Add native property to LinuxProcess

LinuxProcess with `native` property runs outside containerized
environment.

Author: JaewonHur

Sources/Containerization/LinuxContainer.swift

@@ -916,7 +916,7 @@ extension LinuxContainer {
 
     /// Execute a new process in the container. The process is not started after this call, and must be manually started
     /// via the `start` method.
-    public func exec(_ id: String, configuration: LinuxProcessConfiguration) async throws -> LinuxProcess {
+    public func exec(_ id: String, configuration: LinuxProcessConfiguration, native: Bool = false) async throws -> LinuxProcess {
         try await self.state.withLock {
             var state = try $0.startedState("exec")
 
@@ -935,6 +935,7 @@ extension LinuxContainer {
                 containerID: self.id,
                 spec: spec,
                 io: stdio,
+                native: native,
                 ociRuntimePath: self.config.ociRuntimePath,
                 agent: agent,
                 vm: state.vm,

Sources/Containerization/LinuxProcess.swift

@@ -94,6 +94,7 @@ public final class LinuxProcess: Sendable {
 
     private let state: Mutex<State>
     private let ioSetup: Stdio
+    private let native: Bool
     private let agent: any VirtualMachineAgent
     private let vm: any VirtualMachineInstance
     private let ociRuntimePath: String?
@@ -105,6 +106,7 @@ public final class LinuxProcess: Sendable {
         containerID: String? = nil,
         spec: Spec,
         io: Stdio,
+        native: Bool = false,
         ociRuntimePath: String?,
         agent: any VirtualMachineAgent,
         vm: any VirtualMachineInstance,
@@ -115,6 +117,7 @@ public final class LinuxProcess: Sendable {
         self.owningContainer = containerID
         self.state = Mutex<State>(.init(spec: spec, pid: -1, stdio: StdioHandles()))
         self.ioSetup = io
+        self.native = native
         self.agent = agent
         self.ociRuntimePath = ociRuntimePath
         self.vm = vm
@@ -240,6 +243,11 @@ extension LinuxProcess {
         do {
             let spec = self.state.withLock { $0.spec }
             var listeners = [VsockListener?](repeating: nil, count: 3)
+
+            let options = try JSONEncoder().encode(
+                CreateProcessOptions(native: self.native)
+            )
+
             if let stdin = self.ioSetup.stdin {
                 listeners[0] = try self.vm.listen(stdin.port)
             }
@@ -268,7 +276,7 @@ extension LinuxProcess {
                 stderrPort: self.ioSetup.stderr?.port,
                 ociRuntimePath: self.ociRuntimePath,
                 configuration: spec,
-                options: nil
+                options: options
             )
 
             let result = try await t.value

Sources/Containerization/Vminitd.swift

@@ -231,6 +231,9 @@ extension Vminitd: VirtualMachineAgent {
                 if let ociRuntimePath {
                     $0.ociRuntimePath = ociRuntimePath
                 }
+                if let options {
+                    $0.options = options
+                }
                 $0.configuration = try enc.encode(configuration)
             })
     }

vminitd/Sources/VminitdCore/ManagedContainer.swift

@@ -160,7 +160,8 @@ extension ManagedContainer {
     func createExec(
         id: String,
         stdio: HostStdio,
-        process: ContainerizationOCI.Process
+        process: ContainerizationOCI.Process,
+        native: Bool
     ) throws {
         log.debug("creating exec process with \(process)")
 

vminitd/Sources/VminitdCore/Server+GRPC.swift

@@ -789,12 +789,18 @@ extension Initd: Com_Apple_Containerization_Sandbox_V3_SandboxContext.SimpleServ
                 terminal: process.terminal
             )
 
+            let options = try JSONDecoder().decode(
+                CreateProcessOptions.self,
+                from: request.options
+            )
+
             // This is an exec.
             if let container = await self.state.containers[request.containerID] {
                 try await container.createExec(
                     id: request.id,
                     stdio: stdioPorts,
-                    process: process
+                    process: process,
+                    native: options.native
                 )
             } else {
                 // We need to make our new fangled container.