Skip to content

Implement the ability to record the exit code from the entrypoint in userspace #312

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Implement the ability to record the exit code from the entrypoint in userspace #312

wants to merge 4 commits into from

Conversation

slp
Copy link
Contributor

@slp slp commented Apr 9, 2025 

For the container use case, we need to relay the exit code from
userspace in the microVM all the way to the process using libkrun to
launch the VMM.

Since ioctls are passed mostly unmodified from userspace in the guest
to the virtio-fs device, we can use them as a mechanism for transporting
this information without requiring any specific support in the guest's
kernel.

Here we create an AtomicI32 and wire it up between virtio-fs and Vmm,
using it as exit code if userspace has set it to some value other than
i32::MAX. Otherwise, we keep using the vCPU exit code, as we did before.

@slp
Copy link
Contributor Author

slp commented Apr 9, 2025

Fixes #306, containers/crun#1694 and containers/crun#1688

mtjhrc
mtjhrc requested changes Apr 10, 2025
View reviewed changes
Copy link
Collaborator

@mtjhrc mtjhrc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall looks good, but please add some documentation to krun_start_enter about the special exit codes. I would say they are now part of our public API - podman relies on them to fix the mentioned issues.

slp added 3 commits April 21, 2025 08:16
@slp
virtio/fs: implement an ioctl to receive exit_code
2aa5cfa 
For the container use case, we need to relay the exit code from
userspace in the microVM all the way to the process using libkrun to
launch the VMM.

Since ioctls are passed mostly unmodified from userspace in the guest
to the virtio-fs device, we can use them as a mechanism for transporting
this information without requiring any specific support in the guest's
kernel.

Here we create an AtomicI32 and wire it up between virtio-fs and Vmm,
using it as exit code if userspace has set it to some value other than
i32::MAX. Otherwise, we keep using the vCPU exit code, as we did before.

Signed-off-by: Sergio Lopez <[email protected]>
@slp
virtio/fs/macos: fix INIT_BINARY read with offset
c470692 
We already fixed this for Linux a while ago, do the same for the macOS
implementation.

Signed-off-by: Sergio Lopez <[email protected]>
@slp
init: record exit code of the entrypoint
2c06cad 
Use the newly added exit code recording feature in virtio-fs to record
the exit code from workload's entrypoint.

We need to stop ignoring SIGCHLD, as otherwise waitpid doesn't record
the exit code of our child, which also means we need to do a waitpid
on every children to ensure we aren't leaving zombie processes.

Signed-off-by: Sergio Lopez <[email protected]>
@slp slp force-pushed the record-exit-code branch from 38d8608 to b432306 Compare April 21, 2025 12:16
@slp
Copy link
Contributor Author

slp commented Apr 21, 2025

I think I've addressed all the feedback.

tylerfanelli
tylerfanelli reviewed Apr 21, 2025
View reviewed changes
tylerfanelli
tylerfanelli previously approved these changes Apr 22, 2025
View reviewed changes
mtjhrc
mtjhrc requested changes Apr 23, 2025
View reviewed changes
@slp @mtjhrc
init: use the same exit codes as chroot/podman
ca35ca1 
For consistency for the container isolation use case, let's use in init
the same exit codes as chroot and podman do:

 125: "init" cannot set up the environment inside the microVM.
 126: "init" can find the executable to be run inside the microVM but cannot not execute it.
 127: "init" cannot find the executable to be run inside the microVM.

Co-authored-by: Matej Hrica <[email protected]>
Signed-off-by: Sergio Lopez <[email protected]>
@slp slp force-pushed the record-exit-code branch from 9551a38 to ca35ca1 Compare April 24, 2025 11:28
mtjhrc
mtjhrc approved these changes Apr 24, 2025
View reviewed changes
Copy link
Collaborator

@mtjhrc mtjhrc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good now!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nohajc nohajc nohajc left review comments

@mtjhrc mtjhrc mtjhrc approved these changes

@tylerfanelli tylerfanelli tylerfanelli approved these changes

@jakecorrenti jakecorrenti Awaiting requested review from jakecorrenti jakecorrenti is a code owner

@MatiasVara MatiasVara Awaiting requested review from MatiasVara MatiasVara is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@slp @nohajc @mtjhrc @tylerfanelli