git clone https://github.com/firecracker-microvm/firecracker
git checkout tags/v0.10.1
[root@bogon firecracker]# ls api_server CHANGELOG.md devices dumbo fc_util kernel kvm_sys logger micro_http net_sys README.md src tests vmm Cargo.toml data_model docs FAQ.md jailer kvm LICENSE memory_model mmds_glue net_util seccomp sys_util virtio_sys x86_64 [root@bogon firecracker]# arch=`uname -m` [root@bogon firecracker]# cargo build --target ${arch}-unknown-linux-gnu
error[E0308]: mismatched types --> sys_util/src/ioctl.rs:97:33 | 97 | libc::ioctl(fd.as_raw_fd(), req as c_int, 0) | ^^^^^^^^^^^^ expected `u64`, found `i32` | help: you can convert an `i32` to `u64` and panic if the converted value wouldn't fit | 97 | libc::ioctl(fd.as_raw_fd(), (req as c_int).try_into().unwrap(), 0) | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ error[E0308]: mismatched types --> sys_util/src/ioctl.rs:102:33 | 102 | libc::ioctl(fd.as_raw_fd(), req as c_int, arg) | ^^^^^^^^^^^^ expected `u64`, found `i32` | help: you can convert an `i32` to `u64` and panic if the converted value wouldn't fit | 102 | libc::ioctl(fd.as_raw_fd(), (req as c_int).try_into().unwrap(), arg) | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ error[E0308]: mismatched types --> sys_util/src/ioctl.rs:109:9 | 109 | req as c_int, | ^^^^^^^^^^^^ expected `u64`, found `i32` | help: you can convert an `i32` to `u64` and panic if the converted value wouldn't fit | 109 | (req as c_int).try_into().unwrap(), | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ error[E0308]: mismatched types --> sys_util/src/ioctl.rs:116:33 | 116 | libc::ioctl(fd.as_raw_fd(), req as c_int, arg as *mut T as *mut c_void) | ^^^^^^^^^^^^ expected `u64`, found `i32` | help: you can convert an `i32` to `u64` and panic if the converted value wouldn't fit | 116 | libc::ioctl(fd.as_raw_fd(), (req as c_int).try_into().unwrap(), arg as *mut T as *mut c_void) | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ error[E0308]: mismatched types --> sys_util/src/ioctl.rs:121:33 | 121 | libc::ioctl(fd.as_raw_fd(), req as c_int, arg as *const c_void) | ^^^^^^^^^^^^ expected `u64`, found `i32` | help: you can convert an `i32` to `u64` and panic if the converted value wouldn't fit | 121 | libc::ioctl(fd.as_raw_fd(), (req as c_int).try_into().unwrap(), arg as *const c_void) | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ error[E0308]: mismatched types --> sys_util/src/ioctl.rs:126:33 | 126 | libc::ioctl(fd.as_raw_fd(), req as c_int, arg as *mut c_void) | ^^^^^^^^^^^^ expected `u64`, found `i32` | help: you can convert an `i32` to `u64` and panic if the converted value wouldn't fit | 126 | libc::ioctl(fd.as_raw_fd(), (req as c_int).try_into().unwrap(), arg as *mut c_void) | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ error: aborting due to 6 previous errors For more information about this error, try `rustc --explain E0308`. error: could not compile `sys_util`. To learn more, run the command again with --verbose. warning: build failed, waiting for other jobs to finish... error: build failed [root@bogon firecracker]#
sys_util/src/ioctl.rs
req as c_int 改为req as u64
采用dockerfile编译
https://github.com/firecracker-microvm/firecracker
root@ubuntu:~/myfirecracker# git clone https://github.com/firecracker-microvm/firecracker.git Cloning into 'firecracker'... remote: Enumerating objects: 82, done. remote: Counting objects: 100% (82/82), done. remote: Compressing objects: 100% (69/69), done. remote: Total 25405 (delta 31), reused 25 (delta 12), pack-reused 25323 Receiving objects: 100% (25405/25405), 17.58 MiB | 5.38 MiB/s, done. Resolving deltas: 100% (15370/15370), done. root@ubuntu:~/myfirecracker# cd firecracker root@ubuntu:~/myfirecracker/firecracker# tools/devtool build [Firecracker devtool] About to pull docker image fcuvm/dev:v25 [Firecracker devtool] Continue? (y/n) y
root@ubuntu:~/myfirecracker/firecracker# cp build/cargo_target/aarch64-unknown-linux-musl/debug/firecracker /usr/local/bin/ root@ubuntu:~/myfirecracker/firecracker# firecracker --api-sock /tmp/firecracker.socket 2020-12-25T09:53:59.122605330 [anonymous-instance:fc_api:ERROR:src/api_server/src/lib.rs:102] Error creating the HTTP server: IO error: Address in use (os error 98) root@ubuntu:~/myfirecracker/firecracker# netstat -lpn | grep firecracker root@ubuntu:~/myfirecracker/firecracker# netstat -pan | grep firecracker.socket root@ubuntu:~/myfirecracker/firecracker#
pub fn bind_and_run( &mut self, path: PathBuf, start_time_us: Option<u64>, start_time_cpu_us: Option<u64>, seccomp_filter: BpfProgram, ) -> Result<()> { let mut server = HttpServer::new(path).unwrap_or_else(|e| { error!("Error creating the HTTP server: {}", e); std::process::exit(i32::from(vmm::FC_EXIT_CODE_GENERIC_ERROR)); });
root@ubuntu:~# firecracker --api-sock /tmp/firecracker.socket Bad system call (core dumped) root@ubuntu:~# ls /data1/core/ core.53227 root@ubuntu:~# gdb firecracker /data1/core/core.53227 GNU gdb (Ubuntu 8.1-0ubuntu3.2) 8.1.0.20180409-git Copyright (C) 2018 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "aarch64-linux-gnu". Type "show configuration" for configuration details. For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from firecracker...(no debugging symbols found)...done. [New LWP 53228] [New LWP 53227] Core was generated by `firecracker --api-sock /tmp/firecracker.socket'. Program terminated with signal SIGSYS, Bad system call. #0 0x0000ffff85830620 in __kernel_clock_gettime () [Current thread is 1 (LWP 53228)] (gdb) bt #0 0x0000ffff85830620 in __kernel_clock_gettime () #1 0x00000000007113e4 in ?? () Backtrace stopped: previous frame identical to this frame (corrupt stack?) (gdb)
if let Err(e) = SeccompFilter::apply(seccomp_filter)
pub fn apply(filters: BpfProgram) -> Result<()> { // If the program is empty, skip this step. if filters.is_empty() { return Ok(()); } let mut bpf_filter = Vec::new(); bpf_filter.extend(VALIDATE_ARCHITECTURE()); bpf_filter.extend(filters); unsafe { { let rc = libc::prctl(libc::PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); if rc != 0 { return Err(Error::Load(*libc::__errno_location())); } } let bpf_prog = sock_fprog { len: bpf_filter.len() as u16, filter: bpf_filter.as_ptr(), }; let bpf_prog_ptr = &bpf_prog as *const sock_fprog; { let rc = libc::prctl( libc::PR_SET_SECCOMP, libc::SECCOMP_MODE_FILTER, bpf_prog_ptr, ); if rc != 0 { return Err(Error::Load(*libc::__errno_location())); } } } Ok(()) }
加上--seccomp-level 0
firecracker.output firecracker --api-sock /tmp/firecracker.socket --seccomp-level 0 [ 0.000000] Booting Linux on physical CPU 0x0 [ 0.000000] Linux version 4.14.138 (sandreim@firecracker-arm-ci) (gcc version 7.4.0 (Ubuntu/Linaro 7.4.0-1ubuntu1~18.04.1)) #1 SMP Tue Sep 10 12:26:05 UTC 2019 [ 0.000000] Boot CPU: AArch64 Processor [410fd082] [ 0.000000] Machine model: linux,dummy-virt [ 0.000000] debug: skip boot console de-registration. [ 0.000000] earlycon: uart0 at MMIO 0x0000000040002000 (options '') [ 0.000000] bootconsole [uart0] enabled [ 0.000000] efi: Getting EFI parameters from FDT: [ 0.000000] efi: UEFI not found. [ 0.000000] NUMA: No NUMA configuration found [ 0.000000] NUMA: Faking a node at [mem 0x0000000000000000-0x0000000087ffffff] [ 0.000000] NUMA: NODE_DATA [mem 0x87edac80-0x87ef3fff] [ 0.000000] Zone ranges: [ 0.000000] DMA [mem 0x0000000080000000-0x0000000087ffffff] [ 0.000000] Normal empty [ 0.000000] Movable zone start for each node [ 0.000000] Early memory node ranges [ 0.000000] node 0: [mem 0x0000000080000000-0x0000000087ffffff] [ 0.000000] Initmem setup node 0 [mem 0x0000000080000000-0x0000000087ffffff] [ 0.000000] psci: probing for conduit method from DT. [ 0.000000] psci: PSCIv1.0 detected in firmware. [ 0.000000] psci: Using standard PSCI v0.2 function IDs [ 0.000000] psci: Trusted OS migration not required