def test_empty_jailer_id(test_microvm_with_api): """ Test that the jailer ID cannot be empty. @type: security """ test_microvm = test_microvm_with_api fc_binary, _ = build_tools.get_firecracker_binaries() # Set the jailer ID to None. test_microvm.jailer = JailerContext( jailer_id="", exec_file=fc_binary, ) # pylint: disable=W0703 try: test_microvm.spawn() # If the exception is not thrown, it means that Firecracker was # started successfully, hence there's a bug in the code due to which # we can set an empty ID. assert False except Exception as err: expected_err = "Jailer error: Invalid instance ID: invalid len (0);" \ " the length must be between 1 and 64" assert expected_err in str(err)
def __init__( self, resource_path, fc_binary_path, jailer_binary_path, microvm_id, monitor_memory=True, bin_cloner_path=None, ): """Set up microVM attributes, paths, and data structures.""" # Unique identifier for this machine. self._microvm_id = microvm_id # Compose the paths to the resources specific to this microvm. self._path = os.path.join(resource_path, microvm_id) self._kernel_path = os.path.join(self._path, MICROVM_KERNEL_RELPATH) self._fsfiles_path = os.path.join(self._path, MICROVM_FSFILES_RELPATH) self._kernel_file = '' self._rootfs_file = '' self._initrd_file = '' # The binaries this microvm will use to start. self._fc_binary_path = fc_binary_path assert os.path.exists(self._fc_binary_path) self._jailer_binary_path = jailer_binary_path assert os.path.exists(self._jailer_binary_path) # Create the jailer context associated with this microvm. self._jailer = JailerContext( jailer_id=self._microvm_id, exec_file=self._fc_binary_path, ) self.jailer_clone_pid = None # Copy the /etc/localtime file in the jailer root self.jailer.copy_into_root( "/etc/localtime", create_jail=True) # Now deal with the things specific to the api session used to # communicate with this machine. self._api_session = None self._api_socket = None # Session name is composed of the last part of the temporary path # allocated by the current test session and the unique id of this # microVM. It should be unique. self._session_name = os.path.basename(os.path.normpath( resource_path )) + self._microvm_id # nice-to-have: Put these in a dictionary. self.actions = None self.balloon = None self.boot = None self.desc_inst = None self.drive = None self.logger = None self.metrics = None self.mmds = None self.network = None self.machine_cfg = None self.vm = None self.vsock = None self.snapshot_create = None self.snapshot_load = None # Initialize the logging subsystem. self.logging_thread = None self._log_data = "" # The ssh config dictionary is populated with information about how # to connect to a microVM that has ssh capability. The path of the # private key is populated by microvms with ssh capabilities and the # hostname is set from the MAC address used to configure the microVM. self._ssh_config = { 'username': '******', 'netns_file_path': self._jailer.netns_file_path() } # Deal with memory monitoring. if monitor_memory: self._memory_monitor = mem_tools.MemoryMonitor() else: self._memory_monitor = None # Cpu load monitoring has to be explicitly enabled using # the `enable_cpu_load_monitor` method. self._cpu_load_monitor = None self._vcpus_count = None # External clone/exec tool, because Python can't into clone self.bin_cloner_path = bin_cloner_path
def __init__(self, resource_path, fc_binary_path, jailer_binary_path, microvm_id, build_feature='', monitor_memory=True, aux_bin_paths=None): """Set up microVM attributes, paths, and data structures.""" # Unique identifier for this machine. self._microvm_id = microvm_id # This is used in tests to identify if the microvm was started # using a vsock build or a default build. self.build_feature = build_feature # Compose the paths to the resources specific to this microvm. self._path = os.path.join(resource_path, microvm_id) self._kernel_path = os.path.join(self._path, MICROVM_KERNEL_RELPATH) self._fsfiles_path = os.path.join(self._path, MICROVM_FSFILES_RELPATH) self._kernel_file = '' self._rootfs_file = '' # The binaries this microvm will use to start. self._fc_binary_path = fc_binary_path assert os.path.exists(self._fc_binary_path) self._jailer_binary_path = jailer_binary_path assert os.path.exists(self._jailer_binary_path) # Create the jailer context associated with this microvm. self._jailer = JailerContext(jailer_id=self._microvm_id, exec_file=self._fc_binary_path) self.jailer_clone_pid = None # Now deal with the things specific to the api session used to # communicate with this machine. self._api_session = None self._api_socket = None # Session name is composed of the last part of the temporary path # allocated by the current test session and the unique id of this # microVM. It should be unique. self._session_name = os.path.basename( os.path.normpath(resource_path)) + self._microvm_id # nice-to-have: Put these in a dictionary. self.actions = None self.boot = None self.drive = None self.logger = None self.mmds = None self.network = None self.machine_cfg = None self.vsock = None # The ssh config dictionary is populated with information about how # to connect to a microVM that has ssh capability. The path of the # private key is populated by microvms with ssh capabilities and the # hostname is set from the MAC address used to configure the microVM. self._ssh_config = { 'username': '******', 'netns_file_path': self._jailer.netns_file_path() } # Deal with memory monitoring. if monitor_memory: self._memory_events_queue = Queue() else: self._memory_events_queue = None # External clone/exec tool, because Python can't into clone self.aux_bin_paths = aux_bin_paths