes `trace.StatusCodeOk`.
func SetSpanStatus(span *trace.Span, err error) {
@@ -15,3 +20,29 @@ func SetSpanStatus(span *trace.Span, err error) {
}
span.SetStatus(status)
}
// StartSpan wraps "go.opencensus.io/trace".StartSpan, but, if the span is sampling,
// adds a log entry to the context that points to the newly created span.
func StartSpan(ctx context.Context, name string, o ...trace.StartOption) (context.Context, *trace.Span) {
ctx, s := trace.StartSpan(ctx, name, o...)
return update(ctx, s)
}
// StartSpanWithRemoteParent wraps "go.opencensus.io/trace".StartSpanWithRemoteParent.
//
// See StartSpan for more information.
func StartSpanWithRemoteParent(ctx context.Context, name string, parent trace.SpanContext, o ...trace.StartOption) (context.Context, *trace.Span) {
ctx, s := trace.StartSpanWithRemoteParent(ctx, name, parent, o...)
return update(ctx, s)
}
func update(ctx context.Context, s *trace.Span) (context.Context, *trace.Span) {
if s.IsRecordingEvents() {
ctx = log.UpdateContext(ctx)
}
return ctx, s
}
var WithServerSpanKind = trace.WithSpanKind(trace.SpanKindServer)
var WithClientSpanKind = trace.WithSpanKind(trace.SpanKindClient)

56
vendor/github.com/Microsoft/hcsshim/internal/protocol/guestrequest/types.go generated vendored Normal file
View File

@@ -0,0 +1,56 @@
package guestrequest
// These are constants for v2 schema modify requests.
type RequestType string
type ResourceType string
// RequestType const
const (
RequestTypeAdd RequestType = "Add"
RequestTypeRemove RequestType = "Remove"
RequestTypePreAdd RequestType = "PreAdd" // For networking
RequestTypeUpdate RequestType = "Update"
)
type SignalValueWCOW string
const (
SignalValueWCOWCtrlC SignalValueWCOW = "CtrlC"
SignalValueWCOWCtrlBreak SignalValueWCOW = "CtrlBreak"
SignalValueWCOWCtrlClose SignalValueWCOW = "CtrlClose"
SignalValueWCOWCtrlLogOff SignalValueWCOW = "CtrlLogOff"
SignalValueWCOWCtrlShutdown SignalValueWCOW = "CtrlShutdown"
)
// ModificationRequest is for modify commands passed to the guest.
type ModificationRequest struct {
RequestType RequestType `json:"RequestType,omitempty"`
ResourceType ResourceType `json:"ResourceType,omitempty"`
Settings interface{} `json:"Settings,omitempty"`
}
type NetworkModifyRequest struct {
AdapterId string `json:"AdapterId,omitempty"` //nolint:stylecheck
RequestType RequestType `json:"RequestType,omitempty"`
Settings interface{} `json:"Settings,omitempty"`
}
type RS4NetworkModifyRequest struct {
AdapterInstanceId string `json:"AdapterInstanceId,omitempty"` //nolint:stylecheck
RequestType RequestType `json:"RequestType,omitempty"`
Settings interface{} `json:"Settings,omitempty"`
}
var (
// V5 GUIDs for SCSI controllers
// These GUIDs are created with namespace GUID "d422512d-2bf2-4752-809d-7b82b5fcb1b4"
// and index as names. For example, first GUID is created like this:
// guid.NewV5("d422512d-2bf2-4752-809d-7b82b5fcb1b4", []byte("0"))
ScsiControllerGuids = []string{
"df6d0690-79e5-55b6-a5ec-c1e2f77f580a",
"0110f83b-de10-5172-a266-78bca56bf50a",
"b5d2d8d4-3a75-51bf-945b-3444dc6b8579",
"305891a9-b251-5dfe-91a2-c25d9212275b",
}
)

1
vendor/github.com/Microsoft/hcsshim/internal/regstate/doc.go generated vendored Normal file
View File

@@ -0,0 +1 @@
package regstate

2
vendor/github.com/Microsoft/hcsshim/internal/regstate/regstate.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package regstate
import (

2
vendor/github.com/Microsoft/hcsshim/internal/runhcs/container.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package runhcs
import (

2
vendor/github.com/Microsoft/hcsshim/internal/runhcs/vm.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package runhcs
import (

1
vendor/github.com/Microsoft/hcsshim/internal/safefile/do.go generated vendored Normal file
View File

@@ -0,0 +1 @@
package safefile

31
vendor/github.com/Microsoft/hcsshim/internal/safefile/safeopen.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package safefile
import (
@@ -156,7 +158,6 @@ func LinkRelative(oldname string, oldroot *os.File, newname string, newroot *os.
if (fi.FileAttributes & syscall.FILE_ATTRIBUTE_REPARSE_POINT) != 0 {
return &os.LinkError{Op: "link", Old: oldf.Name(), New: filepath.Join(newroot.Name(), newname), Err: winapi.RtlNtStatusToDosError(winapi.STATUS_REPARSE_POINT_ENCOUNTERED)}
}
} else {
parent = newroot
}
@@ -339,6 +340,34 @@ func MkdirRelative(path string, root *os.File) error {
return err
}
// MkdirAllRelative creates each directory in the path relative to a root, failing if
// any existing intermediate path components are reparse points.
func MkdirAllRelative(path string, root *os.File) error {
pathParts := strings.Split(filepath.Clean(path), (string)(filepath.Separator))
for index := range pathParts {
partialPath := filepath.Join(pathParts[0 : index+1]...)
stat, err := LstatRelative(partialPath, root)
if err != nil {
if os.IsNotExist(err) {
if err := MkdirRelative(partialPath, root); err != nil {
return err
}
continue
}
return err
}
if !stat.IsDir() {
fullPath := filepath.Join(root.Name(), partialPath)
return &os.PathError{Op: "mkdir", Path: fullPath, Err: syscall.ENOTDIR}
}
}
return nil
}
// LstatRelative performs a stat operation on a file relative to a root, failing
// if any intermediate path components are reparse points.
func LstatRelative(path string, root *os.File) (os.FileInfo, error) {

192
vendor/github.com/Microsoft/hcsshim/internal/security/grantvmgroupaccess.go generated vendored Normal file
View File

@@ -0,0 +1,192 @@
//go:build windows
// +build windows
package security
import (
"fmt"
"os"
"syscall"
"unsafe"
)
type (
accessMask uint32
accessMode uint32
desiredAccess uint32
inheritMode uint32
objectType uint32
shareMode uint32
securityInformation uint32
trusteeForm uint32
trusteeType uint32
)
type explicitAccess struct {
//nolint:structcheck
accessPermissions accessMask
//nolint:structcheck
accessMode accessMode
//nolint:structcheck
inheritance inheritMode
//nolint:structcheck
trustee trustee
}
type trustee struct {
//nolint:unused,structcheck
multipleTrustee *trustee
//nolint:unused,structcheck
multipleTrusteeOperation int32
trusteeForm trusteeForm
trusteeType trusteeType
name uintptr
}
const (
AccessMaskNone accessMask = 0
AccessMaskRead accessMask = 1 << 31 // GENERIC_READ
AccessMaskWrite accessMask = 1 << 30 // GENERIC_WRITE
AccessMaskExecute accessMask = 1 << 29 // GENERIC_EXECUTE
AccessMaskAll accessMask = 1 << 28 // GENERIC_ALL
accessMaskDesiredPermission = AccessMaskRead
accessModeGrant accessMode = 1
desiredAccessReadControl desiredAccess = 0x20000
desiredAccessWriteDac desiredAccess = 0x40000
gvmga = "GrantVmGroupAccess:"
inheritModeNoInheritance inheritMode = 0x0
inheritModeSubContainersAndObjectsInherit inheritMode = 0x3
objectTypeFileObject objectType = 0x1
securityInformationDACL securityInformation = 0x4
shareModeRead shareMode = 0x1
shareModeWrite shareMode = 0x2
//nolint:stylecheck // ST1003
sidVmGroup = "S-1-5-83-0"
trusteeFormIsSid trusteeForm = 0
trusteeTypeWellKnownGroup trusteeType = 5
)
// GrantVmGroupAccess sets the DACL for a specified file or directory to
// include Grant ACE entries for the VM Group SID. This is a golang re-
// implementation of the same function in vmcompute, just not exported in
// RS5. Which kind of sucks. Sucks a lot :/
func GrantVmGroupAccess(name string) error { //nolint:stylecheck // ST1003
return GrantVmGroupAccessWithMask(name, accessMaskDesiredPermission)
}
// GrantVmGroupAccessWithMask sets the desired DACL for a specified file or
// directory.
func GrantVmGroupAccessWithMask(name string, access accessMask) error { //nolint:stylecheck // ST1003
if access == 0 || access<<4 != 0 {
return fmt.Errorf("invalid access mask: 0x%08x", access)
}
// Stat (to determine if `name` is a directory).
s, err := os.Stat(name)
if err != nil {
return fmt.Errorf("%s os.Stat %s: %w", gvmga, name, err)
}
// Get a handle to the file/directory. Must defer Close on success.
fd, err := createFile(name, s.IsDir())
if err != nil {
return err // Already wrapped
}
defer func() {
_ = syscall.CloseHandle(fd)
}()
// Get the current DACL and Security Descriptor. Must defer LocalFree on success.
ot := objectTypeFileObject
si := securityInformationDACL
sd := uintptr(0)
origDACL := uintptr(0)
if err := getSecurityInfo(fd, uint32(ot), uint32(si), nil, nil, &origDACL, nil, &sd); err != nil {
return fmt.Errorf("%s GetSecurityInfo %s: %w", gvmga, name, err)
}
defer func() {
_, _ = syscall.LocalFree((syscall.Handle)(unsafe.Pointer(sd)))
}()
// Generate a new DACL which is the current DACL with the required ACEs added.
// Must defer LocalFree on success.
newDACL, err := generateDACLWithAcesAdded(name, s.IsDir(), access, origDACL)
if err != nil {
return err // Already wrapped
}
defer func() {
_, _ = syscall.LocalFree((syscall.Handle)(unsafe.Pointer(newDACL)))
}()
// And finally use SetSecurityInfo to apply the updated DACL.
if err := setSecurityInfo(fd, uint32(ot), uint32(si), uintptr(0), uintptr(0), newDACL, uintptr(0)); err != nil {
return fmt.Errorf("%s SetSecurityInfo %s: %w", gvmga, name, err)
}
return nil
}
// createFile is a helper function to call [Nt]CreateFile to get a handle to
// the file or directory.
func createFile(name string, isDir bool) (syscall.Handle, error) {
namep, err := syscall.UTF16FromString(name)
if err != nil {
return 0, fmt.Errorf("syscall.UTF16FromString %s: %w", name, err)
}
da := uint32(desiredAccessReadControl | desiredAccessWriteDac)
sm := uint32(shareModeRead | shareModeWrite)
fa := uint32(syscall.FILE_ATTRIBUTE_NORMAL)
if isDir {
fa = uint32(fa | syscall.FILE_FLAG_BACKUP_SEMANTICS)
}
fd, err := syscall.CreateFile(&namep[0], da, sm, nil, syscall.OPEN_EXISTING, fa, 0)
if err != nil {
return 0, fmt.Errorf("%s syscall.CreateFile %s: %w", gvmga, name, err)
}
return fd, nil
}
// generateDACLWithAcesAdded generates a new DACL with the two needed ACEs added.
// The caller is responsible for LocalFree of the returned DACL on success.
func generateDACLWithAcesAdded(name string, isDir bool, desiredAccess accessMask, origDACL uintptr) (uintptr, error) {
// Generate pointers to the SIDs based on the string SIDs
sid, err := syscall.StringToSid(sidVmGroup)
if err != nil {
return 0, fmt.Errorf("%s syscall.StringToSid %s %s: %w", gvmga, name, sidVmGroup, err)
}
inheritance := inheritModeNoInheritance
if isDir {
inheritance = inheritModeSubContainersAndObjectsInherit
}
eaArray := []explicitAccess{
{
accessPermissions: desiredAccess,
accessMode: accessModeGrant,
inheritance: inheritance,
trustee: trustee{
trusteeForm: trusteeFormIsSid,
trusteeType: trusteeTypeWellKnownGroup,
name: uintptr(unsafe.Pointer(sid)),
},
},
}
modifiedDACL := uintptr(0)
if err := setEntriesInAcl(uintptr(uint32(1)), uintptr(unsafe.Pointer(&eaArray[0])), origDACL, &modifiedDACL); err != nil {
return 0, fmt.Errorf("%s SetEntriesInAcl %s: %w", gvmga, name, err)
}
return modifiedDACL, nil
}

7
vendor/github.com/Microsoft/hcsshim/internal/security/syscall_windows.go generated vendored Normal file
View File

@@ -0,0 +1,7 @@
package security
//go:generate go run $GOPATH/src/golang.org/x/sys/windows/mkwinsyscall/mkwinsyscall.go -output zsyscall_windows.go syscall_windows.go
//sys getSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, ppsidOwner **uintptr, ppsidGroup **uintptr, ppDacl *uintptr, ppSacl *uintptr, ppSecurityDescriptor *uintptr) (win32err error) = advapi32.GetSecurityInfo
//sys setSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, psidOwner uintptr, psidGroup uintptr, pDacl uintptr, pSacl uintptr) (win32err error) = advapi32.SetSecurityInfo
//sys setEntriesInAcl(count uintptr, pListOfEEs uintptr, oldAcl uintptr, newAcl *uintptr) (win32err error) = advapi32.SetEntriesInAclW

70
vendor/github.com/Microsoft/hcsshim/internal/security/zsyscall_windows.go generated vendored Normal file
View File

@@ -0,0 +1,70 @@
// Code generated by 'go generate'; DO NOT EDIT.
package security
import (
"syscall"
"unsafe"
"golang.org/x/sys/windows"
)
var _ unsafe.Pointer
// Do the interface allocations only once for common
// Errno values.
const (
errnoERROR_IO_PENDING = 997
)
var (
errERROR_IO_PENDING error = syscall.Errno(errnoERROR_IO_PENDING)
errERROR_EINVAL error = syscall.EINVAL
)
// errnoErr returns common boxed Errno values, to prevent
// allocations at runtime.
func errnoErr(e syscall.Errno) error {
switch e {
case 0:
return errERROR_EINVAL
case errnoERROR_IO_PENDING:
return errERROR_IO_PENDING
}
// TODO: add more here, after collecting data on the common
// error values see on Windows. (perhaps when running
// all.bat?)
return e
}
var (
modadvapi32 = windows.NewLazySystemDLL("advapi32.dll")
procGetSecurityInfo = modadvapi32.NewProc("GetSecurityInfo")
procSetEntriesInAclW = modadvapi32.NewProc("SetEntriesInAclW")
procSetSecurityInfo = modadvapi32.NewProc("SetSecurityInfo")
)
func getSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, ppsidOwner **uintptr, ppsidGroup **uintptr, ppDacl *uintptr, ppSacl *uintptr, ppSecurityDescriptor *uintptr) (win32err error) {
r0, _, _ := syscall.Syscall9(procGetSecurityInfo.Addr(), 8, uintptr(handle), uintptr(objectType), uintptr(si), uintptr(unsafe.Pointer(ppsidOwner)), uintptr(unsafe.Pointer(ppsidGroup)), uintptr(unsafe.Pointer(ppDacl)), uintptr(unsafe.Pointer(ppSacl)), uintptr(unsafe.Pointer(ppSecurityDescriptor)), 0)
if r0 != 0 {
win32err = syscall.Errno(r0)
}
return
}
func setEntriesInAcl(count uintptr, pListOfEEs uintptr, oldAcl uintptr, newAcl *uintptr) (win32err error) {
r0, _, _ := syscall.Syscall6(procSetEntriesInAclW.Addr(), 4, uintptr(count), uintptr(pListOfEEs), uintptr(oldAcl), uintptr(unsafe.Pointer(newAcl)), 0, 0)
if r0 != 0 {
win32err = syscall.Errno(r0)
}
return
}
func setSecurityInfo(handle syscall.Handle, objectType uint32, si uint32, psidOwner uintptr, psidGroup uintptr, pDacl uintptr, pSacl uintptr) (win32err error) {
r0, _, _ := syscall.Syscall9(procSetSecurityInfo.Addr(), 7, uintptr(handle), uintptr(objectType), uintptr(si), uintptr(psidOwner), uintptr(psidGroup), uintptr(pDacl), uintptr(pSacl), 0, 0)
if r0 != 0 {
win32err = syscall.Errno(r0)
}
return
}

1
vendor/github.com/Microsoft/hcsshim/internal/vmcompute/doc.go generated vendored Normal file
View File

@@ -0,0 +1 @@
package vmcompute

64
vendor/github.com/Microsoft/hcsshim/internal/vmcompute/vmcompute.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package vmcompute
import (
@@ -5,12 +7,13 @@ import (
"syscall"
"time"
"go.opencensus.io/trace"
"github.com/Microsoft/hcsshim/internal/interop"
"github.com/Microsoft/hcsshim/internal/log"
"github.com/Microsoft/hcsshim/internal/logfields"
"github.com/Microsoft/hcsshim/internal/oc"
"github.com/Microsoft/hcsshim/internal/timeout"
"go.opencensus.io/trace"
)
//go:generate go run ../../mksyscall_windows.go -output zsyscall_windows.go vmcompute.go
@@ -95,7 +98,7 @@ func execute(ctx gcontext.Context, timeout time.Duration, f func() error) error
}
func HcsEnumerateComputeSystems(ctx gcontext.Context, query string) (computeSystems, result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsEnumerateComputeSystems")
ctx, span := oc.StartSpan(ctx, "HcsEnumerateComputeSystems")
defer span.End()
defer func() {
if result != "" {
@@ -122,7 +125,7 @@ func HcsEnumerateComputeSystems(ctx gcontext.Context, query string) (computeSyst
}
func HcsCreateComputeSystem(ctx gcontext.Context, id string, configuration string, identity syscall.Handle) (computeSystem HcsSystem, result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsCreateComputeSystem")
ctx, span := oc.StartSpan(ctx, "HcsCreateComputeSystem")
defer span.End()
defer func() {
if result != "" {
@@ -147,7 +150,7 @@ func HcsCreateComputeSystem(ctx gcontext.Context, id string, configuration strin
}
func HcsOpenComputeSystem(ctx gcontext.Context, id string) (computeSystem HcsSystem, result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsOpenComputeSystem")
ctx, span := oc.StartSpan(ctx, "HcsOpenComputeSystem")
defer span.End()
defer func() {
if result != "" {
@@ -167,7 +170,7 @@ func HcsOpenComputeSystem(ctx gcontext.Context, id string) (computeSystem HcsSys
}
func HcsCloseComputeSystem(ctx gcontext.Context, computeSystem HcsSystem) (hr error) {
ctx, span := trace.StartSpan(ctx, "HcsCloseComputeSystem")
ctx, span := oc.StartSpan(ctx, "HcsCloseComputeSystem")
defer span.End()
defer func() { oc.SetSpanStatus(span, hr) }()
@@ -177,7 +180,7 @@ func HcsCloseComputeSystem(ctx gcontext.Context, computeSystem HcsSystem) (hr er
}
func HcsStartComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, options string) (result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsStartComputeSystem")
ctx, span := oc.StartSpan(ctx, "HcsStartComputeSystem")
defer span.End()
defer func() {
if result != "" {
@@ -200,7 +203,7 @@ func HcsStartComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, option
}
func HcsShutdownComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, options string) (result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsShutdownComputeSystem")
ctx, span := oc.StartSpan(ctx, "HcsShutdownComputeSystem")
defer span.End()
defer func() {
if result != "" {
@@ -223,7 +226,7 @@ func HcsShutdownComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, opt
}
func HcsTerminateComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, options string) (result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsTerminateComputeSystem")
ctx, span := oc.StartSpan(ctx, "HcsTerminateComputeSystem")
defer span.End()
defer func() {
if result != "" {
@@ -246,7 +249,7 @@ func HcsTerminateComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, op
}
func HcsPauseComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, options string) (result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsPauseComputeSystem")
ctx, span := oc.StartSpan(ctx, "HcsPauseComputeSystem")
defer span.End()
defer func() {
if result != "" {
@@ -269,7 +272,7 @@ func HcsPauseComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, option
}
func HcsResumeComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, options string) (result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsResumeComputeSystem")
ctx, span := oc.StartSpan(ctx, "HcsResumeComputeSystem")
defer span.End()
defer func() {
if result != "" {
@@ -292,7 +295,7 @@ func HcsResumeComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, optio
}
func HcsGetComputeSystemProperties(ctx gcontext.Context, computeSystem HcsSystem, propertyQuery string) (properties, result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsGetComputeSystemProperties")
ctx, span := oc.StartSpan(ctx, "HcsGetComputeSystemProperties")
defer span.End()
defer func() {
if result != "" {
@@ -319,7 +322,7 @@ func HcsGetComputeSystemProperties(ctx gcontext.Context, computeSystem HcsSystem
}
func HcsModifyComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, configuration string) (result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsModifyComputeSystem")
ctx, span := oc.StartSpan(ctx, "HcsModifyComputeSystem")
defer span.End()
defer func() {
if result != "" {
@@ -340,7 +343,7 @@ func HcsModifyComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, confi
}
func HcsModifyServiceSettings(ctx gcontext.Context, settings string) (result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsModifyServiceSettings")
ctx, span := oc.StartSpan(ctx, "HcsModifyServiceSettings")
defer span.End()
defer func() {
if result != "" {
@@ -361,7 +364,7 @@ func HcsModifyServiceSettings(ctx gcontext.Context, settings string) (result str
}
func HcsRegisterComputeSystemCallback(ctx gcontext.Context, computeSystem HcsSystem, callback uintptr, context uintptr) (callbackHandle HcsCallback, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsRegisterComputeSystemCallback")
ctx, span := oc.StartSpan(ctx, "HcsRegisterComputeSystemCallback")
defer span.End()
defer func() { oc.SetSpanStatus(span, hr) }()
@@ -371,7 +374,7 @@ func HcsRegisterComputeSystemCallback(ctx gcontext.Context, computeSystem HcsSys
}
func HcsUnregisterComputeSystemCallback(ctx gcontext.Context, callbackHandle HcsCallback) (hr error) {
ctx, span := trace.StartSpan(ctx, "HcsUnregisterComputeSystemCallback")
ctx, span := oc.StartSpan(ctx, "HcsUnregisterComputeSystemCallback")
defer span.End()
defer func() { oc.SetSpanStatus(span, hr) }()
@@ -381,7 +384,7 @@ func HcsUnregisterComputeSystemCallback(ctx gcontext.Context, callbackHandle Hcs
}
func HcsCreateProcess(ctx gcontext.Context, computeSystem HcsSystem, processParameters string) (processInformation HcsProcessInformation, process HcsProcess, result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsCreateProcess")
ctx, span := oc.StartSpan(ctx, "HcsCreateProcess")
defer span.End()
defer func() {
if result != "" {
@@ -389,7 +392,12 @@ func HcsCreateProcess(ctx gcontext.Context, computeSystem HcsSystem, processPara
}
oc.SetSpanStatus(span, hr)
}()
span.AddAttributes(trace.StringAttribute("processParameters", processParameters))
if span.IsRecordingEvents() {
// wont handle v1 process parameters
if s, err := log.ScrubProcessParameters(processParameters); err == nil {
span.AddAttributes(trace.StringAttribute("processParameters", s))
}
}
return processInformation, process, result, execute(ctx, timeout.SyscallWatcher, func() error {
var resultp *uint16
@@ -402,7 +410,7 @@ func HcsCreateProcess(ctx gcontext.Context, computeSystem HcsSystem, processPara
}
func HcsOpenProcess(ctx gcontext.Context, computeSystem HcsSystem, pid uint32) (process HcsProcess, result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsOpenProcess")
ctx, span := oc.StartSpan(ctx, "HcsOpenProcess")
defer span.End()
defer func() {
if result != "" {
@@ -423,7 +431,7 @@ func HcsOpenProcess(ctx gcontext.Context, computeSystem HcsSystem, pid uint32) (
}
func HcsCloseProcess(ctx gcontext.Context, process HcsProcess) (hr error) {
ctx, span := trace.StartSpan(ctx, "HcsCloseProcess")
ctx, span := oc.StartSpan(ctx, "HcsCloseProcess")
defer span.End()
defer func() { oc.SetSpanStatus(span, hr) }()
@@ -433,7 +441,7 @@ func HcsCloseProcess(ctx gcontext.Context, process HcsProcess) (hr error) {
}
func HcsTerminateProcess(ctx gcontext.Context, process HcsProcess) (result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsTerminateProcess")
ctx, span := oc.StartSpan(ctx, "HcsTerminateProcess")
defer span.End()
defer func() {
if result != "" {
@@ -453,7 +461,7 @@ func HcsTerminateProcess(ctx gcontext.Context, process HcsProcess) (result strin
}
func HcsSignalProcess(ctx gcontext.Context, process HcsProcess, options string) (result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsSignalProcess")
ctx, span := oc.StartSpan(ctx, "HcsSignalProcess")
defer span.End()
defer func() {
if result != "" {
@@ -474,7 +482,7 @@ func HcsSignalProcess(ctx gcontext.Context, process HcsProcess, options string)
}
func HcsGetProcessInfo(ctx gcontext.Context, process HcsProcess) (processInformation HcsProcessInformation, result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsGetProcessInfo")
ctx, span := oc.StartSpan(ctx, "HcsGetProcessInfo")
defer span.End()
defer func() {
if result != "" {
@@ -494,7 +502,7 @@ func HcsGetProcessInfo(ctx gcontext.Context, process HcsProcess) (processInforma
}
func HcsGetProcessProperties(ctx gcontext.Context, process HcsProcess) (processProperties, result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsGetProcessProperties")
ctx, span := oc.StartSpan(ctx, "HcsGetProcessProperties")
defer span.End()
defer func() {
if result != "" {
@@ -520,7 +528,7 @@ func HcsGetProcessProperties(ctx gcontext.Context, process HcsProcess) (processP
}
func HcsModifyProcess(ctx gcontext.Context, process HcsProcess, settings string) (result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsModifyProcess")
ctx, span := oc.StartSpan(ctx, "HcsModifyProcess")
defer span.End()
defer func() {
if result != "" {
@@ -541,7 +549,7 @@ func HcsModifyProcess(ctx gcontext.Context, process HcsProcess, settings string)
}
func HcsGetServiceProperties(ctx gcontext.Context, propertyQuery string) (properties, result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsGetServiceProperties")
ctx, span := oc.StartSpan(ctx, "HcsGetServiceProperties")
defer span.End()
defer func() {
if result != "" {
@@ -568,7 +576,7 @@ func HcsGetServiceProperties(ctx gcontext.Context, propertyQuery string) (proper
}
func HcsRegisterProcessCallback(ctx gcontext.Context, process HcsProcess, callback uintptr, context uintptr) (callbackHandle HcsCallback, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsRegisterProcessCallback")
ctx, span := oc.StartSpan(ctx, "HcsRegisterProcessCallback")
defer span.End()
defer func() { oc.SetSpanStatus(span, hr) }()
@@ -578,7 +586,7 @@ func HcsRegisterProcessCallback(ctx gcontext.Context, process HcsProcess, callba
}
func HcsUnregisterProcessCallback(ctx gcontext.Context, callbackHandle HcsCallback) (hr error) {
ctx, span := trace.StartSpan(ctx, "HcsUnregisterProcessCallback")
ctx, span := oc.StartSpan(ctx, "HcsUnregisterProcessCallback")
defer span.End()
defer func() { oc.SetSpanStatus(span, hr) }()
@@ -588,7 +596,7 @@ func HcsUnregisterProcessCallback(ctx gcontext.Context, callbackHandle HcsCallba
}
func HcsSaveComputeSystem(ctx gcontext.Context, computeSystem HcsSystem, options string) (result string, hr error) {
ctx, span := trace.StartSpan(ctx, "HcsSaveComputeSystem")
ctx, span := oc.StartSpan(ctx, "HcsSaveComputeSystem")
defer span.End()
defer func() {
if result != "" {

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/activatelayer.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -14,7 +16,7 @@ import (
// An activated layer must later be deactivated via DeactivateLayer.
func ActivateLayer(ctx context.Context, path string) (err error) {
title := "hcsshim::ActivateLayer"
ctx, span := trace.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
ctx, span := oc.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("path", path))

3
vendor/github.com/Microsoft/hcsshim/internal/wclayer/baselayer.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -48,7 +50,6 @@ func reapplyDirectoryTimes(root *os.File, dis []dirInfo) error {
if err != nil {
return err
}
}
return nil
}

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/createlayer.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -12,7 +14,7 @@ import (
// the parent layer provided.
func CreateLayer(ctx context.Context, path, parent string) (err error) {
title := "hcsshim::CreateLayer"
ctx, span := trace.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
ctx, span := oc.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/createscratchlayer.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -13,7 +15,7 @@ import (
// This requires the full list of paths to all parent layers up to the base
func CreateScratchLayer(ctx context.Context, path string, parentLayerPaths []string) (err error) {
title := "hcsshim::CreateScratchLayer"
ctx, span := trace.StartSpan(ctx, title)
ctx, span := oc.StartSpan(ctx, title)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/deactivatelayer.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -11,7 +13,7 @@ import (
// DeactivateLayer will dismount a layer that was mounted via ActivateLayer.
func DeactivateLayer(ctx context.Context, path string) (err error) {
title := "hcsshim::DeactivateLayer"
ctx, span := trace.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
ctx, span := oc.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("path", path))

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/destroylayer.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -12,7 +14,7 @@ import (
// path, including that layer's containing folder, if any.
func DestroyLayer(ctx context.Context, path string) (err error) {
title := "hcsshim::DestroyLayer"
ctx, span := trace.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
ctx, span := oc.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("path", path))

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/doc.go generated vendored Normal file
View File

@@ -0,0 +1,4 @@
// Package wclayer provides bindings to HCS's legacy layer management API and
// provides a higher level interface around these calls for container layer
// management.
package wclayer

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/expandscratchsize.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -16,7 +18,7 @@ import (
// ExpandScratchSize expands the size of a layer to at least size bytes.
func ExpandScratchSize(ctx context.Context, path string, size uint64) (err error) {
title := "hcsshim::ExpandScratchSize"
ctx, span := trace.StartSpan(ctx, title)
ctx, span := oc.StartSpan(ctx, title)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(

11
vendor/github.com/Microsoft/hcsshim/internal/wclayer/exportlayer.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -19,7 +21,7 @@ import (
// perform the export.
func ExportLayer(ctx context.Context, path string, exportFolderPath string, parentLayerPaths []string) (err error) {
title := "hcsshim::ExportLayer"
ctx, span := trace.StartSpan(ctx, title)
ctx, span := oc.StartSpan(ctx, title)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(
@@ -40,9 +42,14 @@ func ExportLayer(ctx context.Context, path string, exportFolderPath string, pare
return nil
}
// LayerReader is an interface that supports reading an existing container image layer.
type LayerReader interface {
// Next advances to the next file and returns the name, size, and file info
Next() (string, int64, *winio.FileBasicInfo, error)
// Read reads data from the current file, in the format of a Win32 backup stream, and
// returns the number of bytes read.
Read(b []byte) (int, error)
// Close finishes the layer reading process and releases any resources.
Close() error
}
@@ -50,7 +57,7 @@ type LayerReader interface {
// The caller must have taken the SeBackupPrivilege privilege
// to call this and any methods on the resulting LayerReader.
func NewLayerReader(ctx context.Context, path string, parentLayerPaths []string) (_ LayerReader, err error) {
ctx, span := trace.StartSpan(ctx, "hcsshim::NewLayerReader")
ctx, span := oc.StartSpan(ctx, "hcsshim::NewLayerReader")
defer func() {
if err != nil {
oc.SetSpanStatus(span, err)

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/getlayermountpath.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -16,7 +18,7 @@ import (
// folder path at which the layer is stored.
func GetLayerMountPath(ctx context.Context, path string) (_ string, err error) {
title := "hcsshim::GetLayerMountPath"
ctx, span := trace.StartSpan(ctx, title)
ctx, span := oc.StartSpan(ctx, title)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("path", path))

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/getsharedbaseimages.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -14,7 +16,7 @@ import (
// of registering them with the graphdriver, graph, and tagstore.
func GetSharedBaseImages(ctx context.Context) (_ string, err error) {
title := "hcsshim::GetSharedBaseImages"
ctx, span := trace.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
ctx, span := oc.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/grantvmaccess.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -11,7 +13,7 @@ import (
// GrantVmAccess adds access to a file for a given VM
func GrantVmAccess(ctx context.Context, vmid string, filepath string) (err error) {
title := "hcsshim::GrantVmAccess"
ctx, span := trace.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
ctx, span := oc.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(

6
vendor/github.com/Microsoft/hcsshim/internal/wclayer/importlayer.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -20,7 +22,7 @@ import (
// be present on the system at the paths provided in parentLayerPaths.
func ImportLayer(ctx context.Context, path string, importFolderPath string, parentLayerPaths []string) (err error) {
title := "hcsshim::ImportLayer"
ctx, span := trace.StartSpan(ctx, title)
ctx, span := oc.StartSpan(ctx, title)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(
@@ -124,7 +126,7 @@ func (r *legacyLayerWriterWrapper) Close() (err error) {
// The caller must have taken the SeBackupPrivilege and SeRestorePrivilege privileges
// to call this and any methods on the resulting LayerWriter.
func NewLayerWriter(ctx context.Context, path string, parentLayerPaths []string) (_ LayerWriter, err error) {
ctx, span := trace.StartSpan(ctx, "hcsshim::NewLayerWriter")
ctx, span := oc.StartSpan(ctx, "hcsshim::NewLayerWriter")
defer func() {
if err != nil {
oc.SetSpanStatus(span, err)

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerexists.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -12,7 +14,7 @@ import (
// to the system.
func LayerExists(ctx context.Context, path string) (_ bool, err error) {
title := "hcsshim::LayerExists"
ctx, span := trace.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
ctx, span := oc.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("path", path))

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerid.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -12,7 +14,7 @@ import (
// LayerID returns the layer ID of a layer on disk.
func LayerID(ctx context.Context, path string) (_ guid.GUID, err error) {
title := "hcsshim::LayerID"
ctx, span := trace.StartSpan(ctx, title)
ctx, span := oc.StartSpan(ctx, title)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("path", path))

2
vendor/github.com/Microsoft/hcsshim/internal/wclayer/layerutils.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
// This file contains utility functions to support storage (graph) related

7
vendor/github.com/Microsoft/hcsshim/internal/wclayer/legacy.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -262,7 +264,6 @@ func (r *legacyLayerReader) Next() (path string, size int64, fileInfo *winio.Fil
// The creation time and access time get reset for files outside of the Files path.
fileInfo.CreationTime = fileInfo.LastWriteTime
fileInfo.LastAccessTime = fileInfo.LastWriteTime
} else {
// The file attributes are written before the backup stream.
var attr uint32
@@ -349,7 +350,7 @@ type legacyLayerWriter struct {
currentIsDir bool
}
// newLegacyLayerWriter returns a LayerWriter that can write the contaler layer
// newLegacyLayerWriter returns a LayerWriter that can write the container layer
// transport format to disk.
func newLegacyLayerWriter(root string, parentRoots []string, destRoot string) (w *legacyLayerWriter, err error) {
w = &legacyLayerWriter{
@@ -730,7 +731,7 @@ func (w *legacyLayerWriter) AddLink(name string, target string) error {
return errors.New("invalid hard link in layer")
}
// Find to try the target of the link in a previously added file. If that
// Try to find the target of the link in a previously added file. If that
// fails, search in parent layers.
var selectedRoot *os.File
if _, ok := w.addedFiles[target]; ok {

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/nametoguid.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -14,7 +16,7 @@ import (
// across all clients.
func NameToGuid(ctx context.Context, name string) (_ guid.GUID, err error) {
title := "hcsshim::NameToGuid"
ctx, span := trace.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
ctx, span := oc.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("objectName", name))

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/preparelayer.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -19,7 +21,7 @@ var prepareLayerLock sync.Mutex
// Disabling the filter must be done via UnprepareLayer.
func PrepareLayer(ctx context.Context, path string, parentLayerPaths []string) (err error) {
title := "hcsshim::PrepareLayer"
ctx, span := trace.StartSpan(ctx, title)
ctx, span := oc.StartSpan(ctx, title)
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(

6
vendor/github.com/Microsoft/hcsshim/internal/wclayer/processimage.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -12,7 +14,7 @@ import (
// The files should have been extracted to <path>\Files.
func ProcessBaseLayer(ctx context.Context, path string) (err error) {
title := "hcsshim::ProcessBaseLayer"
ctx, span := trace.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
ctx, span := oc.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("path", path))
@@ -28,7 +30,7 @@ func ProcessBaseLayer(ctx context.Context, path string) (err error) {
// The files should have been extracted to <path>\Files.
func ProcessUtilityVMImage(ctx context.Context, path string) (err error) {
title := "hcsshim::ProcessUtilityVMImage"
ctx, span := trace.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
ctx, span := oc.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("path", path))

4
vendor/github.com/Microsoft/hcsshim/internal/wclayer/unpreparelayer.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package wclayer
import (
@@ -12,7 +14,7 @@ import (
// the given id.
func UnprepareLayer(ctx context.Context, path string) (err error) {
title := "hcsshim::UnprepareLayer"
ctx, span := trace.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
ctx, span := oc.StartSpan(ctx, title) //nolint:ineffassign,staticcheck
defer span.End()
defer func() { oc.SetSpanStatus(span, err) }()
span.AddAttributes(trace.StringAttribute("path", path))

5
vendor/github.com/Microsoft/hcsshim/internal/wclayer/wclayer.go generated vendored
View File

@@ -1,6 +1,5 @@
// Package wclayer provides bindings to HCS's legacy layer management API and
// provides a higher level interface around these calls for container layer
// management.
//go:build windows
package wclayer
import "github.com/Microsoft/go-winio/pkg/guid"

19
vendor/github.com/Microsoft/hcsshim/internal/winapi/bindflt.go generated vendored Normal file
View File

@@ -0,0 +1,19 @@
package winapi
const (
BINDFLT_FLAG_READ_ONLY_MAPPING uint32 = 0x00000001
BINDFLT_FLAG_MERGED_BIND_MAPPING uint32 = 0x00000002
BINDFLT_FLAG_USE_CURRENT_SILO_MAPPING uint32 = 0x00000004
)
// HRESULT
// BfSetupFilter(
// _In_opt_ HANDLE JobHandle,
// _In_ ULONG Flags,
// _In_ LPCWSTR VirtualizationRootPath,
// _In_ LPCWSTR VirtualizationTargetPath,
// _In_reads_opt_( VirtualizationExceptionPathCount ) LPCWSTR* VirtualizationExceptionPaths,
// _In_opt_ ULONG VirtualizationExceptionPathCount
// );
//
//sys BfSetupFilter(jobHandle windows.Handle, flags uint32, virtRootPath *uint16, virtTargetPath *uint16, virtExceptions **uint16, virtExceptionPathCount uint32) (hr error) = bindfltapi.BfSetupFilter?

2
vendor/github.com/Microsoft/hcsshim/internal/winapi/console.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package winapi
import (

2
vendor/github.com/Microsoft/hcsshim/internal/winapi/devices.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package winapi
import "github.com/Microsoft/go-winio/pkg/guid"

3
vendor/github.com/Microsoft/hcsshim/internal/winapi/doc.go generated vendored Normal file
View File

@@ -0,0 +1,3 @@
// Package winapi contains various low-level bindings to Windows APIs. It can
// be thought of as an extension to golang.org/x/sys/windows.
package winapi

11
vendor/github.com/Microsoft/hcsshim/internal/winapi/elevation.go generated vendored Normal file
View File

@@ -0,0 +1,11 @@
//go:build windows
package winapi
import (
"golang.org/x/sys/windows"
)
func IsElevated() bool {
return windows.GetCurrentProcessToken().IsElevated()
}

2
vendor/github.com/Microsoft/hcsshim/internal/winapi/errors.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package winapi
import "syscall"

2
vendor/github.com/Microsoft/hcsshim/internal/winapi/filesystem.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package winapi
//sys NtCreateFile(handle *uintptr, accessMask uint32, oa *ObjectAttributes, iosb *IOStatusBlock, allocationSize *uint64, fileAttributes uint32, shareAccess uint32, createDisposition uint32, createOptions uint32, eaBuffer *byte, eaLength uint32) (status uint32) = ntdll.NtCreateFile

44
vendor/github.com/Microsoft/hcsshim/internal/winapi/jobobject.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package winapi
import (
@@ -55,6 +57,8 @@ const (
JobObjectLimitViolationInformation uint32 = 13
JobObjectMemoryUsageInformation uint32 = 28
JobObjectNotificationLimitInformation2 uint32 = 33
JobObjectCreateSilo uint32 = 35
JobObjectSiloBasicInformation uint32 = 36
JobObjectIoAttribution uint32 = 42
)
@@ -111,29 +115,27 @@ type JOBOBJECT_BASIC_ACCOUNTING_INFORMATION struct {
TotalTerminateProcesses uint32
}
//https://docs.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-jobobject_basic_and_io_accounting_information
// https://docs.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-jobobject_basic_and_io_accounting_information
type JOBOBJECT_BASIC_AND_IO_ACCOUNTING_INFORMATION struct {
BasicInfo JOBOBJECT_BASIC_ACCOUNTING_INFORMATION
IoInfo windows.IO_COUNTERS
}
// typedef struct _JOBOBJECT_MEMORY_USAGE_INFORMATION {
// ULONG64 JobMemory;
// ULONG64 PeakJobMemoryUsed;
// } JOBOBJECT_MEMORY_USAGE_INFORMATION, *PJOBOBJECT_MEMORY_USAGE_INFORMATION;
//
// typedef struct _JOBOBJECT_MEMORY_USAGE_INFORMATION {
// ULONG64 JobMemory;
// ULONG64 PeakJobMemoryUsed;
// } JOBOBJECT_MEMORY_USAGE_INFORMATION, *PJOBOBJECT_MEMORY_USAGE_INFORMATION;
type JOBOBJECT_MEMORY_USAGE_INFORMATION struct {
JobMemory uint64
PeakJobMemoryUsed uint64
}
// typedef struct _JOBOBJECT_IO_ATTRIBUTION_STATS {
// ULONG_PTR IoCount;
// ULONGLONG TotalNonOverlappedQueueTime;
// ULONGLONG TotalNonOverlappedServiceTime;
// ULONGLONG TotalSize;
// } JOBOBJECT_IO_ATTRIBUTION_STATS, *PJOBOBJECT_IO_ATTRIBUTION_STATS;
//
// typedef struct _JOBOBJECT_IO_ATTRIBUTION_STATS {
// ULONG_PTR IoCount;
// ULONGLONG TotalNonOverlappedQueueTime;
// ULONGLONG TotalNonOverlappedServiceTime;
// ULONGLONG TotalSize;
// } JOBOBJECT_IO_ATTRIBUTION_STATS, *PJOBOBJECT_IO_ATTRIBUTION_STATS;
type JOBOBJECT_IO_ATTRIBUTION_STATS struct {
IoCount uintptr
TotalNonOverlappedQueueTime uint64
@@ -141,12 +143,11 @@ type JOBOBJECT_IO_ATTRIBUTION_STATS struct {
TotalSize uint64
}
// typedef struct _JOBOBJECT_IO_ATTRIBUTION_INFORMATION {
// ULONG ControlFlags;
// JOBOBJECT_IO_ATTRIBUTION_STATS ReadStats;
// JOBOBJECT_IO_ATTRIBUTION_STATS WriteStats;
// } JOBOBJECT_IO_ATTRIBUTION_INFORMATION, *PJOBOBJECT_IO_ATTRIBUTION_INFORMATION;
//
// typedef struct _JOBOBJECT_IO_ATTRIBUTION_INFORMATION {
// ULONG ControlFlags;
// JOBOBJECT_IO_ATTRIBUTION_STATS ReadStats;
// JOBOBJECT_IO_ATTRIBUTION_STATS WriteStats;
// } JOBOBJECT_IO_ATTRIBUTION_INFORMATION, *PJOBOBJECT_IO_ATTRIBUTION_INFORMATION;
type JOBOBJECT_IO_ATTRIBUTION_INFORMATION struct {
ControlFlags uint32
ReadStats JOBOBJECT_IO_ATTRIBUTION_STATS
@@ -183,7 +184,7 @@ type JOBOBJECT_ASSOCIATE_COMPLETION_PORT struct {
// LPCWSTR lpName
// );
//
//sys OpenJobObject(desiredAccess uint32, inheritHandle bool, lpName *uint16) (handle windows.Handle, err error) = kernel32.OpenJobObjectW
//sys OpenJobObject(desiredAccess uint32, inheritHandle int32, lpName *uint16) (handle windows.Handle, err error) = kernel32.OpenJobObjectW
// DWORD SetIoRateControlInformationJobObject(
// HANDLE hJob,
@@ -198,6 +199,7 @@ type JOBOBJECT_ASSOCIATE_COMPLETION_PORT struct {
// JOBOBJECT_IO_RATE_CONTROL_INFORMATION **InfoBlocks,
// ULONG *InfoBlockCount
// );
//
//sys QueryIoRateControlInformationJobObject(jobHandle windows.Handle, volumeName *uint16, ioRateControlInfo **JOBOBJECT_IO_RATE_CONTROL_INFORMATION, infoBlockCount *uint32) (ret uint32, err error) = kernel32.QueryIoRateControlInformationJobObject
// NTSTATUS
@@ -206,6 +208,7 @@ type JOBOBJECT_ASSOCIATE_COMPLETION_PORT struct {
// _In_ ACCESS_MASK DesiredAccess,
// _In_ POBJECT_ATTRIBUTES ObjectAttributes
// );
//
//sys NtOpenJobObject(jobHandle *windows.Handle, desiredAccess uint32, objAttributes *ObjectAttributes) (status uint32) = ntdll.NtOpenJobObject
// NTSTATUS
@@ -215,4 +218,5 @@ type JOBOBJECT_ASSOCIATE_COMPLETION_PORT struct {
// _In_ ACCESS_MASK DesiredAccess,
// _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes
// );
//
//sys NtCreateJobObject(jobHandle *windows.Handle, desiredAccess uint32, objAttributes *ObjectAttributes) (status uint32) = ntdll.NtCreateJobObject

1
vendor/github.com/Microsoft/hcsshim/internal/winapi/path.go generated vendored
View File

@@ -8,4 +8,5 @@ package winapi
// LPWSTR lpBuffer,
// LPWSTR *lpFilePart
// );
//
//sys SearchPath(lpPath *uint16, lpFileName *uint16, lpExtension *uint16, nBufferLength uint32, lpBuffer *uint16, lpFilePath *uint16) (size uint32, err error) = kernel32.SearchPathW

2
vendor/github.com/Microsoft/hcsshim/internal/winapi/system.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package winapi
import "golang.org/x/sys/windows"

1
vendor/github.com/Microsoft/hcsshim/internal/winapi/thread.go generated vendored
View File

@@ -9,4 +9,5 @@ package winapi
// DWORD dwCreationFlags,
// LPDWORD lpThreadId
// );
//
//sys CreateRemoteThread(process windows.Handle, sa *windows.SecurityAttributes, stackSize uint32, startAddr uintptr, parameter uintptr, creationFlags uint32, threadID *uint32) (handle windows.Handle, err error) = kernel32.CreateRemoteThread

194
vendor/github.com/Microsoft/hcsshim/internal/winapi/user.go generated vendored Normal file
View File

@@ -0,0 +1,194 @@
//go:build windows
package winapi
import (
"syscall"
"golang.org/x/sys/windows"
)
const UserNameCharLimit = 20
const (
USER_PRIV_GUEST uint32 = iota
USER_PRIV_USER
USER_PRIV_ADMIN
)
const (
UF_NORMAL_ACCOUNT = 0x00200
UF_DONT_EXPIRE_PASSWD = 0x10000
)
const NERR_UserNotFound = syscall.Errno(0x8AD)
// typedef struct _LOCALGROUP_MEMBERS_INFO_0 {
// PSID lgrmi0_sid;
// } LOCALGROUP_MEMBERS_INFO_0, *PLOCALGROUP_MEMBERS_INFO_0, *LPLOCALGROUP_MEMBERS_INFO_0;
type LocalGroupMembersInfo0 struct {
Sid *windows.SID
}
// typedef struct _LOCALGROUP_INFO_1 {
// LPWSTR lgrpi1_name;
// LPWSTR lgrpi1_comment;
// } LOCALGROUP_INFO_1, *PLOCALGROUP_INFO_1, *LPLOCALGROUP_INFO_1;
type LocalGroupInfo1 struct {
Name *uint16
Comment *uint16
}
// typedef struct _USER_INFO_1 {
// LPWSTR usri1_name;
// LPWSTR usri1_password;
// DWORD usri1_password_age;
// DWORD usri1_priv;
// LPWSTR usri1_home_dir;
// LPWSTR usri1_comment;
// DWORD usri1_flags;
// LPWSTR usri1_script_path;
// } USER_INFO_1, *PUSER_INFO_1, *LPUSER_INFO_1;
type UserInfo1 struct {
Name *uint16
Password *uint16
PasswordAge uint32
Priv uint32
HomeDir *uint16
Comment *uint16
Flags uint32
ScriptPath *uint16
}
// NET_API_STATUS NET_API_FUNCTION NetLocalGroupGetInfo(
// [in] LPCWSTR servername,
// [in] LPCWSTR groupname,
// [in] DWORD level,
// [out] LPBYTE *bufptr
// );
//
//sys netLocalGroupGetInfo(serverName *uint16, groupName *uint16, level uint32, bufptr **byte) (status error) = netapi32.NetLocalGroupGetInfo
// NetLocalGroupGetInfo is a slightly go friendlier wrapper around the NetLocalGroupGetInfo function. Instead of taking in *uint16's, it takes in
// go strings and does the conversion internally.
func NetLocalGroupGetInfo(serverName, groupName string, level uint32, bufPtr **byte) (err error) {
var (
serverNameUTF16 *uint16
groupNameUTF16 *uint16
)
if serverName != "" {
serverNameUTF16, err = windows.UTF16PtrFromString(serverName)
if err != nil {
return err
}
}
if groupName != "" {
groupNameUTF16, err = windows.UTF16PtrFromString(groupName)
if err != nil {
return err
}
}
return netLocalGroupGetInfo(
serverNameUTF16,
groupNameUTF16,
level,
bufPtr,
)
}
// NET_API_STATUS NET_API_FUNCTION NetUserAdd(
// [in] LPCWSTR servername,
// [in] DWORD level,
// [in] LPBYTE buf,
// [out] LPDWORD parm_err
// );
//
//sys netUserAdd(serverName *uint16, level uint32, buf *byte, parm_err *uint32) (status error) = netapi32.NetUserAdd
// NetUserAdd is a slightly go friendlier wrapper around the NetUserAdd function. Instead of taking in *uint16's, it takes in
// go strings and does the conversion internally.
func NetUserAdd(serverName string, level uint32, buf *byte, parm_err *uint32) (err error) {
var serverNameUTF16 *uint16
if serverName != "" {
serverNameUTF16, err = windows.UTF16PtrFromString(serverName)
if err != nil {
return err
}
}
return netUserAdd(
serverNameUTF16,
level,
buf,
parm_err,
)
}
// NET_API_STATUS NET_API_FUNCTION NetUserDel(
// [in] LPCWSTR servername,
// [in] LPCWSTR username
// );
//
//sys netUserDel(serverName *uint16, username *uint16) (status error) = netapi32.NetUserDel
// NetUserDel is a slightly go friendlier wrapper around the NetUserDel function. Instead of taking in *uint16's, it takes in
// go strings and does the conversion internally.
func NetUserDel(serverName, userName string) (err error) {
var (
serverNameUTF16 *uint16
userNameUTF16 *uint16
)
if serverName != "" {
serverNameUTF16, err = windows.UTF16PtrFromString(serverName)
if err != nil {
return err
}
}
if userName != "" {
userNameUTF16, err = windows.UTF16PtrFromString(userName)
if err != nil {
return err
}
}
return netUserDel(
serverNameUTF16,
userNameUTF16,
)
}
// NET_API_STATUS NET_API_FUNCTION NetLocalGroupAddMembers(
// [in] LPCWSTR servername,
// [in] LPCWSTR groupname,
// [in] DWORD level,
// [in] LPBYTE buf,
// [in] DWORD totalentries
// );
//
//sys netLocalGroupAddMembers(serverName *uint16, groupName *uint16, level uint32, buf *byte, totalEntries uint32) (status error) = netapi32.NetLocalGroupAddMembers
// NetLocalGroupAddMembers is a slightly go friendlier wrapper around the NetLocalGroupAddMembers function. Instead of taking in *uint16's, it takes in
// go strings and does the conversion internally.
func NetLocalGroupAddMembers(serverName, groupName string, level uint32, buf *byte, totalEntries uint32) (err error) {
var (
serverNameUTF16 *uint16
groupNameUTF16 *uint16
)
if serverName != "" {
serverNameUTF16, err = windows.UTF16PtrFromString(serverName)
if err != nil {
return err
}
}
if groupName != "" {
groupNameUTF16, err = windows.UTF16PtrFromString(groupName)
if err != nil {
return err
}
}
return netLocalGroupAddMembers(
serverNameUTF16,
groupNameUTF16,
level,
buf,
totalEntries,
)
}

2
vendor/github.com/Microsoft/hcsshim/internal/winapi/utils.go generated vendored
View File

@@ -1,3 +1,5 @@
//go:build windows
package winapi
import (

4
vendor/github.com/Microsoft/hcsshim/internal/winapi/winapi.go generated vendored
View File

@@ -1,5 +1,3 @@
// Package winapi contains various low-level bindings to Windows APIs. It can
// be thought of as an extension to golang.org/x/sys/windows.
package winapi
//go:generate go run ..\..\mksyscall_windows.go -output zsyscall_windows.go user.go console.go system.go net.go path.go thread.go jobobject.go logon.go memory.go process.go processor.go devices.go filesystem.go errors.go
//go:generate go run ..\..\mksyscall_windows.go -output zsyscall_windows.go bindflt.go user.go console.go system.go net.go path.go thread.go jobobject.go logon.go memory.go process.go processor.go devices.go filesystem.go errors.go

73
vendor/github.com/Microsoft/hcsshim/internal/winapi/zsyscall_windows.go generated vendored
View File

@@ -37,12 +37,19 @@ func errnoErr(e syscall.Errno) error {
}
var (
modkernel32 = windows.NewLazySystemDLL("kernel32.dll")
modntdll = windows.NewLazySystemDLL("ntdll.dll")
modiphlpapi = windows.NewLazySystemDLL("iphlpapi.dll")
modadvapi32 = windows.NewLazySystemDLL("advapi32.dll")
modcfgmgr32 = windows.NewLazySystemDLL("cfgmgr32.dll")
modbindfltapi = windows.NewLazySystemDLL("bindfltapi.dll")
modnetapi32 = windows.NewLazySystemDLL("netapi32.dll")
modkernel32 = windows.NewLazySystemDLL("kernel32.dll")
modntdll = windows.NewLazySystemDLL("ntdll.dll")
modiphlpapi = windows.NewLazySystemDLL("iphlpapi.dll")
modadvapi32 = windows.NewLazySystemDLL("advapi32.dll")
modcfgmgr32 = windows.NewLazySystemDLL("cfgmgr32.dll")
procBfSetupFilter = modbindfltapi.NewProc("BfSetupFilter")
procNetLocalGroupGetInfo = modnetapi32.NewProc("NetLocalGroupGetInfo")
procNetUserAdd = modnetapi32.NewProc("NetUserAdd")
procNetUserDel = modnetapi32.NewProc("NetUserDel")
procNetLocalGroupAddMembers = modnetapi32.NewProc("NetLocalGroupAddMembers")
procCreatePseudoConsole = modkernel32.NewProc("CreatePseudoConsole")
procClosePseudoConsole = modkernel32.NewProc("ClosePseudoConsole")
procResizePseudoConsole = modkernel32.NewProc("ResizePseudoConsole")
@@ -73,6 +80,52 @@ var (
procRtlNtStatusToDosError = modntdll.NewProc("RtlNtStatusToDosError")
)
func BfSetupFilter(jobHandle windows.Handle, flags uint32, virtRootPath *uint16, virtTargetPath *uint16, virtExceptions **uint16, virtExceptionPathCount uint32) (hr error) {
if hr = procBfSetupFilter.Find(); hr != nil {
return
}
r0, _, _ := syscall.Syscall6(procBfSetupFilter.Addr(), 6, uintptr(jobHandle), uintptr(flags), uintptr(unsafe.Pointer(virtRootPath)), uintptr(unsafe.Pointer(virtTargetPath)), uintptr(unsafe.Pointer(virtExceptions)), uintptr(virtExceptionPathCount))
if int32(r0) < 0 {
if r0&0x1fff0000 == 0x00070000 {
r0 &= 0xffff
}
hr = syscall.Errno(r0)
}
return
}
func netLocalGroupGetInfo(serverName *uint16, groupName *uint16, level uint32, bufptr **byte) (status error) {
r0, _, _ := syscall.Syscall6(procNetLocalGroupGetInfo.Addr(), 4, uintptr(unsafe.Pointer(serverName)), uintptr(unsafe.Pointer(groupName)), uintptr(level), uintptr(unsafe.Pointer(bufptr)), 0, 0)
if r0 != 0 {
status = syscall.Errno(r0)
}
return
}
func netUserAdd(serverName *uint16, level uint32, buf *byte, parm_err *uint32) (status error) {
r0, _, _ := syscall.Syscall6(procNetUserAdd.Addr(), 4, uintptr(unsafe.Pointer(serverName)), uintptr(level), uintptr(unsafe.Pointer(buf)), uintptr(unsafe.Pointer(parm_err)), 0, 0)
if r0 != 0 {
status = syscall.Errno(r0)
}
return
}
func netUserDel(serverName *uint16, username *uint16) (status error) {
r0, _, _ := syscall.Syscall(procNetUserDel.Addr(), 2, uintptr(unsafe.Pointer(serverName)), uintptr(unsafe.Pointer(username)), 0)
if r0 != 0 {
status = syscall.Errno(r0)
}
return
}
func netLocalGroupAddMembers(serverName *uint16, groupName *uint16, level uint32, buf *byte, totalEntries uint32) (status error) {
r0, _, _ := syscall.Syscall6(procNetLocalGroupAddMembers.Addr(), 5, uintptr(unsafe.Pointer(serverName)), uintptr(unsafe.Pointer(groupName)), uintptr(level), uintptr(unsafe.Pointer(buf)), uintptr(totalEntries), 0)
if r0 != 0 {
status = syscall.Errno(r0)
}
return
}
func createPseudoConsole(size uint32, hInput windows.Handle, hOutput windows.Handle, dwFlags uint32, hpcon *windows.Handle) (hr error) {
r0, _, _ := syscall.Syscall6(procCreatePseudoConsole.Addr(), 5, uintptr(size), uintptr(hInput), uintptr(hOutput), uintptr(dwFlags), uintptr(unsafe.Pointer(hpcon)), 0)
if int32(r0) < 0 {
@@ -164,14 +217,8 @@ func QueryInformationJobObject(jobHandle windows.Handle, infoClass uint32, jobOb
return
}
func OpenJobObject(desiredAccess uint32, inheritHandle bool, lpName *uint16) (handle windows.Handle, err error) {
var _p0 uint32
if inheritHandle {
_p0 = 1
} else {
_p0 = 0
}
r0, _, e1 := syscall.Syscall(procOpenJobObjectW.Addr(), 3, uintptr(desiredAccess), uintptr(_p0), uintptr(unsafe.Pointer(lpName)))
func OpenJobObject(desiredAccess uint32, inheritHandle int32, lpName *uint16) (handle windows.Handle, err error) {
r0, _, e1 := syscall.Syscall(procOpenJobObjectW.Addr(), 3, uintptr(desiredAccess), uintptr(inheritHandle), uintptr(unsafe.Pointer(lpName)))
handle = windows.Handle(r0)
if handle == 0 {
if e1 != 0 {