diff --git a/src/devices/src/virtio/net/mod.rs b/src/devices/src/virtio/net/mod.rs index bae102afa62..2f432a4e99e 100644 --- a/src/devices/src/virtio/net/mod.rs +++ b/src/devices/src/virtio/net/mod.rs @@ -35,13 +35,13 @@ pub enum NetQueue { #[derive(Debug, thiserror::Error)] pub enum Error { /// Open tap device failed - #[error("Open tap device failed: {0}")] + #[error("Open tap device failed")] TapOpen(TapError), /// Setting tap interface offload flags failed - #[error("Setting tap interface offload flags failed: {0}")] + #[error("Setting tap interface offload flags failed")] TapSetOffload(TapError), /// Setting vnet header size failed - #[error("Setting vnet header size failed: {0}")] + #[error("Setting vnet header size failed")] TapSetVnetHdrSize(TapError), /// EventFd error #[error("EventFd error: {0}")] diff --git a/src/devices/src/virtio/net/tap.rs b/src/devices/src/virtio/net/tap.rs index e292dbf1d1b..42236d7afb0 100644 --- a/src/devices/src/virtio/net/tap.rs +++ b/src/devices/src/virtio/net/tap.rs @@ -19,7 +19,7 @@ use std::path::Path; use net_gen::ifreq; use utils::{ ioctl::{ioctl_with_mut_ref, ioctl_with_ref, ioctl_with_val}, - ioctl_expr, ioctl_ioc_nr, ioctl_iow_nr, + ioctl_ioc_nr, ioctl_iow_nr, net::macvtap::MacVTap, }; @@ -53,14 +53,19 @@ pub enum Error { #[error("Error while setting size of the vnet header: {0}")] SetSizeOfVnetHdr(IoError), /// Unable to create tap interface. + #[error("Error while creating tap device: {0}")] CreateTap(IoError), /// Tap interface device is not a character device. + #[error("Invalid tap device type")] InvalidTapDevType, /// ioctl failed. + #[error("Error performing ioctl: {0}")] IoctlError(IoError), /// Unable to open tap interface device. + #[error("Error while opening tap device: {0}")] OpenTapDev(IoError), /// Unable to stat tap interface device for macvtap interface. + #[error("Error while stating interface device: {0}")] StatTapDev(IoError), } diff --git a/src/jailer/src/env.rs b/src/jailer/src/env.rs index 3eccdd3b8f1..7de927a7701 100644 --- a/src/jailer/src/env.rs +++ b/src/jailer/src/env.rs @@ -12,7 +12,7 @@ use std::os::unix::process::CommandExt; use std::path::{Component, Path, PathBuf}; use std::process::{Command, Stdio}; -use crate::{cgroup, to_cstring}; +use crate::{to_cstring}; use crate::{Error, Result}; use utils::arg_parser::Error::MissingValue; use utils::net::macvtap::MacVTap; diff --git a/src/jailer/src/main.rs b/src/jailer/src/main.rs index 4214ab69750..3d836c1da74 100644 --- a/src/jailer/src/main.rs +++ b/src/jailer/src/main.rs @@ -8,6 +8,7 @@ mod resource_limits; use std::ffi::{CString, NulError, OsString}; use std::path::{Path, PathBuf}; use std::{env as p_env, fs, io, process, result}; +use std::fmt; use utils::arg_parser::{ArgParser, Argument, Error as ParsingError}; use utils::validators; @@ -77,7 +78,9 @@ pub enum Error { Gid(String), #[error("Invalid instance ID: {0}")] InvalidInstanceId(validators::Error), + #[error("Invalid device name: {0}")] MacVTapByName(String, io::Error), + #[error("Invalid path: {0}")] MacVTapMknod(PathBuf, io::Error), #[error("{}", format!("File {:?} doesn't have a parent", .0).replace('\"', ""))] MissingParent(PathBuf), @@ -89,6 +92,7 @@ pub enum Error { MountBind(io::Error), #[error("Failed to change the propagation type to slave: {0}")] MountPropagationSlave(io::Error), + #[error("Failed to mount sysfs: {0}")] MountSysfs(io::Error), #[error("{}", format!("{:?} is not a file", .0).replace('\"', ""))] NotAFile(PathBuf), @@ -126,6 +130,7 @@ pub enum Error { Uid(String), #[error("Failed to unmount the old jail root: {0}")] UmountOldRoot(io::Error), + #[error("Failed to unmount sysfs: {0}")] UmountSysfs(io::Error), #[error("Unexpected value for the socket listener fd: {0}")] UnexpectedListenerFd(i32), @@ -137,194 +142,6 @@ pub enum Error { Write(PathBuf, io::Error), } -impl fmt::Display for Error { - fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { - use self::Error::*; - - match *self { - ArgumentParsing(ref err) => write!(f, "Failed to parse arguments: {}", err), - Canonicalize(ref path, ref io_err) => write!( - f, - "{}", - format!("Failed to canonicalize path {:?}: {}", path, io_err).replace('\"', "") - ), - Chmod(ref path, ref err) => { - write!(f, "Failed to change permissions on {:?}: {}", path, err) - } - CgroupInheritFromParent(ref path, ref filename) => write!( - f, - "{}", - format!( - "Failed to inherit cgroups configurations from file {} in path {:?}", - filename, path - ) - .replace('\"', "") - ), - CgroupLineNotFound(ref proc_mounts, ref controller) => write!( - f, - "{} configurations not found in {}", - controller, proc_mounts - ), - CgroupInvalidFile(ref file) => write!(f, "Cgroup invalid file: {}", file,), - CgroupWrite(ref evalue, ref rvalue, ref file) => write!( - f, - "Expected value {} for {}. Current value: {}", - evalue, file, rvalue - ), - CgroupFormat(ref arg) => write!(f, "Invalid format for cgroups: {}", arg,), - CgroupHierarchyMissing(ref arg) => write!(f, "Hierarchy not found: {}", arg,), - CgroupControllerUnavailable(ref arg) => write!(f, "Controller {} is unavailable", arg,), - CgroupInvalidVersion(ref arg) => { - write!(f, "{} is an invalid cgroup version specifier", arg,) - } - CgroupInvalidParentPath() => { - write!( - f, - "Parent cgroup path is invalid. Path should not be absolute or contain '..' \ - or '.'", - ) - } - ChangeFileOwner(ref path, ref err) => { - write!(f, "Failed to change owner for {:?}: {}", path, err) - } - ChdirNewRoot(ref err) => write!(f, "Failed to chdir into chroot directory: {}", err), - Clone(ref err) => write!(f, "Failed cloning into a new child process: {}", err), - CloseNetNsFd(ref err) => write!(f, "Failed to close netns fd: {}", err), - CloseDevNullFd(ref err) => write!(f, "Failed to close /dev/null fd: {}", err), - Copy(ref file, ref path, ref err) => write!( - f, - "{}", - format!("Failed to copy {:?} to {:?}: {}", file, path, err).replace('\"', "") - ), - CreateDir(ref path, ref err) => write!( - f, - "{}", - format!("Failed to create directory {:?}: {}", path, err).replace('\"', "") - ), - CStringParsing(_) => write!(f, "Encountered interior \\0 while parsing a string"), - Dup2(ref err) => write!(f, "Failed to duplicate fd: {}", err), - Exec(ref err) => write!(f, "Failed to exec into Firecracker: {}", err), - ExecFileName(ref filename) => write!( - f, - "Invalid filename. The filename of `--exec-file` option must contain \ - \"firecracker\": {}", - filename - ), - ExtractFileName(ref path) => write!( - f, - "{}", - format!("Failed to extract filename from path {:?}", path).replace('\"', "") - ), - FileOpen(ref path, ref err) => write!( - f, - "{}", - format!("Failed to open file {:?}: {}", path, err).replace('\"', "") - ), - FromBytesWithNul(ref err) => { - write!(f, "Failed to decode string from byte array: {}", err) - } - GetOldFdFlags(ref err) => write!(f, "Failed to get flags from fd: {}", err), - Gid(ref gid) => write!(f, "Invalid gid: {}", gid), - InvalidInstanceId(ref err) => write!(f, "Invalid instance ID: {}", err), - MacVTapByName(ref name, ref err) => { - write!(f, "Failed to resolve macvtap interface {}: {}", name, err) - } - MacVTapMknod(ref path, ref err) => write!( - f, - "{}", - format!( - "Failed to create {:?} via mknod inside the jail: {}", - path, err - ) - .replace("\"", "") - ), - MissingParent(ref path) => write!( - f, - "{}", - format!("File {:?} doesn't have a parent", path).replace('\"', "") - ), - MkdirOldRoot(ref err) => write!( - f, - "Failed to create the jail root directory before pivoting root: {}", - err - ), - MknodDev(ref err, ref devname) => write!( - f, - "Failed to create {} via mknod inside the jail: {}", - devname, err - ), - MountBind(ref err) => { - write!(f, "Failed to bind mount the jail root directory: {}", err) - } - MountSysfs(ref err) => { - write!(f, "Failed to mount sysfs for network namespace: {}", err) - } - MountPropagationSlave(ref err) => { - write!(f, "Failed to change the propagation type to slave: {}", err) - } - NotAFile(ref path) => write!( - f, - "{}", - format!("{:?} is not a file", path).replace('\"', "") - ), - NotADirectory(ref path) => write!( - f, - "{}", - format!("{:?} is not a directory", path).replace('\"', "") - ), - OpenDevNull(ref err) => write!(f, "Failed to open /dev/null: {}", err), - OsStringParsing(ref path, _) => write!( - f, - "{}", - format!("Failed to parse path {:?} into an OsString", path).replace('\"', "") - ), - PivotRoot(ref err) => write!(f, "Failed to pivot root: {}", err), - ReadLine(ref path, ref err) => write!( - f, - "{}", - format!("Failed to read line from {:?}: {}", path, err).replace('\"', "") - ), - ReadToString(ref path, ref err) => write!( - f, - "{}", - format!("Failed to read file {:?} into a string: {}", path, err).replace('\"', "") - ), - RegEx(ref err) => write!(f, "Regex failed: {:?}", err), - ResLimitArgument(ref arg) => write!(f, "Invalid resource argument: {}", arg,), - ResLimitFormat(ref arg) => write!(f, "Invalid format for resources limits: {}", arg,), - ResLimitValue(ref arg, ref err) => { - write!(f, "Invalid limit value for resource: {}: {}", arg, err) - } - RmOldRootDir(ref err) => write!(f, "Failed to remove old jail root directory: {}", err), - SetCurrentDir(ref err) => write!(f, "Failed to change current directory: {}", err), - SetNetNs(ref err) => write!(f, "Failed to join network namespace: netns: {}", err), - Setrlimit(ref err) => write!(f, "Failed to set limit for resource: {}", err), - SetSid(ref err) => write!(f, "Failed to daemonize: setsid: {}", err), - Uid(ref uid) => write!(f, "Invalid uid: {}", uid), - UmountOldRoot(ref err) => write!(f, "Failed to unmount the old jail root: {}", err), - UmountSysfs(ref err) => { - write!(f, "Failed to unmount sysfs for network namespace: {}", err) - } - UnexpectedListenerFd(fd) => { - write!(f, "Unexpected value for the socket listener fd: {}", fd) - } - UnshareNewNs(ref err) => { - write!(f, "Failed to unshare into new mount namespace: {}", err) - } - UnsetCloexec(ref err) => write!( - f, - "Failed to unset the O_CLOEXEC flag on the socket fd: {}", - err - ), - Write(ref path, ref err) => write!( - f, - "{}", - format!("Failed to write to {:?}: {}", path, err).replace('\"', "") - ), - } - } -} - pub type Result = result::Result; /// Create an ArgParser object which contains info about the command line argument parser and