Skip to content

Commit

Permalink
incus: 6.6.0 -> 6.7.0 (#356230)
Browse files Browse the repository at this point in the history
  • Loading branch information
adamcstephens authored Nov 23, 2024
2 parents 8d83dc5 + ed24c80 commit 4238856
Show file tree
Hide file tree
Showing 5 changed files with 93 additions and 10 deletions.
10 changes: 9 additions & 1 deletion nixos/tests/incus/container.nix
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,8 @@ in
networking.nftables.enable = true;
};

testScript = ''
testScript = # python
''
def instance_is_up(_) -> bool:
status, _ = machine.execute("incus exec container --disable-stdin --force-interactive /run/current-system/sw/bin/systemctl -- is-system-running")
return status == 0
Expand Down Expand Up @@ -94,6 +95,13 @@ in
meminfo_bytes = " ".join(meminfo.split(' ')[-2:])
assert meminfo_bytes == "125000 kB", f"Wrong amount of memory reported from /proc/meminfo, want: '125000 kB', got: '{meminfo_bytes}'"
with subtest("virtual tpm can be configured"):
machine.succeed("incus config device add container vtpm tpm path=/dev/tpm0 pathrm=/dev/tpmrm0")
machine.succeed("incus exec container -- test -e /dev/tpm0")
machine.succeed("incus exec container -- test -e /dev/tpmrm0")
machine.succeed("incus config device remove container vtpm")
machine.fail("incus exec container -- test -e /dev/tpm0")
with subtest("lxc-generator"):
with subtest("lxc-container generator configures plain container"):
# reuse the existing container to save some time
Expand Down
6 changes: 2 additions & 4 deletions nixos/tests/incus/virtual-machine.nix
Original file line number Diff line number Diff line change
Expand Up @@ -30,9 +30,6 @@ in
memorySize = 1024;
diskSize = 4096;

# Provide a TPM to test vTPM support for guests
tpm.enable = true;

incus = {
enable = true;
package = incus;
Expand All @@ -41,7 +38,8 @@ in
networking.nftables.enable = true;
};

testScript = ''
testScript = # python
''
def instance_is_up(_) -> bool:
status, _ = machine.execute("incus exec ${instance-name} --disable-stdin --force-interactive /run/current-system/sw/bin/systemctl -- is-system-running")
return status == 0
Expand Down
77 changes: 77 additions & 0 deletions pkgs/by-name/in/incus/1377-reverse.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
--- b/internal/server/device/tpm.go
+++ a/internal/server/device/tpm.go
@@ -202,13 +202,11 @@
},
}

+ proc, err := subprocess.NewProcess("swtpm", []string{"socket", "--tpm2", "--tpmstate", fmt.Sprintf("dir=%s", tpmDevPath), "--ctrl", fmt.Sprintf("type=unixio,path=%s", socketPath)}, "", "")
- proc, err := subprocess.NewProcess("swtpm", []string{"socket", "--tpm2", "--tpmstate", fmt.Sprintf("dir=%s", tpmDevPath), "--ctrl", fmt.Sprintf("type=unixio,path=swtpm-%s.sock", d.name)}, "", "")
if err != nil {
return nil, err
}

- proc.Cwd = tpmDevPath
-
// Start the TPM emulator.
err = proc.Start(context.Background())
if err != nil {
--- b/internal/server/instance/drivers/driver_qemu.go
+++ a/internal/server/instance/drivers/driver_qemu.go
@@ -3668,7 +3668,7 @@

// Add TPM device.
if len(runConf.TPMDevice) > 0 {
+ err = d.addTPMDeviceConfig(&cfg, runConf.TPMDevice)
- err = d.addTPMDeviceConfig(&cfg, runConf.TPMDevice, fdFiles)
if err != nil {
return "", nil, err
}
@@ -4852,7 +4852,7 @@
return monHook, nil
}

+func (d *qemu) addTPMDeviceConfig(cfg *[]cfgSection, tpmConfig []deviceConfig.RunConfigItem) error {
-func (d *qemu) addTPMDeviceConfig(cfg *[]cfgSection, tpmConfig []deviceConfig.RunConfigItem, fdFiles *[]*os.File) error {
var devName, socketPath string

for _, tpmItem := range tpmConfig {
@@ -4863,16 +4863,9 @@
}
}

- fd, err := unix.Open(socketPath, unix.O_PATH, 0)
- if err != nil {
- return err
- }
-
- tpmFD := d.addFileDescriptor(fdFiles, os.NewFile(uintptr(fd), socketPath))
-
tpmOpts := qemuTPMOpts{
devName: devName,
+ path: socketPath,
- path: fmt.Sprintf("/proc/self/fd/%d", tpmFD),
}
*cfg = append(*cfg, qemuTPM(&tpmOpts)...)

--- b/shared/subprocess/proc.go
+++ a/shared/subprocess/proc.go
@@ -27,7 +27,6 @@
Name string `yaml:"name"`
Args []string `yaml:"args,flow"`
Apparmor string `yaml:"apparmor"`
- Cwd string `yaml:"cwd"`
PID int64 `yaml:"pid"`
Stdin io.ReadCloser `yaml:"-"`
Stdout io.WriteCloser `yaml:"-"`
@@ -154,11 +153,6 @@
cmd.Stderr = p.Stderr
cmd.Stdin = p.Stdin
cmd.SysProcAttr = p.SysProcAttr
-
- if p.Cwd != "" {
- cmd.Dir = p.Cwd
- }
-
if cmd.SysProcAttr == nil {
cmd.SysProcAttr = &syscall.SysProcAttr{}
}
2 changes: 1 addition & 1 deletion pkgs/by-name/in/incus/generic.nix
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
{
hash,
lts ? false,
patches,
patches ? [ ],
updateScriptArgs ? "",
vendorHash,
version,
Expand Down
8 changes: 4 additions & 4 deletions pkgs/by-name/in/incus/package.nix
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import ./generic.nix {
hash = "sha256-hjBJGtIBYwgPpnWb1337RP1jU9rQNLQ3yp1AnwBH13o=";
version = "6.6.0";
vendorHash = "sha256-Cpbgn2WHMVKtPrAzuNnXkS1rYvzLwde6oTcKTKW3XHs=";
patches = [ ];
hash = "sha256-k7DHJRbhUJwamEOW8B7wdCWQyYEUtsIHwuHh20lpLmA=";
version = "6.7.0";
vendorHash = "sha256-u12zYcKiHNUH1kWpkMIyixtK9t+G4N2QerzOGsujjFQ=";
patches = [ ./1377-reverse.patch ];
}

0 comments on commit 4238856

Please sign in to comment.