-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for finding oxide processes on a sled #7194
Merged
papertigers
merged 10 commits into
spr/papertigers/main.add-support-for-finding-oxide-processes-on-a-sled
from
spr/papertigers/add-support-for-finding-oxide-processes-on-a-sled
Jan 7, 2025
Merged
Changes from 8 commits
Commits
Show all changes
10 commits
Select commit
Hold shift + click to select a range
291f17f
[spr] initial version
papertigers 3955818
Add omicron-workspace-hack
papertigers f4e013d
add lints to Cargo.toml
papertigers 83597f5
Add better contract errors
papertigers 638d309
Fix typo
papertigers 582b822
rebase
papertigers 3db8b04
license
papertigers 3b048f9
rebase
papertigers 331ac9a
Find propolis procs
papertigers 8c107d3
rebase main
papertigers File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,178 @@ | ||
// This Source Code Form is subject to the terms of the Mozilla Public | ||
// License, v. 2.0. If a copy of the MPL was not distributed with this | ||
// file, You can obtain one at https://mozilla.org/MPL/2.0/. | ||
|
||
// ! Bindings to libcontract(3lib). | ||
|
||
use fs_err as fs; | ||
use libc::{c_char, c_int, c_void, pid_t}; | ||
use slog::{warn, Logger}; | ||
use thiserror::Error; | ||
|
||
use std::{ | ||
collections::BTreeSet, | ||
ffi::{CStr, CString}, | ||
os::fd::AsRawFd, | ||
path::Path, | ||
}; | ||
|
||
const CT_ALL: &str = "/system/contract/all"; | ||
const OXIDE_FMRI: &str = "svc:/oxide/"; | ||
const CTD_ALL: i32 = 2; | ||
|
||
#[allow(non_camel_case_types)] | ||
type ct_stathdl_t = *mut c_void; | ||
|
||
#[link(name = "contract")] | ||
extern "C" { | ||
fn ct_status_read( | ||
fd: c_int, | ||
detail: c_int, | ||
stathdlp: *mut ct_stathdl_t, | ||
) -> c_int; | ||
fn ct_status_free(stathdlp: ct_stathdl_t); | ||
fn ct_status_get_id(stathdlp: ct_stathdl_t) -> i32; | ||
fn ct_pr_status_get_members( | ||
stathdlp: ct_stathdl_t, | ||
pidpp: *mut *mut pid_t, | ||
n: *mut u32, | ||
) -> c_int; | ||
fn ct_pr_status_get_svc_fmri( | ||
stathdlp: ct_stathdl_t, | ||
fmri: *mut *mut c_char, | ||
) -> c_int; | ||
} | ||
|
||
#[derive(Error, Debug)] | ||
pub enum ContractError { | ||
#[error(transparent)] | ||
FileIo(#[from] std::io::Error), | ||
#[error( | ||
"Failed to call ct_pr_status_get_svc_fmri for contract {ctid}: {error}" | ||
)] | ||
Fmri { ctid: i32, error: std::io::Error }, | ||
#[error( | ||
"Failed to call ct_pr_status_get_members for contract {ctid}: {error}" | ||
)] | ||
Members { ctid: i32, error: std::io::Error }, | ||
#[error("ct_status_read returned successfully but handed back a null ptr for {0}")] | ||
Null(std::path::PathBuf), | ||
#[error("Failed to call ct_status_read on {path}: {error}")] | ||
StatusRead { path: std::path::PathBuf, error: std::io::Error }, | ||
} | ||
|
||
pub struct ContractStatus { | ||
handle: ct_stathdl_t, | ||
} | ||
|
||
impl Drop for ContractStatus { | ||
fn drop(&mut self) { | ||
unsafe { ct_status_free(self.handle) }; | ||
} | ||
} | ||
|
||
macro_rules! libcall_io { | ||
($fn: ident ( $($arg: expr), * $(,)*) ) => {{ | ||
let res = unsafe { $fn($($arg, )*) }; | ||
if res == 0 { | ||
Ok(res) | ||
} else { | ||
Err(std::io::Error::last_os_error()) | ||
} | ||
}}; | ||
} | ||
|
||
impl ContractStatus { | ||
fn new(contract_status: &Path) -> Result<Self, ContractError> { | ||
let file = fs::File::open(contract_status)?; | ||
let mut handle: ct_stathdl_t = std::ptr::null_mut(); | ||
libcall_io!(ct_status_read(file.as_raw_fd(), CTD_ALL, &mut handle,)) | ||
.map_err(|error| ContractError::StatusRead { | ||
path: contract_status.to_path_buf(), | ||
error, | ||
})?; | ||
|
||
// We don't ever expect the system to hand back a null ptr when | ||
// returning success but let's be extra cautious anyways. | ||
if handle.is_null() { | ||
return Err(ContractError::Null(contract_status.to_path_buf())); | ||
} | ||
|
||
Ok(Self { handle }) | ||
} | ||
|
||
fn get_members(&self) -> Result<&[i32], ContractError> { | ||
let mut numpids = 0; | ||
let mut pids: *mut pid_t = std::ptr::null_mut(); | ||
|
||
let pids = { | ||
libcall_io!(ct_pr_status_get_members( | ||
self.handle, | ||
&mut pids, | ||
&mut numpids, | ||
)) | ||
.map_err(|error| { | ||
let ctid = unsafe { ct_status_get_id(self.handle) }; | ||
ContractError::Members { ctid, error } | ||
})?; | ||
|
||
unsafe { | ||
if pids.is_null() { | ||
&[] | ||
} else { | ||
std::slice::from_raw_parts(pids, numpids as usize) | ||
} | ||
} | ||
}; | ||
|
||
Ok(pids) | ||
} | ||
|
||
fn get_fmri(&self) -> Result<Option<CString>, ContractError> { | ||
// The lifetime of this string is tied to the lifetime of the status | ||
// handle itself and will be cleaned up when the handle is freed. | ||
let mut ptr: *mut c_char = std::ptr::null_mut(); | ||
libcall_io!(ct_pr_status_get_svc_fmri(self.handle, &mut ptr)).map_err( | ||
|error| { | ||
let ctid = unsafe { ct_status_get_id(self.handle) }; | ||
ContractError::Fmri { ctid, error } | ||
}, | ||
)?; | ||
|
||
if ptr.is_null() { | ||
return Ok(None); | ||
} | ||
|
||
let cstr = unsafe { CStr::from_ptr(ptr) }; | ||
Ok(Some(cstr.to_owned())) | ||
} | ||
} | ||
|
||
pub fn find_oxide_pids(log: &Logger) -> Result<BTreeSet<i32>, ContractError> { | ||
let mut pids = BTreeSet::new(); | ||
let ents = fs::read_dir(CT_ALL)?; | ||
for ct in ents { | ||
let ctid = ct?; | ||
let mut path = ctid.path(); | ||
path.push("status"); | ||
|
||
let status = match ContractStatus::new(path.as_path()) { | ||
Ok(status) => status, | ||
Err(e) => { | ||
// There's a race between the time we find the contracts to the | ||
// time we attempt to read the contract's status. We can safely | ||
// skip all of the errors for diagnostics purposes but we should | ||
// leave a log in our wake. | ||
warn!(log, "Failed to read contract ({:?}): {}", path, e); | ||
continue; | ||
} | ||
}; | ||
|
||
let fmri = status.get_fmri()?.unwrap_or_default(); | ||
if fmri.to_string_lossy().starts_with(OXIDE_FMRI) { | ||
pids.extend(status.get_members()?); | ||
} | ||
} | ||
|
||
Ok(pids) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
//! Stub implementation for platfroms without libcontract(3lib). | ||
|
||
use std::collections::BTreeSet; | ||
|
||
use slog::{warn, Logger}; | ||
use thiserror::Error; | ||
|
||
#[derive(Error, Debug)] | ||
pub enum ContractError {} | ||
|
||
pub fn find_oxide_pids(log: &Logger) -> Result<BTreeSet<i32>, ContractError> { | ||
warn!( | ||
log, | ||
"Unable to find oxide pids on a non illumos platform, \ | ||
returning empty set" | ||
); | ||
Ok(BTreeSet::new()) | ||
} |
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From https://illumos.org/man/3CONTRACT/ct_pr_status_get_svc_creator#:~:text=The%20ct_pr_status_get_svc_fmri(),not%20be%20modified
I'm under the impression that the
ptr
value here must be freed via a call toct_status_free
- is that right? or is this just saying that the lifetime of the returned result must be shorter thanContractStatus
?If it's the former (the
ptr
value must be freed explicitly): Are we leaking?If it's the latter (the
ptr
values lives as long asContractStatus
): Is this code unsound? Would it be possible to keep using the returnedCString
afterself
has been dropped?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The ptr returned is tied to the lifetime of the contract status handle
ct_stathdl_t
. We read that pointer as a cstr but the function returns a CString which copies the data to own it. If I understand correctly the ptr returned from the call toct_pr_status_get_svc_fmri
will not leave anything around because it will be cleaned up whenct_status_free
is called via the drop method onContractStatus
.I will verify this, but this was at least my intention upon writing this code.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, gotcha, so:
Would create a
cstr
that needs to have a shorter lifetime than the handle, but:Would clone it, and free us from that lifetime constraint when the function returns