Repository: apple/containerization Branch: main Commit: a59ed894213c Files: 324 Total size: 2.6 MB Directory structure: gitextract_1u63lgkp/ ├── .github/ │ ├── ISSUE_TEMPLATE/ │ │ ├── 01-bug.yml │ │ ├── 02-feature.yml │ │ └── config.yml │ └── workflows/ │ ├── build-test-images.yml │ ├── containerization-build-template.yml │ ├── containerization-build.yml │ ├── docs-release.yaml │ └── release.yml ├── .gitignore ├── .spi.yml ├── .swift-format ├── .swift-format-nolint ├── .swift-version ├── CONTRIBUTING.md ├── LICENSE ├── MAINTAINERS.txt ├── Makefile ├── Package.resolved ├── Package.swift ├── Protobuf.Makefile ├── README.md ├── SECURITY.md ├── Sources/ │ ├── CShim/ │ │ ├── capability.c │ │ ├── exec_command.c │ │ ├── include/ │ │ │ ├── capability.h │ │ │ ├── exec_command.h │ │ │ ├── openat2.h │ │ │ ├── prctl.h │ │ │ ├── socket_helpers.h │ │ │ └── vsock.h │ │ ├── openat2.c │ │ ├── prctl.c │ │ ├── socket_helpers.c │ │ └── vsock.c │ ├── Containerization/ │ │ ├── AttachedFilesystem.swift │ │ ├── Container.swift │ │ ├── ContainerManager.swift │ │ ├── ContainerStatistics.swift │ │ ├── DNSConfiguration.swift │ │ ├── ExitStatus.swift │ │ ├── FileMount.swift │ │ ├── Hash.swift │ │ ├── HostsConfiguration.swift │ │ ├── IO/ │ │ │ ├── ReaderStream.swift │ │ │ ├── Terminal+ReaderStream.swift │ │ │ └── Writer.swift │ │ ├── Image/ │ │ │ ├── Image.swift │ │ │ ├── ImageStore/ │ │ │ │ ├── ImageStore+Export.swift │ │ │ │ ├── ImageStore+Import.swift │ │ │ │ ├── ImageStore+OCILayout.swift │ │ │ │ ├── ImageStore+ReferenceManager.swift │ │ │ │ └── ImageStore.swift │ │ │ ├── InitImage.swift │ │ │ ├── KernelImage.swift │ │ │ └── Unpacker/ │ │ │ ├── EXT4Unpacker.swift │ │ │ └── Unpacker.swift │ │ ├── Interface.swift │ │ ├── Kernel.swift │ │ ├── LinuxContainer.swift │ │ ├── LinuxPod.swift │ │ ├── LinuxProcess.swift │ │ ├── LinuxProcessConfiguration.swift │ │ ├── Mount.swift │ │ ├── NATInterface.swift │ │ ├── NATNetworkInterface.swift │ │ ├── Network.swift │ │ ├── SandboxContext/ │ │ │ ├── SandboxContext.grpc.swift │ │ │ ├── SandboxContext.pb.swift │ │ │ └── SandboxContext.proto │ │ ├── SystemPlatform.swift │ │ ├── TimeSyncer.swift │ │ ├── UnixSocketConfiguration.swift │ │ ├── UnixSocketRelay.swift │ │ ├── UnixSocketRelayManager.swift │ │ ├── VMConfiguration.swift │ │ ├── VZVirtualMachine+Helpers.swift │ │ ├── VZVirtualMachineInstance.swift │ │ ├── VZVirtualMachineManager.swift │ │ ├── VirtualMachineAgent+Additions.swift │ │ ├── VirtualMachineAgent.swift │ │ ├── VirtualMachineInstance.swift │ │ ├── VirtualMachineManager.swift │ │ ├── Vminitd+Rosetta.swift │ │ ├── Vminitd+SocketRelay.swift │ │ ├── Vminitd.swift │ │ ├── VmnetNetwork.swift │ │ └── VsockListener.swift │ ├── ContainerizationArchive/ │ │ ├── ArchiveError.swift │ │ ├── ArchiveReader.swift │ │ ├── ArchiveWriter.swift │ │ ├── ArchiveWriterConfiguration.swift │ │ ├── CArchive/ │ │ │ ├── COPYING │ │ │ ├── archive_swift_bridge.c │ │ │ └── include/ │ │ │ ├── archive.h │ │ │ ├── archive_bridge.h │ │ │ └── archive_entry.h │ │ ├── TempDir.swift │ │ └── WriteEntry.swift │ ├── ContainerizationEXT4/ │ │ ├── Documentation.docc/ │ │ │ └── ext4.md │ │ ├── EXT4+Extensions.swift │ │ ├── EXT4+FileTree.swift │ │ ├── EXT4+Formatter.swift │ │ ├── EXT4+Ptr.swift │ │ ├── EXT4+Reader.swift │ │ ├── EXT4+Types.swift │ │ ├── EXT4+Xattrs.swift │ │ ├── EXT4.swift │ │ ├── EXT4Reader+Export.swift │ │ ├── EXT4Reader+IO.swift │ │ ├── FilePath+Extensions.swift │ │ ├── FileTimestamps.swift │ │ ├── Formatter+Unpack.swift │ │ ├── Integer+Extensions.swift │ │ ├── README.md │ │ └── UnsafeLittleEndianBytes.swift │ ├── ContainerizationError/ │ │ └── ContainerizationError.swift │ ├── ContainerizationExtras/ │ │ ├── AddressAllocator.swift │ │ ├── AddressError.swift │ │ ├── AsyncLock.swift │ │ ├── AsyncMutex.swift │ │ ├── CIDR.swift │ │ ├── CIDRv4.swift │ │ ├── CIDRv6.swift │ │ ├── FileManager+Temporary.swift │ │ ├── IPAddress.swift │ │ ├── IPv4Address.swift │ │ ├── IPv6Address+Parse.swift │ │ ├── IPv6Address.swift │ │ ├── IndexedAddressAllocator.swift │ │ ├── MACAddress.swift │ │ ├── NetworkAddress+Allocator.swift │ │ ├── Prefix.swift │ │ ├── ProgressEvent.swift │ │ ├── ProxyUtils.swift │ │ ├── RotatingAddressAllocator.swift │ │ ├── TLSUtils.swift │ │ ├── Timeout.swift │ │ └── UInt8+DataBinding.swift │ ├── ContainerizationIO/ │ │ └── ReadStream.swift │ ├── ContainerizationNetlink/ │ │ ├── NetlinkSession.swift │ │ ├── NetlinkSocket.swift │ │ └── Types.swift │ ├── ContainerizationOCI/ │ │ ├── AnnotationKeys.swift │ │ ├── Bundle.swift │ │ ├── Client/ │ │ │ ├── Authentication.swift │ │ │ ├── KeychainHelper.swift │ │ │ ├── LocalOCILayoutClient.swift │ │ │ ├── RegistryClient+Catalog.swift │ │ │ ├── RegistryClient+Error.swift │ │ │ ├── RegistryClient+Fetch.swift │ │ │ ├── RegistryClient+Push.swift │ │ │ ├── RegistryClient+Referrers.swift │ │ │ ├── RegistryClient+Token.swift │ │ │ └── RegistryClient.swift │ │ ├── Content/ │ │ │ ├── AsyncTypes.swift │ │ │ ├── Content.swift │ │ │ ├── ContentStoreProtocol.swift │ │ │ ├── ContentWriter.swift │ │ │ ├── LocalContent.swift │ │ │ ├── LocalContentStore.swift │ │ │ ├── SHA256+Extensions.swift │ │ │ ├── String+Extension.swift │ │ │ └── URL+Extensions.swift │ │ ├── Descriptor.swift │ │ ├── FileManager+Size.swift │ │ ├── ImageConfig.swift │ │ ├── Index.swift │ │ ├── Manifest.swift │ │ ├── MediaType.swift │ │ ├── Platform.swift │ │ ├── Reference.swift │ │ ├── Spec.swift │ │ ├── State.swift │ │ └── Version.swift │ ├── ContainerizationOS/ │ │ ├── AsyncSignalHandler.swift │ │ ├── BinaryInteger+Extensions.swift │ │ ├── Command.swift │ │ ├── File.swift │ │ ├── FileDescriptor+SecurePath.swift │ │ ├── Keychain/ │ │ │ ├── KeychainQuery.swift │ │ │ └── RegistryInfo.swift │ │ ├── Linux/ │ │ │ ├── Binfmt.swift │ │ │ ├── Capabilities.swift │ │ │ └── Epoll.swift │ │ ├── Mount/ │ │ │ └── Mount.swift │ │ ├── POSIXError+Helpers.swift │ │ ├── Path.swift │ │ ├── Pipe+Close.swift │ │ ├── README.md │ │ ├── Reaper.swift │ │ ├── Signals.swift │ │ ├── Socket/ │ │ │ ├── BidirectionalRelay.swift │ │ │ ├── Socket.swift │ │ │ ├── SocketType.swift │ │ │ ├── UnixType.swift │ │ │ └── VsockType.swift │ │ ├── Syscall.swift │ │ ├── Sysctl.swift │ │ ├── Terminal.swift │ │ ├── URL+Extensions.swift │ │ └── User.swift │ ├── Integration/ │ │ ├── ContainerTests.swift │ │ ├── PodTests.swift │ │ └── Suite.swift │ └── cctl/ │ ├── ImageCommand.swift │ ├── KernelCommand.swift │ ├── LoginCommand.swift │ ├── RootfsCommand.swift │ ├── RunCommand.swift │ ├── cctl+Utils.swift │ └── cctl.swift ├── Tests/ │ ├── ContainerizationArchiveTests/ │ │ ├── ArchiveReaderTests.swift │ │ ├── ArchiveTests.swift │ │ └── Resources/ │ │ └── test.tar.zst │ ├── ContainerizationEXT4Tests/ │ │ ├── Resources/ │ │ │ └── content/ │ │ │ └── blobs/ │ │ │ └── sha256/ │ │ │ ├── 48a06049d3738991b011ca8b12473d712b7c40666a1462118dae3c403676afc2 │ │ │ ├── 4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1 │ │ │ ├── 8e2eb240a6cd7be1a0d308125afe0060b020e89275ced2e729eda7d4eeff62a2 │ │ │ ├── ad59e9f71edceca7b1ac7c642410858489b743c97233b0a26a5e2098b1443762 │ │ │ └── c6b39de5b33961661dc939b997cc1d30cda01e38005a6c6625fd9c7e748bab44 │ │ ├── TestEXT4ExtendedAttributes.swift │ │ ├── TestEXT4Format+Create.swift │ │ ├── TestEXT4Format.swift │ │ ├── TestEXT4Reader+IO.swift │ │ ├── TestEXT4Unpacker.swift │ │ └── TestFormatterUnpack.swift │ ├── ContainerizationExtrasTests/ │ │ ├── AsyncMutexTests.swift │ │ ├── ProxyUtilsTests.swift │ │ ├── TestCIDR.swift │ │ ├── TestIPAddress.swift │ │ ├── TestIPv4Address.swift │ │ ├── TestIPv6Address+Parse.swift │ │ ├── TestIPv6Address.swift │ │ ├── TestIPv6IPv4Parsing.swift │ │ ├── TestMACAddress.swift │ │ ├── TestNetworkAddress+Allocator.swift │ │ ├── TestPrefix.swift │ │ ├── TestTimeout.swift │ │ └── UInt8+DataBindingTest.swift │ ├── ContainerizationNetlinkTests/ │ │ ├── MockNetlinkSocket.swift │ │ ├── NetlinkSessionTest.swift │ │ └── TypesTest.swift │ ├── ContainerizationOCITests/ │ │ ├── AuthChallengeTests.swift │ │ ├── OCIImageTests.swift │ │ ├── OCIPlatformTests.swift │ │ ├── OCISpecTests.swift │ │ ├── ReferenceTests.swift │ │ └── RegistryClientTests.swift │ ├── ContainerizationOSTests/ │ │ ├── FileDescriptor+SecurePathTests.swift │ │ ├── KeychainQueryTests.swift │ │ ├── SocketTests.swift │ │ └── UserTests.swift │ ├── ContainerizationTests/ │ │ ├── ContainerManagerTests.swift │ │ ├── DNSTests.swift │ │ ├── HashTests.swift │ │ ├── HostsTests.swift │ │ ├── ImageTests/ │ │ │ ├── ContainsAuth.swift │ │ │ ├── ImageStoreImagePullTests.swift │ │ │ └── ImageStoreTests.swift │ │ ├── ImageTests.swift │ │ ├── KernelTests.swift │ │ ├── LinuxContainerTests.swift │ │ └── MountTests.swift │ └── TestImages/ │ ├── dockermanifestimage/ │ │ └── Dockerfile │ └── emptyimage/ │ └── Dockerfile ├── examples/ │ ├── README.md │ └── ctr-example/ │ ├── Makefile │ ├── Package.resolved │ ├── Package.swift │ ├── README.md │ ├── Sources/ │ │ └── ctr-example/ │ │ └── main.swift │ ├── ctr-example.entitlements │ └── lab.md ├── kernel/ │ ├── Makefile │ ├── README.md │ ├── build.sh │ ├── config-arm64 │ └── image/ │ ├── Dockerfile │ └── sources.list ├── licenserc.toml ├── scripts/ │ ├── check-integration-test-vm-panics.sh │ ├── cz-header-style.toml │ ├── ensure-hawkeye-exists.sh │ ├── install-hawkeye.sh │ ├── license-header.txt │ ├── make-docs.sh │ └── pre-commit.fmt ├── signing/ │ └── vz.entitlements └── vminitd/ ├── .devcontainer/ │ ├── Dockerfile │ └── devcontainer.json ├── Makefile ├── Package.resolved ├── Package.swift └── Sources/ ├── Cgroup/ │ └── Cgroup2Manager.swift ├── LCShim/ │ ├── include/ │ │ └── syscall.h │ └── syscall.c ├── vmexec/ │ ├── Console.swift │ ├── ExecCommand.swift │ ├── Mount.swift │ ├── RunCommand.swift │ └── vmexec.swift └── vminitd/ ├── AgentCommand.swift ├── Application.swift ├── CommandRunner.swift ├── ContainerProcess.swift ├── HostStdio.swift ├── IOCloser+Extensions.swift ├── IOCloser.swift ├── IOPair.swift ├── InitCommand.swift ├── ManagedContainer.swift ├── ManagedProcess.swift ├── MemoryMonitor.swift ├── OSFile+Splice.swift ├── OSFile.swift ├── PauseCommand.swift ├── ProcessSupervisor.swift ├── Runc/ │ ├── ConsoleSocket.swift │ └── Runc.swift ├── RuncProcess.swift ├── Server+GRPC.swift ├── Server.swift ├── StandardIO.swift ├── TerminalIO.swift └── VsockProxy.swift ================================================ FILE CONTENTS ================================================ ================================================ FILE: .github/ISSUE_TEMPLATE/01-bug.yml ================================================ name: Bug report description: File a bug report. title: "[Bug]: " type: "Bug" body: - type: markdown attributes: value: | Thanks for taking the time to fill out this bug report! - type: checkboxes id: prereqs attributes: label: I have done the following description: Select that you have completed the following prerequisites. options: - label: I have searched the existing issues required: true - label: If possible, I've reproduced the issue using the 'main' branch of this project required: false - type: textarea id: reproduce attributes: label: Steps to reproduce description: Explain how to reproduce the incorrect behavior. validations: required: true - type: textarea id: what-happened attributes: label: Current behavior description: A concise description of what you're experiencing. validations: required: true - type: textarea id: expected attributes: label: Expected behavior description: A concise description of what you expected to happen. validations: required: true - type: textarea attributes: label: Environment description: | Examples: - **OS**: macOS 26.0 (25A354) - **Xcode**: Version 26.0 (17A324) - **Swift**: Apple Swift version 6.2 (swift-6.2-RELEASE) value: | - OS: - Xcode: - Swift: render: markdown validations: required: true - type: textarea id: logs attributes: label: Relevant log output description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks. value: | N/A render: shell - type: checkboxes id: terms attributes: label: Code of Conduct description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/apple/.github/blob/main/CODE_OF_CONDUCT.md). options: - label: I agree to follow this project's Code of Conduct required: true ================================================ FILE: .github/ISSUE_TEMPLATE/02-feature.yml ================================================ name: Feature or enhancement request description: File a request for a feature or enhancement title: "[Request]: " type: "Feature" body: - type: markdown attributes: value: | Thanks for contributing to the containerization project! - type: textarea id: request attributes: label: Feature or enhancement request details description: Describe your proposed feature or enhancement. Code samples that show what's missing, or what new capabilities will be possible, are very helpful! Provide links to existing issues or external references/discussions, if appropriate. validations: required: true - type: checkboxes id: terms attributes: label: Code of Conduct description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/apple/.github/blob/main/CODE_OF_CONDUCT.md). options: - label: I agree to follow this project's Code of Conduct required: true ================================================ FILE: .github/ISSUE_TEMPLATE/config.yml ================================================ blank_issues_enabled: false contact_links: - name: Containerization community support url: https://github.com/apple/container/discussions about: Please ask and answer questions here. ================================================ FILE: .github/workflows/build-test-images.yml ================================================ name: Build and publish containerization test images permissions: contents: read on: workflow_dispatch: inputs: publish: type: boolean description: "Publish the built image" default: false version: type: string description: "Version of the image to create" default: "test" image: type: choice description: Test image to build options: - dockermanifestimage - emptyimage default: 'dockermanifestimage' useBuildx: type: boolean description: "Use docker buildx to build the image" default: false jobs: image: name: Build test images timeout-minutes: 30 runs-on: ubuntu-latest permissions: contents: read packages: write steps: - name: Check branch env: GH_REF: ${{ github.ref }} PUBLISH: ${{ inputs.publish }} run: | if [[ "${GH_REF}" != "refs/heads/main" ]] && [[ "${GH_REF}" != refs/heads/release* ]] && [[ "${PUBLISH}" == "true" ]]; then echo "❌ Cannot publish an image if we are not on main or a release branch." exit 1 fi - name: Check inputs env: IMAGE: ${{ inputs.image }} USE_BUILDX: ${{ inputs.useBuildx }} run: | if [[ "${IMAGE}" == "dockermanifestimage" ]] && [[ "${USE_BUILDX}" == "true" ]]; then echo "❌ dockermanifestimage cannot be built with buildx" exit 1 fi if [[ "${IMAGE}" == "emptyimage" ]] && [[ "${USE_BUILDX}" != "true" ]]; then echo "❌ emptyimage should be built with buildx" exit 1 fi - name: Checkout repository uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Set up Docker Buildx if: ${{ inputs.useBuildx }} uses: docker/setup-buildx-action@v3 - name: Build dockerfile and push image uses: docker/build-push-action@v6 with: push: ${{ inputs.publish }} context: Tests/TestImages/${{ inputs.image }} tags: ghcr.io/apple/containerization/${{ inputs.image }}:${{ inputs.version }} ================================================ FILE: .github/workflows/containerization-build-template.yml ================================================ name: Build containerization template permissions: contents: read on: workflow_call: inputs: release: type: boolean description: "Create a release" default: false version: type: string description: Version of containerization default: test jobs: buildAndTest: name: Build and Test repo if: github.repository == 'apple/containerization' timeout-minutes: 60 runs-on: [self-hosted, macos, tahoe, ARM64] permissions: contents: read packages: write env: DEVELOPER_DIR: "/Applications/Xcode-latest.app/Contents/Developer" steps: - name: Checkout repository uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6 with: fetch-depth: 0 - name: Activate Swiftly run: | source /opt/swiftly/env.sh cat /opt/swiftly/env.sh - name: Check formatting run: | ./scripts/install-hawkeye.sh make fmt git diff if ! git diff --quiet ; then echo the following files require formatting or license headers: ; git diff --name-only ; false ; fi - name: Check protobufs run: | make protos if ! git diff --quiet ; then echo the following files require formatting or license headers: ; git diff --name-only ; false ; fi - name: Make containerization and docs run: | make clean containerization docs tar cfz _site.tgz _site env: BUILD_CONFIGURATION: ${{ inputs.release && 'release' || 'debug' }} - name: Make vminitd image run: | source /opt/swiftly/env.sh make -C vminitd swift linux-sdk make init env: BUILD_CONFIGURATION: ${{ inputs.release && 'release' || 'debug' }} - name: Test containerization run: | make fetch-default-kernel make test integration env: REGISTRY_TOKEN: ${{ github.token }} REGISTRY_USERNAME: ${{ github.actor }} - name: Push vminitd image if: ${{ inputs.release }} env: REGISTRY_TOKEN: ${{ github.token }} REGISTRY_USERNAME: ${{ github.actor }} REGISTRY_HOST: ghcr.io VERSION: ${{ inputs.version }} run: | bin/cctl images tag vminit:latest "ghcr.io/apple/containerization/vminit:${VERSION}" bin/cctl images push "ghcr.io/apple/containerization/vminit:${VERSION}" - name: Create image tar if: ${{ !inputs.release }} run: | bin/cctl images save vminit:latest -o vminit.tar - name: Save vminit artifact if: ${{ !inputs.release }} uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 with: name: vminit path: vminit.tar - name: Save documentation artifact uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 with: name: api-docs path: "./_site.tgz" retention-days: 14 uploadPages: # Separate upload step required because upload-pages-artifact needs # gtar which is not on the macOS runner. name: Upload artifact for GitHub Pages needs: buildAndTest timeout-minutes: 5 runs-on: ubuntu-latest steps: - name: Setup Pages uses: actions/configure-pages@v5 - name: Download a single artifact uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7 with: name: api-docs - name: Add API docs to documentation run: | tar xfz _site.tgz - name: Upload Artifact uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4 with: path: "./_site" ================================================ FILE: .github/workflows/containerization-build.yml ================================================ name: Build containerization permissions: contents: read on: pull_request: types: [opened, reopened, synchronize] push: branches: - main - release/* jobs: verify-signatures: name: Verify commit signatures runs-on: ubuntu-latest if: github.event_name == 'pull_request' steps: - name: Check all commits are signed env: GH_TOKEN: ${{ github.token }} REPO: ${{ github.repository }} PR_NUMBER: ${{ github.event.pull_request.number }} run: | commits=$(gh api "repos/${REPO}/pulls/${PR_NUMBER}/commits" --paginate) unsigned_commits="" while IFS='|' read -r sha author verified; do if [ "$verified" != "true" ]; then unsigned_commits="$unsigned_commits - $sha by $author\n" fi done < <(echo "$commits" | jq -r '.[] | "\(.sha)|\(.commit.author.name)|\(.commit.verification.verified)"') if [ -n "$unsigned_commits" ]; then echo "::error::The following commits are not signed:" echo -e "$unsigned_commits" echo "" echo "Please sign your commits. See:" echo " - https://github.com/apple/containerization/blob/main/CONTRIBUTING.md#pull-requests" echo " - https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits" exit 1 fi echo "All commits are signed!" containerization: permissions: contents: read packages: write pages: write uses: ./.github/workflows/containerization-build-template.yml secrets: inherit ================================================ FILE: .github/workflows/docs-release.yaml ================================================ # Manual workflow for releasing docs ad-hoc. Workflow can only be run for main or release branches. # Workflow does NOT publish a release of containerization. name: Deploy application website permissions: contents: read on: workflow_dispatch: jobs: checkBranch: runs-on: ubuntu-latest if: github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags') || startsWith(github.ref, 'refs/heads/release') steps: - name: Branch validation env: REF_NAME: ${{ github.ref_name }} run: echo "Branch ${REF_NAME} is allowed" buildSite: name: Build application website needs: checkBranch uses: ./.github/workflows/containerization-build-template.yml secrets: inherit permissions: contents: read packages: write pages: write deployDocs: runs-on: ubuntu-latest needs: [checkBranch, buildSite] permissions: contents: read pages: write id-token: write environment: name: github-pages url: ${{ steps.deployment.outputs.page_url }} steps: - name: Deploy to GitHub Pages id: deployment uses: actions/deploy-pages@v4 ================================================ FILE: .github/workflows/release.yml ================================================ name: Release containerization permissions: contents: read on: push: tags: - "[0-9]+\\.[0-9]+\\.[0-9]+" jobs: containerization: uses: ./.github/workflows/containerization-build-template.yml with: release: true version: ${{ github.ref_name }} secrets: inherit permissions: contents: read packages: write pages: write deployDocs: if: startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-latest needs: containerization permissions: contents: read pages: write id-token: write environment: name: github-pages url: ${{ steps.deployment.outputs.page_url }} steps: - name: Deploy to GitHub Pages id: deployment uses: actions/deploy-pages@v4 release: if: startsWith(github.ref, 'refs/tags/') name: Publish release timeout-minutes: 30 needs: containerization runs-on: ubuntu-latest permissions: contents: write packages: read steps: - name: Create release uses: softprops/action-gh-release@v2 with: token: ${{ github.token }} name: ${{ github.ref_name }}-prerelease draft: true make_latest: false prerelease: true fail_on_unmatched_files: true ================================================ FILE: .gitignore ================================================ .DS_Store bin libexec .build .local xcuserdata/ DerivedData/ .swiftpm/ .netrc .swiftpm workdir/ installer/ .venv/ test_results/ *.pid *.log *.zip *.o *.ext4 *.pkg *.swp *.tar.gz *.tar.xz vmlinux # API docs for local preview only. _site/ _serve/ ================================================ FILE: .spi.yml ================================================ version: 1 builder: configs: - documentation_targets: [Containerization, ContainerizationEXT4, ContainerizationOS, ContainerizationOCI, ContainerizationNetlink, ContainerizationIO, ContainerizationExtras, ContainerizationArchive, SendableProperty] swift_version: '6.2' ================================================ FILE: .swift-format ================================================ { "fileScopedDeclarationPrivacy" : { "accessLevel" : "private" }, "indentation" : { "spaces" : 4 }, "indentConditionalCompilationBlocks" : false, "indentSwitchCaseLabels" : false, "lineBreakAroundMultilineExpressionChainComponents" : false, "lineBreakBeforeControlFlowKeywords" : false, "lineBreakBeforeEachArgument" : false, "lineBreakBeforeEachGenericRequirement" : false, "lineLength" : 180, "maximumBlankLines" : 1, "multiElementCollectionTrailingCommas" : true, "noAssignmentInExpressions" : { "allowedFunctions" : [ "XCTAssertNoThrow" ] }, "prioritizeKeepingFunctionOutputTogether" : false, "respectsExistingLineBreaks" : true, "rules" : { "AllPublicDeclarationsHaveDocumentation" : false, "AlwaysUseLowerCamelCase" : true, "AmbiguousTrailingClosureOverload" : false, "BeginDocumentationCommentWithOneLineSummary" : false, "DoNotUseSemicolons" : true, "DontRepeatTypeInStaticProperties" : true, "FileScopedDeclarationPrivacy" : true, "FullyIndirectEnum" : true, "GroupNumericLiterals" : true, "IdentifiersMustBeASCII" : true, "NeverForceUnwrap" : true, "NeverUseForceTry" : true, "NeverUseImplicitlyUnwrappedOptionals" : true, "NoAccessLevelOnExtensionDeclaration" : true, "NoAssignmentInExpressions" : true, "NoBlockComments" : false, "NoCasesWithOnlyFallthrough" : true, "NoEmptyTrailingClosureParentheses" : true, "NoLabelsInCasePatterns" : true, "NoLeadingUnderscores" : false, "NoParensAroundConditions" : true, "NoPlaygroundLiterals" : true, "NoVoidReturnOnFunctionSignature" : true, "OmitExplicitReturns" : true, "OneCasePerLine" : true, "OneVariableDeclarationPerLine" : true, "OnlyOneTrailingClosureArgument" : true, "OrderedImports" : true, "ReplaceForEachWithForLoop" : true, "ReturnVoidInsteadOfEmptyTuple" : true, "TypeNamesShouldBeCapitalized" : true, "UseEarlyExits" : true, "UseLetInEveryBoundCaseVariable" : true, "UseShorthandTypeNames" : true, "UseSingleLinePropertyGetter" : true, "UseSynthesizedInitializer" : true, "UseTripleSlashForDocumentationComments" : true, "UseWhereClausesInForLoops" : false, "ValidateDocumentationComments" : true }, "spacesAroundRangeFormationOperators" : false, "tabWidth" : 2, "version" : 1 } ================================================ FILE: .swift-format-nolint ================================================ { "fileScopedDeclarationPrivacy" : { "accessLevel" : "private" }, "indentation" : { "spaces" : 4 }, "indentConditionalCompilationBlocks" : false, "indentSwitchCaseLabels" : false, "lineBreakAroundMultilineExpressionChainComponents" : false, "lineBreakBeforeControlFlowKeywords" : false, "lineBreakBeforeEachArgument" : false, "lineBreakBeforeEachGenericRequirement" : false, "lineLength" : 180, "maximumBlankLines" : 1, "multiElementCollectionTrailingCommas" : true, "noAssignmentInExpressions" : { "allowedFunctions" : [ "XCTAssertNoThrow" ] }, "prioritizeKeepingFunctionOutputTogether" : false, "respectsExistingLineBreaks" : true, "rules" : { "AllPublicDeclarationsHaveDocumentation" : false, "AlwaysUseLowerCamelCase" : false, "AmbiguousTrailingClosureOverload" : false, "BeginDocumentationCommentWithOneLineSummary" : false, "DoNotUseSemicolons" : true, "DontRepeatTypeInStaticProperties" : false, "FileScopedDeclarationPrivacy" : false, "FullyIndirectEnum" : false, "GroupNumericLiterals" : false, "IdentifiersMustBeASCII" : false, "NeverForceUnwrap" : false, "NeverUseForceTry" : false, "NeverUseImplicitlyUnwrappedOptionals" : false, "NoAccessLevelOnExtensionDeclaration" : false, "NoAssignmentInExpressions" : false, "NoBlockComments" : false, "NoCasesWithOnlyFallthrough" : false, "NoEmptyTrailingClosureParentheses" : true, "NoLabelsInCasePatterns" : false, "NoLeadingUnderscores" : false, "NoParensAroundConditions" : true, "NoPlaygroundLiterals" : false, "NoVoidReturnOnFunctionSignature" : true, "OmitExplicitReturns" : false, "OneCasePerLine" : true, "OneVariableDeclarationPerLine" : true, "OnlyOneTrailingClosureArgument" : false, "OrderedImports" : true, "ReplaceForEachWithForLoop" : false, "ReturnVoidInsteadOfEmptyTuple" : false, "TypeNamesShouldBeCapitalized" : false, "UseEarlyExits" : false, "UseLetInEveryBoundCaseVariable" : false, "UseShorthandTypeNames" : true, "UseSingleLinePropertyGetter" : true, "UseSynthesizedInitializer" : false, "UseTripleSlashForDocumentationComments" : true, "UseWhereClausesInForLoops" : false, "ValidateDocumentationComments" : false }, "spacesAroundRangeFormationOperators" : false, "tabWidth" : 2, "version" : 1 } ================================================ FILE: .swift-version ================================================ 6.3-snapshot-2026-02-27 ================================================ FILE: CONTRIBUTING.md ================================================ # 🌈 📦️ Welcome to the Containerization community! 📦️ 🌈 Contributions to Containerization are welcomed and encouraged. ## Index - [How you can help](#how-you-can-help) - [Submitting issues and pull requests](#submitting-issues-and-pull-requests) - [New to open source?](#new-to-open-source) - [AI contribution guidelines](#ai-contribution-guidelines) - [Code of conduct](#code-of-conduct) ## How you can help We would love your contributions in the form of: 🐛 Bug fixes\ ⚡️ Performance improvements\ ✨ API additions or enhancements\ 📝 Documentation\ 🧑‍💻 Project advocacy: blogs, conference talks, and more Anything else that could enhance the project! ## Submitting issues and pull requests ### Issues To file a bug or feature request, use [GitHub issues](https://github.com/apple/containerization/issues/new). 🚧 For unexpected behavior or usability limitations, detailed instructions on how to reproduce the issue are appreciated. This will greatly help the priority setting and speed at which maintainers can get to your issue. ### Pull requests We require all commits be signed with any of GitHub's supported methods, such as GPG or SSH. Information on how to set this up can be found on [GitHub's docs](https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification#about-commit-signature-verification). To make a pull request, use [GitHub](https://github.com/apple/containerization/compare). Please give the team a few days to review but it's ok to check in on occasion. We appreciate your contribution! > [!IMPORTANT] > If you plan to make substantial changes or add new features, we encourage you to first discuss them with the wider containerization developer community. > You can do this by filing a [GitHub issue](https://github.com/apple/containerization/issues/new). > This will save time and increases the chance of your pull request being accepted. We use a "squash and merge" strategy to keep our `main` branch history clean and easy to follow. When your pull request is merged, all of your commits will be combined into a single commit. With the "squash and merge" strategy, the *title* and *body* of your pull request is extremely important. It will become the commit message for the squashed commit. Think of it as the single, definitive description of your contribution. Before merging, we'll review the pull request title and body to ensure it: * Clearly and concisely describes the changes. * Uses the imperative mood (for example, "Add feature," "Fix bug"). * Provides enough context for future developers to understand the purpose of the change. The pull request description should be concise and accurately describe the *what* and *why* of your changes. #### .gitignore contributions We do not currently accept contributions to add editor specific additions to the root .gitignore. We urge contributors to make a global .gitignore file with their rulesets they may want to add instead. A global .gitignore file can be set like so: ```bash git config --global core.excludesfile ~/.gitignore ``` #### Formatting contributions Make sure your contributions are consistent with the rest of the project's formatting. You can do this using our Makefile: ```bash make fmt ``` #### Applying license header to new files If you submit a contribution that adds a new file, please add the license header. You can do this using our Makefile: ```bash make update-licenses ``` ## New to open source? ### How do I pick something to work on? Take a look at the `good first issue` label in the [containerization](https://github.com/apple/containerization/contribute) or [container](https://github.com/apple/container/contribute) project. Before you start working on an issue: * Check the comments, assignees, and any references to pull requests — make sure nobody else is actively working on it, or awaiting help or review. * If someone is assigned to the issue or volunteered to work on it, and there are no signs of progress or activity over at least the past month, don't hesitate to check in with them * Leave a comment that you have started working on it. ### Getting help Don't be afraid to ask for help! When asking for help, provide as much information as possible, while highlighting anything you think may be important. Refer to the [MAINTAINERS.txt](MAINTAINERS.txt) file for the appropriate people to ping. ### I didn't get a response from someone. What should I do? It's possible that you ask someone a question in an issue/pull request and you don't get a response as quickly as you'd like. If you don't get a response within a week, it's okay to politely ping them using an `@` mention. If you don't get a response for 2-3 weeks in a row, please ping someone else. ### I can't finish the contribution I started. Sometimes an issue ends up bigger, harder, or more time-consuming than expected — **and that’s completely fine.** Be sure to comment on the issue saying you’re stepping away, so that someone else is able to pick it up. ## AI contribution guidelines We welcome thoughtful use of AI tools in your contributions to this repository. We ask that you adhere to these rules in order to preserve the project's integrity, clarity, and quality, and to respect maintainer bandwidth: * You should be able to explain and justify every line of code or documentation that was generated or assisted by AI. Your submission should reflect your own understanding and intent. * Use AI to augment, not totally replace, your reasoning or familiarity, especially for non-trivial parts of the system. * Avoid dumping AI-generated walls of text that you cannot explain. Low-effort, unexplained submissions will be deprioritized to protect maintainer bandwidth. AI tools should be used to **enhance, not replace** the human elements that make OSS special: learning, collaboration, and community growth. ## Code of conduct To clarify of what is expected of our contributors and community members, the Containerization team has adopted the code of conduct defined by the Contributor Covenant. This document is used across many open source communities and articulates our values well. For more detail, please read the [Code of Conduct](https://github.com/apple/.github/blob/main/CODE_OF_CONDUCT.md "Code of Conduct"). ================================================ FILE: LICENSE ================================================ Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 1. Definitions. "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and (b) You must cause any modified files to carry prominent notices stating that You changed the files; and (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. ================================================ FILE: MAINTAINERS.txt ================================================ This file contains a list of maintainers and past maintainers who have made meaningful changes to this repository. ### Maintainers Aditya Ramani (adityaramani) AJ Emory (ajemory) Danny Canter (dcantah) Dmitry Kovba (dkovba) Eric Ernst (egernst) John Logan (jglogan) Kathryn Baldauf (katiewasnothere) Madhu Venugopal (mavenugo) Michael Crosby (crosbymichael) Raj Aryan Singh (realrajaryan) Sidhartha Mani (wlan0) Yibo Zhuang (yibozhuang) ### Emeritus maintainers Agam Dua (agamdua) Evan Hazlett (ehazlett) Gilbert Song (gilbert88) Hugh Bussell (hughbussell) Tanweer Noor (tanweernoor) Ximena Perez Diaz (ximenanperez) ================================================ FILE: Makefile ================================================ # Copyright © 2025-2026 Apple Inc. and the Containerization project authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # Build configuration variables BUILD_CONFIGURATION ?= debug WARNINGS_AS_ERRORS ?= true SWIFT_CONFIGURATION := $(if $(filter-out false,$(WARNINGS_AS_ERRORS)),-Xswiftc -warnings-as-errors) --disable-automatic-resolution # Commonly used locations SWIFT := "/usr/bin/swift" ROOT_DIR := $(shell git rev-parse --show-toplevel) BUILD_BIN_DIR = $(shell $(SWIFT) build -c $(BUILD_CONFIGURATION) --show-bin-path) COV_DATA_DIR = $(shell $(SWIFT) test --show-coverage-path | xargs dirname) COV_REPORT_FILE = $(ROOT_DIR)/code-coverage-report # Variables for libarchive integration LIBARCHIVE_UPSTREAM_REPO := https://github.com/libarchive/libarchive LIBARCHIVE_UPSTREAM_VERSION := v3.7.7 LIBARCHIVE_LOCAL_DIR := workdir/libarchive KATA_BINARY_PACKAGE := https://github.com/kata-containers/kata-containers/releases/download/3.17.0/kata-static-3.17.0-arm64.tar.xz include Protobuf.Makefile .DEFAULT_GOAL := all .PHONY: all all: containerization all: init .PHONY: release release: BUILD_CONFIGURATION = release release: all .PHONY: containerization containerization: @echo Building containerization binaries... @$(SWIFT) --version @$(SWIFT) build -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) @echo Copying containerization binaries... @mkdir -p bin @install "$(BUILD_BIN_DIR)/cctl" ./bin/ @install "$(BUILD_BIN_DIR)/containerization-integration" ./bin/ @echo Signing containerization binaries... @codesign --force --sign - --timestamp=none --entitlements=signing/vz.entitlements bin/cctl @codesign --force --sign - --timestamp=none --entitlements=signing/vz.entitlements bin/containerization-integration .PHONY: init init: containerization vminitd @echo Creating init.ext4... @rm -f bin/init.rootfs.tar.gz bin/init.block @./bin/cctl rootfs create \ --vminitd vminitd/bin/vminitd \ --vmexec vminitd/bin/vmexec \ --label org.opencontainers.image.source=https://github.com/apple/containerization \ --image vminit:latest \ bin/init.rootfs.tar.gz .PHONY: cross-prep cross-prep: @"$(MAKE)" -C vminitd cross-prep .PHONY: vminitd vminitd: @mkdir -p ./bin @"$(MAKE)" -C vminitd BUILD_CONFIGURATION=$(BUILD_CONFIGURATION) WARNINGS_AS_ERRORS=$(WARNINGS_AS_ERRORS) .PHONY: update-libarchive-source update-libarchive-source: @echo Updating the libarchive source files... @git clone $(LIBARCHIVE_UPSTREAM_REPO) --depth 1 --branch $(LIBARCHIVE_UPSTREAM_VERSION) "$(LIBARCHIVE_LOCAL_DIR)" @cp "$(LIBARCHIVE_LOCAL_DIR)/libarchive/archive_entry.h" Sources/ContainerizationArchive/CArchive/include @cp "$(LIBARCHIVE_LOCAL_DIR)/libarchive/archive.h" Sources/ContainerizationArchive/CArchive/include @cp "$(LIBARCHIVE_LOCAL_DIR)/COPYING" Sources/ContainerizationArchive/CArchive/COPYING @rm -rf "$(LIBARCHIVE_LOCAL_DIR)" .PHONY: test test: @echo Testing all test targets... @$(SWIFT) test --enable-code-coverage $(SWIFT_CONFIGURATION) .PHONY: coverage coverage: test @echo Generating code coverage report... @xcrun llvm-cov show --compilation-dir=`pwd` \ -instr-profile=$(COV_DATA_DIR)/default.profdata \ --ignore-filename-regex=".build/" \ --ignore-filename-regex=".pb.swift" \ --ignore-filename-regex=".proto" \ --ignore-filename-regex=".grpc.swift" \ $(BUILD_BIN_DIR)/containerizationPackageTests.xctest/Contents/MacOS/containerizationPackageTests > $(COV_REPORT_FILE) @echo Code coverage report generated: $(COV_REPORT_FILE) .PHONY: integration integration: ifeq (,$(wildcard bin/vmlinux)) @echo No bin/vmlinux kernel found. See fetch-default-kernel target. @exit 1 endif @echo Running the integration tests... @./bin/containerization-integration .PHONY: fetch-default-kernel fetch-default-kernel: @mkdir -p .local/ bin/ ifeq (,$(wildcard .local/kata.tar.gz)) @curl -SsL -o .local/kata.tar.gz ${KATA_BINARY_PACKAGE} endif ifeq (,$(wildcard .local/vmlinux)) @tar -zxf .local/kata.tar.gz -C .local/ --strip-components=1 @cp -L .local/opt/kata/share/kata-containers/vmlinux.container .local/vmlinux endif ifeq (,$(wildcard bin/vmlinux)) @cp .local/vmlinux bin/vmlinux endif .PHONY: check check: swift-fmt-check check-licenses .PHONY: fmt fmt: swift-fmt update-licenses .PHONY: swift-fmt SWIFT_SRC = $(shell find . -type f -name '*.swift' -not -path "*/.*" -not -path "*.pb.swift" -not -path "*.grpc.swift" -not -path "*/checkouts/*") swift-fmt: @echo Applying the standard code formatting... @$(SWIFT) format --recursive --configuration .swift-format -i $(SWIFT_SRC) swift-fmt-check: @echo Applying the standard code formatting... @$(SWIFT) format lint --recursive --strict --configuration .swift-format-nolint $(SWIFT_SRC) .PHONY: update-licenses update-licenses: @echo Updating license headers... @./scripts/ensure-hawkeye-exists.sh @.local/bin/hawkeye format --fail-if-unknown --fail-if-updated false .PHONY: check-licenses check-licenses: @echo Checking license headers existence in source files... @./scripts/ensure-hawkeye-exists.sh @.local/bin/hawkeye check --fail-if-unknown .PHONY: pre-commit pre-commit: cp Scripts/pre-commit.fmt .git/hooks touch .git/hooks/pre-commit cat .git/hooks/pre-commit | grep -v 'hooks/pre-commit\.fmt' > /tmp/pre-commit.new || true echo 'PRECOMMIT_NOFMT=$${PRECOMMIT_NOFMT} $$(git rev-parse --show-toplevel)/.git/hooks/pre-commit.fmt' >> /tmp/pre-commit.new mv /tmp/pre-commit.new .git/hooks/pre-commit chmod +x .git/hooks/pre-commit .PHONY: serve-docs serve-docs: @echo 'to browse: open http://127.0.0.1:8000/containerization/documentation/' @rm -rf _serve @mkdir -p _serve @cp -a _site _serve/containerization @python3 -m http.server --bind 127.0.0.1 --directory ./_serve .PHONY: docs docs: @echo Updating API documentation... @rm -rf _site @scripts/make-docs.sh _site containerization .PHONY: cleancontent cleancontent: @echo Cleaning the content... @rm -rf ~/Library/Application\ Support/com.apple.containerization .PHONY: clean clean: @echo Cleaning build files... @rm -rf bin/ @rm -rf _site/ @rm -rf _serve/ @rm -f $(COV_REPORT_FILE) @$(SWIFT) package clean @"$(MAKE)" -C vminitd clean ================================================ FILE: Package.resolved ================================================ { "originHash" : "8b51a9ec068537ab57ce9b8034b5b84a02a4697e4a6be491954e5fbda7e5783b", "pins" : [ { "identity" : "async-http-client", "kind" : "remoteSourceControl", "location" : "https://github.com/swift-server/async-http-client.git", "state" : { "revision" : "60235983163d040f343a489f7e2e77c1918a8bd9", "version" : "1.26.1" } }, { "identity" : "grpc-swift", "kind" : "remoteSourceControl", "location" : "https://github.com/grpc/grpc-swift.git", "state" : { "revision" : "a56a157218877ef3e9625f7e1f7b2cb7e46ead1b", "version" : "1.26.1" } }, { "identity" : "swift-algorithms", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-algorithms.git", "state" : { "revision" : "87e50f483c54e6efd60e885f7f5aa946cee68023", "version" : "1.2.1" } }, { "identity" : "swift-argument-parser", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-argument-parser.git", "state" : { "revision" : "011f0c765fb46d9cac61bca19be0527e99c98c8b", "version" : "1.5.1" } }, { "identity" : "swift-asn1", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-asn1.git", "state" : { "revision" : "a54383ada6cecde007d374f58f864e29370ba5c3", "version" : "1.3.2" } }, { "identity" : "swift-async-algorithms", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-async-algorithms.git", "state" : { "revision" : "042e1c4d9d19748c9c228f8d4ebc97bb1e339b0b", "version" : "1.0.4" } }, { "identity" : "swift-atomics", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-atomics.git", "state" : { "revision" : "cd142fd2f64be2100422d658e7411e39489da985", "version" : "1.2.0" } }, { "identity" : "swift-certificates", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-certificates.git", "state" : { "revision" : "999fd70c7803da89f3904d635a6815a2a7cd7585", "version" : "1.10.0" } }, { "identity" : "swift-collections", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-collections.git", "state" : { "revision" : "c1805596154bb3a265fd91b8ac0c4433b4348fb0", "version" : "1.2.0" } }, { "identity" : "swift-crypto", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-crypto.git", "state" : { "revision" : "e8d6eba1fef23ae5b359c46b03f7d94be2f41fed", "version" : "3.12.3" } }, { "identity" : "swift-docc-plugin", "kind" : "remoteSourceControl", "location" : "https://github.com/swiftlang/swift-docc-plugin", "state" : { "revision" : "d1691545d53581400b1de9b0472d45eb25c19fed", "version" : "1.4.4" } }, { "identity" : "swift-docc-symbolkit", "kind" : "remoteSourceControl", "location" : "https://github.com/swiftlang/swift-docc-symbolkit", "state" : { "revision" : "b45d1f2ed151d057b54504d653e0da5552844e34", "version" : "1.0.0" } }, { "identity" : "swift-http-structured-headers", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-http-structured-headers.git", "state" : { "revision" : "db6eea3692638a65e2124990155cd220c2915903", "version" : "1.3.0" } }, { "identity" : "swift-http-types", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-http-types.git", "state" : { "revision" : "a0a57e949a8903563aba4615869310c0ebf14c03", "version" : "1.4.0" } }, { "identity" : "swift-log", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-log.git", "state" : { "revision" : "3d8596ed08bd13520157f0355e35caed215ffbfa", "version" : "1.6.3" } }, { "identity" : "swift-nio", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio.git", "state" : { "revision" : "34d486b01cd891297ac615e40d5999536a1e138d", "version" : "2.83.0" } }, { "identity" : "swift-nio-extras", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio-extras.git", "state" : { "revision" : "145db1962f4f33a4ea07a32e751d5217602eea29", "version" : "1.28.0" } }, { "identity" : "swift-nio-http2", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio-http2.git", "state" : { "revision" : "4281466512f63d1bd530e33f4aa6993ee7864be0", "version" : "1.36.0" } }, { "identity" : "swift-nio-ssl", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio-ssl.git", "state" : { "revision" : "173cc69a058623525a58ae6710e2f5727c663793", "version" : "2.36.0" } }, { "identity" : "swift-nio-transport-services", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio-transport-services.git", "state" : { "revision" : "cd1e89816d345d2523b11c55654570acd5cd4c56", "version" : "1.24.0" } }, { "identity" : "swift-numerics", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-numerics.git", "state" : { "revision" : "e0ec0f5f3af6f3e4d5e7a19d2af26b481acb6ba8", "version" : "1.0.3" } }, { "identity" : "swift-protobuf", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-protobuf.git", "state" : { "revision" : "102a647b573f60f73afdce5613a51d71349fe507", "version" : "1.30.0" } }, { "identity" : "swift-service-lifecycle", "kind" : "remoteSourceControl", "location" : "https://github.com/swift-server/swift-service-lifecycle.git", "state" : { "revision" : "e7187309187695115033536e8fc9b2eb87fd956d", "version" : "2.8.0" } }, { "identity" : "swift-system", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-system.git", "state" : { "revision" : "395a77f0aa927f0ff73941d7ac35f2b46d47c9db", "version" : "1.6.3" } }, { "identity" : "zstd", "kind" : "remoteSourceControl", "location" : "https://github.com/facebook/zstd.git", "state" : { "revision" : "f8745da6ff1ad1e7bab384bd1f9d742439278e99", "version" : "1.5.7" } } ], "version" : 3 } ================================================ FILE: Package.swift ================================================ // swift-tools-version: 6.2 //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // The swift-tools-version declares the minimum version of Swift required to build this package. import CompilerPluginSupport import Foundation import PackageDescription let package = Package( name: "containerization", platforms: [.macOS("15")], products: [ .library(name: "Containerization", targets: ["Containerization", "ContainerizationError"]), .library(name: "ContainerizationEXT4", targets: ["ContainerizationEXT4"]), .library(name: "ContainerizationOCI", targets: ["ContainerizationOCI"]), .library(name: "ContainerizationNetlink", targets: ["ContainerizationNetlink"]), .library(name: "ContainerizationIO", targets: ["ContainerizationIO"]), .library(name: "ContainerizationOS", targets: ["ContainerizationOS"]), .library(name: "ContainerizationExtras", targets: ["ContainerizationExtras"]), .library(name: "ContainerizationArchive", targets: ["ContainerizationArchive"]), .executable(name: "cctl", targets: ["cctl"]), ], dependencies: [ .package(url: "https://github.com/apple/swift-log.git", from: "1.0.0"), .package(url: "https://github.com/apple/swift-argument-parser.git", from: "1.3.0"), .package(url: "https://github.com/apple/swift-collections.git", from: "1.1.4"), .package(url: "https://github.com/apple/swift-crypto.git", from: "3.0.0"), .package(url: "https://github.com/grpc/grpc-swift.git", from: "1.26.0"), .package(url: "https://github.com/apple/swift-protobuf.git", from: "1.29.0"), .package(url: "https://github.com/apple/swift-nio.git", from: "2.80.0"), .package(url: "https://github.com/swift-server/async-http-client.git", from: "1.20.1"), .package(url: "https://github.com/apple/swift-system.git", from: "1.4.0"), .package(url: "https://github.com/swiftlang/swift-docc-plugin", from: "1.1.0"), .package(url: "https://github.com/apple/swift-nio-ssl.git", from: "2.36.0"), .package(url: "https://github.com/facebook/zstd.git", exact: "1.5.7"), ], targets: [ .target( name: "ContainerizationError" ), .target( name: "Containerization", dependencies: [ .product(name: "Logging", package: "swift-log"), .product(name: "GRPC", package: "grpc-swift"), .product(name: "SystemPackage", package: "swift-system"), .product(name: "_NIOFileSystem", package: "swift-nio"), "ContainerizationArchive", "ContainerizationOCI", "ContainerizationOS", "ContainerizationIO", "ContainerizationExtras", .target(name: "ContainerizationEXT4", condition: .when(platforms: [.macOS])), ], exclude: [ "../Containerization/SandboxContext/SandboxContext.proto" ] ), .executableTarget( name: "cctl", dependencies: [ .product(name: "Logging", package: "swift-log"), .product(name: "ArgumentParser", package: "swift-argument-parser"), "Containerization", "ContainerizationArchive", "ContainerizationEXT4", "ContainerizationExtras", "ContainerizationOCI", "ContainerizationOS", ] ), .executableTarget( name: "containerization-integration", dependencies: [ .product(name: "Logging", package: "swift-log"), .product(name: "ArgumentParser", package: "swift-argument-parser"), "Containerization", ], path: "Sources/Integration" ), .testTarget( name: "ContainerizationUnitTests", dependencies: ["Containerization"], path: "Tests/ContainerizationTests", resources: [ .copy("ImageTests/Resources/scratch.tar"), .copy("ImageTests/Resources/scratch_no_annotations.tar"), ] ), .target( name: "ContainerizationEXT4", dependencies: [ .target(name: "ContainerizationArchive", condition: .when(platforms: [.macOS])), .product(name: "SystemPackage", package: "swift-system"), "ContainerizationOS", ], path: "Sources/ContainerizationEXT4", exclude: [ "README.md" ] ), .testTarget( name: "ContainerizationEXT4Tests", dependencies: [ "ContainerizationEXT4", "ContainerizationArchive", ], resources: [ .copy( "Resources/content/blobs/sha256/ad59e9f71edceca7b1ac7c642410858489b743c97233b0a26a5e2098b1443762"), // index .copy( "Resources/content/blobs/sha256/48a06049d3738991b011ca8b12473d712b7c40666a1462118dae3c403676afc2"), // manifest .copy( "Resources/content/blobs/sha256/8e2eb240a6cd7be1a0d308125afe0060b020e89275ced2e729eda7d4eeff62a2"), // config .copy( "Resources/content/blobs/sha256/c6b39de5b33961661dc939b997cc1d30cda01e38005a6c6625fd9c7e748bab44"), // layer 1 .copy( "Resources/content/blobs/sha256/4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1"), // layer 2 ] ), .target( name: "ContainerizationArchive", dependencies: [ .product(name: "SystemPackage", package: "swift-system"), "CArchive", "ContainerizationExtras", "ContainerizationOS", ], exclude: [ "CArchive" ] ), .testTarget( name: "ContainerizationArchiveTests", dependencies: [ "ContainerizationArchive" ], resources: [ .copy("Resources/test.tar.zst") ] ), .target( name: "CArchive", dependencies: [ .product(name: "libzstd", package: "zstd") ], path: "Sources/ContainerizationArchive/CArchive", sources: [ "archive_swift_bridge.c" ], cSettings: [ .define( "PLATFORM_CONFIG_H", to: "\"config_darwin.h\"", .when(platforms: [.iOS, .macOS, .macCatalyst, .watchOS, .driverKit, .tvOS])), .define("PLATFORM_CONFIG_H", to: "\"config_linux.h\"", .when(platforms: [.linux])), .unsafeFlags(["-fno-modules"]), ], linkerSettings: [ .linkedLibrary("z"), .linkedLibrary("bz2"), .linkedLibrary("lzma"), .linkedLibrary("archive"), .linkedLibrary("iconv", .when(platforms: [.macOS])), .linkedLibrary("crypto", .when(platforms: [.linux])), ] ), .target( name: "ContainerizationOCI", dependencies: [ .product(name: "AsyncHTTPClient", package: "async-http-client"), .product(name: "Crypto", package: "swift-crypto"), .product(name: "Logging", package: "swift-log"), .product(name: "_NIOFileSystem", package: "swift-nio"), "ContainerizationError", "ContainerizationOS", "ContainerizationExtras", ] ), .testTarget( name: "ContainerizationOCITests", dependencies: [ "ContainerizationOCI", "Containerization", "ContainerizationIO", .product(name: "NIO", package: "swift-nio"), .product(name: "Crypto", package: "swift-crypto"), ] ), .target( name: "ContainerizationNetlink", dependencies: [ .product(name: "Logging", package: "swift-log"), "ContainerizationOS", "ContainerizationExtras", ] ), .testTarget( name: "ContainerizationNetlinkTests", dependencies: [ "ContainerizationNetlink" ] ), .target( name: "ContainerizationOS", dependencies: [ .product(name: "Logging", package: "swift-log"), .product(name: "SystemPackage", package: "swift-system"), "CShim", "ContainerizationError", ], exclude: [ "../ContainerizationOS/README.md" ] ), .testTarget( name: "ContainerizationOSTests", dependencies: [ .product(name: "SystemPackage", package: "swift-system"), "ContainerizationOS", "ContainerizationExtras", ] ), .target( name: "ContainerizationIO", dependencies: [ "ContainerizationOS", .product(name: "NIO", package: "swift-nio"), .product(name: "NIOCore", package: "swift-nio"), .product(name: "NIOFoundationCompat", package: "swift-nio"), ] ), .target( name: "ContainerizationExtras", dependencies: [ "ContainerizationError", .product(name: "Collections", package: "swift-collections"), .product(name: "Logging", package: "swift-log"), .product(name: "NIOSSL", package: "swift-nio-ssl"), ] ), .testTarget( name: "ContainerizationExtrasTests", dependencies: [ "ContainerizationExtras", "CShim", ] ), .target( name: "CShim" ), ] ) ================================================ FILE: Protobuf.Makefile ================================================ # Copyright © 2025-2026 Apple Inc. and the Containerization project authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. LOCAL_DIR := $(ROOT_DIR)/.local LOCAL_BIN_DIR := $(LOCAL_DIR)/bin # Versions PROTOC_VERSION := 26.1 # Protoc binary installation PROTOC_ZIP := protoc-$(PROTOC_VERSION)-osx-universal_binary.zip PROTOC := $(LOCAL_BIN_DIR)/protoc@$(PROTOC_VERSION)/protoc $(PROTOC): @echo Downloading protocol buffers... @mkdir -p $(LOCAL_DIR) @curl -OL https://github.com/protocolbuffers/protobuf/releases/download/v$(PROTOC_VERSION)/$(PROTOC_ZIP) @mkdir -p $(dir $@) @unzip -jo $(PROTOC_ZIP) bin/protoc -d $(dir $@) @unzip -o $(PROTOC_ZIP) 'include/*' -d $(dir $@) @rm -f $(PROTOC_ZIP) .PHONY: protoc-gen-swift protoc-gen-swift: @$(SWIFT) build --product protoc-gen-swift @$(SWIFT) build --product protoc-gen-grpc-swift .PHONY: protos protos: $(PROTOC) protoc-gen-swift @echo Generating protocol buffers source code... @$(PROTOC) Sources/Containerization/SandboxContext/SandboxContext.proto \ --plugin=protoc-gen-grpc-swift=$(BUILD_BIN_DIR)/protoc-gen-grpc-swift \ --plugin=protoc-gen-swift=$(BUILD_BIN_DIR)/protoc-gen-swift \ --proto_path=Sources/Containerization/SandboxContext \ --grpc-swift_out="Sources/Containerization/SandboxContext" \ --grpc-swift_opt=Visibility=Public \ --swift_out="Sources/Containerization/SandboxContext" \ --swift_opt=Visibility=Public \ -I. @"$(MAKE)" update-licenses .PHONY: clean-proto-tools clean-proto-tools: @echo Cleaning proto tools... @rm -rf $(LOCAL_DIR)/bin/protoc* ================================================ FILE: README.md ================================================ # Containerization The Containerization package allows applications to use Linux containers. Containerization is written in [Swift](https://www.swift.org) and uses [Virtualization.framework](https://developer.apple.com/documentation/virtualization) on Apple silicon. > **Looking for command line binaries for running containers?**\ > They are available in the dedicated [apple/container](https://github.com/apple/container) repository. Containerization provides APIs to: - [Manage OCI images](./Sources/ContainerizationOCI/). - [Interact with remote registries](./Sources/ContainerizationOCI/Client/). - [Create and populate ext4 file systems](./Sources/ContainerizationEXT4/). - [Interact with the Netlink socket family](./Sources/ContainerizationNetlink/). - [Create an optimized Linux kernel for fast boot times](./kernel/). - [Spawn lightweight virtual machines and manage the runtime environment](./Sources/Containerization/LinuxContainer.swift). - [Spawn and interact with containerized processes](./Sources/Containerization/LinuxProcess.swift). - Use Rosetta 2 for running linux/amd64 containers on Apple silicon. Please view the [API documentation](https://apple.github.io/containerization/documentation/) for information on the Swift packages that Containerization provides. ## Design Containerization executes each Linux container inside of its own lightweight virtual machine. Clients can create dedicated IP addresses for every container to remove the need for individual port forwarding. Containers achieve sub-second start times using an optimized [Linux kernel configuration](/kernel) and a minimal root filesystem with a lightweight init system. [vminitd](/vminitd) is a small init system, which is a subproject within Containerization. `vminitd` is spawned as the initial process inside of the virtual machine and provides a GRPC API over vsock. The API allows the runtime environment to be configured and containerized processes to be launched. `vminitd` provides I/O, signals, and events to the calling process when a process is run. ## Requirements To build the Containerization package, you need: - Mac with Apple silicon - macOS 26 - Xcode 26 Older versions of macOS are not supported. ## Example Usage For examples of how to use some of the libraries surface, the cctl executable is a good start. This app is a useful playground for exploring the API. It contains commands that exercise some of the core functionality of the various products, such as: 1. [Manipulating OCI images](./Sources/cctl/ImageCommand.swift) 2. [Logging in to container registries](./Sources/cctl/LoginCommand.swift) 3. [Creating root filesystem blocks](./Sources/cctl/RootfsCommand.swift) 4. [Running simple Linux containers](./Sources/cctl/RunCommand.swift) ## Linux kernel A Linux kernel is required for spawning lightweight virtual machines on macOS. Containerization provides an optimized kernel configuration located in the [kernel](./kernel) directory. This directory includes a containerized build environment to easily compile a kernel for use with Containerization. The kernel configuration is a minimal set of features to support fast start times and a light weight environment. While this configuration will work for the majority of workloads we understand that some will need extra features. To solve this Containerization provides first class APIs to use different kernel configurations and versions on a per container basis. This enables containers to be developed and validated across different kernel versions. See the [README](/kernel/README.md) in the kernel directory for instructions on how to compile the optimized kernel. ### Kernel Support Containerization allows user provided kernels but tests functionality starting with kernel version `6.14.9`. ### Pre-built Kernel If you wish to consume a pre-built kernel, make sure it has `VIRTIO` drivers compiled into the kernel (not merely as modules). The [Kata Containers](https://github.com/kata-containers/kata-containers) project provides a Linux kernel that is optimized for containers, with all required configuration options enabled. The [releases](https://github.com/kata-containers/kata-containers/releases/) page contains downloadable artifacts, and the image itself (`vmlinux.container`) can be found in the `/opt/kata/share/kata-containers/` directory. ## Prepare to build package Install the recommended version of Xcode. Set the active developer directory to the installed Xcode (replace ``): ```bash sudo xcode-select -s ``` Install [Swiftly](https://github.com/swiftlang/swiftly), [Swift](https://www.swift.org), and [Static Linux SDK](https://www.swift.org/documentation/articles/static-linux-getting-started.html): ```bash make cross-prep ``` If you use a custom terminal application, you may need to move this command from `.zprofile` to `.zshrc` (replace ``): ```bash # Added by swiftly . "/Users//.swiftly/env.sh" ``` Restart the terminal application. Ensure this command returns `/Users//.swiftly/bin/swift` (replace ``): ```bash which swift ``` If you've installed or used a Static Linux SDK previously, you may need to remove older SDK versions from the system (replace ``): ```bash swift sdk list swift sdk remove ``` ## Build the package Build Containerization from sources: ```bash make all ``` ## Test the package After building, run basic and integration tests: ```bash make test integration ``` A kernel is required to run integration tests. If you do not have a kernel locally for use a default kernel can be fetched using the `make fetch-default-kernel` target. Fetching the default kernel only needs to happen after an initial build or after a `make clean`. ```bash make fetch-default-kernel make all test integration ``` ## Protobufs Containerization depends on specific versions of `grpc-swift` and `swift-protobuf`. You can install them and re-generate RPC interfaces with: ```bash make protos ``` ## Building a kernel If you'd like to build your own kernel please see the instructions in the [kernel directory](./kernel/README.md). ## Pre-commit hook Run `make pre-commit` to install a pre-commit hook that ensures that your changes have correct formatting and license headers when you run `git commit`. ## Documentation Generate the API documentation for local viewing with: ```bash make docs make serve-docs ``` Preview the documentation by running in another terminal: ```bash open http://localhost:8000/containerization/documentation/ ``` ## Contributing Contributions to Containerization are welcomed and encouraged. Please see [CONTRIBUTING.md](/CONTRIBUTING.md) for more information. ## Project Status Version 0.1.0 is the first official release of Containerization. Earlier versions have no source stability guarantees. Because the Containerization library is under active development, source stability is only guaranteed within minor versions (for example, between 0.1.1 and 0.1.2). If you don't want potentially source-breaking package updates, you can specify your package dependency using .upToNextMinorVersion(from: "0.1.0") instead. Future minor versions of the package may introduce changes to these rules as needed. ================================================ FILE: SECURITY.md ================================================ # Security disclosure process If you believe that you have discovered a security or privacy vulnerability in our open source software, please report it to us using the [GitHub private vulnerability feature](https://github.com/apple/containerization/security/advisories/new). Reports should include specific product and software version(s) that you believe are affected; a technical description of the behavior that you observed and the behavior that you expected; the steps required to reproduce the issue; and a proof of concept or exploit. The project team will do their best to acknowledge receiving all security reports within 7 days of submission. This initial acknowledgment is neither acceptance nor rejection of your report. The project team may come back to you with further questions or invite you to collaborate while working through the details of your report. Keep these additional guidelines in mind when submitting your report: * Reports concerning known, publicly disclosed CVEs can be submitted as normal issues to this project. * Output from automated security scans or fuzzers MUST include additional context demonstrating the vulnerability with a proof of concept or working exploit. * Application crashes due to malformed inputs are typically not treated as security vulnerabilities, unless they are shown to also impact other processes on the system. While we welcome reports for open source software projects, they are not eligible for Apple Security Bounties. ================================================ FILE: Sources/CShim/capability.c ================================================ /* * Copyright © 2025-2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #if defined(__linux__) #include #include #include "capability.h" // Capability syscall wrappers int CZ_capget(void *header, void *data) { return syscall(SYS_capget, header, data); } int CZ_capset(void *header, void *data) { return syscall(SYS_capset, header, data); } #endif ================================================ FILE: Sources/CShim/exec_command.c ================================================ /* * Copyright © 2025-2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #if defined(__linux__) || defined(__APPLE__) #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #if defined(__linux__) #include #endif #include "exec_command.h" #ifndef SYS_close_range #define SYS_close_range 436 #endif #ifndef CLOSE_RANGE_CLOEXEC #define CLOSE_RANGE_CLOEXEC 0x4 #endif static int mark_cloexec(int fd) { int flags = fcntl(fd, F_GETFD); if (flags == -1) return flags; if (flags & FD_CLOEXEC) return 0; return fcntl(fd, F_SETFD, flags | FD_CLOEXEC); } static int cloexec_from(int min_fd) { #if defined(__linux__) // First try close_range. long ret = syscall(SYS_close_range, min_fd, ~0U, CLOSE_RANGE_CLOEXEC); if (ret == 0) { return 0; } const char* dirpath = "/proc/self/fd"; #elif defined(__APPLE__) const char* dirpath = "/dev/fd"; #endif DIR *dp = opendir(dirpath); if (!dp) return -1; int dp_fd = dirfd(dp); struct dirent *de; while ((de = readdir(dp))) { if (de->d_name[0] == '.') continue; char *end; long val = strtol(de->d_name, &end, 10); if (*end || val < 0 || val > INT_MAX) continue; int fd = (int)val; if (fd < min_fd || fd == dp_fd) continue; int ret = mark_cloexec(fd); if (ret != 0) { return ret; } } close(dp_fd); closedir(dp); return 0; } void exec_command_attrs_init(struct exec_command_attrs *attrs) { attrs->setpgid = 0; attrs->pgid = 0; attrs->setsid = 0; attrs->setctty = 0; attrs->ctty = 0; attrs->mask = 0; attrs->uid = -1; attrs->gid = -1; attrs->pdeathSignal = 0; attrs->setfgpgrp = 0; } static void child_handler(const int sync_pipes[2], const char *executable, char *const args[], char *const environment[], const int file_handles[], const int file_handle_count, const char *cwd, const sigset_t old_mask, const struct exec_command_attrs attrs) { int i = 0; int err = 0; int fd_index = 0; int fd_table[file_handle_count]; struct rlimit limits = {0}; int syncfd = sync_pipes[1]; struct sigaction action = {0}; // Closing our parent's side of the pipe if (close(sync_pipes[0]) < 0) { goto fail; } // Setup process group and foreground before clearing signal mask. if (attrs.setpgid) { if (setpgid(0, attrs.pgid) < 0) { goto fail; } } // Make the new process group the foreground process group so it can read from the TTY. if (attrs.setfgpgrp) { if (tcsetpgrp(STDIN_FILENO, getpgrp()) < 0) { if (errno != ENOTTY && errno != ENXIO) { goto fail; } } } // clear sighandlers action.sa_flags = 0; action.sa_handler = SIG_DFL; sigemptyset(&action.sa_mask); for (i = 0; i < NSIG; i++) { sigaction(i, &action, 0); } sigset_t local_mask; sigemptyset(&local_mask); if (pthread_sigmask(SIG_SETMASK, &local_mask, NULL) < 0) { goto fail; } // start shuffling fds. // look at all the file handles and find the highest one, // use that for our pipe, // // Then, we need to start dup2 the fds starting for the final process // at 0-n. // as an example we have this list of FDs that should be passed to the // process: // /* The index of this list is the final result that the new process expects. The values are open fds provided from the parent process. [0] == 12 [1] == 7 [2] == 9 [3] == 0 We also have a pipe to sync the child and parent so that adds an additional parameter to consider. So we start by finding the highest open fd in the list, then move our pipe to the next. i.e. fd12 is highest so move our pipe to fd13 Now start moving all the fds above our pipe as we will need to start placing the fds in the child process into the right order. Make sure they are all marked cloexec. pipe == 13 [0] == 12 dup2 14 [1] == 7 dup2 15 [2] == 9 dup2 16 [3] == 0 dup2 17 Now overwrite the fd table for the child with the current index. Make index == fd. pipe == 13 [0] == 14 dup2 0 [1] == 15 dup2 1 [2] == 16 dup2 2 [3] == 17 dup2 3 Clear cloexec on this new fds. */ // find the highest fd value in our list. for (i = 0; i < file_handle_count; i++) { if (file_handles[i] > fd_index) { fd_index = file_handles[i]; } fd_table[i] = file_handles[i]; } // now fd_index is == to the highest fd in our list of handles. // Increment it and set our pipe to it. fd_index++; if (syncfd != fd_index) { if (dup2(syncfd, fd_index) < 0) { goto fail; } if (close(syncfd) < 0) { goto fail; } syncfd = fd_index; } fd_index++; // make sure our syncfd retains its cloexec if (fcntl(syncfd, F_SETFD, FD_CLOEXEC) == -1) { goto fail; } // move the rest of the fds up above our index if they don't match the index. for (i = 0; i < file_handle_count; i++) { if (fd_table[i] == i) { continue; } if (dup2(fd_table[i], fd_index) < 0) { goto fail; } if (fcntl(fd_index, F_SETFD, FD_CLOEXEC) == -1) { goto fail; } fd_table[i] = fd_index; fd_index++; } // now create the child process's final fd table. where i == i for (i = 0; i < file_handle_count; i++) { if (fd_table[i] != i) { if (dup2(fd_table[i], i) < 0) { goto fail; } } // now fd[i] should == i // clear cloexec as this fd is where we want it. if (fcntl(i, F_SETFD, 0) == -1) { goto fail; } } if (attrs.setsid) { if (setsid() == -1) { goto fail; } } if (attrs.setctty) { if (ioctl(attrs.ctty, TIOCSCTTY, 0)) { goto fail; } } #if defined(__linux__) // Set parent death signal if specified if (attrs.pdeathSignal != 0) { if (prctl(PR_SET_PDEATHSIG, attrs.pdeathSignal) != 0) { goto fail; } } #endif // close exec everything outside of our child's fd_table. if (cloexec_from(file_handle_count) != 0) { goto fail; } // set gid if (attrs.gid != -1) { if (setgid(attrs.gid) != 0) { goto fail; } } // set uid if (attrs.uid != -1) { if (setreuid(attrs.uid, attrs.uid) != 0) { goto fail; } } if (cwd != NULL) { if (chdir(cwd)) { goto fail; } } execve(executable, args, environment); fail: err = errno; if (err) { // send our error to the parent while (write(syncfd, &err, sizeof(err)) < 0) ; } exit(127); } int exec_command(pid_t *result, const char *executable, char *const args[], char *const envp[], const int file_handles[], const int file_handle_count, const char *working_directory, struct exec_command_attrs *attrs) { pid_t pid = 0; int err = 0; int sync_pipe[2]; sigset_t old_mask; sigset_t all; sigfillset(&all); if (pipe(sync_pipe)) { goto fail; } if (pthread_sigmask(SIG_SETMASK, &all, &old_mask) < 0) { goto fail; } pid = fork(); if (pid == -1) { close(sync_pipe[0]); close(sync_pipe[1]); goto fail; } if (pid == 0) { // hand off to child child_handler(sync_pipe, executable, args, envp, file_handles, file_handle_count, working_directory, old_mask, *attrs); exit(EXIT_FAILURE); } // handle parent operations if (close(sync_pipe[1]) < 0) { goto fail; } // sync with our child process err = 0; ssize_t size = read(sync_pipe[0], &err, sizeof(err)); // -- we didn't get an errno back if (size != sizeof(err)) { // will be used as return result err = 0; } else { // we did get an errno back from the child process and our // err var is set to that errno // lets set our errno and then reap the process errno = err; int status = 0; waitpid(pid, &status, 0); // lets continue our journey below } if (close(sync_pipe[0]) < 0) { goto fail; } if (err) { goto fail; } (*result) = pid; err = 0; fail: if (pthread_sigmask(SIG_SETMASK, &old_mask, 0) < 0) { printf("restoring signal mask: %s\n", strerror(errno)); } if (err) { printf("exec_command execve: %s\n", strerror(err)); return -1; } return 0; } #endif ================================================ FILE: Sources/CShim/include/capability.h ================================================ /* * Copyright © 2025-2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef __CAPABILITY_H #define __CAPABILITY_H #if defined(__linux__) // Capability syscall wrappers int CZ_capget(void *header, void *data); int CZ_capset(void *header, void *data); #endif #endif ================================================ FILE: Sources/CShim/include/exec_command.h ================================================ /* * Copyright © 2025-2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef exec_command_h #define exec_command_h #if defined(__linux__) || defined(__APPLE__) #include #include struct exec_command_attrs { int setpgid; /// parent group id pid_t pgid; /// set the controlling terminal int setctty; /// controlling terminal fd int ctty; /// set the process as session leader int setsid; /// set the process user id uid_t uid; /// set the process group id gid_t gid; /// signal mask for the child process int mask; /// parent death signal (Linux only, 0 to disable) int pdeathSignal; /// make the new process group the foreground process group int setfgpgrp; }; void exec_command_attrs_init(struct exec_command_attrs *attrs); /// spawn a new child process with the provided attrs int exec_command(pid_t *result, const char *executable, char *const argv[], char *const envp[], const int file_handles[], const int file_handle_count, const char *working_directory, struct exec_command_attrs *attrs); #endif /* defined(__linux__) || defined(__APPLE__) */ #endif /* exec_command_h */ ================================================ FILE: Sources/CShim/include/openat2.h ================================================ /* * Copyright © 2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef __OPENAT2_H #define __OPENAT2_H #include #ifndef RESOLVE_IN_ROOT #define RESOLVE_IN_ROOT 0x10 #endif struct cz_open_how { unsigned long long flags; unsigned long long mode; unsigned long long resolve; }; /// openat2(2) wrapper. Musl does not provide openat2 so we invoke the syscall /// directly. Requires Linux 5.6+. int CZ_openat2(int dirfd, const char *pathname, struct cz_open_how *how, size_t size); #endif ================================================ FILE: Sources/CShim/include/prctl.h ================================================ /* * Copyright © 2025-2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef __PRCTL_H #define __PRCTL_H #if defined(__linux__) #include // Capability management prctl wrappers int CZ_prctl_set_keepcaps(); int CZ_prctl_clear_keepcaps(); int CZ_prctl_capbset_drop(unsigned int capability); int CZ_prctl_cap_ambient_clear_all(); int CZ_prctl_cap_ambient_raise(unsigned int capability); #endif #endif ================================================ FILE: Sources/CShim/include/socket_helpers.h ================================================ /* * Copyright © 2025-2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef socket_helpers_h #define socket_helpers_h #include #include // Helper functions to access CMSG macros from Swift struct cmsghdr* CZ_CMSG_FIRSTHDR(struct msghdr *msg); void* CZ_CMSG_DATA(struct cmsghdr *cmsg); size_t CZ_CMSG_SPACE(size_t length); size_t CZ_CMSG_LEN(size_t length); #endif /* socket_helpers_h */ ================================================ FILE: Sources/CShim/include/vsock.h ================================================ /* * Copyright © 2025-2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ // #ifndef vsock_h #define vsock_h #include #ifdef __APPLE__ #include #else #include #include #endif /* __APPLE__ */ extern const unsigned long VsockLocalCIDIoctl; #endif /* vsock_h */ ================================================ FILE: Sources/CShim/openat2.c ================================================ /* * Copyright © 2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #if defined(__linux__) #include #include #include "openat2.h" #ifndef SYS_openat2 #define SYS_openat2 437 #endif int CZ_openat2(int dirfd, const char *pathname, struct cz_open_how *how, size_t size) { return syscall(SYS_openat2, dirfd, pathname, how, size); } #endif ================================================ FILE: Sources/CShim/prctl.c ================================================ /* * Copyright © 2025-2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #if defined(__linux__) #include #include "prctl.h" // Set keep caps to preserve capabilities across setuid() int CZ_prctl_set_keepcaps() { return prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0); } // Clear keep caps after user change int CZ_prctl_clear_keepcaps() { return prctl(PR_SET_KEEPCAPS, 0, 0, 0, 0); } // Drop capability from bounding set int CZ_prctl_capbset_drop(unsigned int capability) { return prctl(PR_CAPBSET_DROP, capability, 0, 0, 0); } // Clear all ambient capabilities int CZ_prctl_cap_ambient_clear_all() { return prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_CLEAR_ALL, 0, 0, 0); } // Raise ambient capability int CZ_prctl_cap_ambient_raise(unsigned int capability) { return prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, capability, 0, 0); } #endif ================================================ FILE: Sources/CShim/socket_helpers.c ================================================ /* * Copyright © 2025-2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include "socket_helpers.h" struct cmsghdr* CZ_CMSG_FIRSTHDR(struct msghdr *msg) { return CMSG_FIRSTHDR(msg); } void* CZ_CMSG_DATA(struct cmsghdr *cmsg) { return CMSG_DATA(cmsg); } size_t CZ_CMSG_SPACE(size_t length) { return CMSG_SPACE(length); } size_t CZ_CMSG_LEN(size_t length) { return CMSG_LEN(length); } ================================================ FILE: Sources/CShim/vsock.c ================================================ /* * Copyright © 2025-2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include "vsock.h" const unsigned long VsockLocalCIDIoctl = IOCTL_VM_SOCKETS_GET_LOCAL_CID; ================================================ FILE: Sources/Containerization/AttachedFilesystem.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationExtras import ContainerizationOCI /// A filesystem that was attached and able to be mounted inside the runtime environment. public struct AttachedFilesystem: Sendable { /// The type of the filesystem. public var type: String /// The path to the filesystem within a sandbox. public var source: String /// Destination when mounting the filesystem inside a sandbox. public var destination: String /// The options to use when mounting the filesystem. public var options: [String] #if os(macOS) public init(mount: Mount, allocator: any AddressAllocator) throws { switch mount.type { case "virtiofs": let name = try hashMountSource(source: mount.source) self.source = name case "ext4": let char = try allocator.allocate() self.source = "/dev/vd\(char)" default: self.source = mount.source } self.type = mount.type self.options = mount.options self.destination = mount.destination } #endif public init(type: String, source: String, destination: String, options: [String]) { self.type = type self.source = source self.destination = destination self.options = options } } ================================================ FILE: Sources/Containerization/Container.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// The core protocol container implementations must implement. public protocol Container { /// ID for the container. var id: String { get } /// The amount of cpus assigned to the container. var cpus: Int { get } /// The memory in bytes assigned to the container. var memoryInBytes: UInt64 { get } /// The network interfaces assigned to the container. var interfaces: [any Interface] { get } } ================================================ FILE: Sources/Containerization/ContainerManager.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import ContainerizationError import ContainerizationEXT4 import ContainerizationOCI import ContainerizationOS import Foundation import ContainerizationExtras import SystemPackage import Virtualization /// A manager for creating and running containers. /// Supports container networking options. public struct ContainerManager: Sendable { public let imageStore: ImageStore private let vmm: VirtualMachineManager private var network: Network? private var containerRoot: URL { self.imageStore.path.appendingPathComponent("containers") } /// Create a new manager with the provided kernel, initfs mount, image store /// and optional network implementation. This will use a Virtualization.framework /// backed VMM implicitly. public init( kernel: Kernel, initfs: Mount, imageStore: ImageStore, network: Network? = nil, rosetta: Bool = false, nestedVirtualization: Bool = false ) throws { self.imageStore = imageStore self.network = network try Self.createRootDirectory(path: self.imageStore.path) self.vmm = VZVirtualMachineManager( kernel: kernel, initialFilesystem: initfs, rosetta: rosetta, nestedVirtualization: nestedVirtualization ) } /// Create a new manager with the provided kernel, initfs mount, root state /// directory and optional network implementation. This will use a Virtualization.framework /// backed VMM implicitly. public init( kernel: Kernel, initfs: Mount, root: URL? = nil, network: Network? = nil, rosetta: Bool = false, nestedVirtualization: Bool = false ) throws { if let root { self.imageStore = try ImageStore(path: root) } else { self.imageStore = ImageStore.default } self.network = network try Self.createRootDirectory(path: self.imageStore.path) self.vmm = VZVirtualMachineManager( kernel: kernel, initialFilesystem: initfs, rosetta: rosetta, nestedVirtualization: nestedVirtualization ) } /// Create a new manager with the provided kernel, initfs reference, image store /// and optional network implementation. This will use a Virtualization.framework /// backed VMM implicitly. public init( kernel: Kernel, initfsReference: String, imageStore: ImageStore, network: Network? = nil, rosetta: Bool = false, nestedVirtualization: Bool = false ) async throws { self.imageStore = imageStore self.network = network try Self.createRootDirectory(path: self.imageStore.path) let initPath = self.imageStore.path.appendingPathComponent("initfs.ext4") let initImage = try await self.imageStore.getInitImage(reference: initfsReference) let initfs = try await { do { return try await initImage.initBlock(at: initPath, for: .linuxArm) } catch let err as ContainerizationError { guard err.code == .exists else { throw err } return .block( format: "ext4", source: initPath.absolutePath(), destination: "/", options: ["ro"] ) } }() self.vmm = VZVirtualMachineManager( kernel: kernel, initialFilesystem: initfs, rosetta: rosetta, nestedVirtualization: nestedVirtualization ) } /// Create a new manager with the provided kernel and image reference for the initfs. /// This will use a Virtualization.framework backed VMM implicitly. public init( kernel: Kernel, initfsReference: String, root: URL? = nil, network: Network? = nil, rosetta: Bool = false, nestedVirtualization: Bool = false ) async throws { if let root { self.imageStore = try ImageStore(path: root) } else { self.imageStore = ImageStore.default } self.network = network try Self.createRootDirectory(path: self.imageStore.path) let initPath = self.imageStore.path.appendingPathComponent("initfs.ext4") let initImage = try await self.imageStore.getInitImage(reference: initfsReference) let initfs = try await { do { return try await initImage.initBlock(at: initPath, for: .linuxArm) } catch let err as ContainerizationError { guard err.code == .exists else { throw err } return .block( format: "ext4", source: initPath.absolutePath(), destination: "/", options: ["ro"] ) } }() self.vmm = VZVirtualMachineManager( kernel: kernel, initialFilesystem: initfs, rosetta: rosetta, nestedVirtualization: nestedVirtualization ) } /// Create a new manager with the provided vmm and network. public init( vmm: any VirtualMachineManager, network: Network? = nil ) throws { self.imageStore = ImageStore.default try Self.createRootDirectory(path: self.imageStore.path) self.network = network self.vmm = vmm } private static func createRootDirectory(path: URL) throws { try FileManager.default.createDirectory( at: path.appendingPathComponent("containers"), withIntermediateDirectories: true ) } /// Returns a new container from the provided image reference. /// - Parameters: /// - id: The container ID. /// - reference: The image reference. /// - rootfsSizeInBytes: The size of the root filesystem in bytes. Defaults to 8 GiB. /// - writableLayerSizeInBytes: Optional size for a separate writable layer. When provided, /// the rootfs becomes read-only and an overlayfs is used with a separate writable layer of this size. /// - readOnly: Whether to mount the root filesystem as read-only. /// - networking: Whether to create a network interface for this container. Defaults to `true`. /// When `false`, no network resources are allocated and `releaseNetwork`/`delete` remain safe to call. public mutating func create( _ id: String, reference: String, rootfsSizeInBytes: UInt64 = 8.gib(), writableLayerSizeInBytes: UInt64? = nil, readOnly: Bool = false, networking: Bool = true, configuration: (inout LinuxContainer.Configuration) throws -> Void ) async throws -> LinuxContainer { let image = try await imageStore.get(reference: reference, pull: true) return try await create( id, image: image, rootfsSizeInBytes: rootfsSizeInBytes, writableLayerSizeInBytes: writableLayerSizeInBytes, readOnly: readOnly, networking: networking, configuration: configuration ) } /// Returns a new container from the provided image. /// - Parameters: /// - id: The container ID. /// - image: The image. /// - rootfsSizeInBytes: The size of the root filesystem in bytes. Defaults to 8 GiB. /// - writableLayerSizeInBytes: Optional size for a separate writable layer. When provided, /// the rootfs becomes read-only and an overlayfs is used with a separate writable layer of this size. /// - readOnly: Whether to mount the root filesystem as read-only. /// - networking: Whether to create a network interface for this container. Defaults to `true`. /// When `false`, no network resources are allocated and `releaseNetwork`/`delete` remain safe to call. public mutating func create( _ id: String, image: Image, rootfsSizeInBytes: UInt64 = 8.gib(), writableLayerSizeInBytes: UInt64? = nil, readOnly: Bool = false, networking: Bool = true, configuration: (inout LinuxContainer.Configuration) throws -> Void ) async throws -> LinuxContainer { let path = try createContainerRoot(id) var rootfs = try await unpack( image: image, destination: path.appendingPathComponent("rootfs.ext4"), size: rootfsSizeInBytes ) if readOnly { rootfs.options.append("ro") } // Create writable layer if size is specified. var writableLayer: Mount? = nil if let writableLayerSize = writableLayerSizeInBytes { writableLayer = try createEmptyFilesystem( at: path.appendingPathComponent("writable.ext4"), size: writableLayerSize ) } return try await create( id, image: image, rootfs: rootfs, writableLayer: writableLayer, networking: networking, configuration: configuration ) } /// Returns a new container from the provided image and root filesystem mount. /// - Parameters: /// - id: The container ID. /// - image: The image. /// - rootfs: The root filesystem mount pointing to an existing block file. /// The `destination` field is ignored as mounting is handled internally. /// - writableLayer: Optional writable layer mount. When provided, an overlayfs is used with /// rootfs as the lower layer and this as the upper layer. /// The `destination` field is ignored as mounting is handled internally. /// - networking: Whether to create a network interface for this container. Defaults to `true`. /// When `false`, no network resources are allocated and `releaseNetwork`/`delete` remain safe to call. public mutating func create( _ id: String, image: Image, rootfs: Mount, writableLayer: Mount? = nil, networking: Bool = true, configuration: (inout LinuxContainer.Configuration) throws -> Void ) async throws -> LinuxContainer { let imageConfig = try await image.config(for: .current).config return try LinuxContainer( id, rootfs: rootfs, writableLayer: writableLayer, vmm: self.vmm ) { config in if let imageConfig { config.process = .init(from: imageConfig) } if networking, let interface = try self.network?.createInterface(id) { config.interfaces = [interface] guard let gateway = interface.ipv4Gateway else { throw ContainerizationError( .invalidState, message: "missing ipv4 gateway for container \(id)" ) } config.dns = .init(nameservers: [gateway.description]) } config.bootLog = BootLog.file(path: self.containerRoot.appendingPathComponent(id).appendingPathComponent("bootlog.log")) try configuration(&config) } } /// Releases network resources for a container. /// /// - Parameter id: The container ID. public mutating func releaseNetwork(_ id: String) throws { try self.network?.releaseInterface(id) } /// Releases network resources and removes all files for a container. /// - Parameter id: The container ID. public mutating func delete(_ id: String) throws { try self.releaseNetwork(id) let path = containerRoot.appendingPathComponent(id) try FileManager.default.removeItem(at: path) } private func createContainerRoot(_ id: String) throws -> URL { let path = containerRoot.appendingPathComponent(id) try FileManager.default.createDirectory(at: path, withIntermediateDirectories: false) return path } private func unpack(image: Image, destination: URL, size: UInt64) async throws -> Mount { do { let unpacker = EXT4Unpacker(blockSizeInBytes: size) return try await unpacker.unpack(image, for: .current, at: destination) } catch let err as ContainerizationError { if err.code == .exists { return .block( format: "ext4", source: destination.absolutePath(), destination: "/", options: [] ) } throw err } } private func createEmptyFilesystem(at destination: URL, size: UInt64) throws -> Mount { let path = destination.absolutePath() guard !FileManager.default.fileExists(atPath: path) else { throw ContainerizationError(.exists, message: "filesystem already exists at \(path)") } let filesystem = try EXT4.Formatter(FilePath(path), minDiskSize: size) try filesystem.close() return .block( format: "ext4", source: path, destination: "/", options: [] ) } } extension CIDRv4 { /// The gateway address of the network. public var gateway: IPv4Address { IPv4Address(self.lower.value + 1) } } #endif ================================================ FILE: Sources/Containerization/ContainerStatistics.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// Statistics for a container. public struct ContainerStatistics: Sendable { public var id: String public var process: ProcessStatistics? public var memory: MemoryStatistics? public var cpu: CPUStatistics? public var blockIO: BlockIOStatistics? public var networks: [NetworkStatistics]? public var memoryEvents: MemoryEventStatistics? public init( id: String, process: ProcessStatistics? = nil, memory: MemoryStatistics? = nil, cpu: CPUStatistics? = nil, blockIO: BlockIOStatistics? = nil, networks: [NetworkStatistics]? = nil, memoryEvents: MemoryEventStatistics? = nil ) { self.id = id self.process = process self.memory = memory self.cpu = cpu self.blockIO = blockIO self.networks = networks self.memoryEvents = memoryEvents } /// Process statistics for a container. public struct ProcessStatistics: Sendable { public var current: UInt64 public var limit: UInt64 public init(current: UInt64, limit: UInt64) { self.current = current self.limit = limit } } /// Memory statistics for a container. public struct MemoryStatistics: Sendable { public var usageBytes: UInt64 public var limitBytes: UInt64 public var swapUsageBytes: UInt64 public var swapLimitBytes: UInt64 public var cacheBytes: UInt64 public var kernelStackBytes: UInt64 public var slabBytes: UInt64 public var pageFaults: UInt64 public var majorPageFaults: UInt64 public var inactiveFile: UInt64 public var anon: UInt64 public init( usageBytes: UInt64, limitBytes: UInt64, swapUsageBytes: UInt64, swapLimitBytes: UInt64, cacheBytes: UInt64, kernelStackBytes: UInt64, slabBytes: UInt64, pageFaults: UInt64, majorPageFaults: UInt64, inactiveFile: UInt64, anon: UInt64 ) { self.usageBytes = usageBytes self.limitBytes = limitBytes self.swapUsageBytes = swapUsageBytes self.swapLimitBytes = swapLimitBytes self.cacheBytes = cacheBytes self.kernelStackBytes = kernelStackBytes self.slabBytes = slabBytes self.pageFaults = pageFaults self.majorPageFaults = majorPageFaults self.inactiveFile = inactiveFile self.anon = anon } } /// CPU statistics for a container. public struct CPUStatistics: Sendable { public var usageUsec: UInt64 public var userUsec: UInt64 public var systemUsec: UInt64 public var throttlingPeriods: UInt64 public var throttledPeriods: UInt64 public var throttledTimeUsec: UInt64 public init( usageUsec: UInt64, userUsec: UInt64, systemUsec: UInt64, throttlingPeriods: UInt64, throttledPeriods: UInt64, throttledTimeUsec: UInt64 ) { self.usageUsec = usageUsec self.userUsec = userUsec self.systemUsec = systemUsec self.throttlingPeriods = throttlingPeriods self.throttledPeriods = throttledPeriods self.throttledTimeUsec = throttledTimeUsec } } /// Block I/O statistics for a container. public struct BlockIOStatistics: Sendable { public var devices: [BlockIODevice] public init(devices: [BlockIODevice]) { self.devices = devices } } /// Block I/O statistics for a specific device. public struct BlockIODevice: Sendable { public var major: UInt64 public var minor: UInt64 public var readBytes: UInt64 public var writeBytes: UInt64 public var readOperations: UInt64 public var writeOperations: UInt64 public init( major: UInt64, minor: UInt64, readBytes: UInt64, writeBytes: UInt64, readOperations: UInt64, writeOperations: UInt64 ) { self.major = major self.minor = minor self.readBytes = readBytes self.writeBytes = writeBytes self.readOperations = readOperations self.writeOperations = writeOperations } } /// Statistics for a network interface. public struct NetworkStatistics: Sendable { public var interface: String public var receivedPackets: UInt64 public var transmittedPackets: UInt64 public var receivedBytes: UInt64 public var transmittedBytes: UInt64 public var receivedErrors: UInt64 public var transmittedErrors: UInt64 public init( interface: String, receivedPackets: UInt64, transmittedPackets: UInt64, receivedBytes: UInt64, transmittedBytes: UInt64, receivedErrors: UInt64, transmittedErrors: UInt64 ) { self.interface = interface self.receivedPackets = receivedPackets self.transmittedPackets = transmittedPackets self.receivedBytes = receivedBytes self.transmittedBytes = transmittedBytes self.receivedErrors = receivedErrors self.transmittedErrors = transmittedErrors } } /// Memory event counters from cgroup2's memory.events file. public struct MemoryEventStatistics: Sendable { /// Number of times the cgroup was reclaimed due to low memory. public var low: UInt64 /// Number of times the cgroup exceeded its high memory limit. public var high: UInt64 /// Number of times the cgroup hit its max memory limit. public var max: UInt64 /// Number of times the cgroup triggered OOM. public var oom: UInt64 /// Number of processes killed by OOM killer. public var oomKill: UInt64 public init(low: UInt64, high: UInt64, max: UInt64, oom: UInt64, oomKill: UInt64) { self.low = low self.high = high self.max = max self.oom = oom self.oomKill = oomKill } } } /// Categories of statistics that can be requested. public struct StatCategory: OptionSet, Sendable { public let rawValue: Int public init(rawValue: Int) { self.rawValue = rawValue } /// Process statistics (pids.current, pids.max). public static let process = StatCategory(rawValue: 1 << 0) /// Memory usage statistics. public static let memory = StatCategory(rawValue: 1 << 1) /// CPU usage statistics. public static let cpu = StatCategory(rawValue: 1 << 2) /// Block I/O statistics. public static let blockIO = StatCategory(rawValue: 1 << 3) /// Network interface statistics. public static let network = StatCategory(rawValue: 1 << 4) /// Memory event counters (OOM kills, pressure events, etc.). public static let memoryEvents = StatCategory(rawValue: 1 << 5) /// All available statistics categories. public static let all: StatCategory = [.process, .memory, .cpu, .blockIO, .network, .memoryEvents] } ================================================ FILE: Sources/Containerization/DNSConfiguration.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// DNS configuration for a container. The values will be used to /// construct /etc/resolv.conf for a given container. public struct DNS: Sendable { /// The set of default nameservers to use if none are provided /// in the constructor. public static let defaultNameservers = ["1.1.1.1"] /// The nameservers a container should use. public var nameservers: [String] /// The DNS domain to use. public var domain: String? /// The DNS search domains to use. public var searchDomains: [String] /// The DNS options to use. public var options: [String] public init( nameservers: [String] = defaultNameservers, domain: String? = nil, searchDomains: [String] = [], options: [String] = [] ) { self.nameservers = nameservers self.domain = domain self.searchDomains = searchDomains self.options = options } } extension DNS { public var resolvConf: String { var text = "" if !nameservers.isEmpty { text += nameservers.map { "nameserver \($0)" }.joined(separator: "\n") + "\n" } if let domain { text += "domain \(domain)\n" } if !searchDomains.isEmpty { text += "search \(searchDomains.joined(separator: " "))\n" } if !options.isEmpty { text += "options \(options.joined(separator: " "))\n" } return text } } ================================================ FILE: Sources/Containerization/ExitStatus.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// ExitStatus contains the exit code for a given container process, /// as well as the timestamp at which it exited. public struct ExitStatus: Sendable { /// The exit code for the process. public var exitCode: Int32 /// The timestamp when the process exited. public var exitedAt: Date public init(exitCode: Int32) { self.exitCode = exitCode self.exitedAt = .now } public init(exitCode: Int32, exitedAt: Date) { self.exitCode = exitCode self.exitedAt = exitedAt } } ================================================ FILE: Sources/Containerization/FileMount.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import ContainerizationError import ContainerizationOCI import Foundation /// Manages single-file mounts by transforming them into virtiofs directory shares /// plus bind mounts. /// /// Since virtiofs only supports sharing directories, mounting a single file without /// exposing the other potential files in that directory needs a little bit of a "hack". /// The one we've landed on is: /// /// 1. Creating a temporary directory containing a hardlink to the file /// 2. Sharing that directory via virtiofs to a holding location in the guest /// 3. Bind mounting the specific file from the holding location to the final destination /// /// This type handles all three steps transparently. struct FileMountContext: Sendable { /// Metadata for a single prepared file mount. struct PreparedMount: Sendable { /// Original file path on host let hostFilePath: String /// Where the user wants the file in the container let containerDestination: String /// Just the filename let filename: String /// Temp directory containing the hardlinked file let tempDirectory: URL /// The virtiofs tag (hash of temp dir path). Used to find the AttachedFilesystem let tag: String /// Mount options from the original mount let options: [String] /// Where we mounted the share in the guest (set after mountHoldingDirectories) var guestHoldingPath: String? } /// Prepared file mounts for this context var preparedMounts: [PreparedMount] /// The transformed mounts to pass to the VM (files replaced with directory shares) private(set) var transformedMounts: [Mount] private init() { self.preparedMounts = [] self.transformedMounts = [] } /// Returns true if there are any file mounts that need handling. var hasFileMounts: Bool { !preparedMounts.isEmpty } /// Returns the set of virtiofs tags for file mount holding directories. /// These should be filtered out from OCI spec mounts since we mount them /// separately under /run. var holdingDirectoryTags: Set { Set(preparedMounts.map { $0.tag }) } } extension FileMountContext { /// Prepare mounts for a container, detecting file mounts and transforming them. /// /// This method stats each virtiofs mount source. If it's a regular file rather than /// a directory, it creates a temporary directory with a hardlink to the file and /// substitutes a directory share for the original mount. /// /// - Parameter mounts: The original mounts from the container config /// - Returns: A FileMountContext containing transformed mounts and tracking info static func prepare(mounts: [Mount]) throws -> FileMountContext { var context = FileMountContext() var transformed: [Mount] = [] for mount in mounts { // Only virtiofs mounts can be files guard case .virtiofs(let runtimeOpts) = mount.runtimeOptions else { transformed.append(mount) continue } // Stat the source to see if it's a file let fm = FileManager.default var isDirectory: ObjCBool = false guard fm.fileExists(atPath: mount.source, isDirectory: &isDirectory) else { // Doesn't exist. Let the normal flow handle the error transformed.append(mount) continue } if isDirectory.boolValue { // It's a directory, pass through unchanged transformed.append(mount) continue } // It's a file, so prepare it. let prepared = try context.prepareFileMount(mount: mount, runtimeOptions: runtimeOpts) // Create a regular directory share for the temp directory. // The destination here is unused. We'll mount it ourselves to a location under /run. let directoryShare = Mount.share( source: prepared.tempDirectory.path, destination: "/.file-mount-holding", options: mount.options.filter { $0 != "bind" }, runtimeOptions: runtimeOpts ) transformed.append(directoryShare) } context.transformedMounts = transformed return context } private mutating func prepareFileMount( mount: Mount, runtimeOptions: [String] ) throws -> PreparedMount { let resolvedSource = URL(fileURLWithPath: mount.source).resolvingSymlinksInPath() let sourceURL = URL(fileURLWithPath: mount.source) let filename = sourceURL.lastPathComponent let tempDir = FileManager.default.temporaryDirectory .appendingPathComponent("containerization-file-mounts") .appendingPathComponent(UUID().uuidString) try FileManager.default.createDirectory( at: tempDir, withIntermediateDirectories: true ) // Hardlink the file (falls back to copy if cross-filesystem) let destURL = tempDir.appendingPathComponent(filename) do { try FileManager.default.linkItem(at: resolvedSource, to: destURL) } catch { // Hardlink failed. Fall back to copy try FileManager.default.copyItem(at: resolvedSource, to: destURL) } let tag = try hashMountSource(source: tempDir.path) let prepared = PreparedMount( hostFilePath: mount.source, containerDestination: mount.destination, filename: filename, tempDirectory: tempDir, tag: tag, options: mount.options, guestHoldingPath: nil ) preparedMounts.append(prepared) return prepared } } extension FileMountContext { /// Mount the holding directories in the guest for all file mounts. /// - Parameters: /// - vmMounts: The AttachedFilesystem array from the VM for this container /// - agent: The VM agent for RPCs mutating func mountHoldingDirectories( vmMounts: [AttachedFilesystem], agent: any VirtualMachineAgent ) async throws { for i in preparedMounts.indices { let prepared = preparedMounts[i] // Find the attached filesystem by matching the virtiofs tag guard let attached = vmMounts.first(where: { $0.type == "virtiofs" && $0.source == prepared.tag }) else { throw ContainerizationError( .notFound, message: "could not find attached filesystem for file mount \(prepared.hostFilePath)" ) } let guestPath = "/run/file-mounts/\(prepared.tag)" try await agent.mkdir(path: guestPath, all: true, perms: 0o755) try await agent.mount( ContainerizationOCI.Mount( type: "virtiofs", source: attached.source, destination: guestPath, options: [] )) preparedMounts[i].guestHoldingPath = guestPath } } } extension FileMountContext { /// Get the bind mounts to append to the OCI spec. func ociBindMounts() -> [ContainerizationOCI.Mount] { preparedMounts.compactMap { prepared in guard let guestPath = prepared.guestHoldingPath else { return nil } return ContainerizationOCI.Mount( type: "none", source: "\(guestPath)/\(prepared.filename)", destination: prepared.containerDestination, options: ["bind"] + prepared.options ) } } } extension FileMountContext { /// Clean up temp directories. func cleanUp() { let fm = FileManager.default for prepared in preparedMounts { try? fm.removeItem(at: prepared.tempDirectory) } } } #endif ================================================ FILE: Sources/Containerization/Hash.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import Crypto import ContainerizationError import Foundation public func hashMountSource(source: String) throws -> String { // Resolve symlinks so different paths to the same directory get the same hash. let resolvedSource = URL(fileURLWithPath: source).resolvingSymlinksInPath().path guard let data = resolvedSource.data(using: .utf8) else { throw ContainerizationError(.invalidArgument, message: "\(source) could not be converted to Data") } return String(SHA256.hash(data: data).encoded.prefix(36)) } #endif ================================================ FILE: Sources/Containerization/HostsConfiguration.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// Static table lookups for a container. The values will be used to /// construct /etc/hosts for a given container. public struct Hosts: Sendable { /// Represents one entry in an /etc/hosts file. public struct Entry: Sendable { /// The IPV4 or IPV6 address in String form. public var ipAddress: String /// The hostname(s) for the entry. public var hostnames: [String] /// An optional comment to be placed to the right side of the entry. public var comment: String? public init(ipAddress: String, hostnames: [String], comment: String? = nil) { self.comment = comment self.hostnames = hostnames self.ipAddress = ipAddress } /// The information in the structure rendered to a String representation /// that matches the format /etc/hosts expects. public var rendered: String { var line = ipAddress if !hostnames.isEmpty { line += " " + hostnames.joined(separator: " ") } if let comment { line += " # \(comment) " } return line } public static func localHostIPV4(comment: String? = nil) -> Self { Self( ipAddress: "127.0.0.1", hostnames: ["localhost"], comment: comment ) } public static func localHostIPV6(comment: String? = nil) -> Self { Self( ipAddress: "::1", hostnames: ["localhost", "ip6-localhost", "ip6-loopback"], comment: comment ) } public static func ipv6LocalNet(comment: String? = nil) -> Self { Self( ipAddress: "fe00::", hostnames: ["ip6-localnet"], comment: comment ) } public static func ipv6MulticastPrefix(comment: String? = nil) -> Self { Self( ipAddress: "ff00::", hostnames: ["ip6-mcastprefix"], comment: comment ) } public static func ipv6AllNodes(comment: String? = nil) -> Self { Self( ipAddress: "ff02::1", hostnames: ["ip6-allnodes"], comment: comment ) } public static func ipv6AllRouters(comment: String? = nil) -> Self { Self( ipAddress: "ff02::2", hostnames: ["ip6-allrouters"], comment: comment ) } } /// The entries to be written to /etc/hosts. public var entries: [Entry] /// A comment to render at the top of the file. public var comment: String? public init( entries: [Entry], comment: String? = nil ) { self.entries = entries self.comment = comment } } extension Hosts { /// A default entry that can be used for convenience. It contains a IPV4 /// and IPV6 localhost entry, as well as ipv6 localnet, ipv6 mcastprefix, /// ipv6 allnodes, and ipv6 allrouters. public static let `default` = Hosts(entries: [ Entry.localHostIPV4(), Entry.localHostIPV6(), Entry.ipv6LocalNet(), Entry.ipv6MulticastPrefix(), Entry.ipv6AllNodes(), Entry.ipv6AllRouters(), ]) /// Returns a string variant of the data that can be written to /// /etc/hosts directly. public var hostsFile: String { var lines: [String] = [] if let comment { lines.append("# \(comment)") } for entry in entries { lines.append(entry.rendered) } return lines.joined(separator: "\n") + "\n" } } ================================================ FILE: Sources/Containerization/IO/ReaderStream.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// A type that returns a stream of Data. public protocol ReaderStream: Sendable { func stream() -> AsyncStream } ================================================ FILE: Sources/Containerization/IO/Terminal+ReaderStream.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOS import Foundation extension Terminal: ReaderStream { public func stream() -> AsyncStream { .init { cont in self.handle.readabilityHandler = { handle in let data = handle.availableData if data.isEmpty { self.handle.readabilityHandler = nil cont.finish() return } cont.yield(data) } } } } extension Terminal: Writer {} ================================================ FILE: Sources/Containerization/IO/Writer.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// A type that writes the provided Data. public protocol Writer: Sendable { func write(_ data: Data) throws func close() throws } ================================================ FILE: Sources/Containerization/Image/Image.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationOCI import ContainerizationOS import Foundation /// Type representing an OCI container image. public struct Image: Sendable { private let contentStore: ContentStore /// The description for the image that comprises of its name and a reference to its root descriptor. public let description: Description /// A description of the OCI image. public struct Description: Sendable { /// The string reference of the image. public let reference: String /// The descriptor identifying the image. public let descriptor: Descriptor /// The digest for the image. public var digest: String { descriptor.digest } /// The media type of the image. public var mediaType: String { descriptor.mediaType } public init(reference: String, descriptor: Descriptor) { self.reference = reference self.descriptor = descriptor } } /// The descriptor for the image. public var descriptor: Descriptor { description.descriptor } /// The digest of the image. public var digest: String { description.digest } /// The media type of the image. public var mediaType: String { description.mediaType } /// The string reference for the image. public var reference: String { description.reference } public init(description: Description, contentStore: ContentStore) { self.description = description self.contentStore = contentStore } /// Returns the underlying OCI index for the image. public func index() async throws -> Index { guard let content: Content = try await contentStore.get(digest: digest) else { throw ContainerizationError(.notFound, message: "content with digest \(digest)") } return try content.decode() } /// Returns the manifest for the specified platform. public func manifest(for platform: Platform) async throws -> Manifest { let index = try await self.index() let desc = index.manifests.first { desc in desc.platform == platform } guard let desc else { throw ContainerizationError(.unsupported, message: "platform \(platform.description)") } guard let content: Content = try await contentStore.get(digest: desc.digest) else { throw ContainerizationError(.notFound, message: "content with digest \(digest)") } return try content.decode() } /// Returns the descriptor for the given platform. If it does not exist /// will throw a ContainerizationError with the code set to .invalidArgument. public func descriptor(for platform: Platform) async throws -> Descriptor { let index = try await self.index() let desc = index.manifests.first { $0.platform == platform } guard let desc else { throw ContainerizationError(.invalidArgument, message: "unsupported platform \(platform)") } return desc } /// Returns the OCI config for the specified platform. public func config(for platform: Platform) async throws -> ContainerizationOCI.Image { let manifest = try await self.manifest(for: platform) let desc = manifest.config guard let content: Content = try await contentStore.get(digest: desc.digest) else { throw ContainerizationError(.notFound, message: "content with digest \(digest)") } return try content.decode() } /// Returns a list of digests to all the referenced OCI objects. public func referencedDigests() async throws -> [String] { var referenced: [String] = [self.digest.trimmingDigestPrefix] let index = try await self.index() for manifest in index.manifests { referenced.append(manifest.digest.trimmingDigestPrefix) guard let m: Manifest = try? await contentStore.get(digest: manifest.digest) else { // If the requested digest does not exist or is not a manifest. Skip. // Its safe to skip processing this digest as it wont have any child layers. continue } let descs = m.layers + [m.config] referenced.append(contentsOf: descs.map { $0.digest.trimmingDigestPrefix }) } return referenced } /// Returns a reference to the content blob for the image. The specified digest must be referenced by the image in one of its layers. public func getContent(digest: String) async throws -> Content { guard try await self.referencedDigests().contains(digest.trimmingDigestPrefix) else { throw ContainerizationError(.internalError, message: "image \(self.reference) does not reference digest \(digest)") } guard let content: Content = try await contentStore.get(digest: digest) else { throw ContainerizationError(.notFound, message: "content with digest \(digest)") } return content } } ================================================ FILE: Sources/Containerization/Image/ImageStore/ImageStore+Export.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // import ContainerizationError import ContainerizationExtras import ContainerizationIO import ContainerizationOCI import Crypto import Foundation extension ImageStore { public struct ExportOperation: Sendable { let name: String let tag: String let contentStore: ContentStore let client: ContentClient let progress: ProgressHandler? public init(name: String, tag: String, contentStore: ContentStore, client: ContentClient, progress: ProgressHandler? = nil) { self.contentStore = contentStore self.client = client self.progress = progress self.name = name self.tag = tag } @discardableResult public func export(index: Descriptor, platforms: (Platform) -> Bool) async throws -> Descriptor { var pushQueue: [[Descriptor]] = [] var current: [Descriptor] = [index] while !current.isEmpty { let children = try await self.getChildren(descs: current) let matches = try filterPlatforms(matcher: platforms, children).uniqued { $0.digest } pushQueue.append(matches) current = matches } let localIndexData = try await self.createIndex(from: index, matching: platforms) await updatePushProgress(pushQueue: pushQueue, localIndexData: localIndexData) // We need to work bottom up when pushing an image. // First, the tar blobs / config layers, then, the manifests and so on... // When processing a given "level", the requests maybe made in parallel. // We need to ensure that the child level has been uploaded fully // before uploading the parent level. try await withThrowingTaskGroup(of: Void.self) { group in for layerGroup in pushQueue.reversed() { for chunk in layerGroup.chunks(ofCount: 8) { for desc in chunk { guard let content = try await self.contentStore.get(digest: desc.digest) else { throw ContainerizationError(.notFound, message: "content with digest \(desc.digest)") } group.addTask { let readStream = try ReadStream(url: content.path) try await self.pushContent(descriptor: desc, stream: readStream) } } try await group.waitForAll() } } } // Lastly, we need to construct and push a new index, since we may // have pushed content only for specific platforms. let digest = SHA256.hash(data: localIndexData) let descriptor = Descriptor( mediaType: MediaTypes.index, digest: digest.digestString, size: Int64(localIndexData.count)) let stream = ReadStream(data: localIndexData) try await self.pushContent(descriptor: descriptor, stream: stream) return descriptor } private func updatePushProgress(pushQueue: [[Descriptor]], localIndexData: Data) async { for layerGroup in pushQueue { for desc in layerGroup { await progress?([ .addTotalSize(desc.size), .addTotalItems(1), ]) } } await progress?([ .addTotalSize(Int64(localIndexData.count)), .addTotalItems(1), ]) } private func createIndex(from index: Descriptor, matching: (Platform) -> Bool) async throws -> Data { guard let content = try await self.contentStore.get(digest: index.digest) else { throw ContainerizationError(.notFound, message: "content with digest \(index.digest)") } var idx: Index = try content.decode() let manifests = idx.manifests var matchedManifests: [Descriptor] = [] var skippedPlatforms = false for manifest in manifests { guard let p = manifest.platform else { continue } if matching(p) { matchedManifests.append(manifest) } else { skippedPlatforms = true } } if !skippedPlatforms { return try content.data() } idx.manifests = matchedManifests return try JSONEncoder().encode(idx) } private func pushContent(descriptor: Descriptor, stream: ReadStream) async throws { do { let generator = { try stream.reset() return stream.stream } try await client.push(name: name, ref: tag, descriptor: descriptor, streamGenerator: generator, progress: progress) await progress?([ .addSize(descriptor.size), .addItems(1), ]) } catch let err as ContainerizationError { guard err.code != .exists else { // We reported the total items and size and have to account for them in existing content. await progress?([ .addSize(descriptor.size), .addItems(1), ]) return } throw err } } private func getChildren(descs: [Descriptor]) async throws -> [Descriptor] { var out: [Descriptor] = [] for desc in descs { let mediaType = desc.mediaType guard let content = try await self.contentStore.get(digest: desc.digest) else { throw ContainerizationError(.notFound, message: "content with digest \(desc.digest)") } switch mediaType { case MediaTypes.index, MediaTypes.dockerManifestList: let index: Index = try content.decode() out.append(contentsOf: index.manifests) case MediaTypes.imageManifest, MediaTypes.dockerManifest: let manifest: Manifest = try content.decode() out.append(manifest.config) out.append(contentsOf: manifest.layers) default: continue } } return out } } } ================================================ FILE: Sources/Containerization/Image/ImageStore/ImageStore+Import.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // import ContainerizationError import ContainerizationExtras import ContainerizationOCI import Foundation extension ImageStore { public struct ImportOperation: Sendable { static let decoder = JSONDecoder() let client: ContentClient let ingestDir: URL let contentStore: ContentStore let progress: ProgressHandler? let name: String let maxConcurrentDownloads: Int public init(name: String, contentStore: ContentStore, client: ContentClient, ingestDir: URL, progress: ProgressHandler? = nil, maxConcurrentDownloads: Int = 3) { self.client = client self.ingestDir = ingestDir self.contentStore = contentStore self.progress = progress self.name = name self.maxConcurrentDownloads = maxConcurrentDownloads } /// Pull the required image layers for the provided descriptor and platform(s) into the given directory using the provided client. Returns a descriptor to the Index manifest. public func `import`(root: Descriptor, matcher: (ContainerizationOCI.Platform) -> Bool) async throws -> Descriptor { var toProcess = [root] while !toProcess.isEmpty { // Count the total number of blobs and their size if let progress { var size: Int64 = 0 for desc in toProcess { size += desc.size } await progress([ .addTotalSize(size), .addTotalItems(toProcess.count), ]) } try await self.fetchAll(toProcess) let children = try await self.walk(toProcess) let filtered = try filterPlatforms(matcher: matcher, children) toProcess = filtered.uniqued { $0.digest } } guard root.mediaType != MediaTypes.dockerManifestList && root.mediaType != MediaTypes.index else { return root } // Create an index for the root descriptor and write it to the content store let index = try await self.createIndex(for: root) // In cases where the root descriptor pointed to `MediaTypes.imageManifest` // Or `MediaTypes.dockerManifest`, it is required that we check the supported platform // matches the platforms we were asked to pull. This can be done only after we created // the Index. let supportedPlatforms = index.manifests.compactMap { $0.platform } guard supportedPlatforms.allSatisfy(matcher) else { throw ContainerizationError(.unsupported, message: "image \(root.digest) does not support required platforms") } let writer = try ContentWriter(for: self.ingestDir) let result = try writer.create(from: index) return Descriptor( mediaType: MediaTypes.index, digest: result.digest.digestString, size: Int64(result.size)) } private func getManifestContent(descriptor: Descriptor) async throws -> T { do { if let content = try await self.contentStore.get(digest: descriptor.digest.trimmingDigestPrefix) { return try content.decode() } if let content = try? LocalContent(path: ingestDir.appending(path: descriptor.digest.trimmingDigestPrefix)) { return try content.decode() } return try await self.client.fetch(name: name, descriptor: descriptor) } catch { throw ContainerizationError(.internalError, message: "cannot fetch content with digest \(descriptor.digest)", cause: error) } } private func walk(_ descriptors: [Descriptor]) async throws -> [Descriptor] { var out: [Descriptor] = [] for desc in descriptors { let mediaType = desc.mediaType switch mediaType { case MediaTypes.index, MediaTypes.dockerManifestList: let index: Index = try await self.getManifestContent(descriptor: desc) out.append(contentsOf: index.manifests) case MediaTypes.imageManifest, MediaTypes.dockerManifest: let manifest: Manifest = try await self.getManifestContent(descriptor: desc) out.append(manifest.config) out.append(contentsOf: manifest.layers) default: // TODO: Explicitly handle other content types continue } } return out } private func fetchAll(_ descriptors: [Descriptor]) async throws { try await withThrowingTaskGroup(of: Void.self) { group in var iterator = descriptors.makeIterator() // Start initial batch of concurrent downloads based on maxConcurrentDownloads for _ in 0.. 1.mib() { try await self.fetchBlob(descriptor) } else { try await self.fetchData(descriptor) } // Count the number of blobs await progress?([ .addItems(1) ]) } private func fetchBlob(_ descriptor: Descriptor) async throws { let id = UUID().uuidString let fm = FileManager.default let tempFile = ingestDir.appendingPathComponent(id) let (_, digest) = try await client.fetchBlob(name: name, descriptor: descriptor, into: tempFile, progress: progress) guard digest.digestString == descriptor.digest else { throw ContainerizationError(.internalError, message: "digest mismatch expected \(descriptor.digest), got \(digest.digestString)") } do { try fm.moveItem(at: tempFile, to: ingestDir.appendingPathComponent(digest.encoded)) } catch let err as NSError { guard err.code == NSFileWriteFileExistsError else { throw err } try fm.removeItem(at: tempFile) } } @discardableResult private func fetchData(_ descriptor: Descriptor) async throws -> Data { let data = try await client.fetchData(name: name, descriptor: descriptor) let writer = try ContentWriter(for: ingestDir) let result = try writer.write(data) if let progress { let size = Int64(result.size) await progress([ .addSize(size) ]) } guard result.digest.digestString == descriptor.digest else { throw ContainerizationError(.internalError, message: "digest mismatch expected \(descriptor.digest), got \(result.digest.digestString)") } return data } private func createIndex(for root: Descriptor) async throws -> Index { switch root.mediaType { case MediaTypes.index, MediaTypes.dockerManifestList: return try await self.getManifestContent(descriptor: root) case MediaTypes.imageManifest, MediaTypes.dockerManifest: let supportedPlatforms = try await getSupportedPlatforms(for: root) guard supportedPlatforms.count == 1 else { throw ContainerizationError( .internalError, message: "descriptor \(root.mediaType) with digest \(root.digest) does not list any supported platform or supports more than one platform, supported platforms: \(supportedPlatforms)" ) } let platform = supportedPlatforms.first! var root = root root.platform = platform let index = ContainerizationOCI.Index( schemaVersion: 2, manifests: [root], annotations: [ // indicate that this is a synthesized index which is not directly user facing AnnotationKeys.containerizationIndexIndirect: "true" ]) return index default: throw ContainerizationError(.internalError, message: "failed to create index for descriptor \(root.digest), media type \(root.mediaType)") } } private func getSupportedPlatforms(for root: Descriptor) async throws -> [ContainerizationOCI.Platform] { var supportedPlatforms: [ContainerizationOCI.Platform] = [] var toProcess = [root] while !toProcess.isEmpty { let children = try await self.walk(toProcess) for child in children { if let p = child.platform { supportedPlatforms.append(p) continue } switch child.mediaType { case MediaTypes.imageConfig, MediaTypes.dockerImageConfig: let config: ContainerizationOCI.Image = try await self.getManifestContent(descriptor: child) let p = ContainerizationOCI.Platform( arch: config.architecture, os: config.os, osFeatures: config.osFeatures, variant: config.variant ) supportedPlatforms.append(p) default: continue } } toProcess = children } return supportedPlatforms } } } ================================================ FILE: Sources/Containerization/Image/ImageStore/ImageStore+OCILayout.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationExtras import ContainerizationOCI import Foundation extension ImageStore { /// Exports the specified images and their associated layers to an OCI Image Layout directory. /// This function saves the images identified by the `references` array, including their /// manifests and layer blobs, into a directory structure compliant with the OCI Image Layout specification at the given `out` URL. /// /// - Parameters: /// - references: A list image references that exists in the `ImageStore` that are to be saved in the OCI Image Layout format. /// - out: A URL to a directory on disk at which the OCI Image Layout structure will be created. /// - platform: An optional parameter to indicate the platform to be saved for the images. /// Defaults to `nil` signifying that layers for all supported platforms by the images will be saved. /// public func save(references: [String], out: URL, platform: Platform? = nil) async throws { let matcher = createPlatformMatcher(for: platform) let fileManager = FileManager.default let tempDir = fileManager.uniqueTemporaryDirectory() defer { try? fileManager.removeItem(at: tempDir) } var toSave: [Image] = [] for reference in references { let image = try await self.get(reference: reference) let allowedMediaTypes = [MediaTypes.dockerManifestList, MediaTypes.index] guard allowedMediaTypes.contains(image.mediaType) else { throw ContainerizationError(.internalError, message: "cannot save image \(image.reference) with Index media type \(image.mediaType)") } toSave.append(image) } let client = try LocalOCILayoutClient(root: out) var saved: [Descriptor] = [] for image in toSave { let ref = try Reference.parse(image.reference) let name = ref.path guard let tag = ref.tag ?? ref.digest else { throw ContainerizationError(.invalidArgument, message: "invalid tag/digest for image reference \(image.reference)") } let operation = ExportOperation(name: name, tag: tag, contentStore: self.contentStore, client: client, progress: nil) var descriptor = try await operation.export(index: image.descriptor, platforms: matcher) client.setImageReferenceAnnotation(descriptor: &descriptor, reference: image.reference) saved.append(descriptor) } try client.createOCILayoutStructure(directory: out, manifests: saved) } /// Imports one or more images and their associated layers from an OCI Image Layout directory. /// /// - Parameters: /// - directory: A URL to a directory on disk at that follows the OCI Image Layout structure. /// - progress: An optional handler over which progress update events about the load operation can be received. /// - Returns: The list of images that were loaded into the `ImageStore`. /// public func load(from directory: URL, progress: ProgressHandler? = nil) async throws -> [Image] { let client = try LocalOCILayoutClient(root: directory) let index = try client.loadIndexFromOCILayout(directory: directory) let matcher = createPlatformMatcher(for: nil) var loaded: [Image.Description] = [] let (id, tempDir) = try await self.contentStore.newIngestSession() do { for descriptor in index.manifests { let reference = client.getImageReferencefromDescriptor(descriptor: descriptor) let ref = try Reference.parse(reference) let name = ref.path let operation = ImportOperation(name: name, contentStore: self.contentStore, client: client, ingestDir: tempDir, progress: progress) let indexDesc = try await operation.import(root: descriptor, matcher: matcher) loaded.append(Image.Description(reference: reference, descriptor: indexDesc)) } let loadedImages = loaded let importedImages = try await self.lock.withLock { lock in var images: [Image] = [] try await self.contentStore.completeIngestSession(id) for description in loadedImages { let img = try await self._create(description: description, lock: lock) images.append(img) } return images } guard importedImages.count > 0 else { throw ContainerizationError(.internalError, message: "failed to import image") } return importedImages } catch { try? await self.contentStore.cancelIngestSession(id) throw error } } } ================================================ FILE: Sources/Containerization/Image/ImageStore/ImageStore+ReferenceManager.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationOCI import Foundation extension ImageStore { /// A ReferenceManager handles the mappings between an image's /// reference and the underlying descriptor inside of a content store. internal actor ReferenceManager { private let path: URL private typealias State = [String: Descriptor] private var images: State public init(path: URL) throws { try FileManager.default.createDirectory(at: path, withIntermediateDirectories: true) self.path = path self.images = [:] } private func load() throws -> State { let statePath = self.path.appendingPathComponent("state.json") guard FileManager.default.fileExists(atPath: statePath.absolutePath()) else { return [:] } do { let data = try Data(contentsOf: statePath) return try JSONDecoder().decode(State.self, from: data) } catch { throw ContainerizationError(.internalError, message: "failed to load image state \(error.localizedDescription)") } } private func save(_ state: State) throws { let statePath = self.path.appendingPathComponent("state.json") try JSONEncoder().encode(state).write(to: statePath) } public func delete(reference: String) throws { var state = try self.load() state.removeValue(forKey: reference) try self.save(state) } public func delete(image: Image.Description) throws { try self.delete(reference: image.reference) } public func create(description: Image.Description) throws { var state = try self.load() state[description.reference] = description.descriptor try self.save(state) } public func list() throws -> [Image.Description] { let state = try self.load() return state.map { key, val in let description = Image.Description(reference: key, descriptor: val) return description } } public func get(reference: String) throws -> Image.Description { let images = try self.list() let hit = images.first(where: { image in image.reference == reference }) guard let hit else { throw ContainerizationError(.notFound, message: "image \(reference) not found") } return hit } } } ================================================ FILE: Sources/Containerization/Image/ImageStore/ImageStore.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationExtras import ContainerizationOCI import Foundation /// An ImageStore handles the mappings between an image's /// reference and the underlying descriptor inside of a content store. public actor ImageStore: Sendable { /// The ImageStore path it was created with. public nonisolated let path: URL private let referenceManager: ReferenceManager internal let contentStore: ContentStore internal let lock: AsyncLock = AsyncLock() public init(path: URL, contentStore: ContentStore? = nil) throws { try FileManager.default.createDirectory(at: path, withIntermediateDirectories: true) if let contentStore { self.contentStore = contentStore } else { self.contentStore = try LocalContentStore(path: path.appendingPathComponent("content")) } self.path = path self.referenceManager = try ReferenceManager(path: path) } /// Return the default image store for the current user. public static let `default`: ImageStore = { do { let root = try defaultRoot() return try ImageStore(path: root) } catch { fatalError("unable to initialize default ImageStore \(error)") } }() private static func defaultRoot() throws -> URL { let root = FileManager.default.urls( for: .applicationSupportDirectory, in: .userDomainMask ).first guard let root else { throw ContainerizationError(.notFound, message: "unable to get Application Support directory for current user") } return root.appendingPathComponent("com.apple.containerization") } } extension ImageStore { /// Get an image from the `ImageStore`. /// /// - Parameters: /// - reference: Name of the image. /// - pull: Pull the image if it is not found. /// /// - Returns: A `Containerization.Image` object whose `reference` matches the given string. /// This method throws a `ContainerizationError(code: .notFound)` if the provided reference does not exist in the `ImageStore`. public func get(reference: String, pull: Bool = false) async throws -> Image { do { let desc = try await self.referenceManager.get(reference: reference) return Image(description: desc, contentStore: self.contentStore) } catch let error as ContainerizationError { if error.code == .notFound && pull { return try await self.pull(reference: reference) } throw error } } /// Get a list of all images in the `ImageStore`. /// /// - Returns: A `[Containerization.Image]` for all the images in the `ImageStore`. public func list() async throws -> [Image] { try await self.referenceManager.list().map { desc in Image(description: desc, contentStore: self.contentStore) } } /// Create a new image in the `ImageStore`. /// /// - Parameters: /// - description: The underlying `Image.Description` that contains information about the reference and index descriptor for the image to be created. /// /// - Note: It is assumed that the underlying manifests and blob layers for the image already exists in the `ContentStore` that the `ImageStore` was initialized with. This method is invoked when the `pull(...)` , `load(...)` and `tag(...)` methods are used. /// - Returns: A `Containerization.Image` @discardableResult public func create(description: Image.Description) async throws -> Image { try await self.lock.withLock { ctx in try await self._create(description: description, lock: ctx) } } @discardableResult internal func _create(description: Image.Description, lock: AsyncLock.Context) async throws -> Image { try await self.referenceManager.create(description: description) return Image(description: description, contentStore: self.contentStore) } /// Delete an image from the `ImageStore`. /// /// - Parameters: /// - reference: Name of the image that is to be deleted. /// - performCleanup: Perform a garbage collection on the `ContentStore`, removing all unreferenced image layers and manifests, public func delete(reference: String, performCleanup: Bool = false) async throws { try await self.lock.withLock { lockCtx in try await self.referenceManager.delete(reference: reference) if performCleanup { try await self._cleanUpOrphanedBlobs(lockCtx) } } } /// Clean up orphaned blobs that are no longer referenced by any image. /// /// - Returns: Returns a tuple of `(deleted, freed)`. /// `deleted` : A list of the names of the content items that were deleted from the `ContentStore`, /// `freed` : The total size of the items that were deleted. @discardableResult public func cleanUpOrphanedBlobs() async throws -> (deleted: [String], freed: UInt64) { try await self.lock.withLock { lockCtx in try await self._cleanUpOrphanedBlobs(lockCtx) } } /// Calculate the size of orphaned blobs without deleting them. /// /// - Returns: The total size in bytes of blobs that are not referenced by any image. public func calculateOrphanedBlobsSize() async throws -> UInt64 { try await self.lock.withLock { lockCtx in try await self._calculateOrphanedBlobsSize(lockCtx) } } @discardableResult private func _cleanUpOrphanedBlobs(_ lock: AsyncLock.Context) async throws -> (deleted: [String], freed: UInt64) { let images = try await self.list() var referenced: [String] = [] for image in images { try await referenced.append(contentsOf: image.referencedDigests().uniqued()) } let (deleted, size) = try await self.contentStore.delete(keeping: referenced) return (deleted, size) } private func _calculateOrphanedBlobsSize(_ lock: AsyncLock.Context) async throws -> UInt64 { let images = try await self.list() var referenced: [String] = [] for image in images { try await referenced.append(contentsOf: image.referencedDigests().uniqued()) } // Calculate size of blobs not in the referenced list let referencedSet = Set(referenced.map { $0.trimmingDigestPrefix }) let blobsPath = self.path.appendingPathComponent("content/blobs/sha256") let fileManager = FileManager.default let allBlobs = try fileManager.contentsOfDirectory( at: blobsPath, includingPropertiesForKeys: [.fileSizeKey], options: [.skipsHiddenFiles] ) var orphanedSize: UInt64 = 0 for blobURL in allBlobs { let digest = blobURL.lastPathComponent if !referencedSet.contains(digest) { if let resourceValues = try? blobURL.resourceValues(forKeys: [.fileSizeKey]), let size = resourceValues.fileSize { orphanedSize += UInt64(size) } } } return orphanedSize } /// Tag an existing image such that it can be referenced by another name. /// /// - Parameters: /// - existing: The reference to an image that already exists in the `ImageStore`. /// - new: The new reference by which the image should also be referenced as. /// - Note: The new image created in the `ImageStore` will have the same `Image.Description` /// as that of the image with reference `existing.` /// - Returns: A `Containerization.Image` object to the newly created image. public func tag(existing: String, new: String) async throws -> Image { let old = try await self.get(reference: existing) let descriptor = old.descriptor do { _ = try Reference.parse(new) } catch { throw ContainerizationError(.invalidArgument, message: "invalid reference \(new), error: \(error)") } let newDescription = Image.Description(reference: new, descriptor: descriptor) return try await self.create(description: newDescription) } } extension ImageStore { /// Pull an image and its associated manifest and blob layers from a remote registry. /// /// - Parameters: /// - reference: A string that references an image in a remote registry of the form `[:]/repository:` /// For example: "docker.io/library/alpine:latest". /// - platform: An optional parameter to indicate the platform to be pulled for the image. /// Defaults to `nil` signifying that layers for all supported platforms by the image will be pulled. /// - insecure: A boolean indicating if the connection to the remote registry should be made via plain-text http or not. /// Defaults to false, meaning the connection to the registry will be over https. /// - auth: An object that implements the `Authentication` protocol, /// used to add any credentials to the HTTP requests that are made to the registry. /// Defaults to `nil` meaning no additional credentials are added to any HTTP requests made to the registry. /// - progress: An optional handler over which progress update events about the pull operation can be received. /// /// - Returns: A `Containerization.Image` object to the newly pulled image. public func pull( reference: String, platform: Platform? = nil, insecure: Bool = false, auth: Authentication? = nil, progress: ProgressHandler? = nil, maxConcurrentDownloads: Int = 3 ) async throws -> Image { let matcher = createPlatformMatcher(for: platform) let client = try RegistryClient(reference: reference, insecure: insecure, auth: auth, tlsConfiguration: TLSUtils.makeEnvironmentAwareTLSConfiguration()) let ref = try Reference.parse(reference) let name = ref.path guard let tag = ref.tag ?? ref.digest else { throw ContainerizationError(.invalidArgument, message: "invalid tag/digest for image reference \(reference)") } let rootDescriptor = try await client.resolve(name: name, tag: tag) let (id, tempDir) = try await self.contentStore.newIngestSession() let operation = ImportOperation( name: name, contentStore: self.contentStore, client: client, ingestDir: tempDir, progress: progress, maxConcurrentDownloads: maxConcurrentDownloads) do { let index = try await operation.import(root: rootDescriptor, matcher: matcher) return try await self.lock.withLock { lock in try await self.contentStore.completeIngestSession(id) let description = Image.Description(reference: reference, descriptor: index) let image = try await self._create(description: description, lock: lock) return image } } catch { try? await self.contentStore.cancelIngestSession(id) throw error } } /// Push an image and its associated manifest and blob layers to a remote registry. /// /// - Parameters: /// - reference: A string that references an image in the `ImageStore`. It must be of the form `[:]/repository:` /// For example: "ghcr.io/foo-bar-baz/image:v1". /// - platform: An optional parameter to indicate the platform to be pushed for the image. /// Defaults to `nil` signifying that layers for all supported platforms by the image will be pushed to the remote registry. /// - insecure: A boolean indicating if the connection to the remote registry should be made via plain-text http or not. /// Defaults to false, meaning the connection to the registry will be over https. /// - auth: An object that implements the `Authentication` protocol, /// used to add any credentials to the HTTP requests that are made to the registry. /// Defaults to `nil` meaning no additional credentials are added to any HTTP requests made to the registry. /// - progress: An optional handler over which progress update events about the push operation can be received. /// public func push(reference: String, platform: Platform? = nil, insecure: Bool = false, auth: Authentication? = nil, progress: ProgressHandler? = nil) async throws { let matcher = createPlatformMatcher(for: platform) let img = try await self.get(reference: reference) let allowedMediaTypes = [MediaTypes.dockerManifestList, MediaTypes.index] guard allowedMediaTypes.contains(img.mediaType) else { throw ContainerizationError(.internalError, message: "cannot push image \(reference) with Index media type \(img.mediaType)") } let ref = try Reference.parse(reference) let name = ref.path guard let tag = ref.tag ?? ref.digest else { throw ContainerizationError(.invalidArgument, message: "invalid tag/digest for image reference \(reference)") } let client = try RegistryClient(reference: reference, insecure: insecure, auth: auth, tlsConfiguration: TLSUtils.makeEnvironmentAwareTLSConfiguration()) let operation = ExportOperation(name: name, tag: tag, contentStore: self.contentStore, client: client, progress: progress) try await operation.export(index: img.descriptor, platforms: matcher) } } extension ImageStore { /// Get the image for the init block from the image store. /// If the image does not exist locally, pull the image. public func getInitImage(reference: String, auth: Authentication? = nil, progress: ProgressHandler? = nil) async throws -> InitImage { do { let image = try await self.get(reference: reference) return InitImage(image: image) } catch let error as ContainerizationError { if error.code == .notFound { let image = try await self.pull(reference: reference, auth: auth, progress: progress) return InitImage(image: image) } throw error } } } ================================================ FILE: Sources/Containerization/Image/InitImage.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationOCI import Foundation /// Data representing the image to use as the root filesystem for a virtual machine. /// Typically this image would contain the guest agent used to facilitate container /// workloads, as well as any extras that may be useful to have in the guest. public struct InitImage: Sendable { public var name: String { image.reference } let image: Image public init(image: Image) { self.image = image } } extension InitImage { /// Unpack the initial filesystem for the desired platform at a given path. public func initBlock(at: URL, for platform: SystemPlatform) async throws -> Mount { let unpacker = EXT4Unpacker(blockSizeInBytes: 512.mib()) var fs = try await unpacker.unpack(self.image, for: platform.ociPlatform(), at: at) fs.options = ["ro"] return fs } /// Create a new InitImage with the reference as the name. /// The `rootfs` parameter must be a tar.gz file whose contents make up the filesystem for the image. public static func create( reference: String, rootfs: URL, platform: Platform, labels: [String: String] = [:], imageStore: ImageStore, contentStore: ContentStore ) async throws -> InitImage { let indexDescriptorStore = AsyncStore() try await contentStore.ingest { dir in let writer = try ContentWriter(for: dir) var result = try writer.create(from: rootfs) let layerDescriptor = Descriptor(mediaType: ContainerizationOCI.MediaTypes.imageLayerGzip, digest: result.digest.digestString, size: result.size) // TODO: compute and fill in the correct diffID for the above layer // We currently put in the sha of the fully compressed layer, this needs to be replaced with // the sha of the uncompressed layer. let rootfsConfig = ContainerizationOCI.Rootfs(type: "layers", diffIDs: [result.digest.digestString]) let runtimeConfig = ContainerizationOCI.ImageConfig(labels: labels) let imageConfig = ContainerizationOCI.Image(architecture: platform.architecture, os: platform.os, config: runtimeConfig, rootfs: rootfsConfig) result = try writer.create(from: imageConfig) let configDescriptor = Descriptor(mediaType: ContainerizationOCI.MediaTypes.imageConfig, digest: result.digest.digestString, size: result.size) let manifest = Manifest(config: configDescriptor, layers: [layerDescriptor]) result = try writer.create(from: manifest) let manifestDescriptor = Descriptor(mediaType: ContainerizationOCI.MediaTypes.imageManifest, digest: result.digest.digestString, size: result.size, platform: platform) let index = ContainerizationOCI.Index(manifests: [manifestDescriptor]) result = try writer.create(from: index) let indexDescriptor = Descriptor(mediaType: ContainerizationOCI.MediaTypes.index, digest: result.digest.digestString, size: result.size) await indexDescriptorStore.set(indexDescriptor) } guard let indexDescriptor = await indexDescriptorStore.get() else { throw ContainerizationError(.notFound, message: "image for \(reference) not found") } let description = Image.Description(reference: reference, descriptor: indexDescriptor) let image = try await imageStore.create(description: description) return InitImage(image: image) } } ================================================ FILE: Sources/Containerization/Image/KernelImage.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationOCI import Foundation /// A multi-arch kernel image represented by an OCI image. public struct KernelImage: Sendable { /// The media type for a kernel image. public static let mediaType = "application/vnd.apple.containerization.kernel" /// The name or reference of the image. public var name: String { image.reference } let image: Image public init(image: Image) { self.image = image } } extension KernelImage { /// Return the kernel from a multi arch image for a specific system platform. public func kernel(for platform: SystemPlatform) async throws -> Kernel { let manifest = try await image.manifest(for: platform.ociPlatform()) guard let descriptor = manifest.layers.first, descriptor.mediaType == Self.mediaType else { throw ContainerizationError(.notFound, message: "kernel descriptor for \(platform) not found") } let content = try await image.getContent(digest: descriptor.digest) return Kernel( path: content.path, platform: platform ) } /// Create a new kernel image with the reference as the name. /// This will create a multi arch image containing kernel's for each provided architecture. public static func create(reference: String, binaries: [Kernel], labels: [String: String] = [:], imageStore: ImageStore, contentStore: ContentStore) async throws -> KernelImage { let indexDescriptorStore = AsyncStore() try await contentStore.ingest { ingestPath in var descriptors = [Descriptor]() let writer = try ContentWriter(for: ingestPath) for kernel in binaries { var result = try writer.create(from: kernel.path) let platform = kernel.platform.ociPlatform() let layerDescriptor = Descriptor( mediaType: mediaType, digest: result.digest.digestString, size: result.size, platform: platform) let rootfsConfig = ContainerizationOCI.Rootfs(type: "layers", diffIDs: [result.digest.digestString]) let runtimeConfig = ContainerizationOCI.ImageConfig(labels: labels) let imageConfig = ContainerizationOCI.Image(architecture: platform.architecture, os: platform.os, config: runtimeConfig, rootfs: rootfsConfig) result = try writer.create(from: imageConfig) let configDescriptor = Descriptor(mediaType: ContainerizationOCI.MediaTypes.imageConfig, digest: result.digest.digestString, size: result.size) let manifest = Manifest(config: configDescriptor, layers: [layerDescriptor]) result = try writer.create(from: manifest) let manifestDescriptor = Descriptor( mediaType: ContainerizationOCI.MediaTypes.imageManifest, digest: result.digest.digestString, size: result.size, platform: platform) descriptors.append(manifestDescriptor) } let index = ContainerizationOCI.Index(manifests: descriptors) let result = try writer.create(from: index) let indexDescriptor = Descriptor(mediaType: ContainerizationOCI.MediaTypes.index, digest: result.digest.digestString, size: result.size) await indexDescriptorStore.set(indexDescriptor) } guard let indexDescriptor = await indexDescriptorStore.get() else { throw ContainerizationError(.notFound, message: "image for \(reference) not found") } let description = Image.Description(reference: reference, descriptor: indexDescriptor) let image = try await imageStore.create(description: description) return KernelImage(image: image) } } ================================================ FILE: Sources/Containerization/Image/Unpacker/EXT4Unpacker.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationExtras import ContainerizationOCI import Foundation #if os(macOS) import ContainerizationArchive import ContainerizationEXT4 import SystemPackage #endif public struct EXT4Unpacker: Unpacker { let blockSizeInBytes: UInt64 public init(blockSizeInBytes: UInt64) { self.blockSizeInBytes = blockSizeInBytes } #if os(macOS) /// Performs the unpacking of a tar archive into a filesystem. /// - Parameters: /// - archive: The archive to unpack. /// - compression: The compression to use when unpacking the image. /// - path: The path to the filesystem that will be created. public func unpack( archive: URL, compression: ContainerizationArchive.Filter, at path: URL ) throws { let cleanedPath = try prepareUnpackPath(path: path) let filesystem = try EXT4.Formatter( FilePath(cleanedPath), minDiskSize: blockSizeInBytes ) defer { try? filesystem.close() } try filesystem.unpack( source: archive, format: .paxRestricted, compression: compression, progress: nil ) } #endif /// Returns a `Mount` point after unpacking the image into a filesystem. /// - Parameters: /// - image: The image to unpack. /// - platform: The platform content to unpack. /// - path: The path to the directory where the filesystem will be created. /// - progress: The progress handler to invoke as the unpacking progresses. public func unpack( _ image: Image, for platform: Platform, at path: URL, progress: ProgressHandler? = nil ) async throws -> Mount { #if !os(macOS) throw ContainerizationError(.unsupported, message: "cannot unpack an image on current platform") #else let cleanedPath = try prepareUnpackPath(path: path) let manifest = try await image.manifest(for: platform) let filesystem = try EXT4.Formatter( FilePath( cleanedPath ), minDiskSize: blockSizeInBytes ) defer { try? filesystem.close() } for layer in manifest.layers { try Task.checkCancellation() let content = try await image.getContent(digest: layer.digest) let compression: ContainerizationArchive.Filter switch layer.mediaType { case MediaTypes.imageLayer, MediaTypes.dockerImageLayer: compression = .none case MediaTypes.imageLayerGzip, MediaTypes.dockerImageLayerGzip: compression = .gzip case MediaTypes.imageLayerZstd, MediaTypes.dockerImageLayerZstd: compression = .zstd default: throw ContainerizationError(.unsupported, message: "media type \(layer.mediaType) not supported.") } try filesystem.unpack( source: content.path, format: .paxRestricted, compression: compression, progress: progress ) } return .block( format: "ext4", source: cleanedPath, destination: "/", options: [] ) #endif } private func prepareUnpackPath(path: URL) throws -> String { let blockPath = path.absolutePath() guard !FileManager.default.fileExists(atPath: blockPath) else { throw ContainerizationError(.exists, message: "block device already exists at \(blockPath)") } return blockPath } } ================================================ FILE: Sources/Containerization/Image/Unpacker/Unpacker.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationExtras import ContainerizationOCI import Foundation /// The `Unpacker` protocol defines a standardized interface that involves /// decompressing, extracting image layers and preparing it for use. /// /// The `Unpacker` is responsible for managing the lifecycle of the /// unpacking process, including any temporary files or resources, until the /// `Mount` object is produced. public protocol Unpacker { /// Unpacks the provided image to a specified path for a given platform. /// /// This asynchronous method should handle the entire unpacking process, from reading /// the `Image` layers for the given `Platform` via its `Manifest`, /// to making the extracted contents available as a `Mount`. /// Implementations of this method may apply platform-specific optimizations /// or transformations during the unpacking. /// /// Progress updates can be observed via the optional `progress` handler. func unpack(_ image: Image, for platform: Platform, at path: URL, progress: ProgressHandler?) async throws -> Mount } ================================================ FILE: Sources/Containerization/Interface.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationExtras /// A network interface. public protocol Interface: Sendable { /// The interface IPv4 address and subnet prefix length, as a CIDR address. /// Example: `192.168.64.3/24` var ipv4Address: CIDRv4 { get } /// The IP address for the default route, or nil for no default route. var ipv4Gateway: IPv4Address? { get } /// The interface MAC address, or nil to auto-configure the address. var macAddress: MACAddress? { get } /// The interface MTU (Maximum Transmission Unit). var mtu: UInt32 { get } } extension Interface { public var mtu: UInt32 { 1500 } } ================================================ FILE: Sources/Containerization/Kernel.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// An object representing a Linux kernel used to boot a virtual machine. /// In addition to a path to the kernel itself, this type stores relevant /// data such as the commandline to pass to the kernel, and init arguments. public struct Kernel: Sendable, Codable { /// The command line arguments passed to the kernel on boot. public struct CommandLine: Sendable, Codable { public static let kernelDefaults = [ "console=hvc0", "tsc=reliable", ] /// Adds the debug argument to the kernel commandline. mutating public func addDebug() { self.kernelArgs.append("debug") } /// Adds a panic level to the kernel commandline. mutating public func addPanic(level: Int) { self.kernelArgs.append("panic=\(level)") } /// Additional kernel arguments. public var kernelArgs: [String] /// Additional arguments passed to the Initial Process / Agent. public var initArgs: [String] /// Initializes the kernel commandline using the mix of kernel arguments /// and init arguments. public init( kernelArgs: [String] = kernelDefaults, initArgs: [String] = [] ) { self.kernelArgs = kernelArgs self.initArgs = initArgs } /// Initializes the kernel commandline to the defaults of Self.kernelDefaults, /// adds a debug and panic flag as instructed, and optionally a set of init /// process flags to supply to vminitd. public init(debug: Bool, panic: Int, initArgs: [String] = []) { var args = Self.kernelDefaults if debug { args.append("debug") } args.append("panic=\(panic)") self.kernelArgs = args self.initArgs = initArgs } } /// Path on disk to the kernel binary. public var path: URL /// Platform for the kernel. public var platform: SystemPlatform /// Kernel and init process command line. public var commandLine: Self.CommandLine /// Kernel command line arguments. public var kernelArgs: [String] { self.commandLine.kernelArgs } /// Init process arguments. public var initArgs: [String] { self.commandLine.initArgs } public init( path: URL, platform: SystemPlatform, commandline: Self.CommandLine = CommandLine(debug: false, panic: 0) ) { self.path = path self.platform = platform self.commandLine = commandline } } ================================================ FILE: Sources/Containerization/LinuxContainer.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import ContainerizationArchive import ContainerizationError import ContainerizationExtras import ContainerizationOCI import Foundation import Logging import Synchronization import struct ContainerizationOS.Terminal /// `LinuxContainer` is an easy to use type for launching and managing the /// full lifecycle of a Linux container ran inside of a virtual machine. public final class LinuxContainer: Container, Sendable { /// The identifier of the container. public let id: String /// Rootfs for the container. /// /// Note: The `destination` field of this mount is ignored as mounting is handled internally. public let rootfs: Mount /// Optional writable layer for the container. When provided, the rootfs /// is mounted as the lower layer of an overlayfs, with this as the upper layer. /// All writes will go to this layer instead of the rootfs. /// /// Note: The `destination` field of this mount is ignored as mounting is handled internally. public let writableLayer: Mount? /// Configuration for the container. public let config: Configuration /// The configuration for the LinuxContainer. public struct Configuration: Sendable { /// Configuration for the init process of the container. public var process = LinuxProcessConfiguration() /// The amount of cpus for the container. public var cpus: Int = 4 /// The memory in bytes to give to the container. public var memoryInBytes: UInt64 = 1024.mib() /// The hostname for the container. public var hostname: String? /// The system control options for the container. public var sysctl: [String: String] = [:] /// The network interfaces for the container. public var interfaces: [any Interface] = [] /// The Unix domain socket relays to setup for the container. public var sockets: [UnixSocketConfiguration] = [] /// The mounts for the container. public var mounts: [Mount] = LinuxContainer.defaultMounts() /// The DNS configuration for the container. public var dns: DNS? /// The hosts to add to /etc/hosts for the container. public var hosts: Hosts? /// Enable nested virtualization support. public var virtualization: Bool = false /// Optional destination for serial boot logs. public var bootLog: BootLog? /// EXPERIMENTAL: Path in the root filesystem for the virtual /// machine where the OCI runtime used to spawn the container lives. public var ociRuntimePath: String? /// Run the container with a minimal init process that handles signal /// forwarding and zombie reaping. public var useInit: Bool = false public init() {} public init( process: LinuxProcessConfiguration, cpus: Int = 4, memoryInBytes: UInt64 = 1024.mib(), hostname: String? = nil, sysctl: [String: String] = [:], interfaces: [any Interface] = [], sockets: [UnixSocketConfiguration] = [], mounts: [Mount] = LinuxContainer.defaultMounts(), dns: DNS? = nil, hosts: Hosts? = nil, virtualization: Bool = false, bootLog: BootLog? = nil, ociRuntimePath: String? = nil, useInit: Bool = false ) { self.process = process self.cpus = cpus self.memoryInBytes = memoryInBytes self.hostname = hostname self.sysctl = sysctl self.interfaces = interfaces self.sockets = sockets self.mounts = mounts self.dns = dns self.hosts = hosts self.virtualization = virtualization self.bootLog = bootLog self.ociRuntimePath = ociRuntimePath self.useInit = useInit } } private let state: AsyncMutex // Ports to be allocated from for stdio and for // unix socket relays that are sharing a guest // uds to the host. private let hostVsockPorts: Atomic // Ports we request the guest to allocate for unix socket relays from // the host. private let guestVsockPorts: Atomic // Queue for copy IO. private let copyQueue = DispatchQueue(label: "com.apple.containerization.copy") private enum State: Sendable { /// The container class has been created but no live resources are running. case initialized /// The container's virtual machine has been setup and the runtime environment has been configured. case created(CreatedState) /// The initial process of the container has started and is running. case started(StartedState) /// The container has run and fully stopped. case stopped /// An error occurred during the lifetime of this class. case errored(Swift.Error) /// The container is paused. case paused(PausedState) struct CreatedState: Sendable { let vm: any VirtualMachineInstance let relayManager: UnixSocketRelayManager var fileMountContext: FileMountContext } struct StartedState: Sendable { let vm: any VirtualMachineInstance let process: LinuxProcess let relayManager: UnixSocketRelayManager var vendedProcesses: [String: LinuxProcess] let fileMountContext: FileMountContext init(_ state: CreatedState, process: LinuxProcess) { self.vm = state.vm self.relayManager = state.relayManager self.process = process self.vendedProcesses = [:] self.fileMountContext = state.fileMountContext } init(_ state: PausedState) { self.vm = state.vm self.relayManager = state.relayManager self.process = state.process self.vendedProcesses = state.vendedProcesses self.fileMountContext = state.fileMountContext } } struct PausedState: Sendable { let vm: any VirtualMachineInstance let relayManager: UnixSocketRelayManager let process: LinuxProcess var vendedProcesses: [String: LinuxProcess] let fileMountContext: FileMountContext init(_ state: StartedState) { self.vm = state.vm self.relayManager = state.relayManager self.process = state.process self.vendedProcesses = state.vendedProcesses self.fileMountContext = state.fileMountContext } } func createdState(_ operation: String) throws -> CreatedState { switch self { case .created(let state): return state case .errored(let err): throw err default: throw ContainerizationError( .invalidState, message: "failed to \(operation): container must be created" ) } } func startedState(_ operation: String) throws -> StartedState { switch self { case .started(let state): return state case .errored(let err): throw err default: throw ContainerizationError( .invalidState, message: "failed to \(operation): container must be running" ) } } func pausedState(_ operation: String) throws -> PausedState { switch self { case .paused(let state): return state case .errored(let err): throw err default: throw ContainerizationError( .invalidState, message: "failed to \(operation): container must be paused" ) } } mutating func validateForCreate() throws { switch self { case .initialized, .stopped: break case .errored(let err): throw err default: throw ContainerizationError( .invalidState, message: "container must be in initialized or stopped state to create" ) } } mutating func setErrored(error: Swift.Error) { self = .errored(error) } } private let vmm: VirtualMachineManager private let logger: Logger? /// Create a new `LinuxContainer`. /// /// - Parameters: /// - id: The identifier for the container. /// - rootfs: The root filesystem mount containing the container image contents. /// The `destination` field is ignored as mounting is handled internally. /// - writableLayer: Optional writable layer mount. When provided, an overlayfs is used with /// rootfs as the lower layer and this as the upper layer. Must be a block device. /// The `destination` field is ignored as mounting is handled internally. /// - vmm: The virtual machine manager that will handle launching the VM for the container. /// - logger: Optional logger for container operations. /// - configuration: A closure that configures the container by modifying the Configuration instance. public convenience init( _ id: String, rootfs: Mount, writableLayer: Mount? = nil, vmm: VirtualMachineManager, logger: Logger? = nil, configuration: (inout Configuration) throws -> Void ) throws { var config = Configuration() try configuration(&config) try self.init( id, rootfs: rootfs, writableLayer: writableLayer, vmm: vmm, configuration: config, logger: logger ) } /// Create a new `LinuxContainer`. /// /// - Parameters: /// - id: The identifier for the container. /// - rootfs: The root filesystem mount containing the container image contents. /// The `destination` field is ignored as mounting is handled internally. /// - writableLayer: Optional writable layer mount. When provided, an overlayfs is used with /// rootfs as the lower layer and this as the upper layer. Must be a block device. /// The `destination` field is ignored as mounting is handled internally. /// - vmm: The virtual machine manager that will handle launching the VM for the container. /// - configuration: The container configuration specifying process, resources, networking, and other settings. /// - logger: Optional logger for container operations. public init( _ id: String, rootfs: Mount, writableLayer: Mount? = nil, vmm: VirtualMachineManager, configuration: LinuxContainer.Configuration, logger: Logger? = nil ) throws { if let writableLayer { guard writableLayer.isBlock else { throw ContainerizationError( .invalidArgument, message: "writableLayer must be a block device" ) } } self.id = id self.vmm = vmm self.hostVsockPorts = Atomic(0x1000_0000) self.guestVsockPorts = Atomic(0x1000_0000) self.logger = logger self.config = configuration self.state = AsyncMutex(.initialized) self.rootfs = rootfs self.writableLayer = writableLayer } private static func createDefaultRuntimeSpec(_ id: String) -> Spec { .init( process: .init(), hostname: id, root: .init( path: Self.guestRootfsPath(id), readonly: false ), linux: .init( resources: .init(), cgroupsPath: "/container/\(id)" ) ) } private func generateRuntimeSpec() -> Spec { var spec = Self.createDefaultRuntimeSpec(id) // Process toggles. spec.process = config.process.toOCI() // Wrap with init process if requested. if config.useInit { let originalArgs = spec.process?.args ?? [] spec.process?.args = ["/.cz-init", "--"] + originalArgs } // General toggles. if let hostname = config.hostname { spec.hostname = hostname } // Linux toggles. spec.linux?.sysctl = config.sysctl // If the rootfs was requested as read-only, set it in the OCI spec. // We let the OCI runtime remount as ro, instead of doing it originally. // However, if we have a writable layer, the overlay allows writes so we don't mark it read-only. spec.root?.readonly = self.rootfs.options.contains("ro") && self.writableLayer == nil // Resource limits. // CPU: quota/period model where period is 100ms (100,000µs) and quota is cpus * period // Memory: limit in bytes spec.linux?.resources = LinuxResources( memory: LinuxMemory( limit: Int64(config.memoryInBytes) ), cpu: LinuxCPU( quota: Int64(config.cpus * 100_000), period: 100_000 ) ) spec.linux?.namespaces = [ LinuxNamespace(type: .cgroup), LinuxNamespace(type: .ipc), LinuxNamespace(type: .mount), LinuxNamespace(type: .pid), LinuxNamespace(type: .uts), ] return spec } /// The default set of mounts for a LinuxContainer. public static func defaultMounts() -> [Mount] { let defaultOptions = ["nosuid", "noexec", "nodev"] return [ .any(type: "proc", source: "proc", destination: "/proc"), .any(type: "sysfs", source: "sysfs", destination: "/sys", options: defaultOptions), .any(type: "devtmpfs", source: "none", destination: "/dev", options: ["nosuid", "mode=755"]), .any(type: "mqueue", source: "mqueue", destination: "/dev/mqueue", options: defaultOptions), .any(type: "tmpfs", source: "tmpfs", destination: "/dev/shm", options: defaultOptions + ["mode=1777", "size=65536k"]), .any(type: "cgroup2", source: "none", destination: "/sys/fs/cgroup", options: defaultOptions), .any(type: "devpts", source: "devpts", destination: "/dev/pts", options: ["nosuid", "noexec", "newinstance", "gid=5", "mode=0620", "ptmxmode=0666"]), ] } /// A more traditional default set of mounts that OCI runtimes typically employ. public static func defaultOCIMounts() -> [Mount] { let defaultOptions = ["nosuid", "noexec", "nodev"] return [ .any(type: "proc", source: "proc", destination: "/proc"), .any(type: "tmpfs", source: "tmpfs", destination: "/dev", options: ["nosuid", "mode=755", "size=65536k"]), .any(type: "devpts", source: "devpts", destination: "/dev/pts", options: ["nosuid", "noexec", "newinstance", "gid=5", "mode=0620", "ptmxmode=0666"]), .any(type: "sysfs", source: "sysfs", destination: "/sys", options: defaultOptions), .any(type: "mqueue", source: "mqueue", destination: "/dev/mqueue", options: defaultOptions), .any(type: "tmpfs", source: "tmpfs", destination: "/dev/shm", options: defaultOptions + ["mode=1777", "size=65536k"]), .any(type: "cgroup2", source: "none", destination: "/sys/fs/cgroup", options: defaultOptions), ] } private static func guestRootfsPath(_ id: String) -> String { "/run/container/\(id)/rootfs" } private static func guestSocketStagingPath(_ containerID: String, socketID: String) -> String { "/run/container/\(containerID)/sockets/\(socketID).sock" } } extension LinuxContainer { package var root: String { Self.guestRootfsPath(id) } /// Number of CPU cores allocated. public var cpus: Int { config.cpus } /// Amount of memory in bytes allocated for the container. /// This will be aligned to a 1MB boundary if it isn't already. public var memoryInBytes: UInt64 { config.memoryInBytes } /// Network interfaces of the container. public var interfaces: [any Interface] { config.interfaces } private func mountRootfs( attachments: [AttachedFilesystem], rootfsPath: String, agent: VirtualMachineAgent ) async throws { guard let rootfsAttachment = attachments.first else { throw ContainerizationError(.notFound, message: "rootfs mount not found") } if self.writableLayer != nil { // Set up overlayfs with image as lower layer and writable layer as upper. guard attachments.count >= 2 else { throw ContainerizationError( .notFound, message: "writable layer mount not found" ) } let writableAttachment = attachments[1] let lowerPath = "/run/container/\(self.id)/lower" let upperMountPath = "/run/container/\(self.id)/upper" let upperPath = "/run/container/\(self.id)/upper/diff" let workPath = "/run/container/\(self.id)/upper/work" // Mount the image (lower layer) as read-only. var lowerMount = rootfsAttachment.to lowerMount.destination = lowerPath if !lowerMount.options.contains("ro") { lowerMount.options.append("ro") } try await agent.mount(lowerMount) // Mount the writable layer. var upperMount = writableAttachment.to upperMount.destination = upperMountPath try await agent.mount(upperMount) // Create the upper and work directories inside the writable layer. try await agent.mkdir(path: upperPath, all: true, perms: 0o755) try await agent.mkdir(path: workPath, all: true, perms: 0o755) // Mount the overlay. let overlayMount = ContainerizationOCI.Mount( type: "overlay", source: "overlay", destination: rootfsPath, options: [ "lowerdir=\(lowerPath)", "upperdir=\(upperPath)", "workdir=\(workPath)", ] ) try await agent.mount(overlayMount) } else { // No writable layer. Mount rootfs directly. var rootfs = rootfsAttachment.to rootfs.destination = rootfsPath try await agent.mount(rootfs) } } /// Create and start the underlying container's virtual machine /// and set up the runtime environment. The container's init process /// is NOT running afterwards. public func create() async throws { try await self.state.withLock { state in try state.validateForCreate() // This is a bit of an annoyance, but because the type we use for the rootfs is simply // the same Mount type we use for non-rootfs mounts, it's possible someone passed 'ro' // in the options (which should be perfectly valid). However, the problem is when we go to // setup /etc/hosts and /etc/resolv.conf, as we'd get EROFS if they did supply 'ro'. // To remedy this, remove any "ro" options before passing to VZ. Having the OCI runtime // remount "ro" (which is what we do later in the guest) is truthfully the right thing, // but this bit here is just a tad awkward. var modifiedRootfs = self.rootfs modifiedRootfs.options.removeAll(where: { $0 == "ro" }) // Calculate VM memory with overhead for the guest agent. // The container cgroup limit stays at the requested memory, but the VM // gets an additional 50MB for the guest agent (could be higher, could be lower // but this is a decent baseline for now). // // Clamp to system RAM if the total would exceed it as Virtualization.framework // bounds us to this. let guestAgentOverhead: UInt64 = 50.mib() let vmMemory = min( self.memoryInBytes + guestAgentOverhead, ProcessInfo.processInfo.physicalMemory ) // Prepare file mounts. This transforms single-file mounts into directory shares. let fileMountContext = try FileMountContext.prepare(mounts: self.config.mounts) // This is dumb, but alas. let fileMountContextHolder = Mutex(fileMountContext) // Build the list of mounts to attach to the VM. var containerMounts = [modifiedRootfs] + fileMountContext.transformedMounts if let writableLayer = self.writableLayer { containerMounts.insert(writableLayer, at: 1) } let vmConfig = VMConfiguration( cpus: self.cpus, memoryInBytes: vmMemory, interfaces: self.interfaces, mountsByID: [self.id: containerMounts], bootLog: self.config.bootLog, nestedVirtualization: self.config.virtualization ) let creationConfig = StandardVMConfig(configuration: vmConfig) let vm = try await self.vmm.create(config: creationConfig) let relayManager = UnixSocketRelayManager(vm: vm, log: self.logger) try await vm.start() do { try await vm.withAgent { agent in try await agent.standardSetup() guard let attachments = vm.mounts[self.id] else { throw ContainerizationError(.notFound, message: "rootfs mount not found") } let rootfsPath = Self.guestRootfsPath(self.id) try await self.mountRootfs(attachments: attachments, rootfsPath: rootfsPath, agent: agent) // Mount file mount holding directories under /run. if fileMountContext.hasFileMounts { let containerMounts = vm.mounts[self.id] ?? [] var ctx = fileMountContextHolder.withLock { $0 } try await ctx.mountHoldingDirectories( vmMounts: containerMounts, agent: agent ) fileMountContextHolder.withLock { $0 = ctx } } // Start up our friendly unix socket relays. for socket in self.config.sockets { try await self.relayUnixSocket( socket: socket, relayManager: relayManager, agent: agent ) } // For every interface asked for: // 1. Add the address requested // 2. Online the adapter // 3. If a gateway IP address is present, add the default route. for (index, i) in self.interfaces.enumerated() { let name = "eth\(index)" self.logger?.debug("setting up interface \(name) with address \(i.ipv4Address)") try await agent.addressAdd(name: name, ipv4Address: i.ipv4Address) try await agent.up(name: name, mtu: i.mtu) if let ipv4Gateway = i.ipv4Gateway { if !i.ipv4Address.contains(ipv4Gateway) { self.logger?.debug("gateway \(ipv4Gateway) is outside subnet \(i.ipv4Address), adding a route first") try await agent.routeAddLink(name: name, dstIPv4Addr: ipv4Gateway, srcIPv4Addr: i.ipv4Address.address) } try await agent.routeAddDefault(name: name, ipv4Gateway: ipv4Gateway) } } // Setup /etc/resolv.conf and /etc/hosts if asked for. if let dns = self.config.dns { try await agent.configureDNS(config: dns, location: rootfsPath) } if let hosts = self.config.hosts { try await agent.configureHosts(config: hosts, location: rootfsPath) } } state = .created(.init(vm: vm, relayManager: relayManager, fileMountContext: fileMountContextHolder.withLock { $0 })) } catch { try? await relayManager.stopAll() try? await vm.stop() state.setErrored(error: error) throw error } } } /// Start the container's initial process. public func start() async throws { try await self.state.withLock { state in let createdState = try state.createdState("start") let agent = try await createdState.vm.dialAgent() do { var spec = self.generateRuntimeSpec() // We don't need the rootfs (or writable layer), nor do OCI runtimes want it included. // Also filter out file mount holding directories. We'll mount those separately under /run. let containerMounts = createdState.vm.mounts[self.id] ?? [] let holdingTags = createdState.fileMountContext.holdingDirectoryTags // Drop rootfs, and writable layer if present. let mountsToSkip = self.writableLayer != nil ? 2 : 1 var mounts: [ContainerizationOCI.Mount] = containerMounts.dropFirst(mountsToSkip) .filter { !holdingTags.contains($0.source) } .map { $0.to } + createdState.fileMountContext.ociBindMounts() // When useInit is enabled, bind mount vminitd from the VM's filesystem // into the container so it can be executed. if self.config.useInit { mounts.append( ContainerizationOCI.Mount( type: "bind", source: "/sbin/vminitd", destination: "/.cz-init", options: ["bind", "ro"] )) } // Bind mount staged sockets into the container. Sockets relayed // .into the container are created in a staging directory outside // the rootfs to avoid symlink traversal and mount shadowing. for socket in self.config.sockets where socket.direction == .into { mounts.append( ContainerizationOCI.Mount( type: "bind", source: Self.guestSocketStagingPath(self.id, socketID: socket.id), destination: socket.destination.path, options: ["bind"] )) } spec.mounts = mounts let stdio = IOUtil.setup( portAllocator: self.hostVsockPorts, stdin: self.config.process.stdin, stdout: self.config.process.stdout, stderr: self.config.process.stderr ) let process = LinuxProcess( self.id, containerID: self.id, spec: spec, io: stdio, ociRuntimePath: self.config.ociRuntimePath, agent: agent, vm: createdState.vm, logger: self.logger ) try await process.start() state = .started(.init(createdState, process: process)) } catch { try? await agent.close() try? await createdState.vm.stop() state.setErrored(error: error) throw error } } } private static func setupIO( portAllocator: borrowing Atomic, stdin: ReaderStream?, stdout: Writer?, stderr: Writer? ) -> LinuxProcess.Stdio { var stdinSetup: LinuxProcess.StdioReaderSetup? = nil if let reader = stdin { let ret = portAllocator.wrappingAdd(1, ordering: .relaxed) stdinSetup = .init( port: ret.oldValue, reader: reader ) } var stdoutSetup: LinuxProcess.StdioSetup? = nil if let writer = stdout { let ret = portAllocator.wrappingAdd(1, ordering: .relaxed) stdoutSetup = LinuxProcess.StdioSetup( port: ret.oldValue, writer: writer ) } var stderrSetup: LinuxProcess.StdioSetup? = nil if let writer = stderr { let ret = portAllocator.wrappingAdd(1, ordering: .relaxed) stderrSetup = LinuxProcess.StdioSetup( port: ret.oldValue, writer: writer ) } return LinuxProcess.Stdio( stdin: stdinSetup, stdout: stdoutSetup, stderr: stderrSetup ) } /// Stop the container from executing. This MUST be called even if wait() has returned /// as their are additional resources to free. public func stop() async throws { try await self.state.withLock { state in // Allow stop to be called multiple times. if case .stopped = state { return } let vm: any VirtualMachineInstance let relayManager: UnixSocketRelayManager let fileMountContext: FileMountContext let startedState = try? state.startedState("stop") if let startedState { vm = startedState.vm relayManager = startedState.relayManager fileMountContext = startedState.fileMountContext } else { let createdState = try state.createdState("stop") vm = createdState.vm relayManager = createdState.relayManager fileMountContext = createdState.fileMountContext } var firstError: Error? do { try await relayManager.stopAll() } catch { self.logger?.error("failed to stop relay manager: \(error)") firstError = firstError ?? error } do { try await vm.withAgent { agent in // First, we need to stop any unix socket relays as this will // keep the rootfs from being able to umount (EBUSY). let sockets = self.config.sockets if !sockets.isEmpty { guard let relayAgent = agent as? SocketRelayAgent else { throw ContainerizationError( .unsupported, message: "VirtualMachineAgent does not support relaySocket surface" ) } for socket in sockets { try await relayAgent.stopSocketRelay(configuration: socket) } } if let _ = startedState { // Now lets ensure every process is donezo. try await agent.kill(pid: -1, signal: SIGKILL) // Wait on init proc exit. Give it 5 seconds of leeway. _ = try await agent.waitProcess( id: self.id, containerID: self.id, timeoutInSeconds: 5 ) } // Today, we leave EBUSY looping and other fun logic up to the // guest agent. try await agent.umount( path: Self.guestRootfsPath(self.id), flags: 0 ) // If we have a writable layer, we also need to unmount the lower and upper layers. if self.writableLayer != nil { let upperPath = "/run/container/\(self.id)/upper" let lowerPath = "/run/container/\(self.id)/lower" try await agent.umount(path: upperPath, flags: 0) try await agent.umount(path: lowerPath, flags: 0) } try await agent.sync() } } catch { self.logger?.error("failed during guest cleanup: \(error)") firstError = firstError ?? error } if let startedState { for process in startedState.vendedProcesses.values { do { try await process._delete() } catch { self.logger?.error("failed to delete process \(process.id): \(error)") firstError = firstError ?? error } } do { try await startedState.process.delete() } catch { self.logger?.error("failed to delete init process: \(error)") firstError = firstError ?? error } } // Clean up file mount temporary directories. fileMountContext.cleanUp() do { try await vm.stop() state = .stopped if let firstError { throw firstError } } catch { self.logger?.error("failed to stop VM: \(error)") let finalError = firstError ?? error state.setErrored(error: finalError) throw finalError } } } /// Send a signal to the container. public func kill(_ signal: Int32) async throws { try await self.state.withLock { let state = try $0.startedState("kill") try await state.process.kill(signal) } } /// Wait for the container to exit. Returns the exit code. @discardableResult public func wait(timeoutInSeconds: Int64? = nil) async throws -> ExitStatus { let t = try await self.state.withLock { let state = try $0.startedState("wait") let t = Task { try await state.process.wait(timeoutInSeconds: timeoutInSeconds) } return t } return try await t.value } /// Resize the container's terminal (if one was requested). This /// will error if terminal was set to false before creating the container. public func resize(to: Terminal.Size) async throws { try await self.state.withLock { let state = try $0.startedState("resize") try await state.process.resize(to: to) } } /// Execute a new process in the container. The process is not started after this call, and must be manually started /// via the `start` method. public func exec(_ id: String, configuration: @Sendable @escaping (inout LinuxProcessConfiguration) throws -> Void) async throws -> LinuxProcess { try await self.state.withLock { state in var startedState = try state.startedState("exec") var spec = self.generateRuntimeSpec() var config = LinuxProcessConfiguration() try configuration(&config) spec.process = config.toOCI() let stdio = IOUtil.setup( portAllocator: self.hostVsockPorts, stdin: config.stdin, stdout: config.stdout, stderr: config.stderr ) let agent = try await startedState.vm.dialAgent() let process = LinuxProcess( id, containerID: self.id, spec: spec, io: stdio, ociRuntimePath: self.config.ociRuntimePath, agent: agent, vm: startedState.vm, logger: self.logger, onDelete: { [weak self] in await self?.removeProcess(id: id) } ) startedState.vendedProcesses[id] = process state = .started(startedState) return process } } /// Execute a new process in the container. The process is not started after this call, and must be manually started /// via the `start` method. public func exec(_ id: String, configuration: LinuxProcessConfiguration) async throws -> LinuxProcess { try await self.state.withLock { var state = try $0.startedState("exec") var spec = self.generateRuntimeSpec() spec.process = configuration.toOCI() let stdio = IOUtil.setup( portAllocator: self.hostVsockPorts, stdin: configuration.stdin, stdout: configuration.stdout, stderr: configuration.stderr ) let agent = try await state.vm.dialAgent() let process = LinuxProcess( id, containerID: self.id, spec: spec, io: stdio, ociRuntimePath: self.config.ociRuntimePath, agent: agent, vm: state.vm, logger: self.logger, onDelete: { [weak self] in await self?.removeProcess(id: id) } ) state.vendedProcesses[id] = process $0 = .started(state) return process } } /// Dial a vsock port in the container. public func dialVsock(port: UInt32) async throws -> FileHandle { try await self.state.withLock { let state = try $0.startedState("dialVsock") return try await state.vm.dial(port) } } /// Close the containers standard input to signal no more input is /// arriving. public func closeStdin() async throws { try await self.state.withLock { let state = try $0.startedState("closeStdin") return try await state.process.closeStdin() } } /// Remove a process from the vended processes tracking. private func removeProcess(id: String) async { await self.state.withLock { guard case .started(var state) = $0 else { return } state.vendedProcesses.removeValue(forKey: id) $0 = .started(state) } } /// Get statistics for the container. public func statistics(categories: StatCategory = .all) async throws -> ContainerStatistics { try await self.state.withLock { let state = try $0.startedState("statistics") let stats = try await state.vm.withAgent { agent in let allStats = try await agent.containerStatistics(containerIDs: [self.id], categories: categories) guard let containerStats = allStats.first else { throw ContainerizationError( .notFound, message: "statistics for container \(self.id) not found" ) } return containerStats } return stats } } private func relayUnixSocket( socket: UnixSocketConfiguration, relayManager: UnixSocketRelayManager, agent: any VirtualMachineAgent ) async throws { guard let relayAgent = agent as? SocketRelayAgent else { throw ContainerizationError( .unsupported, message: "VirtualMachineAgent does not support relaySocket surface" ) } var socket = socket let rootInGuest = URL(filePath: self.root) let port: UInt32 if socket.direction == .into { port = self.hostVsockPorts.wrappingAdd(1, ordering: .relaxed).oldValue socket.destination = URL(filePath: Self.guestSocketStagingPath(self.id, socketID: socket.id)) } else { port = self.guestVsockPorts.wrappingAdd(1, ordering: .relaxed).oldValue socket.source = rootInGuest.appending(path: socket.source.path) } try await relayManager.start(port: port, socket: socket) try await relayAgent.relaySocket(port: port, configuration: socket) } /// Default chunk size for file transfers (1MiB). public static let defaultCopyChunkSize = 1024 * 1024 /// Copy a file or directory from the host into the container. /// /// Data transfer happens over a dedicated vsock connection. For directories, /// the source is archived as tar+gzip and streamed directly through vsock /// without intermediate temp files. public func copyIn( from source: URL, to destination: URL, mode: UInt32 = 0o644, createParents: Bool = true, chunkSize: Int = defaultCopyChunkSize ) async throws { try await self.state.withLock { let state = try $0.startedState("copyIn") var isDirectory: ObjCBool = false guard FileManager.default.fileExists(atPath: source.path, isDirectory: &isDirectory) else { throw ContainerizationError(.notFound, message: "copyIn: source not found '\(source.path)'") } let isArchive = isDirectory.boolValue let guestPath = URL(filePath: self.root).appending(path: destination.path) let port = self.hostVsockPorts.wrappingAdd(1, ordering: .relaxed).oldValue let listener = try state.vm.listen(port) try await withThrowingTaskGroup(of: Void.self) { group in group.addTask { try await state.vm.withAgent { agent in guard let vminitd = agent as? Vminitd else { throw ContainerizationError(.unsupported, message: "copyIn requires Vminitd agent") } try await vminitd.copy( direction: .copyIn, guestPath: guestPath, vsockPort: port, mode: mode, createParents: createParents, isArchive: isArchive ) } } group.addTask { guard let conn = await listener.first(where: { _ in true }) else { throw ContainerizationError(.internalError, message: "copyIn: vsock connection not established") } try listener.finish() try await withCheckedThrowingContinuation { (continuation: CheckedContinuation) in self.copyQueue.async { do { defer { conn.closeFile() } if isArchive { let writer = try ArchiveWriter(configuration: .init(format: .pax, filter: .gzip)) try writer.open(fileDescriptor: conn.fileDescriptor) try writer.archiveDirectory(source) try writer.finishEncoding() } else { let srcFd = open(source.path, O_RDONLY) guard srcFd != -1 else { throw ContainerizationError( .internalError, message: "copyIn: failed to open '\(source.path)': \(String(cString: strerror(errno)))" ) } defer { close(srcFd) } var buf = [UInt8](repeating: 0, count: chunkSize) while true { let n = read(srcFd, &buf, buf.count) if n == 0 { break } guard n > 0 else { throw ContainerizationError( .internalError, message: "copyIn: read error: \(String(cString: strerror(errno)))" ) } var written = 0 while written < n { let w = buf.withUnsafeBytes { ptr in write(conn.fileDescriptor, ptr.baseAddress! + written, n - written) } guard w > 0 else { throw ContainerizationError( .internalError, message: "copyIn: vsock write error: \(String(cString: strerror(errno)))" ) } written += w } } } continuation.resume() } catch { continuation.resume(throwing: error) } } } } try await group.waitForAll() } } } /// Copy a file or directory from the container to the host. /// /// Data transfer happens over a dedicated vsock connection. For directories, /// the guest archives the source as tar+gzip and streams it directly through /// vsock. The host extracts the archive without intermediate temp files. public func copyOut( from source: URL, to destination: URL, createParents: Bool = true, chunkSize: Int = defaultCopyChunkSize ) async throws { try await self.state.withLock { let state = try $0.startedState("copyOut") if createParents { let parentDir = destination.deletingLastPathComponent() try FileManager.default.createDirectory(at: parentDir, withIntermediateDirectories: true) } let guestPath = URL(filePath: self.root).appending(path: source.path) let port = self.hostVsockPorts.wrappingAdd(1, ordering: .relaxed).oldValue let listener = try state.vm.listen(port) let (metadataStream, metadataCont) = AsyncStream.makeStream(of: Vminitd.CopyMetadata.self) try await withThrowingTaskGroup(of: Void.self) { group in group.addTask { try await state.vm.withAgent { agent in guard let vminitd = agent as? Vminitd else { throw ContainerizationError(.unsupported, message: "copyOut requires Vminitd agent") } try await vminitd.copy( direction: .copyOut, guestPath: guestPath, vsockPort: port, onMetadata: { meta in metadataCont.yield(meta) metadataCont.finish() } ) } } group.addTask { guard let metadata = await metadataStream.first(where: { _ in true }) else { throw ContainerizationError(.internalError, message: "copyOut: no metadata received") } guard let conn = await listener.first(where: { _ in true }) else { throw ContainerizationError(.internalError, message: "copyOut: vsock connection not established") } try listener.finish() try await withCheckedThrowingContinuation { (continuation: CheckedContinuation) in self.copyQueue.async { do { defer { conn.closeFile() } if metadata.isArchive { try FileManager.default.createDirectory(at: destination, withIntermediateDirectories: true) let fh = FileHandle(fileDescriptor: dup(conn.fileDescriptor), closeOnDealloc: true) let reader = try ArchiveReader(format: .pax, filter: .gzip, fileHandle: fh) _ = try reader.extractContents(to: destination) } else { let destFd = open(destination.path, O_WRONLY | O_CREAT | O_TRUNC, 0o644) guard destFd != -1 else { throw ContainerizationError( .internalError, message: "copyOut: failed to open '\(destination.path)': \(String(cString: strerror(errno)))" ) } defer { close(destFd) } var buf = [UInt8](repeating: 0, count: chunkSize) while true { let n = read(conn.fileDescriptor, &buf, buf.count) if n == 0 { break } guard n > 0 else { throw ContainerizationError( .internalError, message: "copyOut: vsock read error: \(String(cString: strerror(errno)))" ) } var written = 0 while written < n { let w = buf.withUnsafeBytes { ptr in write(destFd, ptr.baseAddress! + written, n - written) } guard w > 0 else { throw ContainerizationError( .internalError, message: "copyOut: write error: \(String(cString: strerror(errno)))" ) } written += w } } } continuation.resume() } catch { continuation.resume(throwing: error) } } } } try await group.waitForAll() } } } } extension VirtualMachineInstance { /// Scoped access to an agent instance to ensure the resources are always freed (mostly close(2)'ing /// the vsock fd) func withAgent(fn: @Sendable (VirtualMachineAgent) async throws -> T) async throws -> T { let agent = try await self.dialAgent() do { let result = try await fn(agent) try await agent.close() return result } catch { try? await agent.close() throw error } } } extension AttachedFilesystem { var to: ContainerizationOCI.Mount { .init( type: self.type, source: self.source, destination: self.destination, options: self.options ) } } struct IOUtil { static func setup( portAllocator: borrowing Atomic, stdin: ReaderStream?, stdout: Writer?, stderr: Writer? ) -> LinuxProcess.Stdio { var stdinSetup: LinuxProcess.StdioReaderSetup? = nil if let reader = stdin { let ret = portAllocator.wrappingAdd(1, ordering: .relaxed) stdinSetup = .init( port: ret.oldValue, reader: reader ) } var stdoutSetup: LinuxProcess.StdioSetup? = nil if let writer = stdout { let ret = portAllocator.wrappingAdd(1, ordering: .relaxed) stdoutSetup = LinuxProcess.StdioSetup( port: ret.oldValue, writer: writer ) } var stderrSetup: LinuxProcess.StdioSetup? = nil if let writer = stderr { let ret = portAllocator.wrappingAdd(1, ordering: .relaxed) stderrSetup = LinuxProcess.StdioSetup( port: ret.oldValue, writer: writer ) } return LinuxProcess.Stdio( stdin: stdinSetup, stdout: stdoutSetup, stderr: stderrSetup ) } } #endif ================================================ FILE: Sources/Containerization/LinuxPod.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import ContainerizationError import ContainerizationExtras import ContainerizationOCI import Foundation import Logging import Synchronization import struct ContainerizationOS.Terminal /// NOTE: Experimental API /// /// `LinuxPod` allows managing multiple Linux containers within a single /// virtual machine. Each container has its own rootfs and process, but /// shares the VM's resources (CPU, memory, network). public final class LinuxPod: Sendable { /// The identifier of the pod. public let id: String /// Configuration for the pod. public let config: Configuration /// The configuration for the LinuxPod. public struct Configuration: Sendable { /// The amount of cpus for the pod's VM. public var cpus: Int = 4 /// The memory in bytes to give to the pod's VM. public var memoryInBytes: UInt64 = 1024.mib() /// The network interfaces for the pod. public var interfaces: [any Interface] = [] /// Whether nested virtualization should be turned on for the pod. public var virtualization: Bool = false /// Optional file path to store serial boot logs. public var bootLog: BootLog? /// Whether containers in the pod should share a PID namespace. /// When enabled, all containers can see each other's processes. public var shareProcessNamespace: Bool = false /// The default hostname for all containers in the pod. /// Individual containers can override this by setting their own `hostname` configuration. public var hostname: String? /// The default DNS configuration for all containers in the pod. /// Individual containers can override this by setting their own `dns` configuration. public var dns: DNS? /// The default hosts file configuration for all containers in the pod. /// Individual containers can override this by setting their own `hosts` configuration. public var hosts: Hosts? public init() {} } /// Configuration for a container within the pod. public struct ContainerConfiguration: Sendable { /// Configuration for the init process of the container. public var process = LinuxProcessConfiguration() /// Optional per-container CPU limit (can exceed pod total for oversubscription). public var cpus: Int? /// Optional per-container memory limit in bytes (can exceed pod total for oversubscription). public var memoryInBytes: UInt64? /// The hostname for the container. public var hostname: String? /// The system control options for the container. public var sysctl: [String: String] = [:] /// The mounts for the container. public var mounts: [Mount] = LinuxContainer.defaultMounts() /// The Unix domain socket relays to setup for the container. public var sockets: [UnixSocketConfiguration] = [] /// The DNS configuration for the container. public var dns: DNS? /// The hosts file configuration for the container. public var hosts: Hosts? /// Run the container with a minimal init process that handles signal /// forwarding and zombie reaping. public var useInit: Bool = false public init() {} } private struct PodContainer: Sendable { let id: String let rootfs: Mount let config: ContainerConfiguration var state: ContainerState var process: LinuxProcess? var fileMountContext: FileMountContext enum ContainerState: Sendable { case registered case created case started case stopped case errored } } private let state: AsyncMutex // Ports to be allocated from for stdio and for // unix socket relays that are sharing a guest // uds to the host. private let hostVsockPorts: Atomic // Ports we request the guest to allocate for unix socket relays from // the host. private let guestVsockPorts: Atomic private struct State: Sendable { var phase: Phase var containers: [String: PodContainer] var pauseProcess: LinuxProcess? } private enum Phase: Sendable { /// The pod has been created but no live resources are running. case initialized /// The pod's virtual machine has been setup and the runtime environment has been configured. case created(CreatedState) /// An error occurred during the lifetime of this class. case errored(Swift.Error) struct CreatedState: Sendable { let vm: any VirtualMachineInstance let relayManager: UnixSocketRelayManager } func createdState(_ operation: String) throws -> CreatedState { switch self { case .created(let state): return state case .errored(let err): throw err default: throw ContainerizationError( .invalidState, message: "failed to \(operation): pod must be created" ) } } mutating func validateForCreate() throws { switch self { case .initialized: break case .errored(let err): throw err default: throw ContainerizationError( .invalidState, message: "pod must be in initialized state to create" ) } } mutating func setErrored(error: Swift.Error) { self = .errored(error) } } private let vmm: VirtualMachineManager private let logger: Logger? /// Create a new `LinuxPod`. A `VirtualMachineManager` instance must be /// provided that will handle launching the virtual machine the containers /// will execute inside of. public init( _ id: String, vmm: VirtualMachineManager, logger: Logger? = nil, configuration: (inout Configuration) throws -> Void ) throws { self.id = id self.vmm = vmm self.hostVsockPorts = Atomic(0x1000_0000) self.guestVsockPorts = Atomic(0x1000_0000) self.logger = logger var config = Configuration() try configuration(&config) self.config = config self.state = AsyncMutex(State(phase: .initialized, containers: [:], pauseProcess: nil)) } private static func createDefaultRuntimeSpec(_ containerID: String, podID: String) -> Spec { .init( process: .init(), hostname: containerID, root: .init( path: Self.guestRootfsPath(containerID), readonly: false ), linux: .init( resources: .init(), cgroupsPath: "/container/pod/\(podID)/\(containerID)" ) ) } private func generateRuntimeSpec(containerID: String, config: ContainerConfiguration, rootfs: Mount) -> Spec { var spec = Self.createDefaultRuntimeSpec(containerID, podID: self.id) // Process configuration spec.process = config.process.toOCI() // Wrap with init process if requested. if config.useInit { let originalArgs = spec.process?.args ?? [] spec.process?.args = ["/.cz-init", "--"] + originalArgs } // General toggles // Container-level hostname takes precedence; fall back to pod-level hostname. if let hostname = config.hostname ?? self.config.hostname { spec.hostname = hostname } // Linux toggles spec.linux?.sysctl = config.sysctl // If the rootfs was requested as read-only, set it in the OCI spec. // We let the OCI runtime remount as ro, instead of doing it originally. spec.root?.readonly = rootfs.options.contains("ro") // Resource limits (if specified) if let cpus = config.cpus, cpus > 0 { spec.linux?.resources?.cpu = LinuxCPU( quota: Int64(cpus * 100_000), period: 100_000 ) } if let memoryInBytes = config.memoryInBytes, memoryInBytes > 0 { spec.linux?.resources?.memory = LinuxMemory( limit: Int64(memoryInBytes) ) } return spec } private static func guestRootfsPath(_ containerID: String) -> String { "/run/container/\(containerID)/rootfs" } private static func guestSocketStagingPath(_ containerID: String, socketID: String) -> String { "/run/container/\(containerID)/sockets/\(socketID).sock" } } extension LinuxPod { /// Number of CPU cores allocated to the pod's VM. public var cpus: Int { config.cpus } /// Amount of memory in bytes allocated for the pod's VM. public var memoryInBytes: UInt64 { config.memoryInBytes } /// Network interfaces of the pod. public var interfaces: [any Interface] { config.interfaces } /// Add a container to the pod. This must be called before `create()`. /// The container will be registered but not started. public func addContainer( _ id: String, rootfs: Mount, configuration: @Sendable @escaping (inout ContainerConfiguration) throws -> Void ) async throws { try await self.state.withLock { state in guard case .initialized = state.phase else { throw ContainerizationError( .invalidState, message: "pod must be initialized to add container" ) } guard state.containers[id] == nil else { throw ContainerizationError( .invalidArgument, message: "container with id \(id) already exists in pod" ) } var config = ContainerConfiguration() try configuration(&config) // Prepare file mounts - transforms single-file mounts into directory shares. let fileMountContext = try FileMountContext.prepare(mounts: config.mounts) state.containers[id] = PodContainer( id: id, rootfs: rootfs, config: config, state: .registered, process: nil, fileMountContext: fileMountContext ) } } /// Create and start the underlying pod's virtual machine and set up /// the runtime environment. All registered containers will have their /// rootfs mounted, but no init processes will be running. public func create() async throws { try await self.state.withLock { state in try state.phase.validateForCreate() // Build mountsByID for all containers. // Strip "ro" from rootfs options - we handle readonly via the OCI spec's // root.readonly field and remount in vmexec after setup is complete. // Use transformedMounts from fileMountContext (file mounts become directory shares). var mountsByID: [String: [Mount]] = [:] for (id, container) in state.containers { var modifiedRootfs = container.rootfs modifiedRootfs.options.removeAll(where: { $0 == "ro" }) mountsByID[id] = [modifiedRootfs] + container.fileMountContext.transformedMounts } let vmConfig = VMConfiguration( cpus: self.config.cpus, memoryInBytes: self.config.memoryInBytes, interfaces: self.config.interfaces, mountsByID: mountsByID, bootLog: self.config.bootLog, nestedVirtualization: self.config.virtualization ) let creationConfig = StandardVMConfig(configuration: vmConfig) let vm = try await self.vmm.create(config: creationConfig) let relayManager = UnixSocketRelayManager(vm: vm) try await vm.start() do { let containers = state.containers let shareProcessNamespace = self.config.shareProcessNamespace let pauseProcessHolder = Mutex(nil) let fileMountContextUpdates = Mutex<[String: FileMountContext]>([:]) try await vm.withAgent { agent in try await agent.standardSetup() // Create pause container if PID namespace sharing is enabled if shareProcessNamespace { let pauseID = "pause-\(self.id)" let pauseRootfsPath = "/run/container/\(pauseID)/rootfs" // Bind mount /sbin into the pause container rootfs. // This is where the guest agent lives. try await agent.mount( ContainerizationOCI.Mount( type: "", source: "/sbin", destination: "\(pauseRootfsPath)/sbin", options: ["bind"] )) var pauseSpec = Self.createDefaultRuntimeSpec(pauseID, podID: self.id) pauseSpec.process?.args = ["/sbin/vminitd", "pause"] pauseSpec.hostname = "" pauseSpec.mounts = LinuxContainer.defaultMounts().map { ContainerizationOCI.Mount( type: $0.type, source: $0.source, destination: $0.destination, options: $0.options ) } pauseSpec.linux?.namespaces = [ LinuxNamespace(type: .cgroup), LinuxNamespace(type: .ipc), LinuxNamespace(type: .mount), LinuxNamespace(type: .pid), LinuxNamespace(type: .uts), ] // Create LinuxProcess for pause container let process = LinuxProcess( pauseID, containerID: pauseID, spec: pauseSpec, io: LinuxProcess.Stdio(stdin: nil, stdout: nil, stderr: nil), ociRuntimePath: nil, agent: agent, vm: vm, logger: self.logger ) try await process.start() pauseProcessHolder.withLock { $0 = process } self.logger?.debug("Pause container started", metadata: ["pid": "\(process.pid)"]) } // Mount all container rootfs for (_, container) in containers { guard let attachments = vm.mounts[container.id], let rootfsAttachment = attachments.first else { throw ContainerizationError(.notFound, message: "rootfs mount not found for container \(container.id)") } var rootfs = rootfsAttachment.to rootfs.destination = Self.guestRootfsPath(container.id) try await agent.mount(rootfs) } // Mount file mount holding directories under /run for each container. for (id, container) in containers { if container.fileMountContext.hasFileMounts { var ctx = container.fileMountContext let containerMounts = vm.mounts[id] ?? [] try await ctx.mountHoldingDirectories( vmMounts: containerMounts, agent: agent ) fileMountContextUpdates.withLock { $0[id] = ctx } } } // Start up unix socket relays for each container for (_, container) in containers { for socket in container.config.sockets { try await self.relayUnixSocket( socket: socket, containerID: container.id, relayManager: relayManager, agent: agent ) } } // For every interface asked for: // 1. Add the address requested // 2. Online the adapter // 3. If a gateway IP address is present, add the default route. for (index, i) in self.interfaces.enumerated() { let name = "eth\(index)" self.logger?.debug("setting up interface \(name) with address \(i.ipv4Address)") try await agent.addressAdd(name: name, ipv4Address: i.ipv4Address) try await agent.up(name: name, mtu: i.mtu) if let ipv4Gateway = i.ipv4Gateway { if !i.ipv4Address.contains(ipv4Gateway) { self.logger?.debug("gateway \(ipv4Gateway) is outside subnet \(i.ipv4Address), adding a route first") try await agent.routeAddLink(name: name, dstIPv4Addr: ipv4Gateway, srcIPv4Addr: nil) } try await agent.routeAddDefault(name: name, ipv4Gateway: ipv4Gateway) } } // Setup /etc/resolv.conf and /etc/hosts for each container. // Container-level config takes precedence over pod-level config. for (_, container) in containers { if let dns = container.config.dns ?? self.config.dns { try await agent.configureDNS( config: dns, location: Self.guestRootfsPath(container.id) ) } if let hosts = container.config.hosts ?? self.config.hosts { try await agent.configureHosts( config: hosts, location: Self.guestRootfsPath(container.id) ) } } } state.pauseProcess = pauseProcessHolder.withLock { $0 } // Apply file mount context updates. let updates = fileMountContextUpdates.withLock { $0 } for (id, ctx) in updates { state.containers[id]?.fileMountContext = ctx } // Transition all containers to created state for id in state.containers.keys { state.containers[id]?.state = .created } state.phase = .created(.init(vm: vm, relayManager: relayManager)) } catch { try? await relayManager.stopAll() try? await vm.stop() state.phase.setErrored(error: error) throw error } } } /// Start a container's initial process. public func startContainer(_ containerID: String) async throws { try await self.state.withLock { state in let createdState = try state.phase.createdState("startContainer") guard var container = state.containers[containerID] else { throw ContainerizationError( .notFound, message: "container \(containerID) not found in pod" ) } guard container.state == .created else { throw ContainerizationError( .invalidState, message: "container \(containerID) must be in created state to start" ) } let agent = try await createdState.vm.dialAgent() do { var spec = self.generateRuntimeSpec(containerID: containerID, config: container.config, rootfs: container.rootfs) // We don't need the rootfs, nor do OCI runtimes want it included. // Also filter out file mount holding directories - we mount those separately under /run. let containerMounts = createdState.vm.mounts[containerID] ?? [] let holdingTags = container.fileMountContext.holdingDirectoryTags var mounts: [ContainerizationOCI.Mount] = containerMounts.dropFirst() .filter { !holdingTags.contains($0.source) } .map { $0.to } + container.fileMountContext.ociBindMounts() // When useInit is enabled, bind mount vminitd from the VM's filesystem // into the container so it can be executed. if container.config.useInit { mounts.append( ContainerizationOCI.Mount( type: "bind", source: "/sbin/vminitd", destination: "/.cz-init", options: ["bind", "ro"] )) } // Bind mount staged sockets into the container. Sockets relayed // .into the container are created in a staging directory outside // the rootfs to avoid symlink traversal and mount shadowing. for socket in container.config.sockets where socket.direction == .into { mounts.append( ContainerizationOCI.Mount( type: "bind", source: Self.guestSocketStagingPath(containerID, socketID: socket.id), destination: socket.destination.path, options: ["bind"] )) } spec.mounts = mounts // Configure namespaces for the container var namespaces: [LinuxNamespace] = [ LinuxNamespace(type: .cgroup), LinuxNamespace(type: .ipc), LinuxNamespace(type: .mount), LinuxNamespace(type: .uts), ] // Either join pause container's pid ns or create a new one if self.config.shareProcessNamespace, let pausePID = state.pauseProcess?.pid { let nsPath = "/proc/\(pausePID)/ns/pid" self.logger?.debug( "Container joining pause PID namespace", metadata: [ "container": "\(containerID)", "pausePID": "\(pausePID)", "nsPath": "\(nsPath)", ]) namespaces.append(LinuxNamespace(type: .pid, path: nsPath)) } else { namespaces.append(LinuxNamespace(type: .pid)) } spec.linux?.namespaces = namespaces let stdio = IOUtil.setup( portAllocator: self.hostVsockPorts, stdin: container.config.process.stdin, stdout: container.config.process.stdout, stderr: container.config.process.stderr ) let process = LinuxProcess( containerID, containerID: containerID, spec: spec, io: stdio, ociRuntimePath: nil, agent: agent, vm: createdState.vm, logger: self.logger ) try await process.start() container.process = process container.state = .started state.containers[containerID] = container } catch { try? await agent.close() throw error } } } /// Stop a container from executing. public func stopContainer(_ containerID: String) async throws { try await self.state.withLock { state in let createdState = try state.phase.createdState("stopContainer") guard var container = state.containers[containerID] else { throw ContainerizationError( .notFound, message: "container \(containerID) not found in pod" ) } // Allow stop to be called multiple times if container.state == .stopped { return } guard container.state == .started, let process = container.process else { throw ContainerizationError( .invalidState, message: "container \(containerID) must be in started state to stop" ) } do { // Check if the vm is even still running if createdState.vm.state == .stopped { container.state = .stopped state.containers[containerID] = container return } try await process.kill(SIGKILL) try await process.wait(timeoutInSeconds: 3) try await createdState.vm.withAgent { agent in // Unmount the rootfs try await agent.umount( path: Self.guestRootfsPath(containerID), flags: 0 ) } // Clean up the process resources try await process.delete() container.process = nil container.state = .stopped state.containers[containerID] = container } catch { container.state = .errored container.process = nil state.containers[containerID] = container throw error } } } /// Stop the pod's VM and all containers. public func stop() async throws { try await self.state.withLock { state in let createdState = try state.phase.createdState("stop") do { try await createdState.relayManager.stopAll() // Stop all containers let containerIDs = Array(state.containers.keys) for containerID in containerIDs { // Stop the container inline guard var container = state.containers[containerID] else { continue } if container.state == .stopped { continue } if let process = container.process, container.state == .started { if createdState.vm.state != .stopped { try? await process.kill(SIGKILL) _ = try? await process.wait(timeoutInSeconds: 3) try? await createdState.vm.withAgent { agent in try await agent.umount( path: Self.guestRootfsPath(containerID), flags: 0 ) } } try? await process.delete() container.process = nil container.state = .stopped // Clean up file mount temporary directories. container.fileMountContext.cleanUp() state.containers[containerID] = container } } try await createdState.vm.stop() state.phase = .initialized } catch { try? await createdState.vm.stop() state.phase.setErrored(error: error) throw error } } } /// Send a signal to a container. public func killContainer(_ containerID: String, signal: Int32) async throws { try await self.state.withLock { state in guard let container = state.containers[containerID], let process = container.process else { throw ContainerizationError( .notFound, message: "container \(containerID) not found or not started" ) } try await process.kill(signal) } } /// Wait for a container to exit. Returns the exit code. @discardableResult public func waitContainer(_ containerID: String, timeoutInSeconds: Int64? = nil) async throws -> ExitStatus { let process = try await self.state.withLock { state in guard let container = state.containers[containerID], let process = container.process else { throw ContainerizationError( .notFound, message: "container \(containerID) not found or not started" ) } return process } return try await process.wait(timeoutInSeconds: timeoutInSeconds) } /// Resize a container's terminal (if one was requested). public func resizeContainer(_ containerID: String, to: Terminal.Size) async throws { try await self.state.withLock { state in guard let container = state.containers[containerID], let process = container.process else { throw ContainerizationError( .notFound, message: "container \(containerID) not found or not started" ) } try await process.resize(to: to) } } /// Execute a new process in a container. public func execInContainer( _ containerID: String, processID: String, configuration: @Sendable @escaping (inout LinuxProcessConfiguration) throws -> Void ) async throws -> LinuxProcess { try await self.state.withLock { state in let createdState = try state.phase.createdState("execInContainer") guard let container = state.containers[containerID] else { throw ContainerizationError( .notFound, message: "container \(containerID) not found in pod" ) } guard container.state == .started else { throw ContainerizationError( .invalidState, message: "container \(containerID) must be started to exec" ) } var spec = self.generateRuntimeSpec(containerID: containerID, config: container.config, rootfs: container.rootfs) // Inherit environment variables, working directory, user, capabilities, rlimits from container process. // Reset: process arguments, terminal, stdio as these are not supposed to be inherited. var config = container.config.process config.arguments = [] config.terminal = false config.stdin = nil config.stdout = nil config.stderr = nil try configuration(&config) spec.process = config.toOCI() let stdio = IOUtil.setup( portAllocator: self.hostVsockPorts, stdin: config.stdin, stdout: config.stdout, stderr: config.stderr ) let agent = try await createdState.vm.dialAgent() let process = LinuxProcess( processID, containerID: containerID, spec: spec, io: stdio, ociRuntimePath: nil, agent: agent, vm: createdState.vm, logger: self.logger ) return process } } /// List all container IDs in the pod. public func listContainers() async -> [String] { await self.state.withLock { state in Array(state.containers.keys) } } /// Get statistics for containers in the pod. public func statistics(containerIDs: [String]? = nil, categories: StatCategory = .all) async throws -> [ContainerStatistics] { let (createdState, ids) = try await self.state.withLock { state in let createdState = try state.phase.createdState("statistics") let ids = containerIDs ?? Array(state.containers.keys) return (createdState, ids) } let stats = try await createdState.vm.withAgent { agent in try await agent.containerStatistics(containerIDs: ids, categories: categories) } return stats } /// Dial a vsock port in the pod's VM. public func dialVsock(port: UInt32) async throws -> FileHandle { try await self.state.withLock { state in let createdState = try state.phase.createdState("dialVsock") return try await createdState.vm.dial(port) } } /// Close a container's standard input to signal no more input is arriving. public func closeContainerStdin(_ containerID: String) async throws { try await self.state.withLock { state in guard let container = state.containers[containerID], let process = container.process else { throw ContainerizationError( .notFound, message: "container \(containerID) not found or not started" ) } try await process.closeStdin() } } /// Relay a unix socket for a container. public func relayUnixSocket(_ containerID: String, socket: UnixSocketConfiguration) async throws { try await self.state.withLock { state in let createdState = try state.phase.createdState("relayUnixSocket") guard let _ = state.containers[containerID] else { throw ContainerizationError( .notFound, message: "container \(containerID) not found in pod" ) } try await createdState.vm.withAgent { agent in try await self.relayUnixSocket( socket: socket, containerID: containerID, relayManager: createdState.relayManager, agent: agent ) } } } private func relayUnixSocket( socket: UnixSocketConfiguration, containerID: String, relayManager: UnixSocketRelayManager, agent: any VirtualMachineAgent ) async throws { guard let relayAgent = agent as? SocketRelayAgent else { throw ContainerizationError( .unsupported, message: "VirtualMachineAgent does not support relaySocket surface" ) } var socket = socket // Adjust paths to be relative to the container's rootfs let rootInGuest = URL(filePath: Self.guestRootfsPath(containerID)) let port: UInt32 if socket.direction == .into { port = self.hostVsockPorts.wrappingAdd(1, ordering: .relaxed).oldValue socket.destination = URL(filePath: Self.guestSocketStagingPath(containerID, socketID: socket.id)) } else { port = self.guestVsockPorts.wrappingAdd(1, ordering: .relaxed).oldValue socket.source = rootInGuest.appending(path: socket.source.path) } try await relayManager.start(port: port, socket: socket) try await relayAgent.relaySocket(port: port, configuration: socket) } } #endif ================================================ FILE: Sources/Containerization/LinuxProcess.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationExtras import ContainerizationOCI import ContainerizationOS import Foundation import Logging import Synchronization /// `LinuxProcess` represents a Linux process and is used to /// setup and control the full lifecycle for the process. public final class LinuxProcess: Sendable { /// The ID of the process. This is purely metadata for the caller. public let id: String /// What container owns this process (if any). public let owningContainer: String? package struct StdioSetup: Sendable { let port: UInt32 let writer: Writer } package struct StdioReaderSetup { let port: UInt32 let reader: ReaderStream } package struct Stdio: Sendable { let stdin: StdioReaderSetup? let stdout: StdioSetup? let stderr: StdioSetup? } private struct StdioHandles: Sendable { var stdin: FileHandle? var stdout: FileHandle? var stderr: FileHandle? mutating func close() throws { if let stdin { try stdin.close() stdin.readabilityHandler = nil self.stdin = nil } if let stdout { try stdout.close() stdout.readabilityHandler = nil self.stdout = nil } if let stderr { try stderr.close() stderr.readabilityHandler = nil self.stderr = nil } } } private struct State { var spec: ContainerizationOCI.Spec var pid: Int32 var stdio: StdioHandles var stdinRelay: Task<(), Never>? var ioTracker: IoTracker? var deletionTask: Task? struct IoTracker { let stream: AsyncStream let cont: AsyncStream.Continuation let configuredStreams: Int } } /// The process ID for the container process. This will be -1 /// if the process has not been started. public var pid: Int32 { state.withLock { $0.pid } } private let state: Mutex private let ioSetup: Stdio private let agent: any VirtualMachineAgent private let vm: any VirtualMachineInstance private let ociRuntimePath: String? private let logger: Logger? private let onDelete: (@Sendable () async -> Void)? init( _ id: String, containerID: String? = nil, spec: Spec, io: Stdio, ociRuntimePath: String?, agent: any VirtualMachineAgent, vm: any VirtualMachineInstance, logger: Logger?, onDelete: (@Sendable () async -> Void)? = nil ) { self.id = id self.owningContainer = containerID self.state = Mutex(.init(spec: spec, pid: -1, stdio: StdioHandles())) self.ioSetup = io self.agent = agent self.ociRuntimePath = ociRuntimePath self.vm = vm self.logger = logger self.onDelete = onDelete } } extension LinuxProcess { func setupIO(listeners: [VsockListener?]) async throws -> [FileHandle?] { let handles = try await Timeout.run(seconds: 3) { try await withThrowingTaskGroup(of: (Int, FileHandle?).self) { group in var results = [FileHandle?](repeating: nil, count: 3) for (index, listener) in listeners.enumerated() { guard let listener else { continue } group.addTask { let first = await listener.first(where: { _ in true }) try listener.finish() return (index, first) } } for try await (index, fileHandle) in group { results[index] = fileHandle } return results } } // Note: stdin relay is started separately via startStdinRelay() after // the process has started, to avoid a deadlock where closeStdin is // called before the process is consuming from the pipe. var configuredStreams = 0 let (stream, cc) = AsyncStream.makeStream() if let stdout = self.ioSetup.stdout { configuredStreams += 1 handles[1]?.readabilityHandler = { handle in do { let data = handle.availableData if data.isEmpty { // This block is called when the producer (the guest) closes // the fd it is writing into. handles[1]?.readabilityHandler = nil cc.yield() return } try stdout.writer.write(data) } catch { self.logger?.error("failed to write to stdout: \(error)") } } } if let stderr = self.ioSetup.stderr { configuredStreams += 1 handles[2]?.readabilityHandler = { handle in do { let data = handle.availableData if data.isEmpty { handles[2]?.readabilityHandler = nil cc.yield() return } try stderr.writer.write(data) } catch { self.logger?.error("failed to write to stderr: \(error)") } } } if configuredStreams > 0 { self.state.withLock { $0.ioTracker = .init(stream: stream, cont: cc, configuredStreams: configuredStreams) } } return handles } func startStdinRelay(handle: FileHandle) { guard let stdin = self.ioSetup.stdin else { return } self.state.withLock { $0.stdinRelay = Task { for await data in stdin.reader.stream() { do { try handle.write(contentsOf: data) } catch { self.logger?.error("failed to write to stdin: \(error)") break } } do { self.logger?.debug("stdin relay finished, closing") // There's two ways we can wind up here: // // 1. The stream finished on its own (e.g. we wrote all the // data) and we will close the underlying stdin in the guest below. // // 2. The client explicitly called closeStdin() themselves // which will cancel this relay task AFTER actually closing // the fds. If the client did that, then this task will be // cancelled, and the fds are already gone so there's nothing // for us to do. if Task.isCancelled { return } try await self._closeStdin() } catch { self.logger?.error("failed to close stdin: \(error)") } } } } /// Start the process. public func start() async throws { do { let spec = self.state.withLock { $0.spec } var listeners = [VsockListener?](repeating: nil, count: 3) if let stdin = self.ioSetup.stdin { listeners[0] = try self.vm.listen(stdin.port) } if let stdout = self.ioSetup.stdout { listeners[1] = try self.vm.listen(stdout.port) } if let stderr = self.ioSetup.stderr { if spec.process!.terminal { throw ContainerizationError( .invalidArgument, message: "stderr should not be configured with terminal=true" ) } listeners[2] = try self.vm.listen(stderr.port) } let t = Task { try await self.setupIO(listeners: listeners) } try await agent.createProcess( id: self.id, containerID: self.owningContainer, stdinPort: self.ioSetup.stdin?.port, stdoutPort: self.ioSetup.stdout?.port, stderrPort: self.ioSetup.stderr?.port, ociRuntimePath: self.ociRuntimePath, configuration: spec, options: nil ) let result = try await t.value let pid = try await self.agent.startProcess( id: self.id, containerID: self.owningContainer ) // Start stdin relay after process launch to avoid filling the pipe // buffer before the process is even running. if let stdinHandle = result[0] { self.startStdinRelay(handle: stdinHandle) } self.state.withLock { $0.stdio = StdioHandles( stdin: result[0], stdout: result[1], stderr: result[2] ) $0.pid = pid } } catch { if let err = error as? ContainerizationError { throw err } throw ContainerizationError( .internalError, message: "failed to start process", cause: error, ) } } /// Kill the process with the specified signal. public func kill(_ signal: Int32) async throws { do { try await agent.signalProcess( id: self.id, containerID: self.owningContainer, signal: signal ) } catch { throw ContainerizationError( .internalError, message: "failed to kill process", cause: error ) } } /// Resize the processes pty (if requested). public func resize(to: Terminal.Size) async throws { do { try await agent.resizeProcess( id: self.id, containerID: self.owningContainer, columns: UInt32(to.width), rows: UInt32(to.height) ) } catch { throw ContainerizationError( .internalError, message: "failed to resize process", cause: error ) } } public func closeStdin() async throws { do { try await self._closeStdin() self.state.withLock { $0.stdinRelay?.cancel() } } catch { throw ContainerizationError( .internalError, message: "failed to close stdin", cause: error, ) } } func _closeStdin() async throws { try await self.agent.closeProcessStdin( id: self.id, containerID: self.owningContainer ) } /// Wait on the process to exit with an optional timeout. Returns the exit code of the process. @discardableResult public func wait(timeoutInSeconds: Int64? = nil) async throws -> ExitStatus { do { let exitStatus = try await self.agent.waitProcess( id: self.id, containerID: self.owningContainer, timeoutInSeconds: timeoutInSeconds ) await self.waitIoComplete() return exitStatus } catch { if error is ContainerizationError { throw error } throw ContainerizationError( .internalError, message: "failed to wait on process", cause: error ) } } /// Wait until the standard output and standard error streams for the process have concluded. private func waitIoComplete() async { let ioTracker = self.state.withLock { $0.ioTracker } guard let ioTracker else { return } do { try await Timeout.run(seconds: 3) { var counter = ioTracker.configuredStreams for await _ in ioTracker.stream { counter -= 1 if counter == 0 { ioTracker.cont.finish() break } } } } catch { self.logger?.error("timeout waiting for IO to complete for process \(id): \(error)") } self.state.withLock { $0.ioTracker = nil } } /// Cleans up guest state and waits on and closes any host resources (stdio handles). public func delete() async throws { try await self._delete() await self.onDelete?() } func _delete() async throws { let task = self.state.withLock { state in if let existingTask = state.deletionTask { // Deletion already in progress or finished. return existingTask } let task = Task { try await self.performDeletion() } state.deletionTask = task return task } try await task.value } private func performDeletion() async throws { do { try await self.agent.deleteProcess( id: self.id, containerID: self.owningContainer ) } catch { self.state.withLock { $0.stdinRelay?.cancel() try? $0.stdio.close() } try? await self.agent.close() throw ContainerizationError( .internalError, message: "failed to delete process", cause: error, ) } do { try self.state.withLock { $0.stdinRelay?.cancel() try $0.stdio.close() } } catch { try? await self.agent.close() throw ContainerizationError( .internalError, message: "failed to close stdio", cause: error, ) } do { try await self.agent.close() } catch { throw ContainerizationError( .internalError, message: "failed to close agent connection", cause: error, ) } } } ================================================ FILE: Sources/Containerization/LinuxProcessConfiguration.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationOCI import ContainerizationOS /// A resource limit (rlimit) configuration for a container process. public struct LinuxRLimit: Sendable, Hashable { /// The kind of resource limit. public var kind: Kind /// The hard limit value. public var hard: UInt64 /// The soft limit value. public var soft: UInt64 /// Creates a new resource limit. /// /// - Parameters: /// - kind: The kind of resource limit. /// - hard: The hard limit value. /// - soft: The soft limit value. public init(kind: Kind, hard: UInt64, soft: UInt64) { self.kind = kind self.hard = hard self.soft = soft } /// Creates a new resource limit with the same value for both hard and soft limits. /// /// - Parameters: /// - kind: The kind of resource limit. /// - limit: The limit value for both hard and soft limits. public init(kind: Kind, limit: UInt64) { self.kind = kind self.hard = limit self.soft = limit } /// Convert to OCI POSIXRlimit format for transport. public func toOCI() -> POSIXRlimit { POSIXRlimit(type: self.kind.description, hard: self.hard, soft: self.soft) } } extension LinuxRLimit { /// The kind of resource limit. public struct Kind: Sendable, Hashable { private enum Value: Hashable, Sendable, CaseIterable { case addressSpace case coreFileSize case cpuTime case dataSize case fileSize case locks case lockedMemory case messageQueue case nice case openFiles case numberOfProcesses case residentSetSize case realtimePriority case realtimeTimeout case signalsPending case stackSize } private var value: Value private init(_ value: Value) { self.value = value } /// Maximum size of the process's virtual memory (address space) in bytes. public static var addressSpace: Self { Self(.addressSpace) } /// Maximum size of a core file in bytes. public static var coreFileSize: Self { Self(.coreFileSize) } /// Maximum amount of CPU time the process can consume in seconds. public static var cpuTime: Self { Self(.cpuTime) } /// Maximum size of the process's data segment in bytes. public static var dataSize: Self { Self(.dataSize) } /// Maximum size of files the process may create in bytes. public static var fileSize: Self { Self(.fileSize) } /// Maximum number of file locks. public static var locks: Self { Self(.locks) } /// Maximum number of bytes of memory that may be locked into RAM. public static var lockedMemory: Self { Self(.lockedMemory) } /// Maximum number of bytes that can be allocated for POSIX message queues. public static var messageQueue: Self { Self(.messageQueue) } /// Maximum nice value that can be set. public static var nice: Self { Self(.nice) } /// Maximum number of open file descriptors. public static var openFiles: Self { Self(.openFiles) } /// Maximum number of processes that can be created by the user. public static var numberOfProcesses: Self { Self(.numberOfProcesses) } /// Maximum size of the process's resident set (physical memory) in bytes. public static var residentSetSize: Self { Self(.residentSetSize) } /// Maximum real-time scheduling priority. public static var realtimePriority: Self { Self(.realtimePriority) } /// Maximum amount of CPU time for real-time scheduling in microseconds. public static var realtimeTimeout: Self { Self(.realtimeTimeout) } /// Maximum number of signals that may be queued. public static var signalsPending: Self { Self(.signalsPending) } /// Maximum size of the process stack in bytes. public static var stackSize: Self { Self(.stackSize) } /// Creates a Kind from its OCI string representation. /// /// - Parameter string: The OCI string representation (e.g., "RLIMIT_NOFILE"). /// - Throws: `ContainerizationError` with code `.invalidArgument` if the string doesn't match a known rlimit kind. public init(_ string: String) throws { switch string { case "RLIMIT_AS": self = .addressSpace case "RLIMIT_CORE": self = .coreFileSize case "RLIMIT_CPU": self = .cpuTime case "RLIMIT_DATA": self = .dataSize case "RLIMIT_FSIZE": self = .fileSize case "RLIMIT_LOCKS": self = .locks case "RLIMIT_MEMLOCK": self = .lockedMemory case "RLIMIT_MSGQUEUE": self = .messageQueue case "RLIMIT_NICE": self = .nice case "RLIMIT_NOFILE": self = .openFiles case "RLIMIT_NPROC": self = .numberOfProcesses case "RLIMIT_RSS": self = .residentSetSize case "RLIMIT_RTPRIO": self = .realtimePriority case "RLIMIT_RTTIME": self = .realtimeTimeout case "RLIMIT_SIGPENDING": self = .signalsPending case "RLIMIT_STACK": self = .stackSize default: throw ContainerizationError(.invalidArgument, message: "invalid rlimit kind: '\(string)'") } } } } extension LinuxRLimit.Kind: CustomStringConvertible { /// The OCI string representation of the resource limit kind. public var description: String { switch self.value { case .addressSpace: "RLIMIT_AS" case .coreFileSize: "RLIMIT_CORE" case .cpuTime: "RLIMIT_CPU" case .dataSize: "RLIMIT_DATA" case .fileSize: "RLIMIT_FSIZE" case .locks: "RLIMIT_LOCKS" case .lockedMemory: "RLIMIT_MEMLOCK" case .messageQueue: "RLIMIT_MSGQUEUE" case .nice: "RLIMIT_NICE" case .openFiles: "RLIMIT_NOFILE" case .numberOfProcesses: "RLIMIT_NPROC" case .residentSetSize: "RLIMIT_RSS" case .realtimePriority: "RLIMIT_RTPRIO" case .realtimeTimeout: "RLIMIT_RTTIME" case .signalsPending: "RLIMIT_SIGPENDING" case .stackSize: "RLIMIT_STACK" } } } /// User-friendly Linux capabilities configuration public struct LinuxCapabilities: Sendable { /// Capabilities that define the maximum set of capabilities a process can have public var bounding: [CapabilityName] = [] /// Capabilities that are actually in effect for the current process public var effective: [CapabilityName] = [] /// Capabilities that can be inherited by child processes public var inheritable: [CapabilityName] = [] /// Capabilities that are currently permitted for the process public var permitted: [CapabilityName] = [] /// Capabilities that are preserved across execve() calls public var ambient: [CapabilityName] = [] /// Grant all capabilities public static let allCapabilities = LinuxCapabilities( bounding: CapabilityName.allCases, effective: CapabilityName.allCases, inheritable: CapabilityName.allCases, permitted: CapabilityName.allCases, ambient: CapabilityName.allCases ) /// Default configuration public static let defaultOCICapabilities = LinuxCapabilities( bounding: [ .chown, .dacOverride, .fsetid, .fowner, .mknod, .netRaw, .setgid, .setuid, .setfcap, .setpcap, .netBindService, .sysChroot, .kill, .auditWrite, ], effective: [ .chown, .dacOverride, .fsetid, .fowner, .mknod, .netRaw, .setgid, .setuid, .setfcap, .setpcap, .netBindService, .sysChroot, .kill, .auditWrite, ], permitted: [ .chown, .dacOverride, .fsetid, .fowner, .mknod, .netRaw, .setgid, .setuid, .setfcap, .setpcap, .netBindService, .sysChroot, .kill, .auditWrite, ], ) public init( bounding: [CapabilityName] = [], effective: [CapabilityName] = [], inheritable: [CapabilityName] = [], permitted: [CapabilityName] = [], ambient: [CapabilityName] = [] ) { self.bounding = bounding self.effective = effective self.inheritable = inheritable self.permitted = permitted self.ambient = ambient } /// Convenience initializer that sets the same capabilities to effective, permitted, and bounding sets /// This matches the typical pattern used by containerd/runc public init(capabilities: [CapabilityName]) { self.bounding = capabilities self.effective = capabilities self.inheritable = [] self.permitted = capabilities self.ambient = [] } /// Convert to OCI format for transport public func toOCI() -> ContainerizationOCI.LinuxCapabilities { ContainerizationOCI.LinuxCapabilities( bounding: bounding.isEmpty ? nil : bounding.map { $0.description }, effective: effective.isEmpty ? nil : effective.map { $0.description }, inheritable: inheritable.isEmpty ? nil : inheritable.map { $0.description }, permitted: permitted.isEmpty ? nil : permitted.map { $0.description }, ambient: ambient.isEmpty ? nil : ambient.map { $0.description } ) } } public struct LinuxProcessConfiguration: Sendable { /// The default PATH value for a process. public static let defaultPath = "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" /// The arguments for the container process. public var arguments: [String] = [] /// The environment variables for the container process. public var environmentVariables: [String] = ["PATH=\(Self.defaultPath)"] /// The working directory for the container process. public var workingDirectory: String = "/" /// The user the container process will run as. public var user: ContainerizationOCI.User = .init() /// The rlimits for the container process. public var rlimits: [LinuxRLimit] = [] /// Whether to set the no_new_privileges bit on the container process. When true, the /// process and its children cannot gain additional privileges via setuid/setgid binaries /// or file capabilities. public var noNewPrivileges: Bool = false /// The Linux capabilities for the container process. public var capabilities: LinuxCapabilities = .allCapabilities /// Whether to allocate a pseudo terminal for the process. If you'd like interactive /// behavior and are planning to use a terminal for stdin/out/err on the client side, /// this should likely be set to true. public var terminal: Bool = false /// The stdin for the process. public var stdin: ReaderStream? /// The stdout for the process. public var stdout: Writer? /// The stderr for the process. public var stderr: Writer? public init() {} public init( arguments: [String], environmentVariables: [String] = ["PATH=\(Self.defaultPath)"], workingDirectory: String = "/", user: ContainerizationOCI.User = .init(), rlimits: [LinuxRLimit] = [], noNewPrivileges: Bool = false, capabilities: LinuxCapabilities = .allCapabilities, terminal: Bool = false, stdin: ReaderStream? = nil, stdout: Writer? = nil, stderr: Writer? = nil ) { self.arguments = arguments self.environmentVariables = environmentVariables self.workingDirectory = workingDirectory self.user = user self.rlimits = rlimits self.noNewPrivileges = noNewPrivileges self.capabilities = capabilities self.terminal = terminal self.stdin = stdin self.stdout = stdout self.stderr = stderr } public init(from config: ImageConfig) { self.workingDirectory = config.workingDir ?? "/" self.environmentVariables = config.env ?? [] self.arguments = (config.entrypoint ?? []) + (config.cmd ?? []) self.user = { if let rawString = config.user { return User(username: rawString) } return User() }() } /// Sets up IO to be handled by the passed in Terminal, and edits the /// process configuration to set the necessary state for using a pty. mutating public func setTerminalIO(terminal: Terminal) { self.environmentVariables.append("TERM=xterm") self.terminal = true self.stdin = terminal self.stdout = terminal } func toOCI() -> ContainerizationOCI.Process { ContainerizationOCI.Process( args: self.arguments, cwd: self.workingDirectory, env: self.environmentVariables, noNewPrivileges: self.noNewPrivileges, capabilities: self.capabilities.toOCI(), user: self.user, rlimits: self.rlimits.map { $0.toOCI() }, terminal: self.terminal ) } } ================================================ FILE: Sources/Containerization/Mount.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import Foundation import Virtualization import ContainerizationError #endif /// A filesystem mount exposed to a container. public struct Mount: Sendable { /// The filesystem or mount type. This is the string /// that will be used for the mount syscall itself. public var type: String /// The source path of the mount. public var source: String /// The destination path of the mount. public var destination: String /// Filesystem or mount specific options. public var options: [String] /// Runtime specific options. This can be used /// as a way to discern what kind of device a vmm /// should create for this specific mount (virtioblock /// virtiofs etc.). public let runtimeOptions: RuntimeOptions /// A type representing a "hint" of what type /// of mount this really is (block, directory, purely /// guest mount) and a set of type specific options, if any. public enum RuntimeOptions: Sendable { case virtioblk([String]) case virtiofs([String]) case any([String]) } public init( type: String, source: String, destination: String, options: [String], runtimeOptions: RuntimeOptions ) { self.type = type self.source = source self.destination = destination self.options = options self.runtimeOptions = runtimeOptions } /// Mount representing a virtio block device. public static func block( format: String, source: String, destination: String, options: [String] = [], runtimeOptions: [String] = [] ) -> Self { .init( type: format, source: source, destination: destination, options: options, runtimeOptions: .virtioblk(runtimeOptions) ) } /// Mount representing a virtiofs share. public static func share( source: String, destination: String, options: [String] = [], runtimeOptions: [String] = [] ) -> Self { .init( type: "virtiofs", source: source, destination: destination, options: options, runtimeOptions: .virtiofs(runtimeOptions) ) } /// A generic mount. public static func any( type: String, source: String, destination: String, options: [String] = [], runtimeOptions: [String] = [] ) -> Self { .init( type: type, source: source, destination: destination, options: options, runtimeOptions: .any(runtimeOptions) ) } #if os(macOS) /// Clone the Mount to the provided path. /// /// This uses `clonefile` to provide a copy-on-write copy of the Mount. public func clone(to: String) throws -> Self { let fm = FileManager.default let src = self.source try fm.copyItem(atPath: src, toPath: to) return .init( type: self.type, source: to, destination: self.destination, options: self.options, runtimeOptions: self.runtimeOptions ) } #endif } #if os(macOS) extension Mount { func configure(config: inout VZVirtualMachineConfiguration) throws { switch self.runtimeOptions { case .virtioblk(let options): let device = try VZDiskImageStorageDeviceAttachment.mountToVZAttachment(mount: self, options: options) let attachment = VZVirtioBlockDeviceConfiguration(attachment: device) config.storageDevices.append(attachment) case .virtiofs(_): guard FileManager.default.fileExists(atPath: self.source) else { throw ContainerizationError(.notFound, message: "directory \(source) does not exist") } let name = try hashMountSource(source: self.source) let urlSource = URL(fileURLWithPath: source) let device = VZVirtioFileSystemDeviceConfiguration(tag: name) device.share = VZSingleDirectoryShare( directory: VZSharedDirectory( url: urlSource, readOnly: readonly ) ) config.directorySharingDevices.append(device) case .any: break } } } extension VZDiskImageStorageDeviceAttachment { static func mountToVZAttachment(mount: Mount, options: [String]) throws -> VZDiskImageStorageDeviceAttachment { var synchronizationMode: VZDiskImageSynchronizationMode = .fsync var cachingMode: VZDiskImageCachingMode = .cached for option in options { let split = option.split(separator: "=") if split.count != 2 { continue } let key = String(split[0]) let value = String(split[1]) switch key { case "vzDiskImageCachingMode": switch value { case "automatic": cachingMode = .automatic case "cached": cachingMode = .cached case "uncached": cachingMode = .uncached default: throw ContainerizationError( .invalidArgument, message: "unknown vzDiskImageCachingMode value for virtio block device: \(value)" ) } case "vzDiskImageSynchronizationMode": switch value { case "full": synchronizationMode = .full case "fsync": synchronizationMode = .fsync case "none": synchronizationMode = .none default: throw ContainerizationError( .invalidArgument, message: "unknown vzDiskImageSynchronizationMode value for virtio block device: \(value)" ) } default: throw ContainerizationError( .invalidArgument, message: "unknown vmm option encountered: \(key)" ) } } return try VZDiskImageStorageDeviceAttachment( url: URL(filePath: mount.source), readOnly: mount.readonly, cachingMode: cachingMode, synchronizationMode: synchronizationMode ) } } #endif extension Mount { fileprivate var readonly: Bool { self.options.contains("ro") } /// Returns true if this mount is a virtio block device. public var isBlock: Bool { if case .virtioblk = self.runtimeOptions { return true } return false } } ================================================ FILE: Sources/Containerization/NATInterface.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationExtras public struct NATInterface: Interface { public var ipv4Address: CIDRv4 public var ipv4Gateway: IPv4Address? public var macAddress: MACAddress? public var mtu: UInt32 public init(ipv4Address: CIDRv4, ipv4Gateway: IPv4Address?, macAddress: MACAddress? = nil, mtu: UInt32 = 1500) { self.ipv4Address = ipv4Address self.ipv4Gateway = ipv4Gateway self.macAddress = macAddress self.mtu = mtu } } ================================================ FILE: Sources/Containerization/NATNetworkInterface.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import vmnet import Virtualization import ContainerizationError import ContainerizationExtras import Foundation import Synchronization /// An interface that uses NAT to provide an IP address for a given /// container/virtual machine. @available(macOS 26, *) public final class NATNetworkInterface: Interface, Sendable { public let ipv4Address: CIDRv4 public let ipv4Gateway: IPv4Address? public let macAddress: MACAddress? public let mtu: UInt32 @available(macOS 26, *) // `reference` isn't used concurrently. public nonisolated(unsafe) let reference: vmnet_network_ref! @available(macOS 26, *) public init( ipv4Address: CIDRv4, ipv4Gateway: IPv4Address?, reference: sending vmnet_network_ref, macAddress: MACAddress? = nil, mtu: UInt32 = 1500 ) { self.ipv4Address = ipv4Address self.ipv4Gateway = ipv4Gateway self.macAddress = macAddress self.mtu = mtu self.reference = reference } @available(macOS, obsoleted: 26, message: "Use init(ipv4Address:ipv4Gateway:reference:macAddress:) instead") public init( ipv4Address: CIDRv4, ipv4Gateway: IPv4Address?, macAddress: MACAddress? = nil, mtu: UInt32 = 1500 ) { self.ipv4Address = ipv4Address self.ipv4Gateway = ipv4Gateway self.macAddress = macAddress self.mtu = mtu self.reference = nil } } @available(macOS 26, *) extension NATNetworkInterface: VZInterface { public func device() throws -> VZVirtioNetworkDeviceConfiguration { let config = VZVirtioNetworkDeviceConfiguration() if let macAddress = self.macAddress { guard let mac = VZMACAddress(string: macAddress.description) else { throw ContainerizationError(.invalidArgument, message: "invalid mac address \(macAddress)") } config.macAddress = mac } config.attachment = VZVmnetNetworkDeviceAttachment(network: self.reference) return config } } #endif ================================================ FILE: Sources/Containerization/Network.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// A network that can allocate and release interfaces for use with containers. public protocol Network: Sendable { mutating func createInterface(_ id: String) throws -> Interface? mutating func releaseInterface(_ id: String) throws } ================================================ FILE: Sources/Containerization/SandboxContext/SandboxContext.grpc.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // // DO NOT EDIT. // swift-format-ignore-file // // Generated by the protocol buffer compiler. // Source: SandboxContext.proto // import GRPC import NIO import NIOConcurrencyHelpers import SwiftProtobuf /// Context for interacting with a container's runtime environment. /// /// Usage: instantiate `Com_Apple_Containerization_Sandbox_V3_SandboxContextClient`, then call methods of this protocol to make API calls. public protocol Com_Apple_Containerization_Sandbox_V3_SandboxContextClientProtocol: GRPCClient { var serviceName: String { get } var interceptors: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientInterceptorFactoryProtocol? { get } func mount( _ request: Com_Apple_Containerization_Sandbox_V3_MountRequest, callOptions: CallOptions? ) -> UnaryCall func umount( _ request: Com_Apple_Containerization_Sandbox_V3_UmountRequest, callOptions: CallOptions? ) -> UnaryCall func setenv( _ request: Com_Apple_Containerization_Sandbox_V3_SetenvRequest, callOptions: CallOptions? ) -> UnaryCall func getenv( _ request: Com_Apple_Containerization_Sandbox_V3_GetenvRequest, callOptions: CallOptions? ) -> UnaryCall func mkdir( _ request: Com_Apple_Containerization_Sandbox_V3_MkdirRequest, callOptions: CallOptions? ) -> UnaryCall func sysctl( _ request: Com_Apple_Containerization_Sandbox_V3_SysctlRequest, callOptions: CallOptions? ) -> UnaryCall func setTime( _ request: Com_Apple_Containerization_Sandbox_V3_SetTimeRequest, callOptions: CallOptions? ) -> UnaryCall func setupEmulator( _ request: Com_Apple_Containerization_Sandbox_V3_SetupEmulatorRequest, callOptions: CallOptions? ) -> UnaryCall func writeFile( _ request: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest, callOptions: CallOptions? ) -> UnaryCall func copy( _ request: Com_Apple_Containerization_Sandbox_V3_CopyRequest, callOptions: CallOptions?, handler: @escaping (Com_Apple_Containerization_Sandbox_V3_CopyResponse) -> Void ) -> ServerStreamingCall func createProcess( _ request: Com_Apple_Containerization_Sandbox_V3_CreateProcessRequest, callOptions: CallOptions? ) -> UnaryCall func deleteProcess( _ request: Com_Apple_Containerization_Sandbox_V3_DeleteProcessRequest, callOptions: CallOptions? ) -> UnaryCall func startProcess( _ request: Com_Apple_Containerization_Sandbox_V3_StartProcessRequest, callOptions: CallOptions? ) -> UnaryCall func killProcess( _ request: Com_Apple_Containerization_Sandbox_V3_KillProcessRequest, callOptions: CallOptions? ) -> UnaryCall func waitProcess( _ request: Com_Apple_Containerization_Sandbox_V3_WaitProcessRequest, callOptions: CallOptions? ) -> UnaryCall func resizeProcess( _ request: Com_Apple_Containerization_Sandbox_V3_ResizeProcessRequest, callOptions: CallOptions? ) -> UnaryCall func closeProcessStdin( _ request: Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinRequest, callOptions: CallOptions? ) -> UnaryCall func containerStatistics( _ request: Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsRequest, callOptions: CallOptions? ) -> UnaryCall func proxyVsock( _ request: Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest, callOptions: CallOptions? ) -> UnaryCall func stopVsockProxy( _ request: Com_Apple_Containerization_Sandbox_V3_StopVsockProxyRequest, callOptions: CallOptions? ) -> UnaryCall func ipLinkSet( _ request: Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest, callOptions: CallOptions? ) -> UnaryCall func ipAddrAdd( _ request: Com_Apple_Containerization_Sandbox_V3_IpAddrAddRequest, callOptions: CallOptions? ) -> UnaryCall func ipRouteAddLink( _ request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkRequest, callOptions: CallOptions? ) -> UnaryCall func ipRouteAddDefault( _ request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultRequest, callOptions: CallOptions? ) -> UnaryCall func configureDns( _ request: Com_Apple_Containerization_Sandbox_V3_ConfigureDnsRequest, callOptions: CallOptions? ) -> UnaryCall func configureHosts( _ request: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest, callOptions: CallOptions? ) -> UnaryCall func sync( _ request: Com_Apple_Containerization_Sandbox_V3_SyncRequest, callOptions: CallOptions? ) -> UnaryCall func kill( _ request: Com_Apple_Containerization_Sandbox_V3_KillRequest, callOptions: CallOptions? ) -> UnaryCall } extension Com_Apple_Containerization_Sandbox_V3_SandboxContextClientProtocol { public var serviceName: String { return "com.apple.containerization.sandbox.v3.SandboxContext" } /// Mount a filesystem. /// /// - Parameters: /// - request: Request to send to Mount. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func mount( _ request: Com_Apple_Containerization_Sandbox_V3_MountRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.mount.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeMountInterceptors() ?? [] ) } /// Unmount a filesystem. /// /// - Parameters: /// - request: Request to send to Umount. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func umount( _ request: Com_Apple_Containerization_Sandbox_V3_UmountRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.umount.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeUmountInterceptors() ?? [] ) } /// Set an environment variable on the init process. /// /// - Parameters: /// - request: Request to send to Setenv. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func setenv( _ request: Com_Apple_Containerization_Sandbox_V3_SetenvRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.setenv.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSetenvInterceptors() ?? [] ) } /// Get an environment variable from the init process. /// /// - Parameters: /// - request: Request to send to Getenv. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func getenv( _ request: Com_Apple_Containerization_Sandbox_V3_GetenvRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.getenv.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeGetenvInterceptors() ?? [] ) } /// Create a new directory inside the sandbox. /// /// - Parameters: /// - request: Request to send to Mkdir. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func mkdir( _ request: Com_Apple_Containerization_Sandbox_V3_MkdirRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.mkdir.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeMkdirInterceptors() ?? [] ) } /// Set sysctls in the context of the sandbox. /// /// - Parameters: /// - request: Request to send to Sysctl. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func sysctl( _ request: Com_Apple_Containerization_Sandbox_V3_SysctlRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.sysctl.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSysctlInterceptors() ?? [] ) } /// Set time in the guest. /// /// - Parameters: /// - request: Request to send to SetTime. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func setTime( _ request: Com_Apple_Containerization_Sandbox_V3_SetTimeRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.setTime.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSetTimeInterceptors() ?? [] ) } /// Set up an emulator in the guest for a specific binary format. /// /// - Parameters: /// - request: Request to send to SetupEmulator. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func setupEmulator( _ request: Com_Apple_Containerization_Sandbox_V3_SetupEmulatorRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.setupEmulator.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSetupEmulatorInterceptors() ?? [] ) } /// Write data to an existing or new file. /// /// - Parameters: /// - request: Request to send to WriteFile. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func writeFile( _ request: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.writeFile.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeWriteFileInterceptors() ?? [] ) } /// Copy a file or directory between the host and guest. /// Data transfer happens over a dedicated vsock connection; /// the gRPC stream is used only for control/metadata. /// /// - Parameters: /// - request: Request to send to Copy. /// - callOptions: Call options. /// - handler: A closure called when each response is received from the server. /// - Returns: A `ServerStreamingCall` with futures for the metadata and status. public func copy( _ request: Com_Apple_Containerization_Sandbox_V3_CopyRequest, callOptions: CallOptions? = nil, handler: @escaping (Com_Apple_Containerization_Sandbox_V3_CopyResponse) -> Void ) -> ServerStreamingCall { return self.makeServerStreamingCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.copy.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeCopyInterceptors() ?? [], handler: handler ) } /// Create a new process inside the container. /// /// - Parameters: /// - request: Request to send to CreateProcess. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func createProcess( _ request: Com_Apple_Containerization_Sandbox_V3_CreateProcessRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.createProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeCreateProcessInterceptors() ?? [] ) } /// Delete an existing process inside the container. /// /// - Parameters: /// - request: Request to send to DeleteProcess. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func deleteProcess( _ request: Com_Apple_Containerization_Sandbox_V3_DeleteProcessRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.deleteProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeDeleteProcessInterceptors() ?? [] ) } /// Start the provided process. /// /// - Parameters: /// - request: Request to send to StartProcess. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func startProcess( _ request: Com_Apple_Containerization_Sandbox_V3_StartProcessRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.startProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeStartProcessInterceptors() ?? [] ) } /// Send a signal to the provided process. /// /// - Parameters: /// - request: Request to send to KillProcess. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func killProcess( _ request: Com_Apple_Containerization_Sandbox_V3_KillProcessRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.killProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeKillProcessInterceptors() ?? [] ) } /// Wait for a process to exit and return the exit code. /// /// - Parameters: /// - request: Request to send to WaitProcess. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func waitProcess( _ request: Com_Apple_Containerization_Sandbox_V3_WaitProcessRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.waitProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeWaitProcessInterceptors() ?? [] ) } /// Resize the tty of a given process. This will error if the process does /// not have a pty allocated. /// /// - Parameters: /// - request: Request to send to ResizeProcess. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func resizeProcess( _ request: Com_Apple_Containerization_Sandbox_V3_ResizeProcessRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.resizeProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeResizeProcessInterceptors() ?? [] ) } /// Close IO for a given process. /// /// - Parameters: /// - request: Request to send to CloseProcessStdin. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func closeProcessStdin( _ request: Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.closeProcessStdin.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeCloseProcessStdinInterceptors() ?? [] ) } /// Get statistics for containers. /// /// - Parameters: /// - request: Request to send to ContainerStatistics. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func containerStatistics( _ request: Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.containerStatistics.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeContainerStatisticsInterceptors() ?? [] ) } /// Proxy a vsock port to a unix domain socket in the guest, or vice versa. /// /// - Parameters: /// - request: Request to send to ProxyVsock. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func proxyVsock( _ request: Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.proxyVsock.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeProxyVsockInterceptors() ?? [] ) } /// Stop a vsock proxy to a unix domain socket. /// /// - Parameters: /// - request: Request to send to StopVsockProxy. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func stopVsockProxy( _ request: Com_Apple_Containerization_Sandbox_V3_StopVsockProxyRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.stopVsockProxy.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeStopVsockProxyInterceptors() ?? [] ) } /// Set the link state of a network interface. /// /// - Parameters: /// - request: Request to send to IpLinkSet. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func ipLinkSet( _ request: Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipLinkSet.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeIpLinkSetInterceptors() ?? [] ) } /// Add an IPv4 address to a network interface. /// /// - Parameters: /// - request: Request to send to IpAddrAdd. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func ipAddrAdd( _ request: Com_Apple_Containerization_Sandbox_V3_IpAddrAddRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipAddrAdd.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeIpAddrAddInterceptors() ?? [] ) } /// Add an IP route for a network interface. /// /// - Parameters: /// - request: Request to send to IpRouteAddLink. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func ipRouteAddLink( _ request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipRouteAddLink.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeIpRouteAddLinkInterceptors() ?? [] ) } /// Add an IP route for a network interface. /// /// - Parameters: /// - request: Request to send to IpRouteAddDefault. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func ipRouteAddDefault( _ request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipRouteAddDefault.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeIpRouteAddDefaultInterceptors() ?? [] ) } /// Configure DNS resolver. /// /// - Parameters: /// - request: Request to send to ConfigureDns. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func configureDns( _ request: Com_Apple_Containerization_Sandbox_V3_ConfigureDnsRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.configureDns.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeConfigureDnsInterceptors() ?? [] ) } /// Configure /etc/hosts. /// /// - Parameters: /// - request: Request to send to ConfigureHosts. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func configureHosts( _ request: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.configureHosts.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeConfigureHostsInterceptors() ?? [] ) } /// Perform the sync syscall. /// /// - Parameters: /// - request: Request to send to Sync. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func sync( _ request: Com_Apple_Containerization_Sandbox_V3_SyncRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.sync.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSyncInterceptors() ?? [] ) } /// Send a signal to a process via the PID. /// /// - Parameters: /// - request: Request to send to Kill. /// - callOptions: Call options. /// - Returns: A `UnaryCall` with futures for the metadata, status and response. public func kill( _ request: Com_Apple_Containerization_Sandbox_V3_KillRequest, callOptions: CallOptions? = nil ) -> UnaryCall { return self.makeUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.kill.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeKillInterceptors() ?? [] ) } } @available(*, deprecated) extension Com_Apple_Containerization_Sandbox_V3_SandboxContextClient: @unchecked Sendable {} @available(*, deprecated, renamed: "Com_Apple_Containerization_Sandbox_V3_SandboxContextNIOClient") public final class Com_Apple_Containerization_Sandbox_V3_SandboxContextClient: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientProtocol { private let lock = Lock() private var _defaultCallOptions: CallOptions private var _interceptors: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientInterceptorFactoryProtocol? public let channel: GRPCChannel public var defaultCallOptions: CallOptions { get { self.lock.withLock { return self._defaultCallOptions } } set { self.lock.withLockVoid { self._defaultCallOptions = newValue } } } public var interceptors: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientInterceptorFactoryProtocol? { get { self.lock.withLock { return self._interceptors } } set { self.lock.withLockVoid { self._interceptors = newValue } } } /// Creates a client for the com.apple.containerization.sandbox.v3.SandboxContext service. /// /// - Parameters: /// - channel: `GRPCChannel` to the service host. /// - defaultCallOptions: Options to use for each service call if the user doesn't provide them. /// - interceptors: A factory providing interceptors for each RPC. public init( channel: GRPCChannel, defaultCallOptions: CallOptions = CallOptions(), interceptors: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientInterceptorFactoryProtocol? = nil ) { self.channel = channel self._defaultCallOptions = defaultCallOptions self._interceptors = interceptors } } public struct Com_Apple_Containerization_Sandbox_V3_SandboxContextNIOClient: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientProtocol { public var channel: GRPCChannel public var defaultCallOptions: CallOptions public var interceptors: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientInterceptorFactoryProtocol? /// Creates a client for the com.apple.containerization.sandbox.v3.SandboxContext service. /// /// - Parameters: /// - channel: `GRPCChannel` to the service host. /// - defaultCallOptions: Options to use for each service call if the user doesn't provide them. /// - interceptors: A factory providing interceptors for each RPC. public init( channel: GRPCChannel, defaultCallOptions: CallOptions = CallOptions(), interceptors: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientInterceptorFactoryProtocol? = nil ) { self.channel = channel self.defaultCallOptions = defaultCallOptions self.interceptors = interceptors } } /// Context for interacting with a container's runtime environment. @available(macOS 10.15, iOS 13, tvOS 13, watchOS 6, *) public protocol Com_Apple_Containerization_Sandbox_V3_SandboxContextAsyncClientProtocol: GRPCClient { static var serviceDescriptor: GRPCServiceDescriptor { get } var interceptors: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientInterceptorFactoryProtocol? { get } func makeMountCall( _ request: Com_Apple_Containerization_Sandbox_V3_MountRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeUmountCall( _ request: Com_Apple_Containerization_Sandbox_V3_UmountRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeSetenvCall( _ request: Com_Apple_Containerization_Sandbox_V3_SetenvRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeGetenvCall( _ request: Com_Apple_Containerization_Sandbox_V3_GetenvRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeMkdirCall( _ request: Com_Apple_Containerization_Sandbox_V3_MkdirRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeSysctlCall( _ request: Com_Apple_Containerization_Sandbox_V3_SysctlRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeSetTimeCall( _ request: Com_Apple_Containerization_Sandbox_V3_SetTimeRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeSetupEmulatorCall( _ request: Com_Apple_Containerization_Sandbox_V3_SetupEmulatorRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeWriteFileCall( _ request: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeCopyCall( _ request: Com_Apple_Containerization_Sandbox_V3_CopyRequest, callOptions: CallOptions? ) -> GRPCAsyncServerStreamingCall func makeCreateProcessCall( _ request: Com_Apple_Containerization_Sandbox_V3_CreateProcessRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeDeleteProcessCall( _ request: Com_Apple_Containerization_Sandbox_V3_DeleteProcessRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeStartProcessCall( _ request: Com_Apple_Containerization_Sandbox_V3_StartProcessRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeKillProcessCall( _ request: Com_Apple_Containerization_Sandbox_V3_KillProcessRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeWaitProcessCall( _ request: Com_Apple_Containerization_Sandbox_V3_WaitProcessRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeResizeProcessCall( _ request: Com_Apple_Containerization_Sandbox_V3_ResizeProcessRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeCloseProcessStdinCall( _ request: Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeContainerStatisticsCall( _ request: Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeProxyVsockCall( _ request: Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeStopVsockProxyCall( _ request: Com_Apple_Containerization_Sandbox_V3_StopVsockProxyRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeIpLinkSetCall( _ request: Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeIpAddrAddCall( _ request: Com_Apple_Containerization_Sandbox_V3_IpAddrAddRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeIpRouteAddLinkCall( _ request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeIpRouteAddDefaultCall( _ request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeConfigureDnsCall( _ request: Com_Apple_Containerization_Sandbox_V3_ConfigureDnsRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeConfigureHostsCall( _ request: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeSyncCall( _ request: Com_Apple_Containerization_Sandbox_V3_SyncRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall func makeKillCall( _ request: Com_Apple_Containerization_Sandbox_V3_KillRequest, callOptions: CallOptions? ) -> GRPCAsyncUnaryCall } @available(macOS 10.15, iOS 13, tvOS 13, watchOS 6, *) extension Com_Apple_Containerization_Sandbox_V3_SandboxContextAsyncClientProtocol { public static var serviceDescriptor: GRPCServiceDescriptor { return Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.serviceDescriptor } public var interceptors: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientInterceptorFactoryProtocol? { return nil } public func makeMountCall( _ request: Com_Apple_Containerization_Sandbox_V3_MountRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.mount.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeMountInterceptors() ?? [] ) } public func makeUmountCall( _ request: Com_Apple_Containerization_Sandbox_V3_UmountRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.umount.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeUmountInterceptors() ?? [] ) } public func makeSetenvCall( _ request: Com_Apple_Containerization_Sandbox_V3_SetenvRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.setenv.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSetenvInterceptors() ?? [] ) } public func makeGetenvCall( _ request: Com_Apple_Containerization_Sandbox_V3_GetenvRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.getenv.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeGetenvInterceptors() ?? [] ) } public func makeMkdirCall( _ request: Com_Apple_Containerization_Sandbox_V3_MkdirRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.mkdir.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeMkdirInterceptors() ?? [] ) } public func makeSysctlCall( _ request: Com_Apple_Containerization_Sandbox_V3_SysctlRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.sysctl.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSysctlInterceptors() ?? [] ) } public func makeSetTimeCall( _ request: Com_Apple_Containerization_Sandbox_V3_SetTimeRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.setTime.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSetTimeInterceptors() ?? [] ) } public func makeSetupEmulatorCall( _ request: Com_Apple_Containerization_Sandbox_V3_SetupEmulatorRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.setupEmulator.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSetupEmulatorInterceptors() ?? [] ) } public func makeWriteFileCall( _ request: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.writeFile.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeWriteFileInterceptors() ?? [] ) } public func makeCopyCall( _ request: Com_Apple_Containerization_Sandbox_V3_CopyRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncServerStreamingCall { return self.makeAsyncServerStreamingCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.copy.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeCopyInterceptors() ?? [] ) } public func makeCreateProcessCall( _ request: Com_Apple_Containerization_Sandbox_V3_CreateProcessRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.createProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeCreateProcessInterceptors() ?? [] ) } public func makeDeleteProcessCall( _ request: Com_Apple_Containerization_Sandbox_V3_DeleteProcessRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.deleteProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeDeleteProcessInterceptors() ?? [] ) } public func makeStartProcessCall( _ request: Com_Apple_Containerization_Sandbox_V3_StartProcessRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.startProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeStartProcessInterceptors() ?? [] ) } public func makeKillProcessCall( _ request: Com_Apple_Containerization_Sandbox_V3_KillProcessRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.killProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeKillProcessInterceptors() ?? [] ) } public func makeWaitProcessCall( _ request: Com_Apple_Containerization_Sandbox_V3_WaitProcessRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.waitProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeWaitProcessInterceptors() ?? [] ) } public func makeResizeProcessCall( _ request: Com_Apple_Containerization_Sandbox_V3_ResizeProcessRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.resizeProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeResizeProcessInterceptors() ?? [] ) } public func makeCloseProcessStdinCall( _ request: Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.closeProcessStdin.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeCloseProcessStdinInterceptors() ?? [] ) } public func makeContainerStatisticsCall( _ request: Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.containerStatistics.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeContainerStatisticsInterceptors() ?? [] ) } public func makeProxyVsockCall( _ request: Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.proxyVsock.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeProxyVsockInterceptors() ?? [] ) } public func makeStopVsockProxyCall( _ request: Com_Apple_Containerization_Sandbox_V3_StopVsockProxyRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.stopVsockProxy.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeStopVsockProxyInterceptors() ?? [] ) } public func makeIpLinkSetCall( _ request: Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipLinkSet.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeIpLinkSetInterceptors() ?? [] ) } public func makeIpAddrAddCall( _ request: Com_Apple_Containerization_Sandbox_V3_IpAddrAddRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipAddrAdd.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeIpAddrAddInterceptors() ?? [] ) } public func makeIpRouteAddLinkCall( _ request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipRouteAddLink.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeIpRouteAddLinkInterceptors() ?? [] ) } public func makeIpRouteAddDefaultCall( _ request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipRouteAddDefault.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeIpRouteAddDefaultInterceptors() ?? [] ) } public func makeConfigureDnsCall( _ request: Com_Apple_Containerization_Sandbox_V3_ConfigureDnsRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.configureDns.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeConfigureDnsInterceptors() ?? [] ) } public func makeConfigureHostsCall( _ request: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.configureHosts.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeConfigureHostsInterceptors() ?? [] ) } public func makeSyncCall( _ request: Com_Apple_Containerization_Sandbox_V3_SyncRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.sync.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSyncInterceptors() ?? [] ) } public func makeKillCall( _ request: Com_Apple_Containerization_Sandbox_V3_KillRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncUnaryCall { return self.makeAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.kill.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeKillInterceptors() ?? [] ) } } @available(macOS 10.15, iOS 13, tvOS 13, watchOS 6, *) extension Com_Apple_Containerization_Sandbox_V3_SandboxContextAsyncClientProtocol { public func mount( _ request: Com_Apple_Containerization_Sandbox_V3_MountRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_MountResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.mount.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeMountInterceptors() ?? [] ) } public func umount( _ request: Com_Apple_Containerization_Sandbox_V3_UmountRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_UmountResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.umount.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeUmountInterceptors() ?? [] ) } public func setenv( _ request: Com_Apple_Containerization_Sandbox_V3_SetenvRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_SetenvResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.setenv.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSetenvInterceptors() ?? [] ) } public func getenv( _ request: Com_Apple_Containerization_Sandbox_V3_GetenvRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_GetenvResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.getenv.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeGetenvInterceptors() ?? [] ) } public func mkdir( _ request: Com_Apple_Containerization_Sandbox_V3_MkdirRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_MkdirResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.mkdir.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeMkdirInterceptors() ?? [] ) } public func sysctl( _ request: Com_Apple_Containerization_Sandbox_V3_SysctlRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_SysctlResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.sysctl.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSysctlInterceptors() ?? [] ) } public func setTime( _ request: Com_Apple_Containerization_Sandbox_V3_SetTimeRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_SetTimeResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.setTime.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSetTimeInterceptors() ?? [] ) } public func setupEmulator( _ request: Com_Apple_Containerization_Sandbox_V3_SetupEmulatorRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_SetupEmulatorResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.setupEmulator.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSetupEmulatorInterceptors() ?? [] ) } public func writeFile( _ request: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_WriteFileResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.writeFile.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeWriteFileInterceptors() ?? [] ) } public func copy( _ request: Com_Apple_Containerization_Sandbox_V3_CopyRequest, callOptions: CallOptions? = nil ) -> GRPCAsyncResponseStream { return self.performAsyncServerStreamingCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.copy.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeCopyInterceptors() ?? [] ) } public func createProcess( _ request: Com_Apple_Containerization_Sandbox_V3_CreateProcessRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_CreateProcessResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.createProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeCreateProcessInterceptors() ?? [] ) } public func deleteProcess( _ request: Com_Apple_Containerization_Sandbox_V3_DeleteProcessRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_DeleteProcessResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.deleteProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeDeleteProcessInterceptors() ?? [] ) } public func startProcess( _ request: Com_Apple_Containerization_Sandbox_V3_StartProcessRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_StartProcessResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.startProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeStartProcessInterceptors() ?? [] ) } public func killProcess( _ request: Com_Apple_Containerization_Sandbox_V3_KillProcessRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_KillProcessResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.killProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeKillProcessInterceptors() ?? [] ) } public func waitProcess( _ request: Com_Apple_Containerization_Sandbox_V3_WaitProcessRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_WaitProcessResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.waitProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeWaitProcessInterceptors() ?? [] ) } public func resizeProcess( _ request: Com_Apple_Containerization_Sandbox_V3_ResizeProcessRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_ResizeProcessResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.resizeProcess.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeResizeProcessInterceptors() ?? [] ) } public func closeProcessStdin( _ request: Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.closeProcessStdin.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeCloseProcessStdinInterceptors() ?? [] ) } public func containerStatistics( _ request: Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.containerStatistics.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeContainerStatisticsInterceptors() ?? [] ) } public func proxyVsock( _ request: Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_ProxyVsockResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.proxyVsock.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeProxyVsockInterceptors() ?? [] ) } public func stopVsockProxy( _ request: Com_Apple_Containerization_Sandbox_V3_StopVsockProxyRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_StopVsockProxyResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.stopVsockProxy.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeStopVsockProxyInterceptors() ?? [] ) } public func ipLinkSet( _ request: Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_IpLinkSetResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipLinkSet.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeIpLinkSetInterceptors() ?? [] ) } public func ipAddrAdd( _ request: Com_Apple_Containerization_Sandbox_V3_IpAddrAddRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_IpAddrAddResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipAddrAdd.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeIpAddrAddInterceptors() ?? [] ) } public func ipRouteAddLink( _ request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipRouteAddLink.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeIpRouteAddLinkInterceptors() ?? [] ) } public func ipRouteAddDefault( _ request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipRouteAddDefault.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeIpRouteAddDefaultInterceptors() ?? [] ) } public func configureDns( _ request: Com_Apple_Containerization_Sandbox_V3_ConfigureDnsRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_ConfigureDnsResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.configureDns.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeConfigureDnsInterceptors() ?? [] ) } public func configureHosts( _ request: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_ConfigureHostsResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.configureHosts.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeConfigureHostsInterceptors() ?? [] ) } public func sync( _ request: Com_Apple_Containerization_Sandbox_V3_SyncRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_SyncResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.sync.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeSyncInterceptors() ?? [] ) } public func kill( _ request: Com_Apple_Containerization_Sandbox_V3_KillRequest, callOptions: CallOptions? = nil ) async throws -> Com_Apple_Containerization_Sandbox_V3_KillResponse { return try await self.performAsyncUnaryCall( path: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.kill.path, request: request, callOptions: callOptions ?? self.defaultCallOptions, interceptors: self.interceptors?.makeKillInterceptors() ?? [] ) } } @available(macOS 10.15, iOS 13, tvOS 13, watchOS 6, *) public struct Com_Apple_Containerization_Sandbox_V3_SandboxContextAsyncClient: Com_Apple_Containerization_Sandbox_V3_SandboxContextAsyncClientProtocol { public var channel: GRPCChannel public var defaultCallOptions: CallOptions public var interceptors: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientInterceptorFactoryProtocol? public init( channel: GRPCChannel, defaultCallOptions: CallOptions = CallOptions(), interceptors: Com_Apple_Containerization_Sandbox_V3_SandboxContextClientInterceptorFactoryProtocol? = nil ) { self.channel = channel self.defaultCallOptions = defaultCallOptions self.interceptors = interceptors } } public protocol Com_Apple_Containerization_Sandbox_V3_SandboxContextClientInterceptorFactoryProtocol: Sendable { /// - Returns: Interceptors to use when invoking 'mount'. func makeMountInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'umount'. func makeUmountInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'setenv'. func makeSetenvInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'getenv'. func makeGetenvInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'mkdir'. func makeMkdirInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'sysctl'. func makeSysctlInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'setTime'. func makeSetTimeInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'setupEmulator'. func makeSetupEmulatorInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'writeFile'. func makeWriteFileInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'copy'. func makeCopyInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'createProcess'. func makeCreateProcessInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'deleteProcess'. func makeDeleteProcessInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'startProcess'. func makeStartProcessInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'killProcess'. func makeKillProcessInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'waitProcess'. func makeWaitProcessInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'resizeProcess'. func makeResizeProcessInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'closeProcessStdin'. func makeCloseProcessStdinInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'containerStatistics'. func makeContainerStatisticsInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'proxyVsock'. func makeProxyVsockInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'stopVsockProxy'. func makeStopVsockProxyInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'ipLinkSet'. func makeIpLinkSetInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'ipAddrAdd'. func makeIpAddrAddInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'ipRouteAddLink'. func makeIpRouteAddLinkInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'ipRouteAddDefault'. func makeIpRouteAddDefaultInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'configureDns'. func makeConfigureDnsInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'configureHosts'. func makeConfigureHostsInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'sync'. func makeSyncInterceptors() -> [ClientInterceptor] /// - Returns: Interceptors to use when invoking 'kill'. func makeKillInterceptors() -> [ClientInterceptor] } public enum Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata { public static let serviceDescriptor = GRPCServiceDescriptor( name: "SandboxContext", fullName: "com.apple.containerization.sandbox.v3.SandboxContext", methods: [ Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.mount, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.umount, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.setenv, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.getenv, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.mkdir, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.sysctl, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.setTime, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.setupEmulator, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.writeFile, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.copy, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.createProcess, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.deleteProcess, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.startProcess, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.killProcess, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.waitProcess, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.resizeProcess, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.closeProcessStdin, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.containerStatistics, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.proxyVsock, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.stopVsockProxy, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipLinkSet, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipAddrAdd, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipRouteAddLink, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.ipRouteAddDefault, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.configureDns, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.configureHosts, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.sync, Com_Apple_Containerization_Sandbox_V3_SandboxContextClientMetadata.Methods.kill, ] ) public enum Methods { public static let mount = GRPCMethodDescriptor( name: "Mount", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Mount", type: GRPCCallType.unary ) public static let umount = GRPCMethodDescriptor( name: "Umount", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Umount", type: GRPCCallType.unary ) public static let setenv = GRPCMethodDescriptor( name: "Setenv", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Setenv", type: GRPCCallType.unary ) public static let getenv = GRPCMethodDescriptor( name: "Getenv", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Getenv", type: GRPCCallType.unary ) public static let mkdir = GRPCMethodDescriptor( name: "Mkdir", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Mkdir", type: GRPCCallType.unary ) public static let sysctl = GRPCMethodDescriptor( name: "Sysctl", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Sysctl", type: GRPCCallType.unary ) public static let setTime = GRPCMethodDescriptor( name: "SetTime", path: "/com.apple.containerization.sandbox.v3.SandboxContext/SetTime", type: GRPCCallType.unary ) public static let setupEmulator = GRPCMethodDescriptor( name: "SetupEmulator", path: "/com.apple.containerization.sandbox.v3.SandboxContext/SetupEmulator", type: GRPCCallType.unary ) public static let writeFile = GRPCMethodDescriptor( name: "WriteFile", path: "/com.apple.containerization.sandbox.v3.SandboxContext/WriteFile", type: GRPCCallType.unary ) public static let copy = GRPCMethodDescriptor( name: "Copy", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Copy", type: GRPCCallType.serverStreaming ) public static let createProcess = GRPCMethodDescriptor( name: "CreateProcess", path: "/com.apple.containerization.sandbox.v3.SandboxContext/CreateProcess", type: GRPCCallType.unary ) public static let deleteProcess = GRPCMethodDescriptor( name: "DeleteProcess", path: "/com.apple.containerization.sandbox.v3.SandboxContext/DeleteProcess", type: GRPCCallType.unary ) public static let startProcess = GRPCMethodDescriptor( name: "StartProcess", path: "/com.apple.containerization.sandbox.v3.SandboxContext/StartProcess", type: GRPCCallType.unary ) public static let killProcess = GRPCMethodDescriptor( name: "KillProcess", path: "/com.apple.containerization.sandbox.v3.SandboxContext/KillProcess", type: GRPCCallType.unary ) public static let waitProcess = GRPCMethodDescriptor( name: "WaitProcess", path: "/com.apple.containerization.sandbox.v3.SandboxContext/WaitProcess", type: GRPCCallType.unary ) public static let resizeProcess = GRPCMethodDescriptor( name: "ResizeProcess", path: "/com.apple.containerization.sandbox.v3.SandboxContext/ResizeProcess", type: GRPCCallType.unary ) public static let closeProcessStdin = GRPCMethodDescriptor( name: "CloseProcessStdin", path: "/com.apple.containerization.sandbox.v3.SandboxContext/CloseProcessStdin", type: GRPCCallType.unary ) public static let containerStatistics = GRPCMethodDescriptor( name: "ContainerStatistics", path: "/com.apple.containerization.sandbox.v3.SandboxContext/ContainerStatistics", type: GRPCCallType.unary ) public static let proxyVsock = GRPCMethodDescriptor( name: "ProxyVsock", path: "/com.apple.containerization.sandbox.v3.SandboxContext/ProxyVsock", type: GRPCCallType.unary ) public static let stopVsockProxy = GRPCMethodDescriptor( name: "StopVsockProxy", path: "/com.apple.containerization.sandbox.v3.SandboxContext/StopVsockProxy", type: GRPCCallType.unary ) public static let ipLinkSet = GRPCMethodDescriptor( name: "IpLinkSet", path: "/com.apple.containerization.sandbox.v3.SandboxContext/IpLinkSet", type: GRPCCallType.unary ) public static let ipAddrAdd = GRPCMethodDescriptor( name: "IpAddrAdd", path: "/com.apple.containerization.sandbox.v3.SandboxContext/IpAddrAdd", type: GRPCCallType.unary ) public static let ipRouteAddLink = GRPCMethodDescriptor( name: "IpRouteAddLink", path: "/com.apple.containerization.sandbox.v3.SandboxContext/IpRouteAddLink", type: GRPCCallType.unary ) public static let ipRouteAddDefault = GRPCMethodDescriptor( name: "IpRouteAddDefault", path: "/com.apple.containerization.sandbox.v3.SandboxContext/IpRouteAddDefault", type: GRPCCallType.unary ) public static let configureDns = GRPCMethodDescriptor( name: "ConfigureDns", path: "/com.apple.containerization.sandbox.v3.SandboxContext/ConfigureDns", type: GRPCCallType.unary ) public static let configureHosts = GRPCMethodDescriptor( name: "ConfigureHosts", path: "/com.apple.containerization.sandbox.v3.SandboxContext/ConfigureHosts", type: GRPCCallType.unary ) public static let sync = GRPCMethodDescriptor( name: "Sync", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Sync", type: GRPCCallType.unary ) public static let kill = GRPCMethodDescriptor( name: "Kill", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Kill", type: GRPCCallType.unary ) } } /// Context for interacting with a container's runtime environment. /// /// To build a server, implement a class that conforms to this protocol. public protocol Com_Apple_Containerization_Sandbox_V3_SandboxContextProvider: CallHandlerProvider { var interceptors: Com_Apple_Containerization_Sandbox_V3_SandboxContextServerInterceptorFactoryProtocol? { get } /// Mount a filesystem. func mount(request: Com_Apple_Containerization_Sandbox_V3_MountRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Unmount a filesystem. func umount(request: Com_Apple_Containerization_Sandbox_V3_UmountRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Set an environment variable on the init process. func setenv(request: Com_Apple_Containerization_Sandbox_V3_SetenvRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Get an environment variable from the init process. func getenv(request: Com_Apple_Containerization_Sandbox_V3_GetenvRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Create a new directory inside the sandbox. func mkdir(request: Com_Apple_Containerization_Sandbox_V3_MkdirRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Set sysctls in the context of the sandbox. func sysctl(request: Com_Apple_Containerization_Sandbox_V3_SysctlRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Set time in the guest. func setTime(request: Com_Apple_Containerization_Sandbox_V3_SetTimeRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Set up an emulator in the guest for a specific binary format. func setupEmulator(request: Com_Apple_Containerization_Sandbox_V3_SetupEmulatorRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Write data to an existing or new file. func writeFile(request: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Copy a file or directory between the host and guest. /// Data transfer happens over a dedicated vsock connection; /// the gRPC stream is used only for control/metadata. func copy(request: Com_Apple_Containerization_Sandbox_V3_CopyRequest, context: StreamingResponseCallContext) -> EventLoopFuture /// Create a new process inside the container. func createProcess(request: Com_Apple_Containerization_Sandbox_V3_CreateProcessRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Delete an existing process inside the container. func deleteProcess(request: Com_Apple_Containerization_Sandbox_V3_DeleteProcessRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Start the provided process. func startProcess(request: Com_Apple_Containerization_Sandbox_V3_StartProcessRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Send a signal to the provided process. func killProcess(request: Com_Apple_Containerization_Sandbox_V3_KillProcessRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Wait for a process to exit and return the exit code. func waitProcess(request: Com_Apple_Containerization_Sandbox_V3_WaitProcessRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Resize the tty of a given process. This will error if the process does /// not have a pty allocated. func resizeProcess(request: Com_Apple_Containerization_Sandbox_V3_ResizeProcessRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Close IO for a given process. func closeProcessStdin(request: Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Get statistics for containers. func containerStatistics(request: Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Proxy a vsock port to a unix domain socket in the guest, or vice versa. func proxyVsock(request: Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Stop a vsock proxy to a unix domain socket. func stopVsockProxy(request: Com_Apple_Containerization_Sandbox_V3_StopVsockProxyRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Set the link state of a network interface. func ipLinkSet(request: Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Add an IPv4 address to a network interface. func ipAddrAdd(request: Com_Apple_Containerization_Sandbox_V3_IpAddrAddRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Add an IP route for a network interface. func ipRouteAddLink(request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Add an IP route for a network interface. func ipRouteAddDefault(request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Configure DNS resolver. func configureDns(request: Com_Apple_Containerization_Sandbox_V3_ConfigureDnsRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Configure /etc/hosts. func configureHosts(request: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Perform the sync syscall. func sync(request: Com_Apple_Containerization_Sandbox_V3_SyncRequest, context: StatusOnlyCallContext) -> EventLoopFuture /// Send a signal to a process via the PID. func kill(request: Com_Apple_Containerization_Sandbox_V3_KillRequest, context: StatusOnlyCallContext) -> EventLoopFuture } extension Com_Apple_Containerization_Sandbox_V3_SandboxContextProvider { public var serviceName: Substring { return Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.serviceDescriptor.fullName[...] } /// Determines, calls and returns the appropriate request handler, depending on the request's method. /// Returns nil for methods not handled by this service. public func handle( method name: Substring, context: CallHandlerContext ) -> GRPCServerHandlerProtocol? { switch name { case "Mount": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeMountInterceptors() ?? [], userFunction: self.mount(request:context:) ) case "Umount": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeUmountInterceptors() ?? [], userFunction: self.umount(request:context:) ) case "Setenv": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeSetenvInterceptors() ?? [], userFunction: self.setenv(request:context:) ) case "Getenv": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeGetenvInterceptors() ?? [], userFunction: self.getenv(request:context:) ) case "Mkdir": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeMkdirInterceptors() ?? [], userFunction: self.mkdir(request:context:) ) case "Sysctl": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeSysctlInterceptors() ?? [], userFunction: self.sysctl(request:context:) ) case "SetTime": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeSetTimeInterceptors() ?? [], userFunction: self.setTime(request:context:) ) case "SetupEmulator": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeSetupEmulatorInterceptors() ?? [], userFunction: self.setupEmulator(request:context:) ) case "WriteFile": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeWriteFileInterceptors() ?? [], userFunction: self.writeFile(request:context:) ) case "Copy": return ServerStreamingServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeCopyInterceptors() ?? [], userFunction: self.copy(request:context:) ) case "CreateProcess": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeCreateProcessInterceptors() ?? [], userFunction: self.createProcess(request:context:) ) case "DeleteProcess": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeDeleteProcessInterceptors() ?? [], userFunction: self.deleteProcess(request:context:) ) case "StartProcess": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeStartProcessInterceptors() ?? [], userFunction: self.startProcess(request:context:) ) case "KillProcess": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeKillProcessInterceptors() ?? [], userFunction: self.killProcess(request:context:) ) case "WaitProcess": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeWaitProcessInterceptors() ?? [], userFunction: self.waitProcess(request:context:) ) case "ResizeProcess": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeResizeProcessInterceptors() ?? [], userFunction: self.resizeProcess(request:context:) ) case "CloseProcessStdin": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeCloseProcessStdinInterceptors() ?? [], userFunction: self.closeProcessStdin(request:context:) ) case "ContainerStatistics": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeContainerStatisticsInterceptors() ?? [], userFunction: self.containerStatistics(request:context:) ) case "ProxyVsock": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeProxyVsockInterceptors() ?? [], userFunction: self.proxyVsock(request:context:) ) case "StopVsockProxy": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeStopVsockProxyInterceptors() ?? [], userFunction: self.stopVsockProxy(request:context:) ) case "IpLinkSet": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeIpLinkSetInterceptors() ?? [], userFunction: self.ipLinkSet(request:context:) ) case "IpAddrAdd": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeIpAddrAddInterceptors() ?? [], userFunction: self.ipAddrAdd(request:context:) ) case "IpRouteAddLink": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeIpRouteAddLinkInterceptors() ?? [], userFunction: self.ipRouteAddLink(request:context:) ) case "IpRouteAddDefault": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeIpRouteAddDefaultInterceptors() ?? [], userFunction: self.ipRouteAddDefault(request:context:) ) case "ConfigureDns": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeConfigureDnsInterceptors() ?? [], userFunction: self.configureDns(request:context:) ) case "ConfigureHosts": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeConfigureHostsInterceptors() ?? [], userFunction: self.configureHosts(request:context:) ) case "Sync": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeSyncInterceptors() ?? [], userFunction: self.sync(request:context:) ) case "Kill": return UnaryServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeKillInterceptors() ?? [], userFunction: self.kill(request:context:) ) default: return nil } } } /// Context for interacting with a container's runtime environment. /// /// To implement a server, implement an object which conforms to this protocol. @available(macOS 10.15, iOS 13, tvOS 13, watchOS 6, *) public protocol Com_Apple_Containerization_Sandbox_V3_SandboxContextAsyncProvider: CallHandlerProvider, Sendable { static var serviceDescriptor: GRPCServiceDescriptor { get } var interceptors: Com_Apple_Containerization_Sandbox_V3_SandboxContextServerInterceptorFactoryProtocol? { get } /// Mount a filesystem. func mount( request: Com_Apple_Containerization_Sandbox_V3_MountRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_MountResponse /// Unmount a filesystem. func umount( request: Com_Apple_Containerization_Sandbox_V3_UmountRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_UmountResponse /// Set an environment variable on the init process. func setenv( request: Com_Apple_Containerization_Sandbox_V3_SetenvRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_SetenvResponse /// Get an environment variable from the init process. func getenv( request: Com_Apple_Containerization_Sandbox_V3_GetenvRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_GetenvResponse /// Create a new directory inside the sandbox. func mkdir( request: Com_Apple_Containerization_Sandbox_V3_MkdirRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_MkdirResponse /// Set sysctls in the context of the sandbox. func sysctl( request: Com_Apple_Containerization_Sandbox_V3_SysctlRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_SysctlResponse /// Set time in the guest. func setTime( request: Com_Apple_Containerization_Sandbox_V3_SetTimeRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_SetTimeResponse /// Set up an emulator in the guest for a specific binary format. func setupEmulator( request: Com_Apple_Containerization_Sandbox_V3_SetupEmulatorRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_SetupEmulatorResponse /// Write data to an existing or new file. func writeFile( request: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_WriteFileResponse /// Copy a file or directory between the host and guest. /// Data transfer happens over a dedicated vsock connection; /// the gRPC stream is used only for control/metadata. func copy( request: Com_Apple_Containerization_Sandbox_V3_CopyRequest, responseStream: GRPCAsyncResponseStreamWriter, context: GRPCAsyncServerCallContext ) async throws /// Create a new process inside the container. func createProcess( request: Com_Apple_Containerization_Sandbox_V3_CreateProcessRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_CreateProcessResponse /// Delete an existing process inside the container. func deleteProcess( request: Com_Apple_Containerization_Sandbox_V3_DeleteProcessRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_DeleteProcessResponse /// Start the provided process. func startProcess( request: Com_Apple_Containerization_Sandbox_V3_StartProcessRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_StartProcessResponse /// Send a signal to the provided process. func killProcess( request: Com_Apple_Containerization_Sandbox_V3_KillProcessRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_KillProcessResponse /// Wait for a process to exit and return the exit code. func waitProcess( request: Com_Apple_Containerization_Sandbox_V3_WaitProcessRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_WaitProcessResponse /// Resize the tty of a given process. This will error if the process does /// not have a pty allocated. func resizeProcess( request: Com_Apple_Containerization_Sandbox_V3_ResizeProcessRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_ResizeProcessResponse /// Close IO for a given process. func closeProcessStdin( request: Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinResponse /// Get statistics for containers. func containerStatistics( request: Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsResponse /// Proxy a vsock port to a unix domain socket in the guest, or vice versa. func proxyVsock( request: Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_ProxyVsockResponse /// Stop a vsock proxy to a unix domain socket. func stopVsockProxy( request: Com_Apple_Containerization_Sandbox_V3_StopVsockProxyRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_StopVsockProxyResponse /// Set the link state of a network interface. func ipLinkSet( request: Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_IpLinkSetResponse /// Add an IPv4 address to a network interface. func ipAddrAdd( request: Com_Apple_Containerization_Sandbox_V3_IpAddrAddRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_IpAddrAddResponse /// Add an IP route for a network interface. func ipRouteAddLink( request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkResponse /// Add an IP route for a network interface. func ipRouteAddDefault( request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultResponse /// Configure DNS resolver. func configureDns( request: Com_Apple_Containerization_Sandbox_V3_ConfigureDnsRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_ConfigureDnsResponse /// Configure /etc/hosts. func configureHosts( request: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_ConfigureHostsResponse /// Perform the sync syscall. func sync( request: Com_Apple_Containerization_Sandbox_V3_SyncRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_SyncResponse /// Send a signal to a process via the PID. func kill( request: Com_Apple_Containerization_Sandbox_V3_KillRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_KillResponse } @available(macOS 10.15, iOS 13, tvOS 13, watchOS 6, *) extension Com_Apple_Containerization_Sandbox_V3_SandboxContextAsyncProvider { public static var serviceDescriptor: GRPCServiceDescriptor { return Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.serviceDescriptor } public var serviceName: Substring { return Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.serviceDescriptor.fullName[...] } public var interceptors: Com_Apple_Containerization_Sandbox_V3_SandboxContextServerInterceptorFactoryProtocol? { return nil } public func handle( method name: Substring, context: CallHandlerContext ) -> GRPCServerHandlerProtocol? { switch name { case "Mount": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeMountInterceptors() ?? [], wrapping: { try await self.mount(request: $0, context: $1) } ) case "Umount": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeUmountInterceptors() ?? [], wrapping: { try await self.umount(request: $0, context: $1) } ) case "Setenv": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeSetenvInterceptors() ?? [], wrapping: { try await self.setenv(request: $0, context: $1) } ) case "Getenv": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeGetenvInterceptors() ?? [], wrapping: { try await self.getenv(request: $0, context: $1) } ) case "Mkdir": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeMkdirInterceptors() ?? [], wrapping: { try await self.mkdir(request: $0, context: $1) } ) case "Sysctl": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeSysctlInterceptors() ?? [], wrapping: { try await self.sysctl(request: $0, context: $1) } ) case "SetTime": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeSetTimeInterceptors() ?? [], wrapping: { try await self.setTime(request: $0, context: $1) } ) case "SetupEmulator": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeSetupEmulatorInterceptors() ?? [], wrapping: { try await self.setupEmulator(request: $0, context: $1) } ) case "WriteFile": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeWriteFileInterceptors() ?? [], wrapping: { try await self.writeFile(request: $0, context: $1) } ) case "Copy": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeCopyInterceptors() ?? [], wrapping: { try await self.copy(request: $0, responseStream: $1, context: $2) } ) case "CreateProcess": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeCreateProcessInterceptors() ?? [], wrapping: { try await self.createProcess(request: $0, context: $1) } ) case "DeleteProcess": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeDeleteProcessInterceptors() ?? [], wrapping: { try await self.deleteProcess(request: $0, context: $1) } ) case "StartProcess": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeStartProcessInterceptors() ?? [], wrapping: { try await self.startProcess(request: $0, context: $1) } ) case "KillProcess": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeKillProcessInterceptors() ?? [], wrapping: { try await self.killProcess(request: $0, context: $1) } ) case "WaitProcess": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeWaitProcessInterceptors() ?? [], wrapping: { try await self.waitProcess(request: $0, context: $1) } ) case "ResizeProcess": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeResizeProcessInterceptors() ?? [], wrapping: { try await self.resizeProcess(request: $0, context: $1) } ) case "CloseProcessStdin": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeCloseProcessStdinInterceptors() ?? [], wrapping: { try await self.closeProcessStdin(request: $0, context: $1) } ) case "ContainerStatistics": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeContainerStatisticsInterceptors() ?? [], wrapping: { try await self.containerStatistics(request: $0, context: $1) } ) case "ProxyVsock": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeProxyVsockInterceptors() ?? [], wrapping: { try await self.proxyVsock(request: $0, context: $1) } ) case "StopVsockProxy": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeStopVsockProxyInterceptors() ?? [], wrapping: { try await self.stopVsockProxy(request: $0, context: $1) } ) case "IpLinkSet": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeIpLinkSetInterceptors() ?? [], wrapping: { try await self.ipLinkSet(request: $0, context: $1) } ) case "IpAddrAdd": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeIpAddrAddInterceptors() ?? [], wrapping: { try await self.ipAddrAdd(request: $0, context: $1) } ) case "IpRouteAddLink": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeIpRouteAddLinkInterceptors() ?? [], wrapping: { try await self.ipRouteAddLink(request: $0, context: $1) } ) case "IpRouteAddDefault": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeIpRouteAddDefaultInterceptors() ?? [], wrapping: { try await self.ipRouteAddDefault(request: $0, context: $1) } ) case "ConfigureDns": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeConfigureDnsInterceptors() ?? [], wrapping: { try await self.configureDns(request: $0, context: $1) } ) case "ConfigureHosts": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeConfigureHostsInterceptors() ?? [], wrapping: { try await self.configureHosts(request: $0, context: $1) } ) case "Sync": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeSyncInterceptors() ?? [], wrapping: { try await self.sync(request: $0, context: $1) } ) case "Kill": return GRPCAsyncServerHandler( context: context, requestDeserializer: ProtobufDeserializer(), responseSerializer: ProtobufSerializer(), interceptors: self.interceptors?.makeKillInterceptors() ?? [], wrapping: { try await self.kill(request: $0, context: $1) } ) default: return nil } } } public protocol Com_Apple_Containerization_Sandbox_V3_SandboxContextServerInterceptorFactoryProtocol: Sendable { /// - Returns: Interceptors to use when handling 'mount'. /// Defaults to calling `self.makeInterceptors()`. func makeMountInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'umount'. /// Defaults to calling `self.makeInterceptors()`. func makeUmountInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'setenv'. /// Defaults to calling `self.makeInterceptors()`. func makeSetenvInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'getenv'. /// Defaults to calling `self.makeInterceptors()`. func makeGetenvInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'mkdir'. /// Defaults to calling `self.makeInterceptors()`. func makeMkdirInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'sysctl'. /// Defaults to calling `self.makeInterceptors()`. func makeSysctlInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'setTime'. /// Defaults to calling `self.makeInterceptors()`. func makeSetTimeInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'setupEmulator'. /// Defaults to calling `self.makeInterceptors()`. func makeSetupEmulatorInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'writeFile'. /// Defaults to calling `self.makeInterceptors()`. func makeWriteFileInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'copy'. /// Defaults to calling `self.makeInterceptors()`. func makeCopyInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'createProcess'. /// Defaults to calling `self.makeInterceptors()`. func makeCreateProcessInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'deleteProcess'. /// Defaults to calling `self.makeInterceptors()`. func makeDeleteProcessInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'startProcess'. /// Defaults to calling `self.makeInterceptors()`. func makeStartProcessInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'killProcess'. /// Defaults to calling `self.makeInterceptors()`. func makeKillProcessInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'waitProcess'. /// Defaults to calling `self.makeInterceptors()`. func makeWaitProcessInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'resizeProcess'. /// Defaults to calling `self.makeInterceptors()`. func makeResizeProcessInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'closeProcessStdin'. /// Defaults to calling `self.makeInterceptors()`. func makeCloseProcessStdinInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'containerStatistics'. /// Defaults to calling `self.makeInterceptors()`. func makeContainerStatisticsInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'proxyVsock'. /// Defaults to calling `self.makeInterceptors()`. func makeProxyVsockInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'stopVsockProxy'. /// Defaults to calling `self.makeInterceptors()`. func makeStopVsockProxyInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'ipLinkSet'. /// Defaults to calling `self.makeInterceptors()`. func makeIpLinkSetInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'ipAddrAdd'. /// Defaults to calling `self.makeInterceptors()`. func makeIpAddrAddInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'ipRouteAddLink'. /// Defaults to calling `self.makeInterceptors()`. func makeIpRouteAddLinkInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'ipRouteAddDefault'. /// Defaults to calling `self.makeInterceptors()`. func makeIpRouteAddDefaultInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'configureDns'. /// Defaults to calling `self.makeInterceptors()`. func makeConfigureDnsInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'configureHosts'. /// Defaults to calling `self.makeInterceptors()`. func makeConfigureHostsInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'sync'. /// Defaults to calling `self.makeInterceptors()`. func makeSyncInterceptors() -> [ServerInterceptor] /// - Returns: Interceptors to use when handling 'kill'. /// Defaults to calling `self.makeInterceptors()`. func makeKillInterceptors() -> [ServerInterceptor] } public enum Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata { public static let serviceDescriptor = GRPCServiceDescriptor( name: "SandboxContext", fullName: "com.apple.containerization.sandbox.v3.SandboxContext", methods: [ Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.mount, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.umount, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.setenv, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.getenv, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.mkdir, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.sysctl, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.setTime, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.setupEmulator, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.writeFile, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.copy, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.createProcess, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.deleteProcess, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.startProcess, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.killProcess, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.waitProcess, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.resizeProcess, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.closeProcessStdin, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.containerStatistics, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.proxyVsock, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.stopVsockProxy, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.ipLinkSet, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.ipAddrAdd, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.ipRouteAddLink, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.ipRouteAddDefault, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.configureDns, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.configureHosts, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.sync, Com_Apple_Containerization_Sandbox_V3_SandboxContextServerMetadata.Methods.kill, ] ) public enum Methods { public static let mount = GRPCMethodDescriptor( name: "Mount", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Mount", type: GRPCCallType.unary ) public static let umount = GRPCMethodDescriptor( name: "Umount", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Umount", type: GRPCCallType.unary ) public static let setenv = GRPCMethodDescriptor( name: "Setenv", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Setenv", type: GRPCCallType.unary ) public static let getenv = GRPCMethodDescriptor( name: "Getenv", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Getenv", type: GRPCCallType.unary ) public static let mkdir = GRPCMethodDescriptor( name: "Mkdir", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Mkdir", type: GRPCCallType.unary ) public static let sysctl = GRPCMethodDescriptor( name: "Sysctl", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Sysctl", type: GRPCCallType.unary ) public static let setTime = GRPCMethodDescriptor( name: "SetTime", path: "/com.apple.containerization.sandbox.v3.SandboxContext/SetTime", type: GRPCCallType.unary ) public static let setupEmulator = GRPCMethodDescriptor( name: "SetupEmulator", path: "/com.apple.containerization.sandbox.v3.SandboxContext/SetupEmulator", type: GRPCCallType.unary ) public static let writeFile = GRPCMethodDescriptor( name: "WriteFile", path: "/com.apple.containerization.sandbox.v3.SandboxContext/WriteFile", type: GRPCCallType.unary ) public static let copy = GRPCMethodDescriptor( name: "Copy", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Copy", type: GRPCCallType.serverStreaming ) public static let createProcess = GRPCMethodDescriptor( name: "CreateProcess", path: "/com.apple.containerization.sandbox.v3.SandboxContext/CreateProcess", type: GRPCCallType.unary ) public static let deleteProcess = GRPCMethodDescriptor( name: "DeleteProcess", path: "/com.apple.containerization.sandbox.v3.SandboxContext/DeleteProcess", type: GRPCCallType.unary ) public static let startProcess = GRPCMethodDescriptor( name: "StartProcess", path: "/com.apple.containerization.sandbox.v3.SandboxContext/StartProcess", type: GRPCCallType.unary ) public static let killProcess = GRPCMethodDescriptor( name: "KillProcess", path: "/com.apple.containerization.sandbox.v3.SandboxContext/KillProcess", type: GRPCCallType.unary ) public static let waitProcess = GRPCMethodDescriptor( name: "WaitProcess", path: "/com.apple.containerization.sandbox.v3.SandboxContext/WaitProcess", type: GRPCCallType.unary ) public static let resizeProcess = GRPCMethodDescriptor( name: "ResizeProcess", path: "/com.apple.containerization.sandbox.v3.SandboxContext/ResizeProcess", type: GRPCCallType.unary ) public static let closeProcessStdin = GRPCMethodDescriptor( name: "CloseProcessStdin", path: "/com.apple.containerization.sandbox.v3.SandboxContext/CloseProcessStdin", type: GRPCCallType.unary ) public static let containerStatistics = GRPCMethodDescriptor( name: "ContainerStatistics", path: "/com.apple.containerization.sandbox.v3.SandboxContext/ContainerStatistics", type: GRPCCallType.unary ) public static let proxyVsock = GRPCMethodDescriptor( name: "ProxyVsock", path: "/com.apple.containerization.sandbox.v3.SandboxContext/ProxyVsock", type: GRPCCallType.unary ) public static let stopVsockProxy = GRPCMethodDescriptor( name: "StopVsockProxy", path: "/com.apple.containerization.sandbox.v3.SandboxContext/StopVsockProxy", type: GRPCCallType.unary ) public static let ipLinkSet = GRPCMethodDescriptor( name: "IpLinkSet", path: "/com.apple.containerization.sandbox.v3.SandboxContext/IpLinkSet", type: GRPCCallType.unary ) public static let ipAddrAdd = GRPCMethodDescriptor( name: "IpAddrAdd", path: "/com.apple.containerization.sandbox.v3.SandboxContext/IpAddrAdd", type: GRPCCallType.unary ) public static let ipRouteAddLink = GRPCMethodDescriptor( name: "IpRouteAddLink", path: "/com.apple.containerization.sandbox.v3.SandboxContext/IpRouteAddLink", type: GRPCCallType.unary ) public static let ipRouteAddDefault = GRPCMethodDescriptor( name: "IpRouteAddDefault", path: "/com.apple.containerization.sandbox.v3.SandboxContext/IpRouteAddDefault", type: GRPCCallType.unary ) public static let configureDns = GRPCMethodDescriptor( name: "ConfigureDns", path: "/com.apple.containerization.sandbox.v3.SandboxContext/ConfigureDns", type: GRPCCallType.unary ) public static let configureHosts = GRPCMethodDescriptor( name: "ConfigureHosts", path: "/com.apple.containerization.sandbox.v3.SandboxContext/ConfigureHosts", type: GRPCCallType.unary ) public static let sync = GRPCMethodDescriptor( name: "Sync", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Sync", type: GRPCCallType.unary ) public static let kill = GRPCMethodDescriptor( name: "Kill", path: "/com.apple.containerization.sandbox.v3.SandboxContext/Kill", type: GRPCCallType.unary ) } } ================================================ FILE: Sources/Containerization/SandboxContext/SandboxContext.pb.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // DO NOT EDIT. // swift-format-ignore-file // swiftlint:disable all // // Generated by the Swift generator plugin for the protocol buffer compiler. // Source: SandboxContext.proto // // For information on using the generated types, please see the documentation: // https://github.com/apple/swift-protobuf/ import Foundation import SwiftProtobuf // If the compiler emits an error on this type, it is because this file // was generated by a version of the `protoc` Swift plug-in that is // incompatible with the version of SwiftProtobuf to which you are linking. // Please ensure that you are building against the same version of the API // that was used to generate this file. fileprivate struct _GeneratedWithProtocGenSwiftVersion: SwiftProtobuf.ProtobufAPIVersionCheck { struct _2: SwiftProtobuf.ProtobufAPIVersion_2 {} typealias Version = _2 } /// Categories of statistics that can be requested. public enum Com_Apple_Containerization_Sandbox_V3_StatCategory: SwiftProtobuf.Enum, Swift.CaseIterable { public typealias RawValue = Int case unspecified // = 0 case process // = 1 case memory // = 2 case cpu // = 3 case blockIo // = 4 case network // = 5 case memoryEvents // = 6 case UNRECOGNIZED(Int) public init() { self = .unspecified } public init?(rawValue: Int) { switch rawValue { case 0: self = .unspecified case 1: self = .process case 2: self = .memory case 3: self = .cpu case 4: self = .blockIo case 5: self = .network case 6: self = .memoryEvents default: self = .UNRECOGNIZED(rawValue) } } public var rawValue: Int { switch self { case .unspecified: return 0 case .process: return 1 case .memory: return 2 case .cpu: return 3 case .blockIo: return 4 case .network: return 5 case .memoryEvents: return 6 case .UNRECOGNIZED(let i): return i } } // The compiler won't synthesize support with the UNRECOGNIZED case. public static let allCases: [Com_Apple_Containerization_Sandbox_V3_StatCategory] = [ .unspecified, .process, .memory, .cpu, .blockIo, .network, .memoryEvents, ] } public struct Com_Apple_Containerization_Sandbox_V3_Stdio: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var stdinPort: Int32 { get {return _stdinPort ?? 0} set {_stdinPort = newValue} } /// Returns true if `stdinPort` has been explicitly set. public var hasStdinPort: Bool {return self._stdinPort != nil} /// Clears the value of `stdinPort`. Subsequent reads from it will return its default value. public mutating func clearStdinPort() {self._stdinPort = nil} public var stdoutPort: Int32 { get {return _stdoutPort ?? 0} set {_stdoutPort = newValue} } /// Returns true if `stdoutPort` has been explicitly set. public var hasStdoutPort: Bool {return self._stdoutPort != nil} /// Clears the value of `stdoutPort`. Subsequent reads from it will return its default value. public mutating func clearStdoutPort() {self._stdoutPort = nil} public var stderrPort: Int32 { get {return _stderrPort ?? 0} set {_stderrPort = newValue} } /// Returns true if `stderrPort` has been explicitly set. public var hasStderrPort: Bool {return self._stderrPort != nil} /// Clears the value of `stderrPort`. Subsequent reads from it will return its default value. public mutating func clearStderrPort() {self._stderrPort = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _stdinPort: Int32? = nil fileprivate var _stdoutPort: Int32? = nil fileprivate var _stderrPort: Int32? = nil } public struct Com_Apple_Containerization_Sandbox_V3_SetupEmulatorRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var binaryPath: String = String() public var name: String = String() public var type: String = String() public var offset: String = String() public var magic: String = String() public var mask: String = String() public var flags: String = String() public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_SetupEmulatorResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_SetTimeRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var sec: Int64 = 0 public var usec: Int32 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_SetTimeResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_SysctlRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var settings: Dictionary = [:] public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_SysctlResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var id: String = String() public var vsockPort: UInt32 = 0 public var guestPath: String = String() public var guestSocketPermissions: UInt32 { get {return _guestSocketPermissions ?? 0} set {_guestSocketPermissions = newValue} } /// Returns true if `guestSocketPermissions` has been explicitly set. public var hasGuestSocketPermissions: Bool {return self._guestSocketPermissions != nil} /// Clears the value of `guestSocketPermissions`. Subsequent reads from it will return its default value. public mutating func clearGuestSocketPermissions() {self._guestSocketPermissions = nil} public var action: Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest.Action = .into public var unknownFields = SwiftProtobuf.UnknownStorage() public enum Action: SwiftProtobuf.Enum, Swift.CaseIterable { public typealias RawValue = Int case into // = 0 case outOf // = 1 case UNRECOGNIZED(Int) public init() { self = .into } public init?(rawValue: Int) { switch rawValue { case 0: self = .into case 1: self = .outOf default: self = .UNRECOGNIZED(rawValue) } } public var rawValue: Int { switch self { case .into: return 0 case .outOf: return 1 case .UNRECOGNIZED(let i): return i } } // The compiler won't synthesize support with the UNRECOGNIZED case. public static let allCases: [Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest.Action] = [ .into, .outOf, ] } public init() {} fileprivate var _guestSocketPermissions: UInt32? = nil } public struct Com_Apple_Containerization_Sandbox_V3_ProxyVsockResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_StopVsockProxyRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var id: String = String() public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_StopVsockProxyResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_MountRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var type: String = String() public var source: String = String() public var destination: String = String() public var options: [String] = [] public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_MountResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_UmountRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var path: String = String() public var flags: Int32 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_UmountResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_SetenvRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var key: String = String() public var value: String { get {return _value ?? String()} set {_value = newValue} } /// Returns true if `value` has been explicitly set. public var hasValue: Bool {return self._value != nil} /// Clears the value of `value`. Subsequent reads from it will return its default value. public mutating func clearValue() {self._value = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _value: String? = nil } public struct Com_Apple_Containerization_Sandbox_V3_SetenvResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_GetenvRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var key: String = String() public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_GetenvResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var value: String { get {return _value ?? String()} set {_value = newValue} } /// Returns true if `value` has been explicitly set. public var hasValue: Bool {return self._value != nil} /// Clears the value of `value`. Subsequent reads from it will return its default value. public mutating func clearValue() {self._value = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _value: String? = nil } public struct Com_Apple_Containerization_Sandbox_V3_CreateProcessRequest: @unchecked Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var id: String = String() public var containerID: String { get {return _containerID ?? String()} set {_containerID = newValue} } /// Returns true if `containerID` has been explicitly set. public var hasContainerID: Bool {return self._containerID != nil} /// Clears the value of `containerID`. Subsequent reads from it will return its default value. public mutating func clearContainerID() {self._containerID = nil} public var stdin: UInt32 { get {return _stdin ?? 0} set {_stdin = newValue} } /// Returns true if `stdin` has been explicitly set. public var hasStdin: Bool {return self._stdin != nil} /// Clears the value of `stdin`. Subsequent reads from it will return its default value. public mutating func clearStdin() {self._stdin = nil} public var stdout: UInt32 { get {return _stdout ?? 0} set {_stdout = newValue} } /// Returns true if `stdout` has been explicitly set. public var hasStdout: Bool {return self._stdout != nil} /// Clears the value of `stdout`. Subsequent reads from it will return its default value. public mutating func clearStdout() {self._stdout = nil} public var stderr: UInt32 { get {return _stderr ?? 0} set {_stderr = newValue} } /// Returns true if `stderr` has been explicitly set. public var hasStderr: Bool {return self._stderr != nil} /// Clears the value of `stderr`. Subsequent reads from it will return its default value. public mutating func clearStderr() {self._stderr = nil} public var ociRuntimePath: String { get {return _ociRuntimePath ?? String()} set {_ociRuntimePath = newValue} } /// Returns true if `ociRuntimePath` has been explicitly set. public var hasOciRuntimePath: Bool {return self._ociRuntimePath != nil} /// Clears the value of `ociRuntimePath`. Subsequent reads from it will return its default value. public mutating func clearOciRuntimePath() {self._ociRuntimePath = nil} public var configuration: Data = Data() public var options: Data { get {return _options ?? Data()} set {_options = newValue} } /// Returns true if `options` has been explicitly set. public var hasOptions: Bool {return self._options != nil} /// Clears the value of `options`. Subsequent reads from it will return its default value. public mutating func clearOptions() {self._options = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _containerID: String? = nil fileprivate var _stdin: UInt32? = nil fileprivate var _stdout: UInt32? = nil fileprivate var _stderr: UInt32? = nil fileprivate var _ociRuntimePath: String? = nil fileprivate var _options: Data? = nil } public struct Com_Apple_Containerization_Sandbox_V3_CreateProcessResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_WaitProcessRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var id: String = String() public var containerID: String { get {return _containerID ?? String()} set {_containerID = newValue} } /// Returns true if `containerID` has been explicitly set. public var hasContainerID: Bool {return self._containerID != nil} /// Clears the value of `containerID`. Subsequent reads from it will return its default value. public mutating func clearContainerID() {self._containerID = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _containerID: String? = nil } public struct Com_Apple_Containerization_Sandbox_V3_WaitProcessResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var exitCode: Int32 = 0 public var exitedAt: SwiftProtobuf.Google_Protobuf_Timestamp { get {return _exitedAt ?? SwiftProtobuf.Google_Protobuf_Timestamp()} set {_exitedAt = newValue} } /// Returns true if `exitedAt` has been explicitly set. public var hasExitedAt: Bool {return self._exitedAt != nil} /// Clears the value of `exitedAt`. Subsequent reads from it will return its default value. public mutating func clearExitedAt() {self._exitedAt = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _exitedAt: SwiftProtobuf.Google_Protobuf_Timestamp? = nil } public struct Com_Apple_Containerization_Sandbox_V3_ResizeProcessRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var id: String = String() public var containerID: String { get {return _containerID ?? String()} set {_containerID = newValue} } /// Returns true if `containerID` has been explicitly set. public var hasContainerID: Bool {return self._containerID != nil} /// Clears the value of `containerID`. Subsequent reads from it will return its default value. public mutating func clearContainerID() {self._containerID = nil} public var rows: UInt32 = 0 public var columns: UInt32 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _containerID: String? = nil } public struct Com_Apple_Containerization_Sandbox_V3_ResizeProcessResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_DeleteProcessRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var id: String = String() public var containerID: String { get {return _containerID ?? String()} set {_containerID = newValue} } /// Returns true if `containerID` has been explicitly set. public var hasContainerID: Bool {return self._containerID != nil} /// Clears the value of `containerID`. Subsequent reads from it will return its default value. public mutating func clearContainerID() {self._containerID = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _containerID: String? = nil } public struct Com_Apple_Containerization_Sandbox_V3_DeleteProcessResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_StartProcessRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var id: String = String() public var containerID: String { get {return _containerID ?? String()} set {_containerID = newValue} } /// Returns true if `containerID` has been explicitly set. public var hasContainerID: Bool {return self._containerID != nil} /// Clears the value of `containerID`. Subsequent reads from it will return its default value. public mutating func clearContainerID() {self._containerID = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _containerID: String? = nil } public struct Com_Apple_Containerization_Sandbox_V3_StartProcessResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var pid: Int32 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_KillProcessRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var id: String = String() public var containerID: String { get {return _containerID ?? String()} set {_containerID = newValue} } /// Returns true if `containerID` has been explicitly set. public var hasContainerID: Bool {return self._containerID != nil} /// Clears the value of `containerID`. Subsequent reads from it will return its default value. public mutating func clearContainerID() {self._containerID = nil} public var signal: Int32 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _containerID: String? = nil } public struct Com_Apple_Containerization_Sandbox_V3_KillProcessResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var result: Int32 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var id: String = String() public var containerID: String { get {return _containerID ?? String()} set {_containerID = newValue} } /// Returns true if `containerID` has been explicitly set. public var hasContainerID: Bool {return self._containerID != nil} /// Clears the value of `containerID`. Subsequent reads from it will return its default value. public mutating func clearContainerID() {self._containerID = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _containerID: String? = nil } public struct Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_MkdirRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var path: String = String() public var all: Bool = false public var perms: UInt32 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_MkdirResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_WriteFileRequest: @unchecked Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var path: String = String() public var data: Data = Data() public var mode: UInt32 = 0 public var flags: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest.WriteFileFlags { get {return _flags ?? Com_Apple_Containerization_Sandbox_V3_WriteFileRequest.WriteFileFlags()} set {_flags = newValue} } /// Returns true if `flags` has been explicitly set. public var hasFlags: Bool {return self._flags != nil} /// Clears the value of `flags`. Subsequent reads from it will return its default value. public mutating func clearFlags() {self._flags = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public struct WriteFileFlags: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var createParentDirs: Bool = false public var append: Bool = false public var createIfMissing: Bool = false public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public init() {} fileprivate var _flags: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest.WriteFileFlags? = nil } public struct Com_Apple_Containerization_Sandbox_V3_WriteFileResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_CopyRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. /// Direction of the copy operation. public var direction: Com_Apple_Containerization_Sandbox_V3_CopyRequest.Direction = .copyIn /// Path in the guest (destination for COPY_IN, source for COPY_OUT). public var path: String = String() /// File mode for single-file COPY_IN (defaults to 0644 if not set). public var mode: UInt32 = 0 /// Create parent directories if they don't exist. public var createParents: Bool = false /// Vsock port the host is listening on for data transfer. public var vsockPort: UInt32 = 0 /// For COPY_IN: indicates the data arriving on vsock is a tar+gzip archive. public var isArchive: Bool = false public var unknownFields = SwiftProtobuf.UnknownStorage() public enum Direction: SwiftProtobuf.Enum, Swift.CaseIterable { public typealias RawValue = Int /// Copy from host into guest. case copyIn // = 0 /// Copy from guest to host. case copyOut // = 1 case UNRECOGNIZED(Int) public init() { self = .copyIn } public init?(rawValue: Int) { switch rawValue { case 0: self = .copyIn case 1: self = .copyOut default: self = .UNRECOGNIZED(rawValue) } } public var rawValue: Int { switch self { case .copyIn: return 0 case .copyOut: return 1 case .UNRECOGNIZED(let i): return i } } // The compiler won't synthesize support with the UNRECOGNIZED case. public static let allCases: [Com_Apple_Containerization_Sandbox_V3_CopyRequest.Direction] = [ .copyIn, .copyOut, ] } public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_CopyResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. /// What this response represents. public var status: Com_Apple_Containerization_Sandbox_V3_CopyResponse.Status = .metadata /// For COPY_OUT METADATA: indicates the data on vsock will be a tar+gzip archive. public var isArchive: Bool = false /// For COPY_OUT METADATA: total size in bytes (0 if unknown, e.g. for archives). public var totalSize: UInt64 = 0 /// Non-empty if an error occurred. public var error: String = String() public var unknownFields = SwiftProtobuf.UnknownStorage() public enum Status: SwiftProtobuf.Enum, Swift.CaseIterable { public typealias RawValue = Int /// Transfer metadata (first message for COPY_OUT: is_archive, total_size). case metadata // = 0 /// Data transfer completed successfully. case complete // = 1 case UNRECOGNIZED(Int) public init() { self = .metadata } public init?(rawValue: Int) { switch rawValue { case 0: self = .metadata case 1: self = .complete default: self = .UNRECOGNIZED(rawValue) } } public var rawValue: Int { switch self { case .metadata: return 0 case .complete: return 1 case .UNRECOGNIZED(let i): return i } } // The compiler won't synthesize support with the UNRECOGNIZED case. public static let allCases: [Com_Apple_Containerization_Sandbox_V3_CopyResponse.Status] = [ .metadata, .complete, ] } public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var interface: String = String() public var up: Bool = false public var mtu: UInt32 { get {return _mtu ?? 0} set {_mtu = newValue} } /// Returns true if `mtu` has been explicitly set. public var hasMtu: Bool {return self._mtu != nil} /// Clears the value of `mtu`. Subsequent reads from it will return its default value. public mutating func clearMtu() {self._mtu = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _mtu: UInt32? = nil } public struct Com_Apple_Containerization_Sandbox_V3_IpLinkSetResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_IpAddrAddRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var interface: String = String() public var ipv4Address: String = String() public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_IpAddrAddResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var interface: String = String() public var dstIpv4Addr: String = String() public var srcIpv4Addr: String = String() public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var interface: String = String() public var ipv4Gateway: String = String() public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_ConfigureDnsRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var location: String = String() public var nameservers: [String] = [] public var domain: String { get {return _domain ?? String()} set {_domain = newValue} } /// Returns true if `domain` has been explicitly set. public var hasDomain: Bool {return self._domain != nil} /// Clears the value of `domain`. Subsequent reads from it will return its default value. public mutating func clearDomain() {self._domain = nil} public var searchDomains: [String] = [] public var options: [String] = [] public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _domain: String? = nil } public struct Com_Apple_Containerization_Sandbox_V3_ConfigureDnsResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var location: String = String() public var entries: [Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest.HostsEntry] = [] public var comment: String { get {return _comment ?? String()} set {_comment = newValue} } /// Returns true if `comment` has been explicitly set. public var hasComment: Bool {return self._comment != nil} /// Clears the value of `comment`. Subsequent reads from it will return its default value. public mutating func clearComment() {self._comment = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public struct HostsEntry: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var ipAddress: String = String() public var hostnames: [String] = [] public var comment: String { get {return _comment ?? String()} set {_comment = newValue} } /// Returns true if `comment` has been explicitly set. public var hasComment: Bool {return self._comment != nil} /// Clears the value of `comment`. Subsequent reads from it will return its default value. public mutating func clearComment() {self._comment = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _comment: String? = nil } public init() {} fileprivate var _comment: String? = nil } public struct Com_Apple_Containerization_Sandbox_V3_ConfigureHostsResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_SyncRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_SyncResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_KillRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var pid: Int32 = 0 public var signal: Int32 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_KillResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var result: Int32 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsRequest: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. /// Empty = all containers public var containerIds: [String] = [] /// Empty = all categories public var categories: [Com_Apple_Containerization_Sandbox_V3_StatCategory] = [] public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsResponse: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var containers: [Com_Apple_Containerization_Sandbox_V3_ContainerStats] = [] public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_ContainerStats: @unchecked Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var containerID: String { get {return _storage._containerID} set {_uniqueStorage()._containerID = newValue} } public var process: Com_Apple_Containerization_Sandbox_V3_ProcessStats { get {return _storage._process ?? Com_Apple_Containerization_Sandbox_V3_ProcessStats()} set {_uniqueStorage()._process = newValue} } /// Returns true if `process` has been explicitly set. public var hasProcess: Bool {return _storage._process != nil} /// Clears the value of `process`. Subsequent reads from it will return its default value. public mutating func clearProcess() {_uniqueStorage()._process = nil} public var memory: Com_Apple_Containerization_Sandbox_V3_MemoryStats { get {return _storage._memory ?? Com_Apple_Containerization_Sandbox_V3_MemoryStats()} set {_uniqueStorage()._memory = newValue} } /// Returns true if `memory` has been explicitly set. public var hasMemory: Bool {return _storage._memory != nil} /// Clears the value of `memory`. Subsequent reads from it will return its default value. public mutating func clearMemory() {_uniqueStorage()._memory = nil} public var cpu: Com_Apple_Containerization_Sandbox_V3_CPUStats { get {return _storage._cpu ?? Com_Apple_Containerization_Sandbox_V3_CPUStats()} set {_uniqueStorage()._cpu = newValue} } /// Returns true if `cpu` has been explicitly set. public var hasCpu: Bool {return _storage._cpu != nil} /// Clears the value of `cpu`. Subsequent reads from it will return its default value. public mutating func clearCpu() {_uniqueStorage()._cpu = nil} public var blockIo: Com_Apple_Containerization_Sandbox_V3_BlockIOStats { get {return _storage._blockIo ?? Com_Apple_Containerization_Sandbox_V3_BlockIOStats()} set {_uniqueStorage()._blockIo = newValue} } /// Returns true if `blockIo` has been explicitly set. public var hasBlockIo: Bool {return _storage._blockIo != nil} /// Clears the value of `blockIo`. Subsequent reads from it will return its default value. public mutating func clearBlockIo() {_uniqueStorage()._blockIo = nil} public var networks: [Com_Apple_Containerization_Sandbox_V3_NetworkStats] { get {return _storage._networks} set {_uniqueStorage()._networks = newValue} } public var memoryEvents: Com_Apple_Containerization_Sandbox_V3_MemoryEventStats { get {return _storage._memoryEvents ?? Com_Apple_Containerization_Sandbox_V3_MemoryEventStats()} set {_uniqueStorage()._memoryEvents = newValue} } /// Returns true if `memoryEvents` has been explicitly set. public var hasMemoryEvents: Bool {return _storage._memoryEvents != nil} /// Clears the value of `memoryEvents`. Subsequent reads from it will return its default value. public mutating func clearMemoryEvents() {_uniqueStorage()._memoryEvents = nil} public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} fileprivate var _storage = _StorageClass.defaultInstance } public struct Com_Apple_Containerization_Sandbox_V3_ProcessStats: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var current: UInt64 = 0 /// 0 or max value = unlimited public var limit: UInt64 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_MemoryStats: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var usageBytes: UInt64 = 0 public var limitBytes: UInt64 = 0 public var swapUsageBytes: UInt64 = 0 public var swapLimitBytes: UInt64 = 0 public var cacheBytes: UInt64 = 0 public var kernelStackBytes: UInt64 = 0 public var slabBytes: UInt64 = 0 public var pageFaults: UInt64 = 0 public var majorPageFaults: UInt64 = 0 public var inactiveFile: UInt64 = 0 public var anon: UInt64 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_CPUStats: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var usageUsec: UInt64 = 0 public var userUsec: UInt64 = 0 public var systemUsec: UInt64 = 0 public var throttlingPeriods: UInt64 = 0 public var throttledPeriods: UInt64 = 0 public var throttledTimeUsec: UInt64 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_BlockIOStats: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var devices: [Com_Apple_Containerization_Sandbox_V3_BlockIOEntry] = [] public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_BlockIOEntry: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var major: UInt64 = 0 public var minor: UInt64 = 0 public var readBytes: UInt64 = 0 public var writeBytes: UInt64 = 0 public var readOperations: UInt64 = 0 public var writeOperations: UInt64 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } public struct Com_Apple_Containerization_Sandbox_V3_NetworkStats: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. public var interface: String = String() public var receivedPackets: UInt64 = 0 public var transmittedPackets: UInt64 = 0 public var receivedBytes: UInt64 = 0 public var transmittedBytes: UInt64 = 0 public var receivedErrors: UInt64 = 0 public var transmittedErrors: UInt64 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } /// Memory event counters from cgroup2's memory.events file. public struct Com_Apple_Containerization_Sandbox_V3_MemoryEventStats: Sendable { // SwiftProtobuf.Message conformance is added in an extension below. See the // `Message` and `Message+*Additions` files in the SwiftProtobuf library for // methods supported on all messages. /// Number of times the cgroup was reclaimed due to low memory. public var low: UInt64 = 0 /// Number of times the cgroup exceeded its high memory limit. public var high: UInt64 = 0 /// Number of times the cgroup hit its max memory limit. public var max: UInt64 = 0 /// Number of times the cgroup triggered OOM. public var oom: UInt64 = 0 /// Number of processes killed by OOM killer. public var oomKill: UInt64 = 0 /// Number of times charge for memory failed because of limit. public var oomGroupKill: UInt64 = 0 public var unknownFields = SwiftProtobuf.UnknownStorage() public init() {} } // MARK: - Code below here is support for the SwiftProtobuf runtime. fileprivate let _protobuf_package = "com.apple.containerization.sandbox.v3" extension Com_Apple_Containerization_Sandbox_V3_StatCategory: SwiftProtobuf._ProtoNameProviding { public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 0: .same(proto: "STAT_CATEGORY_UNSPECIFIED"), 1: .same(proto: "STAT_CATEGORY_PROCESS"), 2: .same(proto: "STAT_CATEGORY_MEMORY"), 3: .same(proto: "STAT_CATEGORY_CPU"), 4: .same(proto: "STAT_CATEGORY_BLOCK_IO"), 5: .same(proto: "STAT_CATEGORY_NETWORK"), 6: .same(proto: "STAT_CATEGORY_MEMORY_EVENTS"), ] } extension Com_Apple_Containerization_Sandbox_V3_Stdio: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".Stdio" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "stdinPort"), 2: .same(proto: "stdoutPort"), 3: .same(proto: "stderrPort"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularInt32Field(value: &self._stdinPort) }() case 2: try { try decoder.decodeSingularInt32Field(value: &self._stdoutPort) }() case 3: try { try decoder.decodeSingularInt32Field(value: &self._stderrPort) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 try { if let v = self._stdinPort { try visitor.visitSingularInt32Field(value: v, fieldNumber: 1) } }() try { if let v = self._stdoutPort { try visitor.visitSingularInt32Field(value: v, fieldNumber: 2) } }() try { if let v = self._stderrPort { try visitor.visitSingularInt32Field(value: v, fieldNumber: 3) } }() try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_Stdio, rhs: Com_Apple_Containerization_Sandbox_V3_Stdio) -> Bool { if lhs._stdinPort != rhs._stdinPort {return false} if lhs._stdoutPort != rhs._stdoutPort {return false} if lhs._stderrPort != rhs._stderrPort {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_SetupEmulatorRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".SetupEmulatorRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .standard(proto: "binary_path"), 2: .same(proto: "name"), 3: .same(proto: "type"), 4: .same(proto: "offset"), 5: .same(proto: "magic"), 6: .same(proto: "mask"), 7: .same(proto: "flags"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.binaryPath) }() case 2: try { try decoder.decodeSingularStringField(value: &self.name) }() case 3: try { try decoder.decodeSingularStringField(value: &self.type) }() case 4: try { try decoder.decodeSingularStringField(value: &self.offset) }() case 5: try { try decoder.decodeSingularStringField(value: &self.magic) }() case 6: try { try decoder.decodeSingularStringField(value: &self.mask) }() case 7: try { try decoder.decodeSingularStringField(value: &self.flags) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.binaryPath.isEmpty { try visitor.visitSingularStringField(value: self.binaryPath, fieldNumber: 1) } if !self.name.isEmpty { try visitor.visitSingularStringField(value: self.name, fieldNumber: 2) } if !self.type.isEmpty { try visitor.visitSingularStringField(value: self.type, fieldNumber: 3) } if !self.offset.isEmpty { try visitor.visitSingularStringField(value: self.offset, fieldNumber: 4) } if !self.magic.isEmpty { try visitor.visitSingularStringField(value: self.magic, fieldNumber: 5) } if !self.mask.isEmpty { try visitor.visitSingularStringField(value: self.mask, fieldNumber: 6) } if !self.flags.isEmpty { try visitor.visitSingularStringField(value: self.flags, fieldNumber: 7) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_SetupEmulatorRequest, rhs: Com_Apple_Containerization_Sandbox_V3_SetupEmulatorRequest) -> Bool { if lhs.binaryPath != rhs.binaryPath {return false} if lhs.name != rhs.name {return false} if lhs.type != rhs.type {return false} if lhs.offset != rhs.offset {return false} if lhs.magic != rhs.magic {return false} if lhs.mask != rhs.mask {return false} if lhs.flags != rhs.flags {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_SetupEmulatorResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".SetupEmulatorResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_SetupEmulatorResponse, rhs: Com_Apple_Containerization_Sandbox_V3_SetupEmulatorResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_SetTimeRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".SetTimeRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "sec"), 2: .same(proto: "usec"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularInt64Field(value: &self.sec) }() case 2: try { try decoder.decodeSingularInt32Field(value: &self.usec) }() default: break } } } public func traverse(visitor: inout V) throws { if self.sec != 0 { try visitor.visitSingularInt64Field(value: self.sec, fieldNumber: 1) } if self.usec != 0 { try visitor.visitSingularInt32Field(value: self.usec, fieldNumber: 2) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_SetTimeRequest, rhs: Com_Apple_Containerization_Sandbox_V3_SetTimeRequest) -> Bool { if lhs.sec != rhs.sec {return false} if lhs.usec != rhs.usec {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_SetTimeResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".SetTimeResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_SetTimeResponse, rhs: Com_Apple_Containerization_Sandbox_V3_SetTimeResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_SysctlRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".SysctlRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "settings"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeMapField(fieldType: SwiftProtobuf._ProtobufMap.self, value: &self.settings) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.settings.isEmpty { try visitor.visitMapField(fieldType: SwiftProtobuf._ProtobufMap.self, value: self.settings, fieldNumber: 1) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_SysctlRequest, rhs: Com_Apple_Containerization_Sandbox_V3_SysctlRequest) -> Bool { if lhs.settings != rhs.settings {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_SysctlResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".SysctlResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_SysctlResponse, rhs: Com_Apple_Containerization_Sandbox_V3_SysctlResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".ProxyVsockRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "id"), 2: .standard(proto: "vsock_port"), 3: .same(proto: "guestPath"), 4: .same(proto: "guestSocketPermissions"), 5: .same(proto: "action"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.id) }() case 2: try { try decoder.decodeSingularUInt32Field(value: &self.vsockPort) }() case 3: try { try decoder.decodeSingularStringField(value: &self.guestPath) }() case 4: try { try decoder.decodeSingularUInt32Field(value: &self._guestSocketPermissions) }() case 5: try { try decoder.decodeSingularEnumField(value: &self.action) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.id.isEmpty { try visitor.visitSingularStringField(value: self.id, fieldNumber: 1) } if self.vsockPort != 0 { try visitor.visitSingularUInt32Field(value: self.vsockPort, fieldNumber: 2) } if !self.guestPath.isEmpty { try visitor.visitSingularStringField(value: self.guestPath, fieldNumber: 3) } try { if let v = self._guestSocketPermissions { try visitor.visitSingularUInt32Field(value: v, fieldNumber: 4) } }() if self.action != .into { try visitor.visitSingularEnumField(value: self.action, fieldNumber: 5) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest, rhs: Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest) -> Bool { if lhs.id != rhs.id {return false} if lhs.vsockPort != rhs.vsockPort {return false} if lhs.guestPath != rhs.guestPath {return false} if lhs._guestSocketPermissions != rhs._guestSocketPermissions {return false} if lhs.action != rhs.action {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest.Action: SwiftProtobuf._ProtoNameProviding { public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 0: .same(proto: "INTO"), 1: .same(proto: "OUT_OF"), ] } extension Com_Apple_Containerization_Sandbox_V3_ProxyVsockResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".ProxyVsockResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_ProxyVsockResponse, rhs: Com_Apple_Containerization_Sandbox_V3_ProxyVsockResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_StopVsockProxyRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".StopVsockProxyRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "id"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.id) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.id.isEmpty { try visitor.visitSingularStringField(value: self.id, fieldNumber: 1) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_StopVsockProxyRequest, rhs: Com_Apple_Containerization_Sandbox_V3_StopVsockProxyRequest) -> Bool { if lhs.id != rhs.id {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_StopVsockProxyResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".StopVsockProxyResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_StopVsockProxyResponse, rhs: Com_Apple_Containerization_Sandbox_V3_StopVsockProxyResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_MountRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".MountRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "type"), 2: .same(proto: "source"), 3: .same(proto: "destination"), 4: .same(proto: "options"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.type) }() case 2: try { try decoder.decodeSingularStringField(value: &self.source) }() case 3: try { try decoder.decodeSingularStringField(value: &self.destination) }() case 4: try { try decoder.decodeRepeatedStringField(value: &self.options) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.type.isEmpty { try visitor.visitSingularStringField(value: self.type, fieldNumber: 1) } if !self.source.isEmpty { try visitor.visitSingularStringField(value: self.source, fieldNumber: 2) } if !self.destination.isEmpty { try visitor.visitSingularStringField(value: self.destination, fieldNumber: 3) } if !self.options.isEmpty { try visitor.visitRepeatedStringField(value: self.options, fieldNumber: 4) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_MountRequest, rhs: Com_Apple_Containerization_Sandbox_V3_MountRequest) -> Bool { if lhs.type != rhs.type {return false} if lhs.source != rhs.source {return false} if lhs.destination != rhs.destination {return false} if lhs.options != rhs.options {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_MountResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".MountResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_MountResponse, rhs: Com_Apple_Containerization_Sandbox_V3_MountResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_UmountRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".UmountRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "path"), 2: .same(proto: "flags"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.path) }() case 2: try { try decoder.decodeSingularInt32Field(value: &self.flags) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.path.isEmpty { try visitor.visitSingularStringField(value: self.path, fieldNumber: 1) } if self.flags != 0 { try visitor.visitSingularInt32Field(value: self.flags, fieldNumber: 2) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_UmountRequest, rhs: Com_Apple_Containerization_Sandbox_V3_UmountRequest) -> Bool { if lhs.path != rhs.path {return false} if lhs.flags != rhs.flags {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_UmountResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".UmountResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_UmountResponse, rhs: Com_Apple_Containerization_Sandbox_V3_UmountResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_SetenvRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".SetenvRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "key"), 2: .same(proto: "value"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.key) }() case 2: try { try decoder.decodeSingularStringField(value: &self._value) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.key.isEmpty { try visitor.visitSingularStringField(value: self.key, fieldNumber: 1) } try { if let v = self._value { try visitor.visitSingularStringField(value: v, fieldNumber: 2) } }() try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_SetenvRequest, rhs: Com_Apple_Containerization_Sandbox_V3_SetenvRequest) -> Bool { if lhs.key != rhs.key {return false} if lhs._value != rhs._value {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_SetenvResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".SetenvResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_SetenvResponse, rhs: Com_Apple_Containerization_Sandbox_V3_SetenvResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_GetenvRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".GetenvRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "key"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.key) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.key.isEmpty { try visitor.visitSingularStringField(value: self.key, fieldNumber: 1) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_GetenvRequest, rhs: Com_Apple_Containerization_Sandbox_V3_GetenvRequest) -> Bool { if lhs.key != rhs.key {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_GetenvResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".GetenvResponse" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "value"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self._value) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 try { if let v = self._value { try visitor.visitSingularStringField(value: v, fieldNumber: 1) } }() try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_GetenvResponse, rhs: Com_Apple_Containerization_Sandbox_V3_GetenvResponse) -> Bool { if lhs._value != rhs._value {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_CreateProcessRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".CreateProcessRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "id"), 2: .same(proto: "containerID"), 3: .same(proto: "stdin"), 4: .same(proto: "stdout"), 5: .same(proto: "stderr"), 6: .same(proto: "ociRuntimePath"), 7: .same(proto: "configuration"), 8: .same(proto: "options"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.id) }() case 2: try { try decoder.decodeSingularStringField(value: &self._containerID) }() case 3: try { try decoder.decodeSingularUInt32Field(value: &self._stdin) }() case 4: try { try decoder.decodeSingularUInt32Field(value: &self._stdout) }() case 5: try { try decoder.decodeSingularUInt32Field(value: &self._stderr) }() case 6: try { try decoder.decodeSingularStringField(value: &self._ociRuntimePath) }() case 7: try { try decoder.decodeSingularBytesField(value: &self.configuration) }() case 8: try { try decoder.decodeSingularBytesField(value: &self._options) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.id.isEmpty { try visitor.visitSingularStringField(value: self.id, fieldNumber: 1) } try { if let v = self._containerID { try visitor.visitSingularStringField(value: v, fieldNumber: 2) } }() try { if let v = self._stdin { try visitor.visitSingularUInt32Field(value: v, fieldNumber: 3) } }() try { if let v = self._stdout { try visitor.visitSingularUInt32Field(value: v, fieldNumber: 4) } }() try { if let v = self._stderr { try visitor.visitSingularUInt32Field(value: v, fieldNumber: 5) } }() try { if let v = self._ociRuntimePath { try visitor.visitSingularStringField(value: v, fieldNumber: 6) } }() if !self.configuration.isEmpty { try visitor.visitSingularBytesField(value: self.configuration, fieldNumber: 7) } try { if let v = self._options { try visitor.visitSingularBytesField(value: v, fieldNumber: 8) } }() try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_CreateProcessRequest, rhs: Com_Apple_Containerization_Sandbox_V3_CreateProcessRequest) -> Bool { if lhs.id != rhs.id {return false} if lhs._containerID != rhs._containerID {return false} if lhs._stdin != rhs._stdin {return false} if lhs._stdout != rhs._stdout {return false} if lhs._stderr != rhs._stderr {return false} if lhs._ociRuntimePath != rhs._ociRuntimePath {return false} if lhs.configuration != rhs.configuration {return false} if lhs._options != rhs._options {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_CreateProcessResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".CreateProcessResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_CreateProcessResponse, rhs: Com_Apple_Containerization_Sandbox_V3_CreateProcessResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_WaitProcessRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".WaitProcessRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "id"), 2: .same(proto: "containerID"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.id) }() case 2: try { try decoder.decodeSingularStringField(value: &self._containerID) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.id.isEmpty { try visitor.visitSingularStringField(value: self.id, fieldNumber: 1) } try { if let v = self._containerID { try visitor.visitSingularStringField(value: v, fieldNumber: 2) } }() try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_WaitProcessRequest, rhs: Com_Apple_Containerization_Sandbox_V3_WaitProcessRequest) -> Bool { if lhs.id != rhs.id {return false} if lhs._containerID != rhs._containerID {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_WaitProcessResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".WaitProcessResponse" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "exitCode"), 2: .standard(proto: "exited_at"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularInt32Field(value: &self.exitCode) }() case 2: try { try decoder.decodeSingularMessageField(value: &self._exitedAt) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if self.exitCode != 0 { try visitor.visitSingularInt32Field(value: self.exitCode, fieldNumber: 1) } try { if let v = self._exitedAt { try visitor.visitSingularMessageField(value: v, fieldNumber: 2) } }() try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_WaitProcessResponse, rhs: Com_Apple_Containerization_Sandbox_V3_WaitProcessResponse) -> Bool { if lhs.exitCode != rhs.exitCode {return false} if lhs._exitedAt != rhs._exitedAt {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_ResizeProcessRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".ResizeProcessRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "id"), 2: .same(proto: "containerID"), 3: .same(proto: "rows"), 4: .same(proto: "columns"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.id) }() case 2: try { try decoder.decodeSingularStringField(value: &self._containerID) }() case 3: try { try decoder.decodeSingularUInt32Field(value: &self.rows) }() case 4: try { try decoder.decodeSingularUInt32Field(value: &self.columns) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.id.isEmpty { try visitor.visitSingularStringField(value: self.id, fieldNumber: 1) } try { if let v = self._containerID { try visitor.visitSingularStringField(value: v, fieldNumber: 2) } }() if self.rows != 0 { try visitor.visitSingularUInt32Field(value: self.rows, fieldNumber: 3) } if self.columns != 0 { try visitor.visitSingularUInt32Field(value: self.columns, fieldNumber: 4) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_ResizeProcessRequest, rhs: Com_Apple_Containerization_Sandbox_V3_ResizeProcessRequest) -> Bool { if lhs.id != rhs.id {return false} if lhs._containerID != rhs._containerID {return false} if lhs.rows != rhs.rows {return false} if lhs.columns != rhs.columns {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_ResizeProcessResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".ResizeProcessResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_ResizeProcessResponse, rhs: Com_Apple_Containerization_Sandbox_V3_ResizeProcessResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_DeleteProcessRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".DeleteProcessRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "id"), 2: .same(proto: "containerID"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.id) }() case 2: try { try decoder.decodeSingularStringField(value: &self._containerID) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.id.isEmpty { try visitor.visitSingularStringField(value: self.id, fieldNumber: 1) } try { if let v = self._containerID { try visitor.visitSingularStringField(value: v, fieldNumber: 2) } }() try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_DeleteProcessRequest, rhs: Com_Apple_Containerization_Sandbox_V3_DeleteProcessRequest) -> Bool { if lhs.id != rhs.id {return false} if lhs._containerID != rhs._containerID {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_DeleteProcessResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".DeleteProcessResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_DeleteProcessResponse, rhs: Com_Apple_Containerization_Sandbox_V3_DeleteProcessResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_StartProcessRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".StartProcessRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "id"), 2: .same(proto: "containerID"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.id) }() case 2: try { try decoder.decodeSingularStringField(value: &self._containerID) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.id.isEmpty { try visitor.visitSingularStringField(value: self.id, fieldNumber: 1) } try { if let v = self._containerID { try visitor.visitSingularStringField(value: v, fieldNumber: 2) } }() try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_StartProcessRequest, rhs: Com_Apple_Containerization_Sandbox_V3_StartProcessRequest) -> Bool { if lhs.id != rhs.id {return false} if lhs._containerID != rhs._containerID {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_StartProcessResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".StartProcessResponse" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "pid"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularInt32Field(value: &self.pid) }() default: break } } } public func traverse(visitor: inout V) throws { if self.pid != 0 { try visitor.visitSingularInt32Field(value: self.pid, fieldNumber: 1) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_StartProcessResponse, rhs: Com_Apple_Containerization_Sandbox_V3_StartProcessResponse) -> Bool { if lhs.pid != rhs.pid {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_KillProcessRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".KillProcessRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "id"), 2: .same(proto: "containerID"), 3: .same(proto: "signal"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.id) }() case 2: try { try decoder.decodeSingularStringField(value: &self._containerID) }() case 3: try { try decoder.decodeSingularInt32Field(value: &self.signal) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.id.isEmpty { try visitor.visitSingularStringField(value: self.id, fieldNumber: 1) } try { if let v = self._containerID { try visitor.visitSingularStringField(value: v, fieldNumber: 2) } }() if self.signal != 0 { try visitor.visitSingularInt32Field(value: self.signal, fieldNumber: 3) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_KillProcessRequest, rhs: Com_Apple_Containerization_Sandbox_V3_KillProcessRequest) -> Bool { if lhs.id != rhs.id {return false} if lhs._containerID != rhs._containerID {return false} if lhs.signal != rhs.signal {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_KillProcessResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".KillProcessResponse" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "result"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularInt32Field(value: &self.result) }() default: break } } } public func traverse(visitor: inout V) throws { if self.result != 0 { try visitor.visitSingularInt32Field(value: self.result, fieldNumber: 1) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_KillProcessResponse, rhs: Com_Apple_Containerization_Sandbox_V3_KillProcessResponse) -> Bool { if lhs.result != rhs.result {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".CloseProcessStdinRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "id"), 2: .same(proto: "containerID"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.id) }() case 2: try { try decoder.decodeSingularStringField(value: &self._containerID) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.id.isEmpty { try visitor.visitSingularStringField(value: self.id, fieldNumber: 1) } try { if let v = self._containerID { try visitor.visitSingularStringField(value: v, fieldNumber: 2) } }() try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinRequest, rhs: Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinRequest) -> Bool { if lhs.id != rhs.id {return false} if lhs._containerID != rhs._containerID {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".CloseProcessStdinResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinResponse, rhs: Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_MkdirRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".MkdirRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "path"), 2: .same(proto: "all"), 3: .same(proto: "perms"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.path) }() case 2: try { try decoder.decodeSingularBoolField(value: &self.all) }() case 3: try { try decoder.decodeSingularUInt32Field(value: &self.perms) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.path.isEmpty { try visitor.visitSingularStringField(value: self.path, fieldNumber: 1) } if self.all != false { try visitor.visitSingularBoolField(value: self.all, fieldNumber: 2) } if self.perms != 0 { try visitor.visitSingularUInt32Field(value: self.perms, fieldNumber: 3) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_MkdirRequest, rhs: Com_Apple_Containerization_Sandbox_V3_MkdirRequest) -> Bool { if lhs.path != rhs.path {return false} if lhs.all != rhs.all {return false} if lhs.perms != rhs.perms {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_MkdirResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".MkdirResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_MkdirResponse, rhs: Com_Apple_Containerization_Sandbox_V3_MkdirResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_WriteFileRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".WriteFileRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "path"), 2: .same(proto: "data"), 3: .same(proto: "mode"), 4: .same(proto: "flags"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.path) }() case 2: try { try decoder.decodeSingularBytesField(value: &self.data) }() case 3: try { try decoder.decodeSingularUInt32Field(value: &self.mode) }() case 4: try { try decoder.decodeSingularMessageField(value: &self._flags) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.path.isEmpty { try visitor.visitSingularStringField(value: self.path, fieldNumber: 1) } if !self.data.isEmpty { try visitor.visitSingularBytesField(value: self.data, fieldNumber: 2) } if self.mode != 0 { try visitor.visitSingularUInt32Field(value: self.mode, fieldNumber: 3) } try { if let v = self._flags { try visitor.visitSingularMessageField(value: v, fieldNumber: 4) } }() try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest, rhs: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest) -> Bool { if lhs.path != rhs.path {return false} if lhs.data != rhs.data {return false} if lhs.mode != rhs.mode {return false} if lhs._flags != rhs._flags {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_WriteFileRequest.WriteFileFlags: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = Com_Apple_Containerization_Sandbox_V3_WriteFileRequest.protoMessageName + ".WriteFileFlags" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .standard(proto: "create_parent_dirs"), 2: .same(proto: "append"), 3: .standard(proto: "create_if_missing"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularBoolField(value: &self.createParentDirs) }() case 2: try { try decoder.decodeSingularBoolField(value: &self.append) }() case 3: try { try decoder.decodeSingularBoolField(value: &self.createIfMissing) }() default: break } } } public func traverse(visitor: inout V) throws { if self.createParentDirs != false { try visitor.visitSingularBoolField(value: self.createParentDirs, fieldNumber: 1) } if self.append != false { try visitor.visitSingularBoolField(value: self.append, fieldNumber: 2) } if self.createIfMissing != false { try visitor.visitSingularBoolField(value: self.createIfMissing, fieldNumber: 3) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest.WriteFileFlags, rhs: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest.WriteFileFlags) -> Bool { if lhs.createParentDirs != rhs.createParentDirs {return false} if lhs.append != rhs.append {return false} if lhs.createIfMissing != rhs.createIfMissing {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_WriteFileResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".WriteFileResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_WriteFileResponse, rhs: Com_Apple_Containerization_Sandbox_V3_WriteFileResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_CopyRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".CopyRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "direction"), 2: .same(proto: "path"), 3: .same(proto: "mode"), 4: .standard(proto: "create_parents"), 5: .standard(proto: "vsock_port"), 6: .standard(proto: "is_archive"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularEnumField(value: &self.direction) }() case 2: try { try decoder.decodeSingularStringField(value: &self.path) }() case 3: try { try decoder.decodeSingularUInt32Field(value: &self.mode) }() case 4: try { try decoder.decodeSingularBoolField(value: &self.createParents) }() case 5: try { try decoder.decodeSingularUInt32Field(value: &self.vsockPort) }() case 6: try { try decoder.decodeSingularBoolField(value: &self.isArchive) }() default: break } } } public func traverse(visitor: inout V) throws { if self.direction != .copyIn { try visitor.visitSingularEnumField(value: self.direction, fieldNumber: 1) } if !self.path.isEmpty { try visitor.visitSingularStringField(value: self.path, fieldNumber: 2) } if self.mode != 0 { try visitor.visitSingularUInt32Field(value: self.mode, fieldNumber: 3) } if self.createParents != false { try visitor.visitSingularBoolField(value: self.createParents, fieldNumber: 4) } if self.vsockPort != 0 { try visitor.visitSingularUInt32Field(value: self.vsockPort, fieldNumber: 5) } if self.isArchive != false { try visitor.visitSingularBoolField(value: self.isArchive, fieldNumber: 6) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_CopyRequest, rhs: Com_Apple_Containerization_Sandbox_V3_CopyRequest) -> Bool { if lhs.direction != rhs.direction {return false} if lhs.path != rhs.path {return false} if lhs.mode != rhs.mode {return false} if lhs.createParents != rhs.createParents {return false} if lhs.vsockPort != rhs.vsockPort {return false} if lhs.isArchive != rhs.isArchive {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_CopyRequest.Direction: SwiftProtobuf._ProtoNameProviding { public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 0: .same(proto: "COPY_IN"), 1: .same(proto: "COPY_OUT"), ] } extension Com_Apple_Containerization_Sandbox_V3_CopyResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".CopyResponse" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "status"), 2: .standard(proto: "is_archive"), 3: .standard(proto: "total_size"), 4: .same(proto: "error"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularEnumField(value: &self.status) }() case 2: try { try decoder.decodeSingularBoolField(value: &self.isArchive) }() case 3: try { try decoder.decodeSingularUInt64Field(value: &self.totalSize) }() case 4: try { try decoder.decodeSingularStringField(value: &self.error) }() default: break } } } public func traverse(visitor: inout V) throws { if self.status != .metadata { try visitor.visitSingularEnumField(value: self.status, fieldNumber: 1) } if self.isArchive != false { try visitor.visitSingularBoolField(value: self.isArchive, fieldNumber: 2) } if self.totalSize != 0 { try visitor.visitSingularUInt64Field(value: self.totalSize, fieldNumber: 3) } if !self.error.isEmpty { try visitor.visitSingularStringField(value: self.error, fieldNumber: 4) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_CopyResponse, rhs: Com_Apple_Containerization_Sandbox_V3_CopyResponse) -> Bool { if lhs.status != rhs.status {return false} if lhs.isArchive != rhs.isArchive {return false} if lhs.totalSize != rhs.totalSize {return false} if lhs.error != rhs.error {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_CopyResponse.Status: SwiftProtobuf._ProtoNameProviding { public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 0: .same(proto: "METADATA"), 1: .same(proto: "COMPLETE"), ] } extension Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".IpLinkSetRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "interface"), 2: .same(proto: "up"), 3: .same(proto: "mtu"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.interface) }() case 2: try { try decoder.decodeSingularBoolField(value: &self.up) }() case 3: try { try decoder.decodeSingularUInt32Field(value: &self._mtu) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.interface.isEmpty { try visitor.visitSingularStringField(value: self.interface, fieldNumber: 1) } if self.up != false { try visitor.visitSingularBoolField(value: self.up, fieldNumber: 2) } try { if let v = self._mtu { try visitor.visitSingularUInt32Field(value: v, fieldNumber: 3) } }() try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest, rhs: Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest) -> Bool { if lhs.interface != rhs.interface {return false} if lhs.up != rhs.up {return false} if lhs._mtu != rhs._mtu {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_IpLinkSetResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".IpLinkSetResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_IpLinkSetResponse, rhs: Com_Apple_Containerization_Sandbox_V3_IpLinkSetResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_IpAddrAddRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".IpAddrAddRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "interface"), 2: .same(proto: "ipv4Address"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.interface) }() case 2: try { try decoder.decodeSingularStringField(value: &self.ipv4Address) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.interface.isEmpty { try visitor.visitSingularStringField(value: self.interface, fieldNumber: 1) } if !self.ipv4Address.isEmpty { try visitor.visitSingularStringField(value: self.ipv4Address, fieldNumber: 2) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_IpAddrAddRequest, rhs: Com_Apple_Containerization_Sandbox_V3_IpAddrAddRequest) -> Bool { if lhs.interface != rhs.interface {return false} if lhs.ipv4Address != rhs.ipv4Address {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_IpAddrAddResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".IpAddrAddResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_IpAddrAddResponse, rhs: Com_Apple_Containerization_Sandbox_V3_IpAddrAddResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".IpRouteAddLinkRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "interface"), 2: .same(proto: "dstIpv4Addr"), 3: .same(proto: "srcIpv4Addr"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.interface) }() case 2: try { try decoder.decodeSingularStringField(value: &self.dstIpv4Addr) }() case 3: try { try decoder.decodeSingularStringField(value: &self.srcIpv4Addr) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.interface.isEmpty { try visitor.visitSingularStringField(value: self.interface, fieldNumber: 1) } if !self.dstIpv4Addr.isEmpty { try visitor.visitSingularStringField(value: self.dstIpv4Addr, fieldNumber: 2) } if !self.srcIpv4Addr.isEmpty { try visitor.visitSingularStringField(value: self.srcIpv4Addr, fieldNumber: 3) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkRequest, rhs: Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkRequest) -> Bool { if lhs.interface != rhs.interface {return false} if lhs.dstIpv4Addr != rhs.dstIpv4Addr {return false} if lhs.srcIpv4Addr != rhs.srcIpv4Addr {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".IpRouteAddLinkResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkResponse, rhs: Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".IpRouteAddDefaultRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "interface"), 2: .same(proto: "ipv4Gateway"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.interface) }() case 2: try { try decoder.decodeSingularStringField(value: &self.ipv4Gateway) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.interface.isEmpty { try visitor.visitSingularStringField(value: self.interface, fieldNumber: 1) } if !self.ipv4Gateway.isEmpty { try visitor.visitSingularStringField(value: self.ipv4Gateway, fieldNumber: 2) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultRequest, rhs: Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultRequest) -> Bool { if lhs.interface != rhs.interface {return false} if lhs.ipv4Gateway != rhs.ipv4Gateway {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".IpRouteAddDefaultResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultResponse, rhs: Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_ConfigureDnsRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".ConfigureDnsRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "location"), 2: .same(proto: "nameservers"), 3: .same(proto: "domain"), 4: .same(proto: "searchDomains"), 5: .same(proto: "options"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.location) }() case 2: try { try decoder.decodeRepeatedStringField(value: &self.nameservers) }() case 3: try { try decoder.decodeSingularStringField(value: &self._domain) }() case 4: try { try decoder.decodeRepeatedStringField(value: &self.searchDomains) }() case 5: try { try decoder.decodeRepeatedStringField(value: &self.options) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.location.isEmpty { try visitor.visitSingularStringField(value: self.location, fieldNumber: 1) } if !self.nameservers.isEmpty { try visitor.visitRepeatedStringField(value: self.nameservers, fieldNumber: 2) } try { if let v = self._domain { try visitor.visitSingularStringField(value: v, fieldNumber: 3) } }() if !self.searchDomains.isEmpty { try visitor.visitRepeatedStringField(value: self.searchDomains, fieldNumber: 4) } if !self.options.isEmpty { try visitor.visitRepeatedStringField(value: self.options, fieldNumber: 5) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_ConfigureDnsRequest, rhs: Com_Apple_Containerization_Sandbox_V3_ConfigureDnsRequest) -> Bool { if lhs.location != rhs.location {return false} if lhs.nameservers != rhs.nameservers {return false} if lhs._domain != rhs._domain {return false} if lhs.searchDomains != rhs.searchDomains {return false} if lhs.options != rhs.options {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_ConfigureDnsResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".ConfigureDnsResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_ConfigureDnsResponse, rhs: Com_Apple_Containerization_Sandbox_V3_ConfigureDnsResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".ConfigureHostsRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "location"), 2: .same(proto: "entries"), 3: .same(proto: "comment"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.location) }() case 2: try { try decoder.decodeRepeatedMessageField(value: &self.entries) }() case 3: try { try decoder.decodeSingularStringField(value: &self._comment) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.location.isEmpty { try visitor.visitSingularStringField(value: self.location, fieldNumber: 1) } if !self.entries.isEmpty { try visitor.visitRepeatedMessageField(value: self.entries, fieldNumber: 2) } try { if let v = self._comment { try visitor.visitSingularStringField(value: v, fieldNumber: 3) } }() try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest, rhs: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest) -> Bool { if lhs.location != rhs.location {return false} if lhs.entries != rhs.entries {return false} if lhs._comment != rhs._comment {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest.HostsEntry: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest.protoMessageName + ".HostsEntry" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "ipAddress"), 2: .same(proto: "hostnames"), 3: .same(proto: "comment"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.ipAddress) }() case 2: try { try decoder.decodeRepeatedStringField(value: &self.hostnames) }() case 3: try { try decoder.decodeSingularStringField(value: &self._comment) }() default: break } } } public func traverse(visitor: inout V) throws { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !self.ipAddress.isEmpty { try visitor.visitSingularStringField(value: self.ipAddress, fieldNumber: 1) } if !self.hostnames.isEmpty { try visitor.visitRepeatedStringField(value: self.hostnames, fieldNumber: 2) } try { if let v = self._comment { try visitor.visitSingularStringField(value: v, fieldNumber: 3) } }() try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest.HostsEntry, rhs: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest.HostsEntry) -> Bool { if lhs.ipAddress != rhs.ipAddress {return false} if lhs.hostnames != rhs.hostnames {return false} if lhs._comment != rhs._comment {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_ConfigureHostsResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".ConfigureHostsResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsResponse, rhs: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_SyncRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".SyncRequest" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_SyncRequest, rhs: Com_Apple_Containerization_Sandbox_V3_SyncRequest) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_SyncResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".SyncResponse" public static let _protobuf_nameMap = SwiftProtobuf._NameMap() public mutating func decodeMessage(decoder: inout D) throws { // Load everything into unknown fields while try decoder.nextFieldNumber() != nil {} } public func traverse(visitor: inout V) throws { try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_SyncResponse, rhs: Com_Apple_Containerization_Sandbox_V3_SyncResponse) -> Bool { if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_KillRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".KillRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "pid"), 3: .same(proto: "signal"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularInt32Field(value: &self.pid) }() case 3: try { try decoder.decodeSingularInt32Field(value: &self.signal) }() default: break } } } public func traverse(visitor: inout V) throws { if self.pid != 0 { try visitor.visitSingularInt32Field(value: self.pid, fieldNumber: 1) } if self.signal != 0 { try visitor.visitSingularInt32Field(value: self.signal, fieldNumber: 3) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_KillRequest, rhs: Com_Apple_Containerization_Sandbox_V3_KillRequest) -> Bool { if lhs.pid != rhs.pid {return false} if lhs.signal != rhs.signal {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_KillResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".KillResponse" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "result"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularInt32Field(value: &self.result) }() default: break } } } public func traverse(visitor: inout V) throws { if self.result != 0 { try visitor.visitSingularInt32Field(value: self.result, fieldNumber: 1) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_KillResponse, rhs: Com_Apple_Containerization_Sandbox_V3_KillResponse) -> Bool { if lhs.result != rhs.result {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsRequest: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".ContainerStatisticsRequest" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .standard(proto: "container_ids"), 2: .same(proto: "categories"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeRepeatedStringField(value: &self.containerIds) }() case 2: try { try decoder.decodeRepeatedEnumField(value: &self.categories) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.containerIds.isEmpty { try visitor.visitRepeatedStringField(value: self.containerIds, fieldNumber: 1) } if !self.categories.isEmpty { try visitor.visitPackedEnumField(value: self.categories, fieldNumber: 2) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsRequest, rhs: Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsRequest) -> Bool { if lhs.containerIds != rhs.containerIds {return false} if lhs.categories != rhs.categories {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsResponse: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".ContainerStatisticsResponse" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "containers"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeRepeatedMessageField(value: &self.containers) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.containers.isEmpty { try visitor.visitRepeatedMessageField(value: self.containers, fieldNumber: 1) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsResponse, rhs: Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsResponse) -> Bool { if lhs.containers != rhs.containers {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_ContainerStats: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".ContainerStats" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .standard(proto: "container_id"), 2: .same(proto: "process"), 3: .same(proto: "memory"), 4: .same(proto: "cpu"), 5: .standard(proto: "block_io"), 6: .same(proto: "networks"), 7: .standard(proto: "memory_events"), ] fileprivate class _StorageClass { var _containerID: String = String() var _process: Com_Apple_Containerization_Sandbox_V3_ProcessStats? = nil var _memory: Com_Apple_Containerization_Sandbox_V3_MemoryStats? = nil var _cpu: Com_Apple_Containerization_Sandbox_V3_CPUStats? = nil var _blockIo: Com_Apple_Containerization_Sandbox_V3_BlockIOStats? = nil var _networks: [Com_Apple_Containerization_Sandbox_V3_NetworkStats] = [] var _memoryEvents: Com_Apple_Containerization_Sandbox_V3_MemoryEventStats? = nil // This property is used as the initial default value for new instances of the type. // The type itself is protecting the reference to its storage via CoW semantics. // This will force a copy to be made of this reference when the first mutation occurs; // hence, it is safe to mark this as `nonisolated(unsafe)`. static nonisolated(unsafe) let defaultInstance = _StorageClass() private init() {} init(copying source: _StorageClass) { _containerID = source._containerID _process = source._process _memory = source._memory _cpu = source._cpu _blockIo = source._blockIo _networks = source._networks _memoryEvents = source._memoryEvents } } fileprivate mutating func _uniqueStorage() -> _StorageClass { if !isKnownUniquelyReferenced(&_storage) { _storage = _StorageClass(copying: _storage) } return _storage } public mutating func decodeMessage(decoder: inout D) throws { _ = _uniqueStorage() try withExtendedLifetime(_storage) { (_storage: _StorageClass) in while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &_storage._containerID) }() case 2: try { try decoder.decodeSingularMessageField(value: &_storage._process) }() case 3: try { try decoder.decodeSingularMessageField(value: &_storage._memory) }() case 4: try { try decoder.decodeSingularMessageField(value: &_storage._cpu) }() case 5: try { try decoder.decodeSingularMessageField(value: &_storage._blockIo) }() case 6: try { try decoder.decodeRepeatedMessageField(value: &_storage._networks) }() case 7: try { try decoder.decodeSingularMessageField(value: &_storage._memoryEvents) }() default: break } } } } public func traverse(visitor: inout V) throws { try withExtendedLifetime(_storage) { (_storage: _StorageClass) in // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every if/case branch local when no optimizations // are enabled. https://github.com/apple/swift-protobuf/issues/1034 and // https://github.com/apple/swift-protobuf/issues/1182 if !_storage._containerID.isEmpty { try visitor.visitSingularStringField(value: _storage._containerID, fieldNumber: 1) } try { if let v = _storage._process { try visitor.visitSingularMessageField(value: v, fieldNumber: 2) } }() try { if let v = _storage._memory { try visitor.visitSingularMessageField(value: v, fieldNumber: 3) } }() try { if let v = _storage._cpu { try visitor.visitSingularMessageField(value: v, fieldNumber: 4) } }() try { if let v = _storage._blockIo { try visitor.visitSingularMessageField(value: v, fieldNumber: 5) } }() if !_storage._networks.isEmpty { try visitor.visitRepeatedMessageField(value: _storage._networks, fieldNumber: 6) } try { if let v = _storage._memoryEvents { try visitor.visitSingularMessageField(value: v, fieldNumber: 7) } }() } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_ContainerStats, rhs: Com_Apple_Containerization_Sandbox_V3_ContainerStats) -> Bool { if lhs._storage !== rhs._storage { let storagesAreEqual: Bool = withExtendedLifetime((lhs._storage, rhs._storage)) { (_args: (_StorageClass, _StorageClass)) in let _storage = _args.0 let rhs_storage = _args.1 if _storage._containerID != rhs_storage._containerID {return false} if _storage._process != rhs_storage._process {return false} if _storage._memory != rhs_storage._memory {return false} if _storage._cpu != rhs_storage._cpu {return false} if _storage._blockIo != rhs_storage._blockIo {return false} if _storage._networks != rhs_storage._networks {return false} if _storage._memoryEvents != rhs_storage._memoryEvents {return false} return true } if !storagesAreEqual {return false} } if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_ProcessStats: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".ProcessStats" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "current"), 2: .same(proto: "limit"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularUInt64Field(value: &self.current) }() case 2: try { try decoder.decodeSingularUInt64Field(value: &self.limit) }() default: break } } } public func traverse(visitor: inout V) throws { if self.current != 0 { try visitor.visitSingularUInt64Field(value: self.current, fieldNumber: 1) } if self.limit != 0 { try visitor.visitSingularUInt64Field(value: self.limit, fieldNumber: 2) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_ProcessStats, rhs: Com_Apple_Containerization_Sandbox_V3_ProcessStats) -> Bool { if lhs.current != rhs.current {return false} if lhs.limit != rhs.limit {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_MemoryStats: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".MemoryStats" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .standard(proto: "usage_bytes"), 2: .standard(proto: "limit_bytes"), 3: .standard(proto: "swap_usage_bytes"), 4: .standard(proto: "swap_limit_bytes"), 5: .standard(proto: "cache_bytes"), 6: .standard(proto: "kernel_stack_bytes"), 7: .standard(proto: "slab_bytes"), 8: .standard(proto: "page_faults"), 9: .standard(proto: "major_page_faults"), 10: .standard(proto: "inactive_file"), 11: .same(proto: "anon"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularUInt64Field(value: &self.usageBytes) }() case 2: try { try decoder.decodeSingularUInt64Field(value: &self.limitBytes) }() case 3: try { try decoder.decodeSingularUInt64Field(value: &self.swapUsageBytes) }() case 4: try { try decoder.decodeSingularUInt64Field(value: &self.swapLimitBytes) }() case 5: try { try decoder.decodeSingularUInt64Field(value: &self.cacheBytes) }() case 6: try { try decoder.decodeSingularUInt64Field(value: &self.kernelStackBytes) }() case 7: try { try decoder.decodeSingularUInt64Field(value: &self.slabBytes) }() case 8: try { try decoder.decodeSingularUInt64Field(value: &self.pageFaults) }() case 9: try { try decoder.decodeSingularUInt64Field(value: &self.majorPageFaults) }() case 10: try { try decoder.decodeSingularUInt64Field(value: &self.inactiveFile) }() case 11: try { try decoder.decodeSingularUInt64Field(value: &self.anon) }() default: break } } } public func traverse(visitor: inout V) throws { if self.usageBytes != 0 { try visitor.visitSingularUInt64Field(value: self.usageBytes, fieldNumber: 1) } if self.limitBytes != 0 { try visitor.visitSingularUInt64Field(value: self.limitBytes, fieldNumber: 2) } if self.swapUsageBytes != 0 { try visitor.visitSingularUInt64Field(value: self.swapUsageBytes, fieldNumber: 3) } if self.swapLimitBytes != 0 { try visitor.visitSingularUInt64Field(value: self.swapLimitBytes, fieldNumber: 4) } if self.cacheBytes != 0 { try visitor.visitSingularUInt64Field(value: self.cacheBytes, fieldNumber: 5) } if self.kernelStackBytes != 0 { try visitor.visitSingularUInt64Field(value: self.kernelStackBytes, fieldNumber: 6) } if self.slabBytes != 0 { try visitor.visitSingularUInt64Field(value: self.slabBytes, fieldNumber: 7) } if self.pageFaults != 0 { try visitor.visitSingularUInt64Field(value: self.pageFaults, fieldNumber: 8) } if self.majorPageFaults != 0 { try visitor.visitSingularUInt64Field(value: self.majorPageFaults, fieldNumber: 9) } if self.inactiveFile != 0 { try visitor.visitSingularUInt64Field(value: self.inactiveFile, fieldNumber: 10) } if self.anon != 0 { try visitor.visitSingularUInt64Field(value: self.anon, fieldNumber: 11) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_MemoryStats, rhs: Com_Apple_Containerization_Sandbox_V3_MemoryStats) -> Bool { if lhs.usageBytes != rhs.usageBytes {return false} if lhs.limitBytes != rhs.limitBytes {return false} if lhs.swapUsageBytes != rhs.swapUsageBytes {return false} if lhs.swapLimitBytes != rhs.swapLimitBytes {return false} if lhs.cacheBytes != rhs.cacheBytes {return false} if lhs.kernelStackBytes != rhs.kernelStackBytes {return false} if lhs.slabBytes != rhs.slabBytes {return false} if lhs.pageFaults != rhs.pageFaults {return false} if lhs.majorPageFaults != rhs.majorPageFaults {return false} if lhs.inactiveFile != rhs.inactiveFile {return false} if lhs.anon != rhs.anon {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_CPUStats: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".CPUStats" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .standard(proto: "usage_usec"), 2: .standard(proto: "user_usec"), 3: .standard(proto: "system_usec"), 4: .standard(proto: "throttling_periods"), 5: .standard(proto: "throttled_periods"), 6: .standard(proto: "throttled_time_usec"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularUInt64Field(value: &self.usageUsec) }() case 2: try { try decoder.decodeSingularUInt64Field(value: &self.userUsec) }() case 3: try { try decoder.decodeSingularUInt64Field(value: &self.systemUsec) }() case 4: try { try decoder.decodeSingularUInt64Field(value: &self.throttlingPeriods) }() case 5: try { try decoder.decodeSingularUInt64Field(value: &self.throttledPeriods) }() case 6: try { try decoder.decodeSingularUInt64Field(value: &self.throttledTimeUsec) }() default: break } } } public func traverse(visitor: inout V) throws { if self.usageUsec != 0 { try visitor.visitSingularUInt64Field(value: self.usageUsec, fieldNumber: 1) } if self.userUsec != 0 { try visitor.visitSingularUInt64Field(value: self.userUsec, fieldNumber: 2) } if self.systemUsec != 0 { try visitor.visitSingularUInt64Field(value: self.systemUsec, fieldNumber: 3) } if self.throttlingPeriods != 0 { try visitor.visitSingularUInt64Field(value: self.throttlingPeriods, fieldNumber: 4) } if self.throttledPeriods != 0 { try visitor.visitSingularUInt64Field(value: self.throttledPeriods, fieldNumber: 5) } if self.throttledTimeUsec != 0 { try visitor.visitSingularUInt64Field(value: self.throttledTimeUsec, fieldNumber: 6) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_CPUStats, rhs: Com_Apple_Containerization_Sandbox_V3_CPUStats) -> Bool { if lhs.usageUsec != rhs.usageUsec {return false} if lhs.userUsec != rhs.userUsec {return false} if lhs.systemUsec != rhs.systemUsec {return false} if lhs.throttlingPeriods != rhs.throttlingPeriods {return false} if lhs.throttledPeriods != rhs.throttledPeriods {return false} if lhs.throttledTimeUsec != rhs.throttledTimeUsec {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_BlockIOStats: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".BlockIOStats" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "devices"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeRepeatedMessageField(value: &self.devices) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.devices.isEmpty { try visitor.visitRepeatedMessageField(value: self.devices, fieldNumber: 1) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_BlockIOStats, rhs: Com_Apple_Containerization_Sandbox_V3_BlockIOStats) -> Bool { if lhs.devices != rhs.devices {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_BlockIOEntry: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".BlockIOEntry" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "major"), 2: .same(proto: "minor"), 3: .standard(proto: "read_bytes"), 4: .standard(proto: "write_bytes"), 5: .standard(proto: "read_operations"), 6: .standard(proto: "write_operations"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularUInt64Field(value: &self.major) }() case 2: try { try decoder.decodeSingularUInt64Field(value: &self.minor) }() case 3: try { try decoder.decodeSingularUInt64Field(value: &self.readBytes) }() case 4: try { try decoder.decodeSingularUInt64Field(value: &self.writeBytes) }() case 5: try { try decoder.decodeSingularUInt64Field(value: &self.readOperations) }() case 6: try { try decoder.decodeSingularUInt64Field(value: &self.writeOperations) }() default: break } } } public func traverse(visitor: inout V) throws { if self.major != 0 { try visitor.visitSingularUInt64Field(value: self.major, fieldNumber: 1) } if self.minor != 0 { try visitor.visitSingularUInt64Field(value: self.minor, fieldNumber: 2) } if self.readBytes != 0 { try visitor.visitSingularUInt64Field(value: self.readBytes, fieldNumber: 3) } if self.writeBytes != 0 { try visitor.visitSingularUInt64Field(value: self.writeBytes, fieldNumber: 4) } if self.readOperations != 0 { try visitor.visitSingularUInt64Field(value: self.readOperations, fieldNumber: 5) } if self.writeOperations != 0 { try visitor.visitSingularUInt64Field(value: self.writeOperations, fieldNumber: 6) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_BlockIOEntry, rhs: Com_Apple_Containerization_Sandbox_V3_BlockIOEntry) -> Bool { if lhs.major != rhs.major {return false} if lhs.minor != rhs.minor {return false} if lhs.readBytes != rhs.readBytes {return false} if lhs.writeBytes != rhs.writeBytes {return false} if lhs.readOperations != rhs.readOperations {return false} if lhs.writeOperations != rhs.writeOperations {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_NetworkStats: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".NetworkStats" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "interface"), 2: .same(proto: "receivedPackets"), 3: .same(proto: "transmittedPackets"), 4: .same(proto: "receivedBytes"), 5: .same(proto: "transmittedBytes"), 6: .same(proto: "receivedErrors"), 7: .same(proto: "transmittedErrors"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularStringField(value: &self.interface) }() case 2: try { try decoder.decodeSingularUInt64Field(value: &self.receivedPackets) }() case 3: try { try decoder.decodeSingularUInt64Field(value: &self.transmittedPackets) }() case 4: try { try decoder.decodeSingularUInt64Field(value: &self.receivedBytes) }() case 5: try { try decoder.decodeSingularUInt64Field(value: &self.transmittedBytes) }() case 6: try { try decoder.decodeSingularUInt64Field(value: &self.receivedErrors) }() case 7: try { try decoder.decodeSingularUInt64Field(value: &self.transmittedErrors) }() default: break } } } public func traverse(visitor: inout V) throws { if !self.interface.isEmpty { try visitor.visitSingularStringField(value: self.interface, fieldNumber: 1) } if self.receivedPackets != 0 { try visitor.visitSingularUInt64Field(value: self.receivedPackets, fieldNumber: 2) } if self.transmittedPackets != 0 { try visitor.visitSingularUInt64Field(value: self.transmittedPackets, fieldNumber: 3) } if self.receivedBytes != 0 { try visitor.visitSingularUInt64Field(value: self.receivedBytes, fieldNumber: 4) } if self.transmittedBytes != 0 { try visitor.visitSingularUInt64Field(value: self.transmittedBytes, fieldNumber: 5) } if self.receivedErrors != 0 { try visitor.visitSingularUInt64Field(value: self.receivedErrors, fieldNumber: 6) } if self.transmittedErrors != 0 { try visitor.visitSingularUInt64Field(value: self.transmittedErrors, fieldNumber: 7) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_NetworkStats, rhs: Com_Apple_Containerization_Sandbox_V3_NetworkStats) -> Bool { if lhs.interface != rhs.interface {return false} if lhs.receivedPackets != rhs.receivedPackets {return false} if lhs.transmittedPackets != rhs.transmittedPackets {return false} if lhs.receivedBytes != rhs.receivedBytes {return false} if lhs.transmittedBytes != rhs.transmittedBytes {return false} if lhs.receivedErrors != rhs.receivedErrors {return false} if lhs.transmittedErrors != rhs.transmittedErrors {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } extension Com_Apple_Containerization_Sandbox_V3_MemoryEventStats: SwiftProtobuf.Message, SwiftProtobuf._MessageImplementationBase, SwiftProtobuf._ProtoNameProviding { public static let protoMessageName: String = _protobuf_package + ".MemoryEventStats" public static let _protobuf_nameMap: SwiftProtobuf._NameMap = [ 1: .same(proto: "low"), 2: .same(proto: "high"), 3: .same(proto: "max"), 4: .same(proto: "oom"), 5: .standard(proto: "oom_kill"), 6: .standard(proto: "oom_group_kill"), ] public mutating func decodeMessage(decoder: inout D) throws { while let fieldNumber = try decoder.nextFieldNumber() { // The use of inline closures is to circumvent an issue where the compiler // allocates stack space for every case branch when no optimizations are // enabled. https://github.com/apple/swift-protobuf/issues/1034 switch fieldNumber { case 1: try { try decoder.decodeSingularUInt64Field(value: &self.low) }() case 2: try { try decoder.decodeSingularUInt64Field(value: &self.high) }() case 3: try { try decoder.decodeSingularUInt64Field(value: &self.max) }() case 4: try { try decoder.decodeSingularUInt64Field(value: &self.oom) }() case 5: try { try decoder.decodeSingularUInt64Field(value: &self.oomKill) }() case 6: try { try decoder.decodeSingularUInt64Field(value: &self.oomGroupKill) }() default: break } } } public func traverse(visitor: inout V) throws { if self.low != 0 { try visitor.visitSingularUInt64Field(value: self.low, fieldNumber: 1) } if self.high != 0 { try visitor.visitSingularUInt64Field(value: self.high, fieldNumber: 2) } if self.max != 0 { try visitor.visitSingularUInt64Field(value: self.max, fieldNumber: 3) } if self.oom != 0 { try visitor.visitSingularUInt64Field(value: self.oom, fieldNumber: 4) } if self.oomKill != 0 { try visitor.visitSingularUInt64Field(value: self.oomKill, fieldNumber: 5) } if self.oomGroupKill != 0 { try visitor.visitSingularUInt64Field(value: self.oomGroupKill, fieldNumber: 6) } try unknownFields.traverse(visitor: &visitor) } public static func ==(lhs: Com_Apple_Containerization_Sandbox_V3_MemoryEventStats, rhs: Com_Apple_Containerization_Sandbox_V3_MemoryEventStats) -> Bool { if lhs.low != rhs.low {return false} if lhs.high != rhs.high {return false} if lhs.max != rhs.max {return false} if lhs.oom != rhs.oom {return false} if lhs.oomKill != rhs.oomKill {return false} if lhs.oomGroupKill != rhs.oomGroupKill {return false} if lhs.unknownFields != rhs.unknownFields {return false} return true } } ================================================ FILE: Sources/Containerization/SandboxContext/SandboxContext.proto ================================================ syntax = "proto3"; package com.apple.containerization.sandbox.v3; import "google/protobuf/timestamp.proto"; // Context for interacting with a container's runtime environment. service SandboxContext { // Mount a filesystem. rpc Mount(MountRequest) returns (MountResponse); // Unmount a filesystem. rpc Umount(UmountRequest) returns (UmountResponse); // Set an environment variable on the init process. rpc Setenv(SetenvRequest) returns (SetenvResponse); // Get an environment variable from the init process. rpc Getenv(GetenvRequest) returns (GetenvResponse); // Create a new directory inside the sandbox. rpc Mkdir(MkdirRequest) returns (MkdirResponse); // Set sysctls in the context of the sandbox. rpc Sysctl(SysctlRequest) returns (SysctlResponse); // Set time in the guest. rpc SetTime(SetTimeRequest) returns (SetTimeResponse); // Set up an emulator in the guest for a specific binary format. rpc SetupEmulator(SetupEmulatorRequest) returns (SetupEmulatorResponse); // Write data to an existing or new file. rpc WriteFile(WriteFileRequest) returns (WriteFileResponse); // Copy a file or directory between the host and guest. // Data transfer happens over a dedicated vsock connection; // the gRPC stream is used only for control/metadata. rpc Copy(CopyRequest) returns (stream CopyResponse); // Create a new process inside the container. rpc CreateProcess(CreateProcessRequest) returns (CreateProcessResponse); // Delete an existing process inside the container. rpc DeleteProcess(DeleteProcessRequest) returns (DeleteProcessResponse); // Start the provided process. rpc StartProcess(StartProcessRequest) returns (StartProcessResponse); // Send a signal to the provided process. rpc KillProcess(KillProcessRequest) returns (KillProcessResponse); // Wait for a process to exit and return the exit code. rpc WaitProcess(WaitProcessRequest) returns (WaitProcessResponse); // Resize the tty of a given process. This will error if the process does // not have a pty allocated. rpc ResizeProcess(ResizeProcessRequest) returns (ResizeProcessResponse); // Close IO for a given process. rpc CloseProcessStdin(CloseProcessStdinRequest) returns (CloseProcessStdinResponse); // Get statistics for containers. rpc ContainerStatistics(ContainerStatisticsRequest) returns (ContainerStatisticsResponse); // Proxy a vsock port to a unix domain socket in the guest, or vice versa. rpc ProxyVsock(ProxyVsockRequest) returns (ProxyVsockResponse); // Stop a vsock proxy to a unix domain socket. rpc StopVsockProxy(StopVsockProxyRequest) returns (StopVsockProxyResponse); // Set the link state of a network interface. rpc IpLinkSet(IpLinkSetRequest) returns (IpLinkSetResponse); // Add an IPv4 address to a network interface. rpc IpAddrAdd(IpAddrAddRequest) returns (IpAddrAddResponse); // Add an IP route for a network interface. rpc IpRouteAddLink(IpRouteAddLinkRequest) returns (IpRouteAddLinkResponse); // Add an IP route for a network interface. rpc IpRouteAddDefault(IpRouteAddDefaultRequest) returns (IpRouteAddDefaultResponse); // Configure DNS resolver. rpc ConfigureDns(ConfigureDnsRequest) returns (ConfigureDnsResponse); // Configure /etc/hosts. rpc ConfigureHosts(ConfigureHostsRequest) returns (ConfigureHostsResponse); // Perform the sync syscall. rpc Sync(SyncRequest) returns (SyncResponse); // Send a signal to a process via the PID. rpc Kill(KillRequest) returns (KillResponse); } message Stdio { optional int32 stdinPort = 1; optional int32 stdoutPort = 2; optional int32 stderrPort = 3; } message SetupEmulatorRequest { string binary_path = 1; string name = 2; string type = 3; string offset = 4; string magic = 5; string mask = 6; string flags = 7; } message SetupEmulatorResponse {} message SetTimeRequest { int64 sec = 1; int32 usec = 2; } message SetTimeResponse {} message SysctlRequest { map settings = 1; } message SysctlResponse {} message ProxyVsockRequest { enum Action { INTO = 0; OUT_OF = 1; } string id = 1; uint32 vsock_port = 2; string guestPath = 3; optional uint32 guestSocketPermissions = 4; Action action = 5; } message ProxyVsockResponse {} message StopVsockProxyRequest { string id = 1; } message StopVsockProxyResponse {} message MountRequest { string type = 1; string source = 2; string destination = 3; repeated string options = 4; } message MountResponse {} message UmountRequest { string path = 1; int32 flags = 2; } message UmountResponse {} message SetenvRequest { string key = 1; optional string value = 2; } message SetenvResponse {} message GetenvRequest { string key = 1; } message GetenvResponse { optional string value = 1; } message CreateProcessRequest { string id = 1; optional string containerID = 2; optional uint32 stdin = 3; optional uint32 stdout = 4; optional uint32 stderr = 5; optional string ociRuntimePath = 6; bytes configuration = 7; optional bytes options = 8; } message CreateProcessResponse {} message WaitProcessRequest { string id = 1; optional string containerID = 2; } message WaitProcessResponse { int32 exitCode = 1; google.protobuf.Timestamp exited_at = 2; } message ResizeProcessRequest { string id = 1; optional string containerID = 2; uint32 rows = 3; uint32 columns = 4; } message ResizeProcessResponse {} message DeleteProcessRequest { string id = 1; optional string containerID = 2; } message DeleteProcessResponse {} message StartProcessRequest { string id = 1; optional string containerID = 2; } message StartProcessResponse { int32 pid = 1; } message KillProcessRequest { string id = 1; optional string containerID = 2; int32 signal = 3; } message KillProcessResponse { int32 result = 1; } message CloseProcessStdinRequest { string id = 1; optional string containerID = 2; } message CloseProcessStdinResponse {} message MkdirRequest { string path = 1; bool all = 2; uint32 perms = 3; } message MkdirResponse {} message WriteFileRequest { message WriteFileFlags { bool create_parent_dirs = 1; bool append = 2; bool create_if_missing = 3; } string path = 1; bytes data = 2; uint32 mode = 3; WriteFileFlags flags = 4; } message WriteFileResponse {} message CopyRequest { enum Direction { // Copy from host into guest. COPY_IN = 0; // Copy from guest to host. COPY_OUT = 1; } // Direction of the copy operation. Direction direction = 1; // Path in the guest (destination for COPY_IN, source for COPY_OUT). string path = 2; // File mode for single-file COPY_IN (defaults to 0644 if not set). uint32 mode = 3; // Create parent directories if they don't exist. bool create_parents = 4; // Vsock port the host is listening on for data transfer. uint32 vsock_port = 5; // For COPY_IN: indicates the data arriving on vsock is a tar+gzip archive. bool is_archive = 6; } message CopyResponse { enum Status { // Transfer metadata (first message for COPY_OUT: is_archive, total_size). METADATA = 0; // Data transfer completed successfully. COMPLETE = 1; } // What this response represents. Status status = 1; // For COPY_OUT METADATA: indicates the data on vsock will be a tar+gzip archive. bool is_archive = 2; // For COPY_OUT METADATA: total size in bytes (0 if unknown, e.g. for archives). uint64 total_size = 3; // Non-empty if an error occurred. string error = 4; } message IpLinkSetRequest { string interface = 1; bool up = 2; optional uint32 mtu = 3; } message IpLinkSetResponse {} message IpAddrAddRequest { string interface = 1; string ipv4Address = 2; } message IpAddrAddResponse {} message IpRouteAddLinkRequest { string interface = 1; string dstIpv4Addr = 2; string srcIpv4Addr = 3; } message IpRouteAddLinkResponse {} message IpRouteAddDefaultRequest { string interface = 1; string ipv4Gateway = 2; } message IpRouteAddDefaultResponse {} message ConfigureDnsRequest { string location = 1; repeated string nameservers = 2; optional string domain = 3; repeated string searchDomains = 4; repeated string options = 5; } message ConfigureDnsResponse {} message ConfigureHostsRequest { message HostsEntry { string ipAddress = 1; repeated string hostnames = 2; optional string comment = 3; } string location = 1; repeated HostsEntry entries = 2; optional string comment = 3; } message ConfigureHostsResponse {} message SyncRequest {} message SyncResponse {} message KillRequest { int32 pid = 1; int32 signal = 3; } message KillResponse { int32 result = 1; } // Categories of statistics that can be requested. enum StatCategory { STAT_CATEGORY_UNSPECIFIED = 0; STAT_CATEGORY_PROCESS = 1; STAT_CATEGORY_MEMORY = 2; STAT_CATEGORY_CPU = 3; STAT_CATEGORY_BLOCK_IO = 4; STAT_CATEGORY_NETWORK = 5; STAT_CATEGORY_MEMORY_EVENTS = 6; } message ContainerStatisticsRequest { repeated string container_ids = 1; // Empty = all containers repeated StatCategory categories = 2; // Empty = all categories } message ContainerStatisticsResponse { repeated ContainerStats containers = 1; } message ContainerStats { string container_id = 1; ProcessStats process = 2; MemoryStats memory = 3; CPUStats cpu = 4; BlockIOStats block_io = 5; repeated NetworkStats networks = 6; MemoryEventStats memory_events = 7; } message ProcessStats { uint64 current = 1; uint64 limit = 2; // 0 or max value = unlimited } message MemoryStats { uint64 usage_bytes = 1; uint64 limit_bytes = 2; uint64 swap_usage_bytes = 3; uint64 swap_limit_bytes = 4; uint64 cache_bytes = 5; uint64 kernel_stack_bytes = 6; uint64 slab_bytes = 7; uint64 page_faults = 8; uint64 major_page_faults = 9; uint64 inactive_file = 10; uint64 anon = 11; } message CPUStats { uint64 usage_usec = 1; uint64 user_usec = 2; uint64 system_usec = 3; uint64 throttling_periods = 4; uint64 throttled_periods = 5; uint64 throttled_time_usec = 6; } message BlockIOStats { repeated BlockIOEntry devices = 1; } message BlockIOEntry { uint64 major = 1; uint64 minor = 2; uint64 read_bytes = 3; uint64 write_bytes = 4; uint64 read_operations = 5; uint64 write_operations = 6; } message NetworkStats { string interface = 1; uint64 receivedPackets = 2; uint64 transmittedPackets = 3; uint64 receivedBytes = 4; uint64 transmittedBytes = 5; uint64 receivedErrors = 6; uint64 transmittedErrors = 7; } // Memory event counters from cgroup2's memory.events file. message MemoryEventStats { // Number of times the cgroup was reclaimed due to low memory. uint64 low = 1; // Number of times the cgroup exceeded its high memory limit. uint64 high = 2; // Number of times the cgroup hit its max memory limit. uint64 max = 3; // Number of times the cgroup triggered OOM. uint64 oom = 4; // Number of processes killed by OOM killer. uint64 oom_kill = 5; // Number of times charge for memory failed because of limit. uint64 oom_group_kill = 6; } ================================================ FILE: Sources/Containerization/SystemPlatform.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOCI /// `SystemPlatform` describes an operating system and architecture pair. /// This is primarily used to choose what kind of OCI image to pull from a /// registry. public struct SystemPlatform: Sendable, Codable { public enum OS: String, CaseIterable, Sendable, Codable { case linux case darwin } public let os: OS public enum Architecture: String, CaseIterable, Sendable, Codable { case arm64 case amd64 } public let architecture: Architecture public func ociPlatform() -> ContainerizationOCI.Platform { ContainerizationOCI.Platform(arch: architecture.rawValue, os: os.rawValue) } public static var linuxArm: SystemPlatform { .init(os: .linux, architecture: .arm64) } public static var linuxAmd: SystemPlatform { .init(os: .linux, architecture: .amd64) } } ================================================ FILE: Sources/Containerization/TimeSyncer.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Logging actor TimeSyncer { private var task: Task? private var context: Vminitd? private var paused: Bool private let logger: Logger? init(logger: Logger?) { self.paused = false self.logger = logger } func start(context: Vminitd, interval: Duration = .seconds(30)) { guard self.task == nil else { return } self.context = context self.task = Task { while true { do { do { try await Task.sleep(for: interval) } catch { return } guard !paused else { continue } var timeval = timeval() guard gettimeofday(&timeval, nil) == 0 else { throw POSIXError.fromErrno() } try await context.setTime( sec: Int64(timeval.tv_sec), usec: Int32(timeval.tv_usec) ) } catch { self.logger?.error("failed to sync time with guest agent: \(error)") } } } } func pause() async { self.paused = true } func resume() async { self.paused = false } func close() async throws { guard let task else { // Already closed, nop. return } task.cancel() await task.value try await self.context?.close() self.task = nil self.context = nil } } ================================================ FILE: Sources/Containerization/UnixSocketConfiguration.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import SystemPackage /// Represents a UnixSocket that can be shared into or out of a container/guest. public struct UnixSocketConfiguration: Sendable { // TODO: Realistically, we can just hash this struct and use it as the "id". /// The unique identifier for this socket configuration. public var id: String { _id } private let _id = UUID().uuidString /// The path to the socket you'd like relayed. For .into /// direction this should be the path on the host to a unix socket. /// For direction .outOf this should be the path in the container/guest /// to a unix socket. public var source: URL /// The path you'd like the socket to be relayed to. For .into /// direction this should be the path in the container/guest. For /// direction .outOf this should be the path on your host. public var destination: URL /// What to set the file permissions of the unix socket being created /// to. For .into direction this will be the socket in the guest. For /// .outOf direction this will be the socket on the host. public var permissions: FilePermissions? /// The direction of the relay. `.into` for sharing a unix socket on your /// host into the container/guest. `outOf` shares a socket in the container/guest /// onto your host. public var direction: Direction /// Type that denotes the direction of the unix socket relay. public enum Direction: Sendable { /// Share the socket into the container/guest. case into /// Share a socket in the container/guest onto the host. case outOf } public init( source: URL, destination: URL, permissions: FilePermissions? = nil, direction: Direction = .into ) { self.source = source self.destination = destination self.permissions = permissions self.direction = direction } } ================================================ FILE: Sources/Containerization/UnixSocketRelay.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationIO import ContainerizationOS import Foundation import Logging import Synchronization package final class UnixSocketRelay: Sendable { private let port: UInt32 private let configuration: UnixSocketConfiguration private let vm: any VirtualMachineInstance private let queue: DispatchQueue private let log: Logger? private let state: Mutex private struct State { var activeRelays: [String: BidirectionalRelay] = [:] var t: Task<(), Never>? = nil var listener: VsockListener? = nil } init( port: UInt32, socket: UnixSocketConfiguration, vm: any VirtualMachineInstance, queue: DispatchQueue, log: Logger? = nil ) throws { self.port = port self.configuration = socket self.vm = vm self.queue = queue self.log = log self.state = Mutex(.init()) } deinit { state.withLock { $0.t?.cancel() } } } extension UnixSocketRelay { func start() async throws { switch configuration.direction { case .outOf: try await setupHostVsockDial() case .into: try setupHostVsockListener() } } func stop() throws { try state.withLock { guard let t = $0.t else { throw ContainerizationError( .invalidState, message: "failed to stop socket relay: relay has not been started" ) } t.cancel() $0.t = nil for (_, relay) in $0.activeRelays { relay.stop() } $0.activeRelays.removeAll() switch configuration.direction { case .outOf: // If we created the host conn, lets unlink it also. It's possible it was // already unlinked if the relay failed earlier. try? FileManager.default.removeItem(at: self.configuration.destination) case .into: try $0.listener?.finish() } } } private func setupHostVsockDial() async throws { let hostConn = configuration.destination let socketType = try UnixType( path: hostConn.path, unlinkExisting: true ) let hostSocket = try Socket(type: socketType) try hostSocket.listen() log?.info( "listening on host UDS", metadata: [ "path": "\(hostConn.path)", "vport": "\(port)", ]) let connectionStream = try hostSocket.acceptStream(closeOnDeinit: false) state.withLock { $0.t = Task { do { for try await connection in connectionStream { try await self.handleHostUnixConn( hostConn: connection, port: self.port, vm: self.vm, log: self.log ) } } catch { log?.error("failed in unix socket relay loop: \(error)") } try? FileManager.default.removeItem(at: hostConn) } } } private func setupHostVsockListener() throws { let hostPath = configuration.source let listener = try vm.listen(port) log?.info( "listening on guest vsock", metadata: [ "path": "\(hostPath)", "vport": "\(port)", ]) state.withLock { $0.listener = listener $0.t = Task { do { defer { try? listener.finish() } for await connection in listener { try await self.handleGuestVsockConn( vsockConn: connection, hostConnectionPath: hostPath, port: self.port, log: self.log ) } } catch { self.log?.error("failed to setup relay between vsock \(self.port) and \(hostPath.path): \(error)") } } } } private func handleHostUnixConn( hostConn: ContainerizationOS.Socket, port: UInt32, vm: any VirtualMachineInstance, log: Logger? ) async throws { do { let guestConn = try await vm.dial(port) log?.debug( "initiating connection from host to guest", metadata: [ "vport": "\(port)", "hostFd": "\(guestConn.fileDescriptor)", "guestFd": "\(hostConn.fileDescriptor)", ]) try await self.relay( hostConn: hostConn, guestFd: guestConn.fileDescriptor ) } catch { log?.error("failed to relay between vsock \(port) and \(hostConn)") throw error } } private func handleGuestVsockConn( vsockConn: FileHandle, hostConnectionPath: URL, port: UInt32, log: Logger? ) async throws { let hostPath = hostConnectionPath.path let socketType = try UnixType(path: hostPath) let hostSocket = try Socket( type: socketType, closeOnDeinit: false ) log?.debug( "initiating connection from guest to host", metadata: [ "vport": "\(port)", "hostFd": "\(hostSocket.fileDescriptor)", "guestFd": "\(vsockConn.fileDescriptor)", ]) try hostSocket.connect() do { try await self.relay( hostConn: hostSocket, guestFd: vsockConn.fileDescriptor ) } catch { log?.error("failed to relay between vsock \(port) and \(hostPath)") } } private func relay( hostConn: Socket, guestFd: Int32 ) async throws { let hostFd = hostConn.fileDescriptor let relayID = UUID().uuidString let relay = BidirectionalRelay( fd1: hostFd, fd2: guestFd, queue: queue, log: log ) state.withLock { $0.activeRelays[relayID] = relay } relay.start() } } ================================================ FILE: Sources/Containerization/UnixSocketRelayManager.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import Foundation import Logging package actor UnixSocketRelayManager { private let vm: any VirtualMachineInstance private var relays: [String: UnixSocketRelay] private let queue: DispatchQueue private let log: Logger? init(vm: any VirtualMachineInstance, log: Logger? = nil) { self.vm = vm self.relays = [:] self.queue = DispatchQueue(label: "com.apple.containerization.socket-relay") self.log = log } } extension UnixSocketRelayManager { func start(port: UInt32, socket: UnixSocketConfiguration) async throws { guard relays[socket.id] == nil else { throw ContainerizationError( .invalidState, message: "socket relay \(socket.id) already started" ) } let relay = try UnixSocketRelay( port: port, socket: socket, vm: vm, queue: queue, log: log ) do { relays[socket.id] = relay try await relay.start() } catch { relays.removeValue(forKey: socket.id) throw error } } func stop(socket: UnixSocketConfiguration) async throws { guard let storedRelay = relays.removeValue(forKey: socket.id) else { throw ContainerizationError( .notFound, message: "failed to stop socket relay" ) } try storedRelay.stop() } func stopAll() async throws { for (_, relay) in relays { try relay.stop() } } } ================================================ FILE: Sources/Containerization/VMConfiguration.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOCI import Foundation /// Destination for boot log (serial console) output. public struct BootLog: Sendable { /// The underlying representation of the boot log destination. internal enum Representation: Sendable { case file(path: URL, append: Bool) case fileHandle(FileHandle) } internal var base: Representation /// Write boot logs to a file at the specified path. /// /// - Parameters: /// - path: The URL of the file to write boot logs to. /// - append: Whether to append to an existing file or overwrite it. Defaults to true. /// /// - Returns: A boot log destination that writes to a file. public static func file(path: URL, append: Bool = true) -> BootLog { self.init(base: .file(path: path, append: append)) } /// Write boot logs to a file handle. /// /// - Parameter fileHandle: The file handle to write boot logs to. /// /// - Returns: A boot log destination that writes to a file handle. public static func fileHandle(_ fileHandle: FileHandle) -> BootLog { self.init(base: .fileHandle(fileHandle)) } } /// Protocol for VM creation configuration. Allows VMMs to extend with specific settings /// while maintaining a common core configuration. public protocol VMCreationConfig: Sendable { /// The common VM configuration that all VMMs must support. var configuration: VMConfiguration { get } } /// Standard VM creation configuration with only common settings. public struct StandardVMConfig: VMCreationConfig { public var configuration: VMConfiguration public init(configuration: VMConfiguration) { self.configuration = configuration } } /// Configuration for creating a virtual machine instance. public struct VMConfiguration: Sendable { /// The amount of CPUs to allocate. public var cpus: Int /// The memory in bytes to allocate. public var memoryInBytes: UInt64 /// The network interfaces to attach. public var interfaces: [any Interface] /// Mounts organized by metadata ID (e.g. container ID). /// Each ID maps to an array of mounts for that workload. public var mountsByID: [String: [Mount]] /// Optional destination for serial boot logs. public var bootLog: BootLog? /// Enable nested virtualization support. If the VirtualMachineManager /// does not support this feature, it MUST return an .unsupported ContainerizationError. public var nestedVirtualization: Bool public init( cpus: Int = 4, memoryInBytes: UInt64 = 1024 * 1024 * 1024, interfaces: [any Interface] = [], mountsByID: [String: [Mount]] = [:], bootLog: BootLog? = nil, nestedVirtualization: Bool = false ) { self.cpus = cpus self.memoryInBytes = memoryInBytes self.interfaces = interfaces self.mountsByID = mountsByID self.bootLog = bootLog self.nestedVirtualization = nestedVirtualization } } ================================================ FILE: Sources/Containerization/VZVirtualMachine+Helpers.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import Foundation import Logging import Virtualization import ContainerizationError extension VZVirtualMachine { nonisolated func connect(queue: DispatchQueue, port: UInt32) async throws -> VZVirtioSocketConnection { try await withCheckedThrowingContinuation { cont in queue.sync { guard let vsock = self.socketDevices[0] as? VZVirtioSocketDevice else { let error = ContainerizationError(.invalidArgument, message: "no vsock device") cont.resume(throwing: error) return } vsock.connect(toPort: port) { result in switch result { case .success(let conn): // `conn` isn't used concurrently. nonisolated(unsafe) let conn = conn cont.resume(returning: conn) case .failure(let error): cont.resume(throwing: error) } } } } } func listen(queue: DispatchQueue, port: UInt32, listener: VZVirtioSocketListener) throws { try queue.sync { guard let vsock = self.socketDevices[0] as? VZVirtioSocketDevice else { throw ContainerizationError(.invalidArgument, message: "no vsock device") } vsock.setSocketListener(listener, forPort: port) } } func removeListener(queue: DispatchQueue, port: UInt32) throws { try queue.sync { guard let vsock = self.socketDevices[0] as? VZVirtioSocketDevice else { throw ContainerizationError( .invalidArgument, message: "no vsock device to remove" ) } vsock.removeSocketListener(forPort: port) } } func start(queue: DispatchQueue) async throws { try await withCheckedThrowingContinuation { (cont: CheckedContinuation) in queue.sync { self.start { result in if case .failure(let error) = result { cont.resume(throwing: error) return } cont.resume() } } } } func stop(queue: DispatchQueue) async throws { try await withCheckedThrowingContinuation { (cont: CheckedContinuation) in queue.sync { self.stop { error in if let error { cont.resume(throwing: error) return } cont.resume() } } } } func pause(queue: DispatchQueue) async throws { try await withCheckedThrowingContinuation { (cont: CheckedContinuation) in queue.sync { self.pause { result in if case .failure(let error) = result { cont.resume(throwing: error) return } cont.resume() } } } } func resume(queue: DispatchQueue) async throws { try await withCheckedThrowingContinuation { (cont: CheckedContinuation) in queue.sync { self.resume { result in if case .failure(let error) = result { cont.resume(throwing: error) return } cont.resume() } } } } } extension VZVirtualMachine { func waitForAgent(queue: DispatchQueue) async throws -> FileHandle { let agentConnectionRetryCount: Int = 200 let agentConnectionSleepDuration: Duration = .milliseconds(20) for _ in 0...agentConnectionRetryCount { do { return try await self.connect(queue: queue, port: Vminitd.port).dupHandle() } catch { try await Task.sleep(for: agentConnectionSleepDuration) continue } } throw ContainerizationError(.timeout, message: "failed to get a connection to agent socket") } } extension VZVirtioSocketConnection { func dupHandle() throws -> FileHandle { let fd = dup(self.fileDescriptor) if fd == -1 { throw POSIXError.fromErrno() } self.close() return FileHandle(fileDescriptor: fd, closeOnDealloc: false) } } #endif ================================================ FILE: Sources/Containerization/VZVirtualMachineInstance.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import Foundation import ContainerizationError import ContainerizationExtras import ContainerizationOCI import Logging import NIOCore import NIOPosix import Synchronization import Virtualization struct VZVirtualMachineInstance: Sendable { typealias Agent = Vminitd /// Attached mounts on the virtual machine, organized by metadata ID. public let mounts: [String: [AttachedFilesystem]] /// Returns the runtime state of the vm. public var state: VirtualMachineInstanceState { vzStateToInstanceState() } /// The virtual machine instance configuration. private let config: Configuration public struct Configuration: Sendable { /// Amount of cpus to allocated. public var cpus: Int /// Amount of memory in bytes allocated. public var memoryInBytes: UInt64 /// Toggle rosetta's x86_64 emulation support. public var rosetta: Bool /// Toggle nested virtualization support. public var nestedVirtualization: Bool /// Mount attachments organized by metadata ID. public var mountsByID: [String: [Mount]] /// Network interface attachments. public var interfaces: [any Interface] /// Kernel image. public var kernel: Kernel? /// The root filesystem. public var initialFilesystem: Mount? /// Destination for the virtual machine's boot logs. public var bootLog: BootLog? init() { self.cpus = 4 self.memoryInBytes = 1024.mib() self.rosetta = false self.nestedVirtualization = false self.mountsByID = [:] self.interfaces = [] } } // `vm` isn't used concurrently. private nonisolated(unsafe) let vm: VZVirtualMachine private let queue: DispatchQueue private let lock: AsyncLock private let group: EventLoopGroup private let ownsGroup: Bool private let timeSyncer: TimeSyncer private let logger: Logger? public init( group: EventLoopGroup? = nil, logger: Logger? = nil, with: (inout Configuration) throws -> Void ) throws { var config = Configuration() try with(&config) try self.init(group: group, config: config, logger: logger) } init(group: EventLoopGroup?, config: Configuration, logger: Logger?) throws { if let group { self.ownsGroup = false self.group = group } else { self.ownsGroup = true self.group = MultiThreadedEventLoopGroup(numberOfThreads: System.coreCount) } self.config = config self.lock = .init() self.queue = DispatchQueue(label: "com.apple.containerization.vzvm.\(UUID().uuidString)") self.mounts = try config.mountAttachments() self.logger = logger self.timeSyncer = .init(logger: logger) self.vm = VZVirtualMachine( configuration: try config.toVZ(), queue: self.queue ) } } extension VZVirtualMachineInstance: VirtualMachineInstance { func start() async throws { try await lock.withLock { _ in guard self.state == .stopped else { throw ContainerizationError( .invalidState, message: "virtual machine is not stopped \(self.state)" ) } // Do any necessary setup needed prior to starting the guest. try await self.prestart() try await self.vm.start(queue: self.queue) let agent = Vminitd( connection: try await self.vm.waitForAgent(queue: self.queue), group: self.group ) do { if self.config.rosetta { try await agent.enableRosetta() } } catch { try await agent.close() throw error } // Don't close our remote context as we are providing // it to our time sync routine. await self.timeSyncer.start(context: agent) } } func stop() async throws { try await lock.withLock { connections in // NOTE: We should record HOW the vm stopped eventually. If the vm exited // unexpectedly virtualization framework offers you a way to store // an error on how it exited. We should report that here instead of the // generic vm is not running. guard self.state == .running else { throw ContainerizationError(.invalidState, message: "vm is not running") } try await self.timeSyncer.close() if self.ownsGroup { try await self.group.shutdownGracefully() } try await self.vm.stop(queue: self.queue) } } // NOTE: Investigate what is the "right" way to handle already vended vsock // connections for pause and resume. func pause() async throws { try await lock.withLock { _ in await self.timeSyncer.pause() try await self.vm.pause(queue: self.queue) } } func resume() async throws { try await lock.withLock { _ in try await self.vm.resume(queue: self.queue) await self.timeSyncer.resume() } } public func dialAgent() async throws -> Vminitd { try await lock.withLock { _ in do { let conn = try await vm.connect( queue: queue, port: Vminitd.port ) let handle = try conn.dupHandle() let agent = Vminitd(connection: handle, group: self.group) return agent } catch { if let err = error as? ContainerizationError { throw err } throw ContainerizationError( .internalError, message: "failed to dial agent", cause: error ) } } } func dial(_ port: UInt32) async throws -> FileHandle { try await lock.withLock { _ in do { let conn = try await vm.connect( queue: queue, port: port ) return try conn.dupHandle() } catch { if let err = error as? ContainerizationError { throw err } throw ContainerizationError( .internalError, message: "failed to dial vsock port", cause: error ) } } } func listen(_ port: UInt32) throws -> VsockListener { let stream = VsockListener(port: port, stopListen: self.stopListen) let listener = VZVirtioSocketListener() listener.delegate = stream try self.vm.listen( queue: queue, port: port, listener: listener ) return stream } private func stopListen(_ port: UInt32) throws { try self.vm.removeListener( queue: queue, port: port ) } } extension VZVirtualMachineInstance { func vzStateToInstanceState() -> VirtualMachineInstanceState { self.queue.sync { let state: VirtualMachineInstanceState switch self.vm.state { case .starting: state = .starting case .running: state = .running case .stopping: state = .stopping case .stopped: state = .stopped default: state = .unknown } return state } } func prestart() async throws { if self.config.rosetta { #if arch(arm64) if VZLinuxRosettaDirectoryShare.availability == .notInstalled { self.logger?.info("installing rosetta") try await VZVirtualMachineInstance.Configuration.installRosetta() } #else fatalError("rosetta is only supported on arm64") #endif } } } extension VZVirtualMachineInstance.Configuration { public static func installRosetta() async throws { do { #if arch(arm64) try await VZLinuxRosettaDirectoryShare.installRosetta() #else fatalError("rosetta is only supported on arm64") #endif } catch { throw ContainerizationError( .internalError, message: "failed to install rosetta", cause: error ) } } private func serialPort(destination: BootLog) throws -> [VZVirtioConsoleDeviceSerialPortConfiguration] { let c = VZVirtioConsoleDeviceSerialPortConfiguration() switch destination.base { case .file(let path, let append): c.attachment = try VZFileSerialPortAttachment(url: path, append: append) case .fileHandle(let fileHandle): c.attachment = VZFileHandleSerialPortAttachment( fileHandleForReading: nil, fileHandleForWriting: fileHandle ) } return [c] } func toVZ() throws -> VZVirtualMachineConfiguration { var config = VZVirtualMachineConfiguration() config.cpuCount = self.cpus config.memorySize = self.memoryInBytes config.entropyDevices = [VZVirtioEntropyDeviceConfiguration()] config.socketDevices = [VZVirtioSocketDeviceConfiguration()] if let bootLog = self.bootLog { config.serialPorts = try serialPort(destination: bootLog) } else { // We always supply a serial console. If no explicit path was provided just send em to the void. config.serialPorts = try serialPort(destination: .file(path: URL(filePath: "/dev/null"))) } config.networkDevices = try self.interfaces.map { guard let vzi = $0 as? VZInterface else { throw ContainerizationError(.invalidArgument, message: "interface type not supported by VZ") } return try vzi.device() } if self.rosetta { #if arch(arm64) switch VZLinuxRosettaDirectoryShare.availability { case .notSupported: throw ContainerizationError( .invalidArgument, message: "rosetta was requested but is not supported on this machine" ) case .notInstalled: // NOTE: If rosetta isn't installed, we'll error with a nice error message // during .start() of the virtual machine instance. fallthrough case .installed: let share = try VZLinuxRosettaDirectoryShare() let device = VZVirtioFileSystemDeviceConfiguration(tag: "rosetta") device.share = share config.directorySharingDevices.append(device) @unknown default: throw ContainerizationError( .invalidArgument, message: "unknown rosetta availability encountered: \(VZLinuxRosettaDirectoryShare.availability)" ) } #else fatalError("rosetta is only supported on arm64") #endif } guard let kernel = self.kernel else { throw ContainerizationError(.invalidArgument, message: "kernel cannot be nil") } guard let initialFilesystem = self.initialFilesystem else { throw ContainerizationError(.invalidArgument, message: "rootfs cannot be nil") } let loader = VZLinuxBootLoader(kernelURL: kernel.path) loader.commandLine = kernel.linuxCommandline(initialFilesystem: initialFilesystem) config.bootLoader = loader try initialFilesystem.configure(config: &config) // Track used virtiofs tags to avoid creating duplicate VZ devices. // The same source directory mounted to multiple destinations shares one device. var usedVirtioFSTags: Set = [] for (_, mounts) in self.mountsByID { for mount in mounts { if case .virtiofs = mount.runtimeOptions { let tag = try hashMountSource(source: mount.source) if usedVirtioFSTags.contains(tag) { continue } usedVirtioFSTags.insert(tag) } try mount.configure(config: &config) } } let platform = VZGenericPlatformConfiguration() // We shouldn't silently succeed if the user asked for virt and their hardware does // not support it. if !VZGenericPlatformConfiguration.isNestedVirtualizationSupported && self.nestedVirtualization { throw ContainerizationError( .unsupported, message: "nested virtualization is not supported on the platform" ) } platform.isNestedVirtualizationEnabled = self.nestedVirtualization config.platform = platform try config.validate() return config } func mountAttachments() throws -> [String: [AttachedFilesystem]] { let allocator = Character.blockDeviceTagAllocator() if let initialFilesystem { // When the initial filesystem is a blk, allocate the first letter "vd(a)" // as that is what this blk will be attached under. if initialFilesystem.isBlock { _ = try allocator.allocate() } } var attachmentsByID: [String: [AttachedFilesystem]] = [:] for (id, mounts) in self.mountsByID { var attachments: [AttachedFilesystem] = [] for mount in mounts { attachments.append(try .init(mount: mount, allocator: allocator)) } attachmentsByID[id] = attachments } return attachmentsByID } } extension Kernel { func linuxCommandline(initialFilesystem: Mount) -> String { var args = self.commandLine.kernelArgs args.append("init=/sbin/vminitd") // rootfs is always set as ro. args.append("ro") switch initialFilesystem.type { case "virtiofs": args.append(contentsOf: [ "rootfstype=virtiofs", "root=rootfs", ]) case "ext4": args.append(contentsOf: [ "rootfstype=ext4", "root=/dev/vda", ]) default: fatalError("unsupported initfs filesystem \(initialFilesystem.type)") } if self.commandLine.initArgs.count > 0 { args.append("--") args.append(contentsOf: self.commandLine.initArgs) } return args.joined(separator: " ") } } public protocol VZInterface { func device() throws -> VZVirtioNetworkDeviceConfiguration } extension NATInterface: VZInterface { public func device() throws -> VZVirtioNetworkDeviceConfiguration { let config = VZVirtioNetworkDeviceConfiguration() if let macAddress = self.macAddress { guard let mac = VZMACAddress(string: macAddress.description) else { throw ContainerizationError(.invalidArgument, message: "invalid mac address \(macAddress)") } config.macAddress = mac } config.attachment = VZNATNetworkDeviceAttachment() return config } } #endif ================================================ FILE: Sources/Containerization/VZVirtualMachineManager.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import ContainerizationError import ContainerizationOCI import Foundation import Logging import NIOCore /// A virtualization.framework backed `VirtualMachineManager` implementation. public struct VZVirtualMachineManager: VirtualMachineManager { private let kernel: Kernel private let initialFilesystem: Mount private let rosetta: Bool private let nestedVirtualization: Bool private let group: EventLoopGroup? private let logger: Logger? public init( kernel: Kernel, initialFilesystem: Mount, rosetta: Bool = false, nestedVirtualization: Bool = false, group: EventLoopGroup? = nil, logger: Logger? = nil ) { self.kernel = kernel self.initialFilesystem = initialFilesystem self.rosetta = rosetta self.nestedVirtualization = nestedVirtualization self.group = group self.logger = logger } public func create(config: some VMCreationConfig) throws -> any VirtualMachineInstance { let vmConfig = config.configuration // Use nested virtualization if requested in config or set as default in manager let useNestedVirtualization = vmConfig.nestedVirtualization || self.nestedVirtualization return try VZVirtualMachineInstance( group: self.group, logger: self.logger, with: { instanceConfig in instanceConfig.cpus = vmConfig.cpus instanceConfig.memoryInBytes = vmConfig.memoryInBytes instanceConfig.kernel = self.kernel instanceConfig.initialFilesystem = self.initialFilesystem if let bootLog = vmConfig.bootLog { instanceConfig.bootLog = bootLog } instanceConfig.interfaces = vmConfig.interfaces instanceConfig.rosetta = self.rosetta instanceConfig.nestedVirtualization = useNestedVirtualization instanceConfig.mountsByID = vmConfig.mountsByID }) } } #endif ================================================ FILE: Sources/Containerization/VirtualMachineAgent+Additions.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// Protocol to conform to if your agent is capable of relaying unix domain socket /// connections. public protocol SocketRelayAgent { func relaySocket(port: UInt32, configuration: UnixSocketConfiguration) async throws func stopSocketRelay(configuration: UnixSocketConfiguration) async throws } ================================================ FILE: Sources/Containerization/VirtualMachineAgent.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationExtras import ContainerizationOCI import Foundation public struct WriteFileFlags { public var createParentDirectories = false public var append = false public var create = false } /// A protocol for the agent running inside a virtual machine. If an operation isn't /// supported the implementation MUST return a ContainerizationError with a code of /// `.unsupported`. public protocol VirtualMachineAgent: Sendable { /// Perform a platform specific standard setup /// of the runtime environment. func standardSetup() async throws /// Close any resources held by the agent. func close() async throws // POSIX-y func getenv(key: String) async throws -> String func setenv(key: String, value: String) async throws func mount(_ mount: ContainerizationOCI.Mount) async throws func umount(path: String, flags: Int32) async throws func mkdir(path: String, all: Bool, perms: UInt32) async throws @discardableResult func kill(pid: Int32, signal: Int32) async throws -> Int32 func sync() async throws func writeFile(path: String, data: Data, flags: WriteFileFlags, mode: UInt32) async throws // Process lifecycle func createProcess( id: String, containerID: String?, stdinPort: UInt32?, stdoutPort: UInt32?, stderrPort: UInt32?, ociRuntimePath: String?, configuration: ContainerizationOCI.Spec, options: Data? ) async throws func startProcess(id: String, containerID: String?) async throws -> Int32 func signalProcess(id: String, containerID: String?, signal: Int32) async throws func resizeProcess(id: String, containerID: String?, columns: UInt32, rows: UInt32) async throws func waitProcess(id: String, containerID: String?, timeoutInSeconds: Int64?) async throws -> ExitStatus func deleteProcess(id: String, containerID: String?) async throws func closeProcessStdin(id: String, containerID: String?) async throws // Networking func up(name: String, mtu: UInt32?) async throws func down(name: String) async throws func addressAdd(name: String, ipv4Address: CIDRv4) async throws func routeAddLink(name: String, dstIPv4Addr: IPv4Address, srcIPv4Addr: IPv4Address?) async throws func routeAddDefault(name: String, ipv4Gateway: IPv4Address) async throws func configureDNS(config: DNS, location: String) async throws func configureHosts(config: Hosts, location: String) async throws // Container statistics func containerStatistics(containerIDs: [String], categories: StatCategory) async throws -> [ContainerStatistics] } extension VirtualMachineAgent { public func closeProcessStdin(id: String, containerID: String?) async throws { throw ContainerizationError(.unsupported, message: "closeProcessStdin") } public func configureHosts(config: Hosts, location: String) async throws { throw ContainerizationError(.unsupported, message: "configureHosts") } public func writeFile(path: String, data: Data, flags: WriteFileFlags, mode: UInt32) async throws { throw ContainerizationError(.unsupported, message: "writeFile") } public func containerStatistics(containerIDs: [String], categories: StatCategory) async throws -> [ContainerStatistics] { throw ContainerizationError(.unsupported, message: "containerStatistics") } public func sync() async throws { throw ContainerizationError(.unsupported, message: "sync") } } ================================================ FILE: Sources/Containerization/VirtualMachineInstance.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import Foundation /// The runtime state of the virtual machine instance. public enum VirtualMachineInstanceState: Sendable { case starting case running case stopped case stopping case unknown } /// A live instance of a virtual machine. public protocol VirtualMachineInstance: Sendable { associatedtype Agent: VirtualMachineAgent // The state of the virtual machine. var state: VirtualMachineInstanceState { get } var mounts: [String: [AttachedFilesystem]] { get } /// Dial the Agent. It's up the VirtualMachineInstance to determine /// what port the agent is listening on. func dialAgent() async throws -> Agent /// Dial a vsock port in the guest. func dial(_ port: UInt32) async throws -> FileHandle /// Listen on a host vsock port. func listen(_ port: UInt32) throws -> VsockListener /// Start the virtual machine. func start() async throws /// Stop the virtual machine. func stop() async throws /// Pause the virtual machine. func pause() async throws /// Resume the virtual machine. func resume() async throws } extension VirtualMachineInstance { func pause() async throws { throw ContainerizationError(.unsupported, message: "pause") } func resume() async throws { throw ContainerizationError(.unsupported, message: "resume") } } ================================================ FILE: Sources/Containerization/VirtualMachineManager.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// A protocol to implement for virtual machine isolated containers. public protocol VirtualMachineManager: Sendable { func create(config: some VMCreationConfig) async throws -> any VirtualMachineInstance } ================================================ FILE: Sources/Containerization/Vminitd+Rosetta.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOS import Foundation extension Vminitd { /// Enable Rosetta's x86_64 emulation. public func enableRosetta() async throws { let path = "/run/rosetta" try await self.mount( .init( type: "virtiofs", source: "rosetta", destination: path ) ) try await self.setupEmulator( binaryPath: "\(path)/rosetta", configuration: Binfmt.Entry.amd64() ) } } ================================================ FILE: Sources/Containerization/Vminitd+SocketRelay.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// extension Vminitd: SocketRelayAgent { /// Sets up a relay between a host socket to a newly created guest socket, or vice versa. public func relaySocket(port: UInt32, configuration: UnixSocketConfiguration) async throws { let request = Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest.with { $0.id = configuration.id $0.vsockPort = port if let perms = configuration.permissions { $0.guestSocketPermissions = UInt32(perms.rawValue) } switch configuration.direction { case .into: $0.guestPath = configuration.destination.path $0.action = .into case .outOf: $0.guestPath = configuration.source.path $0.action = .outOf } } _ = try await client.proxyVsock(request) } /// Stops the specified socket relay. public func stopSocketRelay(configuration: UnixSocketConfiguration) async throws { let request = Com_Apple_Containerization_Sandbox_V3_StopVsockProxyRequest.with { $0.id = configuration.id } _ = try await client.stopVsockProxy(request) } } ================================================ FILE: Sources/Containerization/Vminitd.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationExtras import ContainerizationOCI import ContainerizationOS import Foundation import GRPC import NIOCore import NIOPosix /// A remote connection into the vminitd Linux guest agent via a port (vsock). /// Used to modify the runtime environment of the Linux sandbox. public struct Vminitd: Sendable { public typealias Client = Com_Apple_Containerization_Sandbox_V3_SandboxContextAsyncClient // Default vsock port that the agent and client use. public static let port: UInt32 = 1024 let client: Client public init(client: Client) { self.client = client } public init(connection: FileHandle, group: EventLoopGroup) { self.client = .init(connection: connection, group: group) } /// Close the connection to the guest agent. public func close() async throws { try await client.close() } } extension Vminitd: VirtualMachineAgent { /// Perform the standard guest setup necessary for vminitd to be able to /// run containers. public func standardSetup() async throws { try await up(name: "lo") try await setenv(key: "PATH", value: LinuxProcessConfiguration.defaultPath) // Vminitd mounts /proc, /sys, /sys/fs/cgroup and /run automatically. let mounts: [ContainerizationOCI.Mount] = [ .init(type: "tmpfs", source: "tmpfs", destination: "/tmp"), .init(type: "devpts", source: "devpts", destination: "/dev/pts", options: ["gid=5", "mode=620", "ptmxmode=666"]), ] for mount in mounts { try await self.mount(mount) } } public func writeFile(path: String, data: Data, flags: WriteFileFlags, mode: UInt32) async throws { _ = try await client.writeFile( .with { $0.path = path $0.mode = mode $0.data = data $0.flags = .with { $0.append = flags.append $0.createIfMissing = flags.create $0.createParentDirs = flags.createParentDirectories } }) } /// Get statistics for containers. If `containerIDs` is empty returns stats for all containers /// in the guest. If `categories` is empty, all categories are returned. public func containerStatistics(containerIDs: [String], categories: StatCategory) async throws -> [ContainerStatistics] { let response = try await client.containerStatistics( .with { $0.containerIds = containerIDs $0.categories = categories.toProtoCategories() }) return response.containers.map { protoStats in ContainerStatistics( id: protoStats.containerID, process: categories.contains(.process) && protoStats.hasProcess ? .init( current: protoStats.process.current, limit: protoStats.process.limit ) : nil, memory: categories.contains(.memory) && protoStats.hasMemory ? .init( usageBytes: protoStats.memory.usageBytes, limitBytes: protoStats.memory.limitBytes, swapUsageBytes: protoStats.memory.swapUsageBytes, swapLimitBytes: protoStats.memory.swapLimitBytes, cacheBytes: protoStats.memory.cacheBytes, kernelStackBytes: protoStats.memory.kernelStackBytes, slabBytes: protoStats.memory.slabBytes, pageFaults: protoStats.memory.pageFaults, majorPageFaults: protoStats.memory.majorPageFaults, inactiveFile: protoStats.memory.inactiveFile, anon: protoStats.memory.anon ) : nil, cpu: categories.contains(.cpu) && protoStats.hasCpu ? .init( usageUsec: protoStats.cpu.usageUsec, userUsec: protoStats.cpu.userUsec, systemUsec: protoStats.cpu.systemUsec, throttlingPeriods: protoStats.cpu.throttlingPeriods, throttledPeriods: protoStats.cpu.throttledPeriods, throttledTimeUsec: protoStats.cpu.throttledTimeUsec ) : nil, blockIO: categories.contains(.blockIO) && protoStats.hasBlockIo ? .init( devices: protoStats.blockIo.devices.map { device in .init( major: device.major, minor: device.minor, readBytes: device.readBytes, writeBytes: device.writeBytes, readOperations: device.readOperations, writeOperations: device.writeOperations ) } ) : nil, networks: categories.contains(.network) ? protoStats.networks.map { network in ContainerStatistics.NetworkStatistics( interface: network.interface, receivedPackets: network.receivedPackets, transmittedPackets: network.transmittedPackets, receivedBytes: network.receivedBytes, transmittedBytes: network.transmittedBytes, receivedErrors: network.receivedErrors, transmittedErrors: network.transmittedErrors ) } : nil, memoryEvents: categories.contains(.memoryEvents) && protoStats.hasMemoryEvents ? .init( low: protoStats.memoryEvents.low, high: protoStats.memoryEvents.high, max: protoStats.memoryEvents.max, oom: protoStats.memoryEvents.oom, oomKill: protoStats.memoryEvents.oomKill ) : nil ) } } /// Mount a filesystem in the sandbox's environment. public func mount(_ mount: ContainerizationOCI.Mount) async throws { _ = try await client.mount( .with { $0.type = mount.type $0.source = mount.source $0.destination = mount.destination $0.options = mount.options }) } /// Unmount a filesystem in the sandbox's environment. public func umount(path: String, flags: Int32) async throws { _ = try await client.umount( .with { $0.path = path $0.flags = flags }) } /// Create a directory inside the sandbox's environment. public func mkdir(path: String, all: Bool, perms: UInt32) async throws { _ = try await client.mkdir( .with { $0.path = path $0.all = all $0.perms = perms }) } public func createProcess( id: String, containerID: String?, stdinPort: UInt32?, stdoutPort: UInt32?, stderrPort: UInt32?, ociRuntimePath: String?, configuration: ContainerizationOCI.Spec, options: Data? ) async throws { let enc = JSONEncoder() _ = try await client.createProcess( .with { $0.id = id if let stdinPort { $0.stdin = stdinPort } if let stdoutPort { $0.stdout = stdoutPort } if let stderrPort { $0.stderr = stderrPort } if let containerID { $0.containerID = containerID } if let ociRuntimePath { $0.ociRuntimePath = ociRuntimePath } $0.configuration = try enc.encode(configuration) }) } @discardableResult public func startProcess(id: String, containerID: String?) async throws -> Int32 { let request = Com_Apple_Containerization_Sandbox_V3_StartProcessRequest.with { $0.id = id if let containerID { $0.containerID = containerID } } let resp = try await client.startProcess(request) return resp.pid } public func signalProcess(id: String, containerID: String?, signal: Int32) async throws { let request = Com_Apple_Containerization_Sandbox_V3_KillProcessRequest.with { $0.id = id $0.signal = signal if let containerID { $0.containerID = containerID } } _ = try await client.killProcess(request) } public func resizeProcess(id: String, containerID: String?, columns: UInt32, rows: UInt32) async throws { let request = Com_Apple_Containerization_Sandbox_V3_ResizeProcessRequest.with { if let containerID { $0.containerID = containerID } $0.id = id $0.columns = columns $0.rows = rows } _ = try await client.resizeProcess(request) } public func waitProcess( id: String, containerID: String?, timeoutInSeconds: Int64? = nil ) async throws -> ExitStatus { let request = Com_Apple_Containerization_Sandbox_V3_WaitProcessRequest.with { $0.id = id if let containerID { $0.containerID = containerID } } var callOpts: CallOptions? if let timeoutInSeconds { var copts = CallOptions() copts.timeLimit = .timeout(.seconds(timeoutInSeconds)) callOpts = copts } do { let resp = try await client.waitProcess(request, callOptions: callOpts) return ExitStatus(exitCode: resp.exitCode, exitedAt: resp.exitedAt.date) } catch { if let err = error as? GRPCError.RPCTimedOut { throw ContainerizationError( .timeout, message: "failed to wait for process exit within timeout of \(timeoutInSeconds!) seconds", cause: err ) } throw error } } public func deleteProcess(id: String, containerID: String?) async throws { let request = Com_Apple_Containerization_Sandbox_V3_DeleteProcessRequest.with { $0.id = id if let containerID { $0.containerID = containerID } } _ = try await client.deleteProcess(request) } public func closeProcessStdin(id: String, containerID: String?) async throws { let request = Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinRequest.with { $0.id = id if let containerID { $0.containerID = containerID } } _ = try await client.closeProcessStdin(request) } public func up(name: String, mtu: UInt32? = nil) async throws { let request = Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest.with { $0.interface = name $0.up = true if let mtu { $0.mtu = mtu } } _ = try await client.ipLinkSet(request) } public func down(name: String) async throws { let request = Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest.with { $0.interface = name $0.up = false } _ = try await client.ipLinkSet(request) } /// Get an environment variable from the sandbox's environment. public func getenv(key: String) async throws -> String { let response = try await client.getenv( .with { $0.key = key }) return response.value } /// Set an environment variable in the sandbox's environment. public func setenv(key: String, value: String) async throws { _ = try await client.setenv( .with { $0.key = key $0.value = value }) } } /// Vminitd specific rpcs. extension Vminitd { /// Sets up an emulator in the guest. public func setupEmulator(binaryPath: String, configuration: Binfmt.Entry) async throws { let request = Com_Apple_Containerization_Sandbox_V3_SetupEmulatorRequest.with { $0.binaryPath = binaryPath $0.name = configuration.name $0.type = configuration.type $0.offset = configuration.offset $0.magic = configuration.magic $0.mask = configuration.mask $0.flags = configuration.flags } _ = try await client.setupEmulator(request) } /// Sets the guest time. public func setTime(sec: Int64, usec: Int32) async throws { let request = Com_Apple_Containerization_Sandbox_V3_SetTimeRequest.with { $0.sec = sec $0.usec = usec } _ = try await client.setTime(request) } /// Set the provided sysctls inside the Sandbox's environment. public func sysctl(settings: [String: String]) async throws { let request = Com_Apple_Containerization_Sandbox_V3_SysctlRequest.with { $0.settings = settings } _ = try await client.sysctl(request) } /// Add an IP address to the sandbox's network interfaces. public func addressAdd(name: String, ipv4Address: CIDRv4) async throws { _ = try await client.ipAddrAdd( .with { $0.interface = name $0.ipv4Address = ipv4Address.description }) } /// Add a route in the sandbox's environment. public func routeAddLink(name: String, dstIPv4Addr: IPv4Address, srcIPv4Addr: IPv4Address? = nil) async throws { let dstCIDR = "\(dstIPv4Addr.description)/32" _ = try await client.ipRouteAddLink( .with { $0.interface = name $0.dstIpv4Addr = dstCIDR if let srcIPv4Addr { $0.srcIpv4Addr = srcIPv4Addr.description } }) } /// Set the default route in the sandbox's environment. public func routeAddDefault(name: String, ipv4Gateway: IPv4Address) async throws { _ = try await client.ipRouteAddDefault( .with { $0.interface = name $0.ipv4Gateway = ipv4Gateway.description }) } /// Configure DNS within the sandbox's environment. public func configureDNS(config: DNS, location: String) async throws { _ = try await client.configureDns( .with { $0.location = location $0.nameservers = config.nameservers if let domain = config.domain { $0.domain = domain } $0.searchDomains = config.searchDomains $0.options = config.options }) } /// Configure /etc/hosts within the sandbox's environment. public func configureHosts(config: Hosts, location: String) async throws { _ = try await client.configureHosts(config.toAgentHostsRequest(location: location)) } /// Perform a sync call. public func sync() async throws { _ = try await client.sync(.init()) } public func kill(pid: Int32, signal: Int32) async throws -> Int32 { let response = try await client.kill( .with { $0.pid = pid $0.signal = signal }) return response.result } /// Metadata received from the guest during a copy operation. public struct CopyMetadata: Sendable { /// Whether the data on the vsock channel is a tar+gzip archive. public let isArchive: Bool /// Total size in bytes (0 if unknown, e.g. for archives). public let totalSize: UInt64 } /// Unified copy control plane. Sends a CopyRequest over gRPC and processes /// the response stream. Data transfer happens over a separate vsock connection /// managed by the caller. /// /// For COPY_OUT, the `onMetadata` callback is invoked when the guest sends /// metadata (is_archive, total_size) before data transfer begins. /// For COPY_IN, `onMetadata` is not called. public func copy( direction: Com_Apple_Containerization_Sandbox_V3_CopyRequest.Direction, guestPath: URL, vsockPort: UInt32, mode: UInt32 = 0, createParents: Bool = false, isArchive: Bool = false, onMetadata: @Sendable (CopyMetadata) -> Void = { _ in } ) async throws { let request = Com_Apple_Containerization_Sandbox_V3_CopyRequest.with { $0.direction = direction $0.path = guestPath.path $0.mode = mode $0.createParents = createParents $0.vsockPort = vsockPort $0.isArchive = isArchive } let stream = client.copy(request) for try await response in stream { if !response.error.isEmpty { throw ContainerizationError(.internalError, message: "copy: \(response.error)") } switch response.status { case .metadata: onMetadata(CopyMetadata(isArchive: response.isArchive, totalSize: response.totalSize)) case .complete: break case .UNRECOGNIZED(let value): throw ContainerizationError(.internalError, message: "copy: unrecognized response status \(value)") } } } } extension Hosts { func toAgentHostsRequest(location: String) -> Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest { Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest.with { $0.location = location if let comment { $0.comment = comment } $0.entries = entries.map { let entry = $0 return Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest.HostsEntry.with { if let comment = entry.comment { $0.comment = comment } $0.ipAddress = entry.ipAddress $0.hostnames = entry.hostnames } } } } } extension Vminitd.Client { public init(connection: FileHandle, group: EventLoopGroup) { var config = ClientConnection.Configuration.default( target: .connectedSocket(connection.fileDescriptor), eventLoopGroup: group ) config.connectionBackoff = nil config.maximumReceiveMessageLength = Int(64.mib()) self = .init(channel: ClientConnection(configuration: config)) } public func close() async throws { try await self.channel.close().get() } } extension StatCategory { /// Convert StatCategory to proto enum values. func toProtoCategories() -> [Com_Apple_Containerization_Sandbox_V3_StatCategory] { var categories: [Com_Apple_Containerization_Sandbox_V3_StatCategory] = [] if contains(.process) { categories.append(.process) } if contains(.memory) { categories.append(.memory) } if contains(.cpu) { categories.append(.cpu) } if contains(.blockIO) { categories.append(.blockIo) } if contains(.network) { categories.append(.network) } if contains(.memoryEvents) { categories.append(.memoryEvents) } return categories } } ================================================ FILE: Sources/Containerization/VmnetNetwork.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import ContainerizationError import ContainerizationExtras import Virtualization import vmnet /// A network backed by vmnet on macOS. @available(macOS 26.0, *) public struct VmnetNetwork: Network { private var allocator: Allocator // `reference` isn't used concurrently. nonisolated(unsafe) private let reference: vmnet_network_ref /// The IPv4 subnet of this network. public let subnet: CIDRv4 /// The IPv4 gateway address of this network. public var ipv4Gateway: IPv4Address { subnet.gateway } struct Allocator: Sendable { private let addressAllocator: any AddressAllocator private let cidr: CIDRv4 private var allocations: [String: UInt32] init(cidr: CIDRv4) throws { self.cidr = cidr self.allocations = .init() let size = Int(cidr.upper.value - cidr.lower.value - 3) self.addressAllocator = try UInt32.rotatingAllocator( lower: cidr.lower.value + 2, size: UInt32(size) ) } mutating func allocate(_ id: String) throws -> CIDRv4 { if allocations[id] != nil { throw ContainerizationError(.exists, message: "allocation with id \(id) already exists") } let index = try addressAllocator.allocate() allocations[id] = index let ip = IPv4Address(index) return try CIDRv4(ip, prefix: cidr.prefix) } mutating func release(_ id: String) throws { if let index = self.allocations[id] { try addressAllocator.release(index) allocations.removeValue(forKey: id) } } } /// A network interface supporting the vmnet_network_ref. public struct Interface: Containerization.Interface, VZInterface, Sendable { public let ipv4Address: CIDRv4 public let ipv4Gateway: IPv4Address? public let macAddress: MACAddress? public let mtu: UInt32 // `reference` isn't used concurrently. nonisolated(unsafe) private let reference: vmnet_network_ref public init( reference: vmnet_network_ref, ipv4Address: CIDRv4, ipv4Gateway: IPv4Address? = nil, macAddress: MACAddress? = nil, mtu: UInt32 = 1500 ) { self.ipv4Address = ipv4Address self.ipv4Gateway = ipv4Gateway self.macAddress = macAddress self.mtu = mtu self.reference = reference } /// Returns the underlying `VZVirtioNetworkDeviceConfiguration`. public func device() throws -> VZVirtioNetworkDeviceConfiguration { let config = VZVirtioNetworkDeviceConfiguration() if let macAddress = self.macAddress { guard let mac = VZMACAddress(string: macAddress.description) else { throw ContainerizationError(.invalidArgument, message: "invalid mac address \(macAddress)") } config.macAddress = mac } config.attachment = VZVmnetNetworkDeviceAttachment(network: self.reference) return config } } /// Creates a new network. /// - Parameters: /// - mode: The vmnet operating mode. Defaults to `.VMNET_SHARED_MODE`. /// - subnet: The subnet to use for this network. public init(mode: vmnet.operating_modes_t = .VMNET_SHARED_MODE, subnet: CIDRv4? = nil) throws { var status: vmnet_return_t = .VMNET_FAILURE guard let config = vmnet_network_configuration_create(mode, &status) else { throw ContainerizationError(.unsupported, message: "failed to create vmnet config with status \(status)") } vmnet_network_configuration_disable_dhcp(config) if let subnet { try Self.configureSubnet(config, subnet: subnet) } guard let ref = vmnet_network_create(config, &status), status == .VMNET_SUCCESS else { throw ContainerizationError(.unsupported, message: "failed to create vmnet network with status \(status)") } let cidr = try Self.getSubnet(ref) self.allocator = try .init(cidr: cidr) self.subnet = cidr self.reference = ref } /// Returns a new interface for use with a container. /// - Parameter id: The container ID. public mutating func createInterface(_ id: String) throws -> Containerization.Interface? { let ipv4Address = try allocator.allocate(id) return Self.Interface( reference: self.reference, ipv4Address: ipv4Address, ipv4Gateway: self.ipv4Gateway, ) } /// Returns a new interface without a default gateway route. /// Use this for secondary interfaces where another interface already provides the default route. /// - Parameter id: The container ID. public mutating func createInterfaceWithoutGateway(_ id: String) throws -> Containerization.Interface? { let ipv4Address = try allocator.allocate(id) return Self.Interface( reference: self.reference, ipv4Address: ipv4Address, ) } /// Returns a new interface for use with a container with a custom MTU. /// - Parameters: /// - id: The container ID. /// - mtu: The MTU for the interface. public mutating func createInterface(_ id: String, mtu: UInt32) throws -> Containerization.Interface? { let ipv4Address = try allocator.allocate(id) return Self.Interface( reference: self.reference, ipv4Address: ipv4Address, ipv4Gateway: self.ipv4Gateway, mtu: mtu ) } /// Performs cleanup of an interface. /// - Parameter id: The container ID. public mutating func releaseInterface(_ id: String) throws { try allocator.release(id) } private static func getSubnet(_ ref: vmnet_network_ref) throws -> CIDRv4 { var subnet = in_addr() var mask = in_addr() vmnet_network_get_ipv4_subnet(ref, &subnet, &mask) let sa = UInt32(bigEndian: subnet.s_addr) let mv = UInt32(bigEndian: mask.s_addr) let lower = IPv4Address(sa & mv) let upper = IPv4Address(lower.value + ~mv) return try CIDRv4(lower: lower, upper: upper) } private static func configureSubnet(_ config: vmnet_network_configuration_ref, subnet: CIDRv4) throws { let gateway = subnet.gateway var ga = in_addr() inet_pton(AF_INET, gateway.description, &ga) let mask = IPv4Address(subnet.prefix.prefixMask32) var ma = in_addr() inet_pton(AF_INET, mask.description, &ma) guard vmnet_network_configuration_set_ipv4_subnet(config, &ga, &ma) == .VMNET_SUCCESS else { throw ContainerizationError(.internalError, message: "failed to set subnet \(subnet) for network") } } } #endif ================================================ FILE: Sources/Containerization/VsockListener.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation #if os(macOS) import Virtualization #endif /// A stream of vsock connections. public final class VsockListener: NSObject, Sendable, AsyncSequence { public typealias Element = FileHandle /// The port the connections are for. public let port: UInt32 private let connections: AsyncStream private let cont: AsyncStream.Continuation private let stopListening: @Sendable (_ port: UInt32) throws -> Void package init(port: UInt32, stopListen: @Sendable @escaping (_ port: UInt32) throws -> Void) { self.port = port let (stream, continuation) = AsyncStream.makeStream(of: FileHandle.self) self.connections = stream self.cont = continuation self.stopListening = stopListen } public func finish() throws { self.cont.finish() try self.stopListening(self.port) } public func makeAsyncIterator() -> AsyncStream.AsyncIterator { connections.makeAsyncIterator() } } #if os(macOS) extension VsockListener: VZVirtioSocketListenerDelegate { public func listener( _: VZVirtioSocketListener, shouldAcceptNewConnection conn: VZVirtioSocketConnection, from _: VZVirtioSocketDevice ) -> Bool { let fd = dup(conn.fileDescriptor) guard fd != -1 else { return false } conn.close() let fh = FileHandle(fileDescriptor: fd, closeOnDealloc: false) let result = cont.yield(fh) if case .terminated = result { try? fh.close() return false } return true } } #endif ================================================ FILE: Sources/ContainerizationArchive/ArchiveError.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import CArchive import Foundation /// An enumeration of the errors that can be thrown while interacting with an archive. public enum ArchiveError: Error, CustomStringConvertible { case unableToCreateArchive case noUnderlyingArchive case noArchiveInCallback case noDelegateConfigured case delegateFreedBeforeCallback case unableToSetFormat(CInt, Format) case unableToAddFilter(CInt, Filter) case unableToWriteEntryHeader(CInt) case unableToWriteData(CLong) case unableToCloseArchive(CInt) case unableToOpenArchive(CInt) case unableToSetOption(CInt) case failedToSetLocale(locales: [String]) case failedToGetProperty(String, URLResourceKey) case failedToDetectFilter case failedToDetectFormat case failedToExtractArchive(String) case failedToCreateArchive(String) case invalidBaseAddressArchiveWrite /// Description of the error public var description: String { switch self { case .unableToCreateArchive: return "unable to create an archive." case .noUnderlyingArchive: return "no underlying archive was provided." case .noArchiveInCallback: return "no archive was provided in the callback." case .noDelegateConfigured: return "no delegate was configured." case .delegateFreedBeforeCallback: return "the delegate was freed before the callback was invoked." case .unableToSetFormat(let code, let name): return "unable to set the archive format \(name), code \(code)" case .unableToAddFilter(let code, let name): return "unable to set the archive filter \(name), code \(code)" case .unableToWriteEntryHeader(let code): return "unable to write the entry header to the archive, code \(code)" case .unableToWriteData(let code): return "unable to write data to the archive, code \(code)" case .unableToCloseArchive(let code): return "unable to close the archive, code \(code)" case .unableToOpenArchive(let code): return "unable to open the archive, code \(code)" case .unableToSetOption(_): return "unable to set an option on the archive." case .failedToSetLocale(let locales): return "failed to set locale to \(locales)" case .failedToGetProperty(let path, let propertyName): return "failed to read property \(propertyName) from file at path \(path)" case .failedToDetectFilter: return "failed to detect filter from archive." case .failedToDetectFormat: return "failed to detect format from archive." case .failedToExtractArchive(let reason): return "failed to extract archive: \(reason)" case .failedToCreateArchive(let reason): return "failed to create archive: \(reason)" case .invalidBaseAddressArchiveWrite: return "got an invalid base address for pointer when writing data to archive" } } } public struct LibArchiveError: Error { public let source: ArchiveError public let description: String } func wrap(_ f: @autoclosure () -> CInt, _ e: (CInt) -> ArchiveError, underlying: OpaquePointer? = nil) throws { let result = f() guard result == ARCHIVE_OK else { let error = e(result) guard let underlying = underlying, let description = archive_error_string(underlying).map(String.init(cString:)) else { throw error } throw LibArchiveError(source: error, description: description) } } ================================================ FILE: Sources/ContainerizationArchive/ArchiveReader.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import CArchive import ContainerizationError import ContainerizationOS import Foundation import SystemPackage /// A protocol for reading data in chunks, compatible with both `InputStream` and zero-allocation archive readers. public protocol ReadableStream { /// Reads up to `maxLength` bytes into the provided buffer. /// Returns the number of bytes actually read, 0 for EOF, or -1 for error. func read(_ buffer: UnsafeMutablePointer, maxLength: Int) -> Int } extension InputStream: ReadableStream {} /// Small wrapper type to read data from an archive entry. public struct ArchiveEntryReader: ReadableStream { private weak var reader: ArchiveReader? init(reader: ArchiveReader) { self.reader = reader } /// Reads up to `maxLength` bytes into the provided buffer. /// Returns the number of bytes actually read, 0 for EOF, or -1 for error. public func read(_ buffer: UnsafeMutablePointer, maxLength: Int) -> Int { guard let archive = reader?.underlying else { return -1 } let bytesRead = archive_read_data(archive, buffer, maxLength) return bytesRead < 0 ? -1 : bytesRead } } /// A class responsible for reading entries from an archive file. public final class ArchiveReader { private static let chunkSize = 4 * 1024 * 1024 /// A pointer to the underlying `archive` C structure. var underlying: OpaquePointer? /// The file handle associated with the archive file being read. let fileHandle: FileHandle? /// Temporary decompressed file URL if the input was zstd-compressed private var tempDecompressedFile: URL? /// Initializes an `ArchiveReader` to read from a specified file URL with an explicit `Format` and `Filter`. /// Note: This method must be used when it is known that the archive at the specified URL follows the specified /// `Format` and `Filter`. public convenience init(format: Format, filter: Filter, file: URL) throws { // If filter is zstd, decompress it and use filter .none let fileToRead: URL let tempFile: URL? let actualFilter: Filter if filter == .zstd { let decompressed = try Self.decompressZstd(file) tempFile = decompressed fileToRead = decompressed actualFilter = .none } else { tempFile = nil fileToRead = file actualFilter = filter } let fileHandle = try FileHandle(forReadingFrom: fileToRead) try self.init(format: format, filter: actualFilter, fileHandle: fileHandle) self.tempDecompressedFile = tempFile } /// Initializes an `ArchiveReader` to read from the provided file descriptor with an explicit `Format` and `Filter`. /// Note: This method must be used when it is known that the archive pointed to by the file descriptor follows the specified /// `Format` and `Filter`. public init(format: Format, filter: Filter, fileHandle: FileHandle) throws { self.underlying = archive_read_new() self.fileHandle = fileHandle try archive_read_set_format(underlying, format.code) .checkOk(elseThrow: .unableToSetFormat(format.code, format)) try archive_read_append_filter(underlying, filter.code) .checkOk(elseThrow: .unableToAddFilter(filter.code, filter)) let fd = fileHandle.fileDescriptor try archive_read_open_fd(underlying, fd, 4096) .checkOk(elseThrow: { .unableToOpenArchive($0) }) } /// Initialize the `ArchiveReader` to read from a specified file URL /// by trying to auto determine the archives `Format` and `Filter`. public init(file: URL) throws { self.underlying = archive_read_new() // Try to decompress as zstd first, fall back to original if it fails let fileToRead: URL if let decompressed = try? Self.decompressZstd(file) { self.tempDecompressedFile = decompressed fileToRead = decompressed } else { fileToRead = file } let fileHandle = try FileHandle(forReadingFrom: fileToRead) self.fileHandle = fileHandle try archive_read_support_filter_all(underlying) .checkOk(elseThrow: .failedToDetectFilter) try archive_read_support_format_all(underlying) .checkOk(elseThrow: .failedToDetectFormat) let fd = fileHandle.fileDescriptor try archive_read_open_fd(underlying, fd, 4096) .checkOk(elseThrow: { .unableToOpenArchive($0) }) } /// Decompress a zstd file to a temporary location private static func decompressZstd(_ source: URL) throws -> URL { guard let tempDir = createTemporaryDirectory(baseName: "zstd-decompress") else { throw ArchiveError.failedToDetectFormat } let tempFile = tempDir.appendingPathComponent( source.deletingPathExtension().lastPathComponent ) let srcPath = source.scheme == nil || source.scheme == "" ? source.path : source.path let srcFd = open(srcPath, O_RDONLY) guard srcFd >= 0 else { throw ArchiveError.failedToDetectFormat } defer { close(srcFd) } let dstFd = open(tempFile.path, O_WRONLY | O_CREAT | O_TRUNC, 0o644) guard dstFd >= 0 else { throw ArchiveError.failedToDetectFormat } defer { close(dstFd) } guard zstd_decompress_fd(srcFd, dstFd) == 0 else { throw ArchiveError.failedToDetectFormat } return tempFile } deinit { archive_read_free(underlying) try? fileHandle?.close() // Clean up temp decompressed file if let tempFile = tempDecompressedFile { try? FileManager.default.removeItem(at: tempFile.deletingLastPathComponent()) } } } extension CInt { fileprivate func checkOk(elseThrow error: @autoclosure () -> ArchiveError) throws { guard self == ARCHIVE_OK else { throw error() } } fileprivate func checkOk(elseThrow error: (CInt) -> ArchiveError) throws { guard self == ARCHIVE_OK else { throw error(self) } } } extension ArchiveReader: Sequence { public func makeIterator() -> Iterator { Iterator(reader: self) } public struct Iterator: IteratorProtocol { var reader: ArchiveReader public mutating func next() -> (WriteEntry, Data)? { let entry = WriteEntry() let result = archive_read_next_header2(reader.underlying, entry.underlying) if result == ARCHIVE_EOF { return nil } let data = reader.readDataForEntry(entry) return (entry, data) } } /// Returns an iterator that yields archive entries. public func makeStreamingIterator() -> StreamingIterator { StreamingIterator(reader: self) } public struct StreamingIterator: Sequence, IteratorProtocol { var reader: ArchiveReader public func makeIterator() -> StreamingIterator { self } public mutating func next() -> (WriteEntry, ArchiveEntryReader)? { let entry = WriteEntry() let result = archive_read_next_header2(reader.underlying, entry.underlying) if result == ARCHIVE_EOF { return nil } let streamReader = ArchiveEntryReader(reader: reader) return (entry, streamReader) } } internal func readDataForEntry(_ entry: WriteEntry) -> Data { let bufferSize = Int(Swift.min(entry.size ?? 4096, 4096)) var entry = Data() var part = Data(count: bufferSize) while true { let c = part.withUnsafeMutableBytes { buffer in guard let baseAddress = buffer.baseAddress else { return 0 } return archive_read_data(self.underlying, baseAddress, buffer.count) } guard c > 0 else { break } part.count = c entry.append(part) } return entry } } extension ArchiveReader { public convenience init(name: String, bundle: Data, tempDirectoryBaseName: String? = nil) throws { let baseName = tempDirectoryBaseName ?? "Unarchiver" let url = createTemporaryDirectory(baseName: baseName)!.appendingPathComponent(name) try bundle.write(to: url, options: .atomic) try self.init(format: .zip, filter: .none, file: url) } /// Extracts the contents of an archive to the provided directory. /// Rejects member paths that escape the root directory or traverse /// symbolic links, and uses a "last entry wins" replacement policy /// for an existing file at a path to be extracted. public func extractContents(to directory: URL) throws -> [String] { // Create the root directory with standard permissions // and create a FileDescriptor for secure path traveral. let fm = FileManager.default let rootFilePath = FilePath(directory.path) try fm.createDirectory(atPath: directory.path, withIntermediateDirectories: true) let rootFileDescriptor = try FileDescriptor.open(rootFilePath, .readOnly) defer { try? rootFileDescriptor.close() } // Iterate and extract archive entries, collecting rejected paths. var foundEntry = false var rejectedPaths = [String]() for (entry, dataReader) in self.makeStreamingIterator() { guard let memberPath = (entry.path.map { FilePath($0) }) else { continue } foundEntry = true // Try to extract the entry, catching path validation errors let extracted = try extractEntry( entry: entry, dataReader: dataReader, memberPath: memberPath, rootFileDescriptor: rootFileDescriptor ) if !extracted { rejectedPaths.append(memberPath.string) } } guard foundEntry else { throw ArchiveError.failedToExtractArchive("no entries found in archive") } return rejectedPaths } /// This method extracts a given file from the archive. /// This operation modifies the underlying file descriptor's position within the archive, /// meaning subsequent reads will start from a new location. /// To reset the underlying file descriptor to the beginning of the archive, close and /// reopen the archive. public func extractFile(path: String) throws -> (WriteEntry, Data) { let entry = WriteEntry() while archive_read_next_header2(self.underlying, entry.underlying) != ARCHIVE_EOF { guard let entryPath = entry.path else { continue } let trimCharSet = CharacterSet(charactersIn: "./") let trimmedEntry = entryPath.trimmingCharacters(in: trimCharSet) let trimmedRequired = path.trimmingCharacters(in: trimCharSet) guard trimmedEntry == trimmedRequired else { continue } let data = readDataForEntry(entry) return (entry, data) } throw ArchiveError.failedToExtractArchive(" \(path) not found in archive") } /// Extracts a single archive entry. /// Returns false if the entry was rejected due to path validation errors. /// Throws on system errors. private func extractEntry( entry: WriteEntry, dataReader: ArchiveEntryReader, memberPath: FilePath, rootFileDescriptor: FileDescriptor ) throws -> Bool { guard let lastComponent = memberPath.lastComponent else { return false } let relativePath = memberPath.removingLastComponent() let type = entry.fileType do { switch type { case .regular: try rootFileDescriptor.mkdirSecure(relativePath, makeIntermediates: true) { fd in // Remove existing entry if present (mimics containerd's "last entry wins" behavior) try? fd.unlinkRecursiveSecure(filename: lastComponent) // Open file for writing using openat with O_NOFOLLOW to prevent TOC-TOU attacks let fileMode = entry.permissions & 0o777 // Mask to permission bits only let fileFd = openat(fd.rawValue, lastComponent.string, O_WRONLY | O_CREAT | O_EXCL | O_NOFOLLOW, fileMode) guard fileFd >= 0 else { throw ArchiveError.failedToExtractArchive("failed to create file: \(memberPath)") } defer { close(fileFd) } try Self.copyDataReaderToFd(dataReader: dataReader, fileFd: fileFd, memberPath: memberPath) setFileAttributes(fd: fileFd, entry: entry) } case .directory: try rootFileDescriptor.mkdirSecure(memberPath, makeIntermediates: true) { fd in setFileAttributes(fd: fd.rawValue, entry: entry) } case .symbolicLink: guard let targetPath = (entry.symlinkTarget.map { FilePath($0) }) else { return false } var symlinkCreated = false try rootFileDescriptor.mkdirSecure(relativePath, makeIntermediates: true) { fd in // Remove existing entry if present (mimics containerd's "last entry wins" behavior) try? fd.unlinkRecursiveSecure(filename: lastComponent) guard symlinkat(targetPath.string, fd.rawValue, lastComponent.string) == 0 else { throw ArchiveError.failedToExtractArchive("failed to create symlink: \(targetPath) <- \(memberPath)") } symlinkCreated = true } return symlinkCreated default: return false } return true } catch let error as SecurePathError { // Just reject path validation errors, don't fail the extraction switch error { case .systemError: // Fail for system errors throw error case .invalidRelativePath, .invalidPathComponent, .cannotFollowSymlink: return false } } } private func setFileAttributes(fd: Int32, entry: WriteEntry) { fchmod(fd, entry.permissions) if let owner = entry.owner, let group = entry.group { fchown(fd, owner, group) } } private static func copyDataReaderToFd(dataReader: ArchiveEntryReader, fileFd: Int32, memberPath: FilePath) throws { var buffer = [UInt8](repeating: 0, count: ArchiveReader.chunkSize) while true { let bytesRead = buffer.withUnsafeMutableBufferPointer { bufferPtr in guard let baseAddress = bufferPtr.baseAddress else { return 0 } return dataReader.read(baseAddress, maxLength: bufferPtr.count) } if bytesRead < 0 { throw ArchiveError.failedToExtractArchive("failed to read data for: \(memberPath)") } if bytesRead == 0 { break // EOF } let bytesWritten = write(fileFd, buffer, bytesRead) guard bytesWritten == bytesRead else { throw ArchiveError.failedToExtractArchive("failed to write data for: \(memberPath)") } } } } ================================================ FILE: Sources/ContainerizationArchive/ArchiveWriter.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import CArchive import Foundation import SystemPackage /// A class responsible for writing archives in various formats. public final class ArchiveWriter { private static let chunkSize = 4 * 1024 * 1024 var underlying: OpaquePointer! /// Initialize a new `ArchiveWriter` with the given configuration. /// This method attempts to initialize an empty archive in memory, failing which it throws a `unableToCreateArchive` error. public init(configuration: ArchiveWriterConfiguration) throws { // because for some bizarre reason, UTF8 paths won't work unless this process explicitly sets a locale like en_US.UTF-8 try Self.attemptSetLocales(locales: configuration.locales) guard let underlying = archive_write_new() else { throw ArchiveError.unableToCreateArchive } self.underlying = underlying try setFormat(configuration.format) try addFilter(configuration.filter) try setOptions(configuration.options) } /// Initialize a new `ArchiveWriter` for writing into the specified file with the given configuration options. public convenience init(format: Format, filter: Filter, options: [Options] = [], locales: [String] = ArchiveWriterConfiguration.defaultLocales, file: URL) throws { let config = ArchiveWriterConfiguration( format: format, filter: filter, options: options, locales: locales ) try self.init(configuration: config) try self.open(file: file) } /// Opens the given file for writing data into public func open(file: URL) throws { guard let underlying = underlying else { throw ArchiveError.noUnderlyingArchive } let res = archive_write_open_filename(underlying, file.path) try wrap(res, ArchiveError.unableToOpenArchive, underlying: underlying) } /// Opens the given fd for writing data into public func open(fileDescriptor: Int32) throws { guard let underlying = underlying else { throw ArchiveError.noUnderlyingArchive } let res = archive_write_open_fd(underlying, fileDescriptor) try wrap(res, ArchiveError.unableToOpenArchive, underlying: underlying) } /// Performs any necessary finalizations on the archive and releases resources. public func finishEncoding() throws { if let u = underlying { let r = archive_free(u) do { try wrap(r, ArchiveError.unableToCloseArchive, underlying: underlying) underlying = nil } catch { underlying = nil throw error } } } deinit { if let u = underlying { archive_free(u) underlying = nil } } private static func attemptSetLocales(locales: [String]) throws { for locale in locales { if setlocale(LC_ALL, locale) != nil { return } } throw ArchiveError.failedToSetLocale(locales: locales) } } public class ArchiveWriterTransaction { private let writer: ArchiveWriter fileprivate init(writer: ArchiveWriter) { self.writer = writer } public func writeHeader(entry: WriteEntry) throws { try writer.writeHeader(entry: entry) } public func writeChunk(data: UnsafeRawBufferPointer) throws { try writer.writeData(data: data) } public func finish() throws { try writer.finishEntry() } } extension ArchiveWriter { public func makeTransactionWriter() -> ArchiveWriterTransaction { ArchiveWriterTransaction(writer: self) } /// Create a new entry in the archive with the given properties. /// - Parameters: /// - entry: A `WriteEntry` object describing the metadata of the entry to be created /// (e.g., name, modification date, permissions). /// - data: The `Data` object containing the content for the new entry. public func writeEntry(entry: WriteEntry, data: Data) throws { try data.withUnsafeBytes { bytes in try writeEntry(entry: entry, data: bytes) } } /// Creates a new entry in the archive with the given properties. /// /// This method performs the following: /// 1. Writes the archive header using the provided `WriteEntry` metadata. /// 2. Writes the content from the `UnsafeRawBufferPointer` into the archive. /// 3. Finalizes the entry in the archive. /// /// - Parameters: /// - entry: A `WriteEntry` object describing the metadata of the entry to be created /// (e.g., name, modification date, permissions, type). /// - data: An optional `UnsafeRawBufferPointer` containing the raw bytes for the new entry's /// content. Pass `nil` for entries that do not have content data (e.g., directories, symlinks). public func writeEntry(entry: WriteEntry, data: UnsafeRawBufferPointer?) throws { try writeHeader(entry: entry) if let data = data { try writeData(data: data) } try finishEntry() } fileprivate func writeHeader(entry: WriteEntry) throws { guard let underlying = self.underlying else { throw ArchiveError.noUnderlyingArchive } try wrap( archive_write_header(underlying, entry.underlying), ArchiveError.unableToWriteEntryHeader, underlying: underlying) } fileprivate func finishEntry() throws { guard let underlying = self.underlying else { throw ArchiveError.noUnderlyingArchive } archive_write_finish_entry(underlying) } fileprivate func writeData(data: UnsafeRawBufferPointer) throws { guard let underlying = self.underlying else { throw ArchiveError.noUnderlyingArchive } var offset = 0 while offset < data.count { guard let baseAddress = data.baseAddress?.advanced(by: offset) else { throw ArchiveError.invalidBaseAddressArchiveWrite } let result = archive_write_data(underlying, baseAddress, data.count - offset) guard result > 0 else { throw ArchiveError.unableToWriteData(result) } offset += Int(result) } } } extension ArchiveWriter { /// Recursively archives the content of a directory. Regular files, symlinks and directories are added into the archive. /// Note: Symlinks are added to the archive if both the source and target for the symlink are both contained in the top level directory. public func archiveDirectory(_ dir: URL) throws { let fm = FileManager.default let dirPath = FilePath(dir.path) guard let enumerator = fm.enumerator(atPath: dirPath.string) else { throw POSIXError(.ENOTDIR) } // Emit a leading "./" entry for the root directory, matching GNU/BSD tar behavior. var rootStat = stat() guard lstat(dirPath.string, &rootStat) == 0 else { let err = POSIXErrorCode(rawValue: errno) ?? .EINVAL throw ArchiveError.failedToCreateArchive("lstat failed for '\(dirPath)': \(POSIXError(err))") } let rootEntry = WriteEntry() rootEntry.path = "./" rootEntry.size = 0 rootEntry.fileType = .directory rootEntry.owner = rootStat.st_uid rootEntry.group = rootStat.st_gid rootEntry.permissions = rootStat.st_mode #if os(macOS) rootEntry.creationDate = Date(timeIntervalSince1970: Double(rootStat.st_ctimespec.tv_sec)) rootEntry.contentAccessDate = Date(timeIntervalSince1970: Double(rootStat.st_atimespec.tv_sec)) rootEntry.modificationDate = Date(timeIntervalSince1970: Double(rootStat.st_mtimespec.tv_sec)) #else rootEntry.creationDate = Date(timeIntervalSince1970: Double(rootStat.st_ctim.tv_sec)) rootEntry.contentAccessDate = Date(timeIntervalSince1970: Double(rootStat.st_atim.tv_sec)) rootEntry.modificationDate = Date(timeIntervalSince1970: Double(rootStat.st_mtim.tv_sec)) #endif try self.writeHeader(entry: rootEntry) for case let relativePath as String in enumerator { let fullPath = dirPath.appending(relativePath) var statInfo = stat() guard lstat(fullPath.string, &statInfo) == 0 else { let errNo = errno let err = POSIXErrorCode(rawValue: errNo) ?? .EINVAL throw ArchiveError.failedToCreateArchive("lstat failed for '\(fullPath)': \(POSIXError(err))") } let mode = statInfo.st_mode let uid = statInfo.st_uid let gid = statInfo.st_gid var size: Int64 = 0 let type: URLFileResourceType if (mode & S_IFMT) == S_IFREG { type = .regular size = Int64(statInfo.st_size) } else if (mode & S_IFMT) == S_IFDIR { type = .directory } else if (mode & S_IFMT) == S_IFLNK { type = .symbolicLink } else { continue } #if os(macOS) let created = Date(timeIntervalSince1970: Double(statInfo.st_ctimespec.tv_sec)) let access = Date(timeIntervalSince1970: Double(statInfo.st_atimespec.tv_sec)) let modified = Date(timeIntervalSince1970: Double(statInfo.st_mtimespec.tv_sec)) #else let created = Date(timeIntervalSince1970: Double(statInfo.st_ctim.tv_sec)) let access = Date(timeIntervalSince1970: Double(statInfo.st_atim.tv_sec)) let modified = Date(timeIntervalSince1970: Double(statInfo.st_mtim.tv_sec)) #endif let entry = WriteEntry() if type == .symbolicLink { let targetPath = try fm.destinationOfSymbolicLink(atPath: fullPath.string) // Resolve the target relative to the symlink's parent, not the archive root. let symlinkParent = fullPath.removingLastComponent() let resolvedFull = symlinkParent.appending(targetPath).lexicallyNormalized() guard resolvedFull.starts(with: dirPath) else { continue } entry.symlinkTarget = targetPath } entry.path = relativePath entry.size = size entry.creationDate = created entry.modificationDate = modified entry.contentAccessDate = access entry.fileType = type entry.group = gid entry.owner = uid entry.permissions = mode if type == .regular { let buf = UnsafeMutableRawBufferPointer.allocate(byteCount: Self.chunkSize, alignment: 1) guard let baseAddress = buf.baseAddress else { throw ArchiveError.failedToCreateArchive("cannot create temporary buffer of size \(Self.chunkSize)") } defer { buf.deallocate() } let fd = Foundation.open(fullPath.string, O_RDONLY) guard fd >= 0 else { let err = POSIXErrorCode(rawValue: errno) ?? .EINVAL throw ArchiveError.failedToCreateArchive("cannot open file \(fullPath.string) for reading: \(err)") } defer { close(fd) } try self.writeHeader(entry: entry) while true { let n = read(fd, baseAddress, Self.chunkSize) if n == 0 { break } if n < 0 { let err = POSIXErrorCode(rawValue: errno) ?? .EIO throw ArchiveError.failedToCreateArchive("failed to read from file \(fullPath.string): \(err)") } try self.writeData(data: UnsafeRawBufferPointer(start: baseAddress, count: n)) } try self.finishEntry() } else { try self.writeEntry(entry: entry, data: nil) } } } } ================================================ FILE: Sources/ContainerizationArchive/ArchiveWriterConfiguration.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import CArchive /// Represents the configuration settings for an `ArchiveWriter`. /// /// This struct allows specifying the archive format, compression filter, /// various format-specific options, and preferred locales for string encoding. public struct ArchiveWriterConfiguration { public static let defaultLocales = ["en_US.UTF-8", "C.UTF-8"] /// The desired archive format public var format: Format /// The compression filter to apply to the archive public var filter: Filter /// An array of format-specific options to apply to the archive. /// This includes options like compression level and extended attribute format. public var options: [Options] /// An array of preferred locale identifiers for string encoding public var locales: [String] /// Initializes a new `ArchiveWriterConfiguration`. /// /// Sets up the configuration with the specified format, filter, options, and locales. public init( format: Format, filter: Filter, options: [Options] = [], locales: [String] = Self.defaultLocales ) { self.format = format self.filter = filter self.options = options self.locales = locales } } extension ArchiveWriter { internal func setFormat(_ format: Format) throws { guard let underlying = self.underlying else { throw ArchiveError.noUnderlyingArchive } let r = archive_write_set_format(underlying, format.code) guard r == ARCHIVE_OK else { throw ArchiveError.unableToSetFormat(r, format) } } internal func addFilter(_ filter: Filter) throws { guard let underlying = self.underlying else { throw ArchiveError.noUnderlyingArchive } let r = archive_write_add_filter(underlying, filter.code) guard r == ARCHIVE_OK else { throw ArchiveError.unableToAddFilter(r, filter) } } internal func setOptions(_ options: [Options]) throws { try options.forEach { switch $0 { case .compressionLevel(let level): try wrap( archive_write_set_option(underlying, nil, "compression-level", "\(level)"), ArchiveError.unableToSetOption, underlying: self.underlying) case .compression(.store): try wrap( archive_write_set_option(underlying, nil, "compression", "store"), ArchiveError.unableToSetOption, underlying: self.underlying) case .compression(.deflate): try wrap( archive_write_set_option(underlying, nil, "compression", "deflate"), ArchiveError.unableToSetOption, underlying: self.underlying) case .xattrformat(let value): let v = value.description try wrap( archive_write_set_option(underlying, nil, "xattrheader", v), ArchiveError.unableToSetOption, underlying: self.underlying) } } } } public enum Options { case compressionLevel(UInt32) case compression(Compression) case xattrformat(XattrFormat) public enum Compression { case store case deflate } public enum XattrFormat: String, CustomStringConvertible { case schily case libarchive case all public var description: String { switch self { case .libarchive: return "LIBARCHIVE" case .schily: return "SCHILY" case .all: return "ALL" } } } } /// An enumeration of the supported archive formats. public enum Format: String, Sendable { /// POSIX-standard `ustar` archives case ustar case gnutar /// POSIX `pax interchange format` archives case pax case paxRestricted /// POSIX octet-oriented cpio archives case cpio case cpioNewc /// Zip archive case zip /// two different variants of shar archives case shar case sharDump /// ISO9660 CD images case iso9660 /// 7-Zip archives case sevenZip /// ar archives case arBSD case arGNU /// mtree file tree descriptions case mtree /// XAR archives case xar internal var code: CInt { switch self { case .ustar: return ARCHIVE_FORMAT_TAR_USTAR case .pax: return ARCHIVE_FORMAT_TAR_PAX_INTERCHANGE case .paxRestricted: return ARCHIVE_FORMAT_TAR_PAX_RESTRICTED case .gnutar: return ARCHIVE_FORMAT_TAR_GNUTAR case .cpio: return ARCHIVE_FORMAT_CPIO_POSIX case .cpioNewc: return ARCHIVE_FORMAT_CPIO_AFIO_LARGE case .zip: return ARCHIVE_FORMAT_ZIP case .shar: return ARCHIVE_FORMAT_SHAR_BASE case .sharDump: return ARCHIVE_FORMAT_SHAR_DUMP case .iso9660: return ARCHIVE_FORMAT_ISO9660 case .sevenZip: return ARCHIVE_FORMAT_7ZIP case .arBSD: return ARCHIVE_FORMAT_AR_BSD case .arGNU: return ARCHIVE_FORMAT_AR_GNU case .mtree: return ARCHIVE_FORMAT_MTREE case .xar: return ARCHIVE_FORMAT_XAR } } } /// An enumeration of the supported filters (compression / encoding standards) for an archive. public enum Filter: String, Sendable { case none case gzip case bzip2 case compress case lzma case xz case uu case rpm case lzip case lrzip case lzop case grzip case lz4 case zstd internal var code: CInt { switch self { case .none: return ARCHIVE_FILTER_NONE case .gzip: return ARCHIVE_FILTER_GZIP case .bzip2: return ARCHIVE_FILTER_BZIP2 case .compress: return ARCHIVE_FILTER_COMPRESS case .lzma: return ARCHIVE_FILTER_LZMA case .xz: return ARCHIVE_FILTER_XZ case .uu: return ARCHIVE_FILTER_UU case .rpm: return ARCHIVE_FILTER_RPM case .lzip: return ARCHIVE_FILTER_LZIP case .lrzip: return ARCHIVE_FILTER_LRZIP case .lzop: return ARCHIVE_FILTER_LZOP case .grzip: return ARCHIVE_FILTER_GRZIP case .lz4: return ARCHIVE_FILTER_LZ4 case .zstd: return ARCHIVE_FILTER_ZSTD } } } ================================================ FILE: Sources/ContainerizationArchive/CArchive/COPYING ================================================ The libarchive distribution as a whole is Copyright by Tim Kientzle and is subject to the copyright notice reproduced at the bottom of this file. Each individual file in this distribution should have a clear copyright/licensing statement at the beginning of the file. If any do not, please let me know and I will rectify it. The following is intended to summarize the copyright status of the individual files; the actual statements in the files are controlling. * Except as listed below, all C sources (including .c and .h files) and documentation files are subject to the copyright notice reproduced at the bottom of this file. * The following source files are also subject in whole or in part to a 3-clause UC Regents copyright; please read the individual source files for details: libarchive/archive_read_support_filter_compress.c libarchive/archive_write_add_filter_compress.c libarchive/mtree.5 * The following source files are in the public domain: libarchive/archive_getdate.c * The following source files are triple-licensed with the ability to choose from CC0 1.0 Universal, OpenSSL or Apache 2.0 licenses: libarchive/archive_blake2.h libarchive/archive_blake2_impl.h libarchive/archive_blake2s_ref.c libarchive/archive_blake2sp_ref.c * The build files---including Makefiles, configure scripts, and auxiliary scripts used as part of the compile process---have widely varying licensing terms. Please check individual files before distributing them to see if those restrictions apply to you. I intend for all new source code to use the license below and hope over time to replace code with other licenses with new implementations that do use the license below. The varying licensing of the build scripts seems to be an unavoidable mess. Copyright (c) 2003-2018 All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer in this position and unchanged. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ================================================ FILE: Sources/ContainerizationArchive/CArchive/archive_swift_bridge.c ================================================ /* * Copyright © 2025-2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include "archive_bridge.h" #include #include #include void archive_set_error_wrapper(struct archive *a, int error_number, const char *error_string) { archive_set_error(a, error_number, "%s", error_string); } int zstd_decompress_fd(int src_fd, int dst_fd) { ZSTD_DStream *dstream = ZSTD_createDStream(); if (!dstream) return 1; size_t init_result = ZSTD_initDStream(dstream); if (ZSTD_isError(init_result)) { ZSTD_freeDStream(dstream); return 1; } size_t in_size = ZSTD_DStreamInSize(); size_t out_size = ZSTD_DStreamOutSize(); void *in_buf = malloc(in_size); void *out_buf = malloc(out_size); if (!in_buf || !out_buf) { free(in_buf); free(out_buf); ZSTD_freeDStream(dstream); return 1; } int rc = 0; ssize_t bytes_read; while ((bytes_read = read(src_fd, in_buf, in_size)) > 0) { ZSTD_inBuffer input = { in_buf, (size_t)bytes_read, 0 }; while (input.pos < input.size) { ZSTD_outBuffer output = { out_buf, out_size, 0 }; size_t result = ZSTD_decompressStream(dstream, &output, &input); if (ZSTD_isError(result)) { rc = 1; goto done; } if (output.pos > 0) { ssize_t written = write(dst_fd, out_buf, output.pos); if (written != (ssize_t)output.pos) { rc = 1; goto done; } } } } if (bytes_read < 0) rc = 1; done: free(in_buf); free(out_buf); ZSTD_freeDStream(dstream); return rc; } ================================================ FILE: Sources/ContainerizationArchive/CArchive/include/archive.h ================================================ /*- * Copyright (c) 2003-2010 Tim Kientzle * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef ARCHIVE_H_INCLUDED #define ARCHIVE_H_INCLUDED /* * The version number is expressed as a single integer that makes it * easy to compare versions at build time: for version a.b.c, the * version number is printf("%d%03d%03d",a,b,c). For example, if you * know your application requires version 2.12.108 or later, you can * assert that ARCHIVE_VERSION_NUMBER >= 2012108. */ /* Note: Compiler will complain if this does not match archive_entry.h! */ #define ARCHIVE_VERSION_NUMBER 3007007 #include #include /* for wchar_t */ #include /* For FILE * */ #include /* For time_t */ /* * Note: archive.h is for use outside of libarchive; the configuration * headers (config.h, archive_platform.h, etc.) are purely internal. * Do NOT use HAVE_XXX configuration macros to control the behavior of * this header! If you must conditionalize, use predefined compiler and/or * platform macros. */ #if defined(__BORLANDC__) && __BORLANDC__ >= 0x560 # include #elif !defined(__WATCOMC__) && !defined(_MSC_VER) && !defined(__INTERIX) && !defined(__BORLANDC__) && !defined(_SCO_DS) && !defined(__osf__) && !defined(__CLANG_INTTYPES_H) # include #endif /* Get appropriate definitions of 64-bit integer */ #if !defined(__LA_INT64_T_DEFINED) /* Older code relied on the __LA_INT64_T macro; after 4.0 we'll switch to the typedef exclusively. */ # if ARCHIVE_VERSION_NUMBER < 4000000 #define __LA_INT64_T la_int64_t # endif #define __LA_INT64_T_DEFINED # if defined(_WIN32) && !defined(__CYGWIN__) && !defined(__WATCOMC__) typedef __int64 la_int64_t; # else # include /* ssize_t */ # if defined(_SCO_DS) || defined(__osf__) typedef long long la_int64_t; # else typedef int64_t la_int64_t; # endif # endif #endif /* The la_ssize_t should match the type used in 'struct stat' */ #if !defined(__LA_SSIZE_T_DEFINED) /* Older code relied on the __LA_SSIZE_T macro; after 4.0 we'll switch to the typedef exclusively. */ # if ARCHIVE_VERSION_NUMBER < 4000000 #define __LA_SSIZE_T la_ssize_t # endif #define __LA_SSIZE_T_DEFINED # if defined(_WIN32) && !defined(__CYGWIN__) && !defined(__WATCOMC__) # if defined(_SSIZE_T_DEFINED) || defined(_SSIZE_T_) typedef ssize_t la_ssize_t; # elif defined(_WIN64) typedef __int64 la_ssize_t; # else typedef long la_ssize_t; # endif # else # include /* ssize_t */ typedef ssize_t la_ssize_t; # endif #endif /* Large file support for Android */ #if defined(__LIBARCHIVE_BUILD) && defined(__ANDROID__) #include "android_lf.h" #endif /* * On Windows, define LIBARCHIVE_STATIC if you're building or using a * .lib. The default here assumes you're building a DLL. Only * libarchive source should ever define __LIBARCHIVE_BUILD. */ #if ((defined __WIN32__) || (defined _WIN32) || defined(__CYGWIN__)) && (!defined LIBARCHIVE_STATIC) # ifdef __LIBARCHIVE_BUILD # ifdef __GNUC__ # define __LA_DECL __attribute__((dllexport)) extern # else # define __LA_DECL __declspec(dllexport) # endif # else # ifdef __GNUC__ # define __LA_DECL # else # define __LA_DECL __declspec(dllimport) # endif # endif #elif defined __LIBARCHIVE_ENABLE_VISIBILITY # define __LA_DECL __attribute__((visibility("default"))) #else /* Static libraries or non-Windows needs no special declaration. */ # define __LA_DECL #endif #if defined(__GNUC__) && __GNUC__ >= 3 && !defined(__MINGW32__) #define __LA_PRINTF(fmtarg, firstvararg) \ __attribute__((__format__ (__printf__, fmtarg, firstvararg))) #else #define __LA_PRINTF(fmtarg, firstvararg) /* nothing */ #endif #if defined(__GNUC__) && __GNUC__ >= 3 && __GNUC_MINOR__ >= 1 # define __LA_DEPRECATED __attribute__((deprecated)) #else # define __LA_DEPRECATED #endif #ifdef __cplusplus extern "C" { #endif /* * The version number is provided as both a macro and a function. * The macro identifies the installed header; the function identifies * the library version (which may not be the same if you're using a * dynamically-linked version of the library). Of course, if the * header and library are very different, you should expect some * strangeness. Don't do that. */ __LA_DECL int archive_version_number(void); /* * Textual name/version of the library, useful for version displays. */ #define ARCHIVE_VERSION_ONLY_STRING "3.7.7" #define ARCHIVE_VERSION_STRING "libarchive " ARCHIVE_VERSION_ONLY_STRING __LA_DECL const char * archive_version_string(void); /* * Detailed textual name/version of the library and its dependencies. * This has the form: * "libarchive x.y.z zlib/a.b.c liblzma/d.e.f ... etc ..." * the list of libraries described here will vary depending on how * libarchive was compiled. */ __LA_DECL const char * archive_version_details(void); /* * Returns NULL if libarchive was compiled without the associated library. * Otherwise, returns the version number that libarchive was compiled * against. */ __LA_DECL const char * archive_zlib_version(void); __LA_DECL const char * archive_liblzma_version(void); __LA_DECL const char * archive_bzlib_version(void); __LA_DECL const char * archive_liblz4_version(void); __LA_DECL const char * archive_libzstd_version(void); /* Declare our basic types. */ struct archive; struct archive_entry; /* * Error codes: Use archive_errno() and archive_error_string() * to retrieve details. Unless specified otherwise, all functions * that return 'int' use these codes. */ #define ARCHIVE_EOF 1 /* Found end of archive. */ #define ARCHIVE_OK 0 /* Operation was successful. */ #define ARCHIVE_RETRY (-10) /* Retry might succeed. */ #define ARCHIVE_WARN (-20) /* Partial success. */ /* For example, if write_header "fails", then you can't push data. */ #define ARCHIVE_FAILED (-25) /* Current operation cannot complete. */ /* But if write_header is "fatal," then this archive is dead and useless. */ #define ARCHIVE_FATAL (-30) /* No more operations are possible. */ /* * As far as possible, archive_errno returns standard platform errno codes. * Of course, the details vary by platform, so the actual definitions * here are stored in "archive_platform.h". The symbols are listed here * for reference; as a rule, clients should not need to know the exact * platform-dependent error code. */ /* Unrecognized or invalid file format. */ /* #define ARCHIVE_ERRNO_FILE_FORMAT */ /* Illegal usage of the library. */ /* #define ARCHIVE_ERRNO_PROGRAMMER_ERROR */ /* Unknown or unclassified error. */ /* #define ARCHIVE_ERRNO_MISC */ /* * Callbacks are invoked to automatically read/skip/write/open/close the * archive. You can provide your own for complex tasks (like breaking * archives across multiple tapes) or use standard ones built into the * library. */ /* Returns pointer and size of next block of data from archive. */ typedef la_ssize_t archive_read_callback(struct archive *, void *_client_data, const void **_buffer); /* Skips at most request bytes from archive and returns the skipped amount. * This may skip fewer bytes than requested; it may even skip zero bytes. * If you do skip fewer bytes than requested, libarchive will invoke your * read callback and discard data as necessary to make up the full skip. */ typedef la_int64_t archive_skip_callback(struct archive *, void *_client_data, la_int64_t request); /* Seeks to specified location in the file and returns the position. * Whence values are SEEK_SET, SEEK_CUR, SEEK_END from stdio.h. * Return ARCHIVE_FATAL if the seek fails for any reason. */ typedef la_int64_t archive_seek_callback(struct archive *, void *_client_data, la_int64_t offset, int whence); /* Returns size actually written, zero on EOF, -1 on error. */ typedef la_ssize_t archive_write_callback(struct archive *, void *_client_data, const void *_buffer, size_t _length); typedef int archive_open_callback(struct archive *, void *_client_data); typedef int archive_close_callback(struct archive *, void *_client_data); typedef int archive_free_callback(struct archive *, void *_client_data); /* Switches from one client data object to the next/prev client data object. * This is useful for reading from different data blocks such as a set of files * that make up one large file. */ typedef int archive_switch_callback(struct archive *, void *_client_data1, void *_client_data2); /* * Returns a passphrase used for encryption or decryption, NULL on nothing * to do and give it up. */ typedef const char *archive_passphrase_callback(struct archive *, void *_client_data); /* * Codes to identify various stream filters. */ #define ARCHIVE_FILTER_NONE 0 #define ARCHIVE_FILTER_GZIP 1 #define ARCHIVE_FILTER_BZIP2 2 #define ARCHIVE_FILTER_COMPRESS 3 #define ARCHIVE_FILTER_PROGRAM 4 #define ARCHIVE_FILTER_LZMA 5 #define ARCHIVE_FILTER_XZ 6 #define ARCHIVE_FILTER_UU 7 #define ARCHIVE_FILTER_RPM 8 #define ARCHIVE_FILTER_LZIP 9 #define ARCHIVE_FILTER_LRZIP 10 #define ARCHIVE_FILTER_LZOP 11 #define ARCHIVE_FILTER_GRZIP 12 #define ARCHIVE_FILTER_LZ4 13 #define ARCHIVE_FILTER_ZSTD 14 #if ARCHIVE_VERSION_NUMBER < 4000000 #define ARCHIVE_COMPRESSION_NONE ARCHIVE_FILTER_NONE #define ARCHIVE_COMPRESSION_GZIP ARCHIVE_FILTER_GZIP #define ARCHIVE_COMPRESSION_BZIP2 ARCHIVE_FILTER_BZIP2 #define ARCHIVE_COMPRESSION_COMPRESS ARCHIVE_FILTER_COMPRESS #define ARCHIVE_COMPRESSION_PROGRAM ARCHIVE_FILTER_PROGRAM #define ARCHIVE_COMPRESSION_LZMA ARCHIVE_FILTER_LZMA #define ARCHIVE_COMPRESSION_XZ ARCHIVE_FILTER_XZ #define ARCHIVE_COMPRESSION_UU ARCHIVE_FILTER_UU #define ARCHIVE_COMPRESSION_RPM ARCHIVE_FILTER_RPM #define ARCHIVE_COMPRESSION_LZIP ARCHIVE_FILTER_LZIP #define ARCHIVE_COMPRESSION_LRZIP ARCHIVE_FILTER_LRZIP #endif /* * Codes returned by archive_format. * * Top 16 bits identifies the format family (e.g., "tar"); lower * 16 bits indicate the variant. This is updated by read_next_header. * Note that the lower 16 bits will often vary from entry to entry. * In some cases, this variation occurs as libarchive learns more about * the archive (for example, later entries might utilize extensions that * weren't necessary earlier in the archive; in this case, libarchive * will change the format code to indicate the extended format that * was used). In other cases, it's because different tools have * modified the archive and so different parts of the archive * actually have slightly different formats. (Both tar and cpio store * format codes in each entry, so it is quite possible for each * entry to be in a different format.) */ #define ARCHIVE_FORMAT_BASE_MASK 0xff0000 #define ARCHIVE_FORMAT_CPIO 0x10000 #define ARCHIVE_FORMAT_CPIO_POSIX (ARCHIVE_FORMAT_CPIO | 1) #define ARCHIVE_FORMAT_CPIO_BIN_LE (ARCHIVE_FORMAT_CPIO | 2) #define ARCHIVE_FORMAT_CPIO_BIN_BE (ARCHIVE_FORMAT_CPIO | 3) #define ARCHIVE_FORMAT_CPIO_SVR4_NOCRC (ARCHIVE_FORMAT_CPIO | 4) #define ARCHIVE_FORMAT_CPIO_SVR4_CRC (ARCHIVE_FORMAT_CPIO | 5) #define ARCHIVE_FORMAT_CPIO_AFIO_LARGE (ARCHIVE_FORMAT_CPIO | 6) #define ARCHIVE_FORMAT_CPIO_PWB (ARCHIVE_FORMAT_CPIO | 7) #define ARCHIVE_FORMAT_SHAR 0x20000 #define ARCHIVE_FORMAT_SHAR_BASE (ARCHIVE_FORMAT_SHAR | 1) #define ARCHIVE_FORMAT_SHAR_DUMP (ARCHIVE_FORMAT_SHAR | 2) #define ARCHIVE_FORMAT_TAR 0x30000 #define ARCHIVE_FORMAT_TAR_USTAR (ARCHIVE_FORMAT_TAR | 1) #define ARCHIVE_FORMAT_TAR_PAX_INTERCHANGE (ARCHIVE_FORMAT_TAR | 2) #define ARCHIVE_FORMAT_TAR_PAX_RESTRICTED (ARCHIVE_FORMAT_TAR | 3) #define ARCHIVE_FORMAT_TAR_GNUTAR (ARCHIVE_FORMAT_TAR | 4) #define ARCHIVE_FORMAT_ISO9660 0x40000 #define ARCHIVE_FORMAT_ISO9660_ROCKRIDGE (ARCHIVE_FORMAT_ISO9660 | 1) #define ARCHIVE_FORMAT_ZIP 0x50000 #define ARCHIVE_FORMAT_EMPTY 0x60000 #define ARCHIVE_FORMAT_AR 0x70000 #define ARCHIVE_FORMAT_AR_GNU (ARCHIVE_FORMAT_AR | 1) #define ARCHIVE_FORMAT_AR_BSD (ARCHIVE_FORMAT_AR | 2) #define ARCHIVE_FORMAT_MTREE 0x80000 #define ARCHIVE_FORMAT_RAW 0x90000 #define ARCHIVE_FORMAT_XAR 0xA0000 #define ARCHIVE_FORMAT_LHA 0xB0000 #define ARCHIVE_FORMAT_CAB 0xC0000 #define ARCHIVE_FORMAT_RAR 0xD0000 #define ARCHIVE_FORMAT_7ZIP 0xE0000 #define ARCHIVE_FORMAT_WARC 0xF0000 #define ARCHIVE_FORMAT_RAR_V5 0x100000 /* * Codes returned by archive_read_format_capabilities(). * * This list can be extended with values between 0 and 0xffff. * The original purpose of this list was to let different archive * format readers expose their general capabilities in terms of * encryption. */ #define ARCHIVE_READ_FORMAT_CAPS_NONE (0) /* no special capabilities */ #define ARCHIVE_READ_FORMAT_CAPS_ENCRYPT_DATA (1<<0) /* reader can detect encrypted data */ #define ARCHIVE_READ_FORMAT_CAPS_ENCRYPT_METADATA (1<<1) /* reader can detect encryptable metadata (pathname, mtime, etc.) */ /* * Codes returned by archive_read_has_encrypted_entries(). * * In case the archive does not support encryption detection at all * ARCHIVE_READ_FORMAT_ENCRYPTION_UNSUPPORTED is returned. If the reader * for some other reason (e.g. not enough bytes read) cannot say if * there are encrypted entries, ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW * is returned. */ #define ARCHIVE_READ_FORMAT_ENCRYPTION_UNSUPPORTED -2 #define ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW -1 /*- * Basic outline for reading an archive: * 1) Ask archive_read_new for an archive reader object. * 2) Update any global properties as appropriate. * In particular, you'll certainly want to call appropriate * archive_read_support_XXX functions. * 3) Call archive_read_open_XXX to open the archive * 4) Repeatedly call archive_read_next_header to get information about * successive archive entries. Call archive_read_data to extract * data for entries of interest. * 5) Call archive_read_free to end processing. */ __LA_DECL struct archive *archive_read_new(void); /* * The archive_read_support_XXX calls enable auto-detect for this * archive handle. They also link in the necessary support code. * For example, if you don't want bzlib linked in, don't invoke * support_compression_bzip2(). The "all" functions provide the * obvious shorthand. */ #if ARCHIVE_VERSION_NUMBER < 4000000 __LA_DECL int archive_read_support_compression_all(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_read_support_compression_bzip2(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_read_support_compression_compress(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_read_support_compression_gzip(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_read_support_compression_lzip(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_read_support_compression_lzma(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_read_support_compression_none(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_read_support_compression_program(struct archive *, const char *command) __LA_DEPRECATED; __LA_DECL int archive_read_support_compression_program_signature (struct archive *, const char *, const void * /* match */, size_t) __LA_DEPRECATED; __LA_DECL int archive_read_support_compression_rpm(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_read_support_compression_uu(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_read_support_compression_xz(struct archive *) __LA_DEPRECATED; #endif __LA_DECL int archive_read_support_filter_all(struct archive *); __LA_DECL int archive_read_support_filter_by_code(struct archive *, int); __LA_DECL int archive_read_support_filter_bzip2(struct archive *); __LA_DECL int archive_read_support_filter_compress(struct archive *); __LA_DECL int archive_read_support_filter_gzip(struct archive *); __LA_DECL int archive_read_support_filter_grzip(struct archive *); __LA_DECL int archive_read_support_filter_lrzip(struct archive *); __LA_DECL int archive_read_support_filter_lz4(struct archive *); __LA_DECL int archive_read_support_filter_lzip(struct archive *); __LA_DECL int archive_read_support_filter_lzma(struct archive *); __LA_DECL int archive_read_support_filter_lzop(struct archive *); __LA_DECL int archive_read_support_filter_none(struct archive *); __LA_DECL int archive_read_support_filter_program(struct archive *, const char *command); __LA_DECL int archive_read_support_filter_program_signature (struct archive *, const char * /* cmd */, const void * /* match */, size_t); __LA_DECL int archive_read_support_filter_rpm(struct archive *); __LA_DECL int archive_read_support_filter_uu(struct archive *); __LA_DECL int archive_read_support_filter_xz(struct archive *); __LA_DECL int archive_read_support_filter_zstd(struct archive *); __LA_DECL int archive_read_support_format_7zip(struct archive *); __LA_DECL int archive_read_support_format_all(struct archive *); __LA_DECL int archive_read_support_format_ar(struct archive *); __LA_DECL int archive_read_support_format_by_code(struct archive *, int); __LA_DECL int archive_read_support_format_cab(struct archive *); __LA_DECL int archive_read_support_format_cpio(struct archive *); __LA_DECL int archive_read_support_format_empty(struct archive *); __LA_DECL int archive_read_support_format_gnutar(struct archive *); __LA_DECL int archive_read_support_format_iso9660(struct archive *); __LA_DECL int archive_read_support_format_lha(struct archive *); __LA_DECL int archive_read_support_format_mtree(struct archive *); __LA_DECL int archive_read_support_format_rar(struct archive *); __LA_DECL int archive_read_support_format_rar5(struct archive *); __LA_DECL int archive_read_support_format_raw(struct archive *); __LA_DECL int archive_read_support_format_tar(struct archive *); __LA_DECL int archive_read_support_format_warc(struct archive *); __LA_DECL int archive_read_support_format_xar(struct archive *); /* archive_read_support_format_zip() enables both streamable and seekable * zip readers. */ __LA_DECL int archive_read_support_format_zip(struct archive *); /* Reads Zip archives as stream from beginning to end. Doesn't * correctly handle SFX ZIP files or ZIP archives that have been modified * in-place. */ __LA_DECL int archive_read_support_format_zip_streamable(struct archive *); /* Reads starting from central directory; requires seekable input. */ __LA_DECL int archive_read_support_format_zip_seekable(struct archive *); /* Functions to manually set the format and filters to be used. This is * useful to bypass the bidding process when the format and filters to use * is known in advance. */ __LA_DECL int archive_read_set_format(struct archive *, int); __LA_DECL int archive_read_append_filter(struct archive *, int); __LA_DECL int archive_read_append_filter_program(struct archive *, const char *); __LA_DECL int archive_read_append_filter_program_signature (struct archive *, const char *, const void * /* match */, size_t); /* Set various callbacks. */ __LA_DECL int archive_read_set_open_callback(struct archive *, archive_open_callback *); __LA_DECL int archive_read_set_read_callback(struct archive *, archive_read_callback *); __LA_DECL int archive_read_set_seek_callback(struct archive *, archive_seek_callback *); __LA_DECL int archive_read_set_skip_callback(struct archive *, archive_skip_callback *); __LA_DECL int archive_read_set_close_callback(struct archive *, archive_close_callback *); /* Callback used to switch between one data object to the next */ __LA_DECL int archive_read_set_switch_callback(struct archive *, archive_switch_callback *); /* This sets the first data object. */ __LA_DECL int archive_read_set_callback_data(struct archive *, void *); /* This sets data object at specified index */ __LA_DECL int archive_read_set_callback_data2(struct archive *, void *, unsigned int); /* This adds a data object at the specified index. */ __LA_DECL int archive_read_add_callback_data(struct archive *, void *, unsigned int); /* This appends a data object to the end of list */ __LA_DECL int archive_read_append_callback_data(struct archive *, void *); /* This prepends a data object to the beginning of list */ __LA_DECL int archive_read_prepend_callback_data(struct archive *, void *); /* Opening freezes the callbacks. */ __LA_DECL int archive_read_open1(struct archive *); /* Convenience wrappers around the above. */ __LA_DECL int archive_read_open(struct archive *, void *_client_data, archive_open_callback *, archive_read_callback *, archive_close_callback *); __LA_DECL int archive_read_open2(struct archive *, void *_client_data, archive_open_callback *, archive_read_callback *, archive_skip_callback *, archive_close_callback *); /* * A variety of shortcuts that invoke archive_read_open() with * canned callbacks suitable for common situations. The ones that * accept a block size handle tape blocking correctly. */ /* Use this if you know the filename. Note: NULL indicates stdin. */ __LA_DECL int archive_read_open_filename(struct archive *, const char *_filename, size_t _block_size); /* Use this for reading multivolume files by filenames. * NOTE: Must be NULL terminated. Sorting is NOT done. */ __LA_DECL int archive_read_open_filenames(struct archive *, const char **_filenames, size_t _block_size); __LA_DECL int archive_read_open_filename_w(struct archive *, const wchar_t *_filename, size_t _block_size); #if defined(_WIN32) && !defined(__CYGWIN__) __LA_DECL int archive_read_open_filenames_w(struct archive *, const wchar_t **_filenames, size_t _block_size); #endif /* archive_read_open_file() is a deprecated synonym for ..._open_filename(). */ __LA_DECL int archive_read_open_file(struct archive *, const char *_filename, size_t _block_size) __LA_DEPRECATED; /* Read an archive that's stored in memory. */ __LA_DECL int archive_read_open_memory(struct archive *, const void * buff, size_t size); /* A more involved version that is only used for internal testing. */ __LA_DECL int archive_read_open_memory2(struct archive *a, const void *buff, size_t size, size_t read_size); /* Read an archive that's already open, using the file descriptor. */ __LA_DECL int archive_read_open_fd(struct archive *, int _fd, size_t _block_size); /* Read an archive that's already open, using a FILE *. */ /* Note: DO NOT use this with tape drives. */ __LA_DECL int archive_read_open_FILE(struct archive *, FILE *_file); /* Parses and returns next entry header. */ __LA_DECL int archive_read_next_header(struct archive *, struct archive_entry **); /* Parses and returns next entry header using the archive_entry passed in */ __LA_DECL int archive_read_next_header2(struct archive *, struct archive_entry *); /* * Retrieve the byte offset in UNCOMPRESSED data where last-read * header started. */ __LA_DECL la_int64_t archive_read_header_position(struct archive *); /* * Returns 1 if the archive contains at least one encrypted entry. * If the archive format not support encryption at all * ARCHIVE_READ_FORMAT_ENCRYPTION_UNSUPPORTED is returned. * If for any other reason (e.g. not enough data read so far) * we cannot say whether there are encrypted entries, then * ARCHIVE_READ_FORMAT_ENCRYPTION_DONT_KNOW is returned. * In general, this function will return values below zero when the * reader is uncertain or totally incapable of encryption support. * When this function returns 0 you can be sure that the reader * supports encryption detection but no encrypted entries have * been found yet. * * NOTE: If the metadata/header of an archive is also encrypted, you * cannot rely on the number of encrypted entries. That is why this * function does not return the number of encrypted entries but# * just shows that there are some. */ __LA_DECL int archive_read_has_encrypted_entries(struct archive *); /* * Returns a bitmask of capabilities that are supported by the archive format reader. * If the reader has no special capabilities, ARCHIVE_READ_FORMAT_CAPS_NONE is returned. */ __LA_DECL int archive_read_format_capabilities(struct archive *); /* Read data from the body of an entry. Similar to read(2). */ __LA_DECL la_ssize_t archive_read_data(struct archive *, void *, size_t); /* Seek within the body of an entry. Similar to lseek(2). */ __LA_DECL la_int64_t archive_seek_data(struct archive *, la_int64_t, int); /* * A zero-copy version of archive_read_data that also exposes the file offset * of each returned block. Note that the client has no way to specify * the desired size of the block. The API does guarantee that offsets will * be strictly increasing and that returned blocks will not overlap. */ __LA_DECL int archive_read_data_block(struct archive *a, const void **buff, size_t *size, la_int64_t *offset); /*- * Some convenience functions that are built on archive_read_data: * 'skip': skips entire entry * 'into_buffer': writes data into memory buffer that you provide * 'into_fd': writes data to specified filedes */ __LA_DECL int archive_read_data_skip(struct archive *); __LA_DECL int archive_read_data_into_fd(struct archive *, int fd); /* * Set read options. */ /* Apply option to the format only. */ __LA_DECL int archive_read_set_format_option(struct archive *_a, const char *m, const char *o, const char *v); /* Apply option to the filter only. */ __LA_DECL int archive_read_set_filter_option(struct archive *_a, const char *m, const char *o, const char *v); /* Apply option to both the format and the filter. */ __LA_DECL int archive_read_set_option(struct archive *_a, const char *m, const char *o, const char *v); /* Apply option string to both the format and the filter. */ __LA_DECL int archive_read_set_options(struct archive *_a, const char *opts); /* * Add a decryption passphrase. */ __LA_DECL int archive_read_add_passphrase(struct archive *, const char *); __LA_DECL int archive_read_set_passphrase_callback(struct archive *, void *client_data, archive_passphrase_callback *); /*- * Convenience function to recreate the current entry (whose header * has just been read) on disk. * * This does quite a bit more than just copy data to disk. It also: * - Creates intermediate directories as required. * - Manages directory permissions: non-writable directories will * be initially created with write permission enabled; when the * archive is closed, dir permissions are edited to the values specified * in the archive. * - Checks hardlinks: hardlinks will not be extracted unless the * linked-to file was also extracted within the same session. (TODO) */ /* The "flags" argument selects optional behavior, 'OR' the flags you want. */ /* Default: Do not try to set owner/group. */ #define ARCHIVE_EXTRACT_OWNER (0x0001) /* Default: Do obey umask, do not restore SUID/SGID/SVTX bits. */ #define ARCHIVE_EXTRACT_PERM (0x0002) /* Default: Do not restore mtime/atime. */ #define ARCHIVE_EXTRACT_TIME (0x0004) /* Default: Replace existing files. */ #define ARCHIVE_EXTRACT_NO_OVERWRITE (0x0008) /* Default: Try create first, unlink only if create fails with EEXIST. */ #define ARCHIVE_EXTRACT_UNLINK (0x0010) /* Default: Do not restore ACLs. */ #define ARCHIVE_EXTRACT_ACL (0x0020) /* Default: Do not restore fflags. */ #define ARCHIVE_EXTRACT_FFLAGS (0x0040) /* Default: Do not restore xattrs. */ #define ARCHIVE_EXTRACT_XATTR (0x0080) /* Default: Do not try to guard against extracts redirected by symlinks. */ /* Note: With ARCHIVE_EXTRACT_UNLINK, will remove any intermediate symlink. */ #define ARCHIVE_EXTRACT_SECURE_SYMLINKS (0x0100) /* Default: Do not reject entries with '..' as path elements. */ #define ARCHIVE_EXTRACT_SECURE_NODOTDOT (0x0200) /* Default: Create parent directories as needed. */ #define ARCHIVE_EXTRACT_NO_AUTODIR (0x0400) /* Default: Overwrite files, even if one on disk is newer. */ #define ARCHIVE_EXTRACT_NO_OVERWRITE_NEWER (0x0800) /* Detect blocks of 0 and write holes instead. */ #define ARCHIVE_EXTRACT_SPARSE (0x1000) /* Default: Do not restore Mac extended metadata. */ /* This has no effect except on Mac OS. */ #define ARCHIVE_EXTRACT_MAC_METADATA (0x2000) /* Default: Use HFS+ compression if it was compressed. */ /* This has no effect except on Mac OS v10.6 or later. */ #define ARCHIVE_EXTRACT_NO_HFS_COMPRESSION (0x4000) /* Default: Do not use HFS+ compression if it was not compressed. */ /* This has no effect except on Mac OS v10.6 or later. */ #define ARCHIVE_EXTRACT_HFS_COMPRESSION_FORCED (0x8000) /* Default: Do not reject entries with absolute paths */ #define ARCHIVE_EXTRACT_SECURE_NOABSOLUTEPATHS (0x10000) /* Default: Do not clear no-change flags when unlinking object */ #define ARCHIVE_EXTRACT_CLEAR_NOCHANGE_FFLAGS (0x20000) /* Default: Do not extract atomically (using rename) */ #define ARCHIVE_EXTRACT_SAFE_WRITES (0x40000) __LA_DECL int archive_read_extract(struct archive *, struct archive_entry *, int flags); __LA_DECL int archive_read_extract2(struct archive *, struct archive_entry *, struct archive * /* dest */); __LA_DECL void archive_read_extract_set_progress_callback(struct archive *, void (*_progress_func)(void *), void *_user_data); /* Record the dev/ino of a file that will not be written. This is * generally set to the dev/ino of the archive being read. */ __LA_DECL void archive_read_extract_set_skip_file(struct archive *, la_int64_t, la_int64_t); /* Close the file and release most resources. */ __LA_DECL int archive_read_close(struct archive *); /* Release all resources and destroy the object. */ /* Note that archive_read_free will call archive_read_close for you. */ __LA_DECL int archive_read_free(struct archive *); #if ARCHIVE_VERSION_NUMBER < 4000000 /* Synonym for archive_read_free() for backwards compatibility. */ __LA_DECL int archive_read_finish(struct archive *) __LA_DEPRECATED; #endif /*- * To create an archive: * 1) Ask archive_write_new for an archive writer object. * 2) Set any global properties. In particular, you should set * the compression and format to use. * 3) Call archive_write_open to open the file (most people * will use archive_write_open_file or archive_write_open_fd, * which provide convenient canned I/O callbacks for you). * 4) For each entry: * - construct an appropriate struct archive_entry structure * - archive_write_header to write the header * - archive_write_data to write the entry data * 5) archive_write_close to close the output * 6) archive_write_free to cleanup the writer and release resources */ __LA_DECL struct archive *archive_write_new(void); __LA_DECL int archive_write_set_bytes_per_block(struct archive *, int bytes_per_block); __LA_DECL int archive_write_get_bytes_per_block(struct archive *); /* XXX This is badly misnamed; suggestions appreciated. XXX */ __LA_DECL int archive_write_set_bytes_in_last_block(struct archive *, int bytes_in_last_block); __LA_DECL int archive_write_get_bytes_in_last_block(struct archive *); /* The dev/ino of a file that won't be archived. This is used * to avoid recursively adding an archive to itself. */ __LA_DECL int archive_write_set_skip_file(struct archive *, la_int64_t, la_int64_t); #if ARCHIVE_VERSION_NUMBER < 4000000 __LA_DECL int archive_write_set_compression_bzip2(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_write_set_compression_compress(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_write_set_compression_gzip(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_write_set_compression_lzip(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_write_set_compression_lzma(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_write_set_compression_none(struct archive *) __LA_DEPRECATED; __LA_DECL int archive_write_set_compression_program(struct archive *, const char *cmd) __LA_DEPRECATED; __LA_DECL int archive_write_set_compression_xz(struct archive *) __LA_DEPRECATED; #endif /* A convenience function to set the filter based on the code. */ __LA_DECL int archive_write_add_filter(struct archive *, int filter_code); __LA_DECL int archive_write_add_filter_by_name(struct archive *, const char *name); __LA_DECL int archive_write_add_filter_b64encode(struct archive *); __LA_DECL int archive_write_add_filter_bzip2(struct archive *); __LA_DECL int archive_write_add_filter_compress(struct archive *); __LA_DECL int archive_write_add_filter_grzip(struct archive *); __LA_DECL int archive_write_add_filter_gzip(struct archive *); __LA_DECL int archive_write_add_filter_lrzip(struct archive *); __LA_DECL int archive_write_add_filter_lz4(struct archive *); __LA_DECL int archive_write_add_filter_lzip(struct archive *); __LA_DECL int archive_write_add_filter_lzma(struct archive *); __LA_DECL int archive_write_add_filter_lzop(struct archive *); __LA_DECL int archive_write_add_filter_none(struct archive *); __LA_DECL int archive_write_add_filter_program(struct archive *, const char *cmd); __LA_DECL int archive_write_add_filter_uuencode(struct archive *); __LA_DECL int archive_write_add_filter_xz(struct archive *); __LA_DECL int archive_write_add_filter_zstd(struct archive *); /* A convenience function to set the format based on the code or name. */ __LA_DECL int archive_write_set_format(struct archive *, int format_code); __LA_DECL int archive_write_set_format_by_name(struct archive *, const char *name); /* To minimize link pollution, use one or more of the following. */ __LA_DECL int archive_write_set_format_7zip(struct archive *); __LA_DECL int archive_write_set_format_ar_bsd(struct archive *); __LA_DECL int archive_write_set_format_ar_svr4(struct archive *); __LA_DECL int archive_write_set_format_cpio(struct archive *); __LA_DECL int archive_write_set_format_cpio_bin(struct archive *); __LA_DECL int archive_write_set_format_cpio_newc(struct archive *); __LA_DECL int archive_write_set_format_cpio_odc(struct archive *); __LA_DECL int archive_write_set_format_cpio_pwb(struct archive *); __LA_DECL int archive_write_set_format_gnutar(struct archive *); __LA_DECL int archive_write_set_format_iso9660(struct archive *); __LA_DECL int archive_write_set_format_mtree(struct archive *); __LA_DECL int archive_write_set_format_mtree_classic(struct archive *); /* TODO: int archive_write_set_format_old_tar(struct archive *); */ __LA_DECL int archive_write_set_format_pax(struct archive *); __LA_DECL int archive_write_set_format_pax_restricted(struct archive *); __LA_DECL int archive_write_set_format_raw(struct archive *); __LA_DECL int archive_write_set_format_shar(struct archive *); __LA_DECL int archive_write_set_format_shar_dump(struct archive *); __LA_DECL int archive_write_set_format_ustar(struct archive *); __LA_DECL int archive_write_set_format_v7tar(struct archive *); __LA_DECL int archive_write_set_format_warc(struct archive *); __LA_DECL int archive_write_set_format_xar(struct archive *); __LA_DECL int archive_write_set_format_zip(struct archive *); __LA_DECL int archive_write_set_format_filter_by_ext(struct archive *a, const char *filename); __LA_DECL int archive_write_set_format_filter_by_ext_def(struct archive *a, const char *filename, const char * def_ext); __LA_DECL int archive_write_zip_set_compression_deflate(struct archive *); __LA_DECL int archive_write_zip_set_compression_store(struct archive *); /* Deprecated; use archive_write_open2 instead */ __LA_DECL int archive_write_open(struct archive *, void *, archive_open_callback *, archive_write_callback *, archive_close_callback *); __LA_DECL int archive_write_open2(struct archive *, void *, archive_open_callback *, archive_write_callback *, archive_close_callback *, archive_free_callback *); __LA_DECL int archive_write_open_fd(struct archive *, int _fd); __LA_DECL int archive_write_open_filename(struct archive *, const char *_file); __LA_DECL int archive_write_open_filename_w(struct archive *, const wchar_t *_file); /* A deprecated synonym for archive_write_open_filename() */ __LA_DECL int archive_write_open_file(struct archive *, const char *_file) __LA_DEPRECATED; __LA_DECL int archive_write_open_FILE(struct archive *, FILE *); /* _buffSize is the size of the buffer, _used refers to a variable that * will be updated after each write into the buffer. */ __LA_DECL int archive_write_open_memory(struct archive *, void *_buffer, size_t _buffSize, size_t *_used); /* * Note that the library will truncate writes beyond the size provided * to archive_write_header or pad if the provided data is short. */ __LA_DECL int archive_write_header(struct archive *, struct archive_entry *); __LA_DECL la_ssize_t archive_write_data(struct archive *, const void *, size_t); /* This interface is currently only available for archive_write_disk handles. */ __LA_DECL la_ssize_t archive_write_data_block(struct archive *, const void *, size_t, la_int64_t); __LA_DECL int archive_write_finish_entry(struct archive *); __LA_DECL int archive_write_close(struct archive *); /* Marks the archive as FATAL so that a subsequent free() operation * won't try to close() cleanly. Provides a fast abort capability * when the client discovers that things have gone wrong. */ __LA_DECL int archive_write_fail(struct archive *); /* This can fail if the archive wasn't already closed, in which case * archive_write_free() will implicitly call archive_write_close(). */ __LA_DECL int archive_write_free(struct archive *); #if ARCHIVE_VERSION_NUMBER < 4000000 /* Synonym for archive_write_free() for backwards compatibility. */ __LA_DECL int archive_write_finish(struct archive *) __LA_DEPRECATED; #endif /* * Set write options. */ /* Apply option to the format only. */ __LA_DECL int archive_write_set_format_option(struct archive *_a, const char *m, const char *o, const char *v); /* Apply option to the filter only. */ __LA_DECL int archive_write_set_filter_option(struct archive *_a, const char *m, const char *o, const char *v); /* Apply option to both the format and the filter. */ __LA_DECL int archive_write_set_option(struct archive *_a, const char *m, const char *o, const char *v); /* Apply option string to both the format and the filter. */ __LA_DECL int archive_write_set_options(struct archive *_a, const char *opts); /* * Set an encryption passphrase. */ __LA_DECL int archive_write_set_passphrase(struct archive *_a, const char *p); __LA_DECL int archive_write_set_passphrase_callback(struct archive *, void *client_data, archive_passphrase_callback *); /*- * ARCHIVE_WRITE_DISK API * * To create objects on disk: * 1) Ask archive_write_disk_new for a new archive_write_disk object. * 2) Set any global properties. In particular, you probably * want to set the options. * 3) For each entry: * - construct an appropriate struct archive_entry structure * - archive_write_header to create the file/dir/etc on disk * - archive_write_data to write the entry data * 4) archive_write_free to cleanup the writer and release resources * * In particular, you can use this in conjunction with archive_read() * to pull entries out of an archive and create them on disk. */ __LA_DECL struct archive *archive_write_disk_new(void); /* This file will not be overwritten. */ __LA_DECL int archive_write_disk_set_skip_file(struct archive *, la_int64_t, la_int64_t); /* Set flags to control how the next item gets created. * This accepts a bitmask of ARCHIVE_EXTRACT_XXX flags defined above. */ __LA_DECL int archive_write_disk_set_options(struct archive *, int flags); /* * The lookup functions are given uname/uid (or gname/gid) pairs and * return a uid (gid) suitable for this system. These are used for * restoring ownership and for setting ACLs. The default functions * are naive, they just return the uid/gid. These are small, so reasonable * for applications that don't need to preserve ownership; they * are probably also appropriate for applications that are doing * same-system backup and restore. */ /* * The "standard" lookup functions use common system calls to lookup * the uname/gname, falling back to the uid/gid if the names can't be * found. They cache lookups and are reasonably fast, but can be very * large, so they are not used unless you ask for them. In * particular, these match the specifications of POSIX "pax" and old * POSIX "tar". */ __LA_DECL int archive_write_disk_set_standard_lookup(struct archive *); /* * If neither the default (naive) nor the standard (big) functions suit * your needs, you can write your own and register them. Be sure to * include a cleanup function if you have allocated private data. */ __LA_DECL int archive_write_disk_set_group_lookup(struct archive *, void * /* private_data */, la_int64_t (*)(void *, const char *, la_int64_t), void (* /* cleanup */)(void *)); __LA_DECL int archive_write_disk_set_user_lookup(struct archive *, void * /* private_data */, la_int64_t (*)(void *, const char *, la_int64_t), void (* /* cleanup */)(void *)); __LA_DECL la_int64_t archive_write_disk_gid(struct archive *, const char *, la_int64_t); __LA_DECL la_int64_t archive_write_disk_uid(struct archive *, const char *, la_int64_t); /* * ARCHIVE_READ_DISK API * * This is still evolving and somewhat experimental. */ __LA_DECL struct archive *archive_read_disk_new(void); /* The names for symlink modes here correspond to an old BSD * command-line argument convention: -L, -P, -H */ /* Follow all symlinks. */ __LA_DECL int archive_read_disk_set_symlink_logical(struct archive *); /* Follow no symlinks. */ __LA_DECL int archive_read_disk_set_symlink_physical(struct archive *); /* Follow symlink initially, then not. */ __LA_DECL int archive_read_disk_set_symlink_hybrid(struct archive *); /* TODO: Handle Linux stat32/stat64 ugliness. */ __LA_DECL int archive_read_disk_entry_from_file(struct archive *, struct archive_entry *, int /* fd */, const struct stat *); /* Look up gname for gid or uname for uid. */ /* Default implementations are very, very stupid. */ __LA_DECL const char *archive_read_disk_gname(struct archive *, la_int64_t); __LA_DECL const char *archive_read_disk_uname(struct archive *, la_int64_t); /* "Standard" implementation uses getpwuid_r, getgrgid_r and caches the * results for performance. */ __LA_DECL int archive_read_disk_set_standard_lookup(struct archive *); /* You can install your own lookups if you like. */ __LA_DECL int archive_read_disk_set_gname_lookup(struct archive *, void * /* private_data */, const char *(* /* lookup_fn */)(void *, la_int64_t), void (* /* cleanup_fn */)(void *)); __LA_DECL int archive_read_disk_set_uname_lookup(struct archive *, void * /* private_data */, const char *(* /* lookup_fn */)(void *, la_int64_t), void (* /* cleanup_fn */)(void *)); /* Start traversal. */ __LA_DECL int archive_read_disk_open(struct archive *, const char *); __LA_DECL int archive_read_disk_open_w(struct archive *, const wchar_t *); /* * Request that current entry be visited. If you invoke it on every * directory, you'll get a physical traversal. This is ignored if the * current entry isn't a directory or a link to a directory. So, if * you invoke this on every returned path, you'll get a full logical * traversal. */ __LA_DECL int archive_read_disk_descend(struct archive *); __LA_DECL int archive_read_disk_can_descend(struct archive *); __LA_DECL int archive_read_disk_current_filesystem(struct archive *); __LA_DECL int archive_read_disk_current_filesystem_is_synthetic(struct archive *); __LA_DECL int archive_read_disk_current_filesystem_is_remote(struct archive *); /* Request that the access time of the entry visited by traversal be restored. */ __LA_DECL int archive_read_disk_set_atime_restored(struct archive *); /* * Set behavior. The "flags" argument selects optional behavior. */ /* Request that the access time of the entry visited by traversal be restored. * This is the same as archive_read_disk_set_atime_restored. */ #define ARCHIVE_READDISK_RESTORE_ATIME (0x0001) /* Default: Do not skip an entry which has nodump flags. */ #define ARCHIVE_READDISK_HONOR_NODUMP (0x0002) /* Default: Skip a mac resource fork file whose prefix is "._" because of * using copyfile. */ #define ARCHIVE_READDISK_MAC_COPYFILE (0x0004) /* Default: Traverse mount points. */ #define ARCHIVE_READDISK_NO_TRAVERSE_MOUNTS (0x0008) /* Default: Xattrs are read from disk. */ #define ARCHIVE_READDISK_NO_XATTR (0x0010) /* Default: ACLs are read from disk. */ #define ARCHIVE_READDISK_NO_ACL (0x0020) /* Default: File flags are read from disk. */ #define ARCHIVE_READDISK_NO_FFLAGS (0x0040) /* Default: Sparse file information is read from disk. */ #define ARCHIVE_READDISK_NO_SPARSE (0x0080) __LA_DECL int archive_read_disk_set_behavior(struct archive *, int flags); /* * Set archive_match object that will be used in archive_read_disk to * know whether an entry should be skipped. The callback function * _excluded_func will be invoked when an entry is skipped by the result * of archive_match. */ __LA_DECL int archive_read_disk_set_matching(struct archive *, struct archive *_matching, void (*_excluded_func) (struct archive *, void *, struct archive_entry *), void *_client_data); __LA_DECL int archive_read_disk_set_metadata_filter_callback(struct archive *, int (*_metadata_filter_func)(struct archive *, void *, struct archive_entry *), void *_client_data); /* Simplified cleanup interface; * This calls archive_read_free() or archive_write_free() as needed. */ __LA_DECL int archive_free(struct archive *); /* * Accessor functions to read/set various information in * the struct archive object: */ /* Number of filters in the current filter pipeline. */ /* Filter #0 is the one closest to the format, -1 is a synonym for the * last filter, which is always the pseudo-filter that wraps the * client callbacks. */ __LA_DECL int archive_filter_count(struct archive *); __LA_DECL la_int64_t archive_filter_bytes(struct archive *, int); __LA_DECL int archive_filter_code(struct archive *, int); __LA_DECL const char * archive_filter_name(struct archive *, int); #if ARCHIVE_VERSION_NUMBER < 4000000 /* These don't properly handle multiple filters, so are deprecated and * will eventually be removed. */ /* As of libarchive 3.0, this is an alias for archive_filter_bytes(a, -1); */ __LA_DECL la_int64_t archive_position_compressed(struct archive *) __LA_DEPRECATED; /* As of libarchive 3.0, this is an alias for archive_filter_bytes(a, 0); */ __LA_DECL la_int64_t archive_position_uncompressed(struct archive *) __LA_DEPRECATED; /* As of libarchive 3.0, this is an alias for archive_filter_name(a, 0); */ __LA_DECL const char *archive_compression_name(struct archive *) __LA_DEPRECATED; /* As of libarchive 3.0, this is an alias for archive_filter_code(a, 0); */ __LA_DECL int archive_compression(struct archive *) __LA_DEPRECATED; #endif __LA_DECL int archive_errno(struct archive *); __LA_DECL const char *archive_error_string(struct archive *); __LA_DECL const char *archive_format_name(struct archive *); __LA_DECL int archive_format(struct archive *); __LA_DECL void archive_clear_error(struct archive *); __LA_DECL void archive_set_error(struct archive *, int _err, const char *fmt, ...) __LA_PRINTF(3, 4); __LA_DECL void archive_copy_error(struct archive *dest, struct archive *src); __LA_DECL int archive_file_count(struct archive *); /* * ARCHIVE_MATCH API */ __LA_DECL struct archive *archive_match_new(void); __LA_DECL int archive_match_free(struct archive *); /* * Test if archive_entry is excluded. * This is a convenience function. This is the same as calling all * archive_match_path_excluded, archive_match_time_excluded * and archive_match_owner_excluded. */ __LA_DECL int archive_match_excluded(struct archive *, struct archive_entry *); /* * Test if pathname is excluded. The conditions are set by following functions. */ __LA_DECL int archive_match_path_excluded(struct archive *, struct archive_entry *); /* Control recursive inclusion of directory content when directory is included. Default on. */ __LA_DECL int archive_match_set_inclusion_recursion(struct archive *, int); /* Add exclusion pathname pattern. */ __LA_DECL int archive_match_exclude_pattern(struct archive *, const char *); __LA_DECL int archive_match_exclude_pattern_w(struct archive *, const wchar_t *); /* Add exclusion pathname pattern from file. */ __LA_DECL int archive_match_exclude_pattern_from_file(struct archive *, const char *, int _nullSeparator); __LA_DECL int archive_match_exclude_pattern_from_file_w(struct archive *, const wchar_t *, int _nullSeparator); /* Add inclusion pathname pattern. */ __LA_DECL int archive_match_include_pattern(struct archive *, const char *); __LA_DECL int archive_match_include_pattern_w(struct archive *, const wchar_t *); /* Add inclusion pathname pattern from file. */ __LA_DECL int archive_match_include_pattern_from_file(struct archive *, const char *, int _nullSeparator); __LA_DECL int archive_match_include_pattern_from_file_w(struct archive *, const wchar_t *, int _nullSeparator); /* * How to get statistic information for inclusion patterns. */ /* Return the amount number of unmatched inclusion patterns. */ __LA_DECL int archive_match_path_unmatched_inclusions(struct archive *); /* Return the pattern of unmatched inclusion with ARCHIVE_OK. * Return ARCHIVE_EOF if there is no inclusion pattern. */ __LA_DECL int archive_match_path_unmatched_inclusions_next( struct archive *, const char **); __LA_DECL int archive_match_path_unmatched_inclusions_next_w( struct archive *, const wchar_t **); /* * Test if a file is excluded by its time stamp. * The conditions are set by following functions. */ __LA_DECL int archive_match_time_excluded(struct archive *, struct archive_entry *); /* * Flags to tell a matching type of time stamps. These are used for * following functions. */ /* Time flag: mtime to be tested. */ #define ARCHIVE_MATCH_MTIME (0x0100) /* Time flag: ctime to be tested. */ #define ARCHIVE_MATCH_CTIME (0x0200) /* Comparison flag: Match the time if it is newer than. */ #define ARCHIVE_MATCH_NEWER (0x0001) /* Comparison flag: Match the time if it is older than. */ #define ARCHIVE_MATCH_OLDER (0x0002) /* Comparison flag: Match the time if it is equal to. */ #define ARCHIVE_MATCH_EQUAL (0x0010) /* Set inclusion time. */ __LA_DECL int archive_match_include_time(struct archive *, int _flag, time_t _sec, long _nsec); /* Set inclusion time by a date string. */ __LA_DECL int archive_match_include_date(struct archive *, int _flag, const char *_datestr); __LA_DECL int archive_match_include_date_w(struct archive *, int _flag, const wchar_t *_datestr); /* Set inclusion time by a particular file. */ __LA_DECL int archive_match_include_file_time(struct archive *, int _flag, const char *_pathname); __LA_DECL int archive_match_include_file_time_w(struct archive *, int _flag, const wchar_t *_pathname); /* Add exclusion entry. */ __LA_DECL int archive_match_exclude_entry(struct archive *, int _flag, struct archive_entry *); /* * Test if a file is excluded by its uid ,gid, uname or gname. * The conditions are set by following functions. */ __LA_DECL int archive_match_owner_excluded(struct archive *, struct archive_entry *); /* Add inclusion uid, gid, uname and gname. */ __LA_DECL int archive_match_include_uid(struct archive *, la_int64_t); __LA_DECL int archive_match_include_gid(struct archive *, la_int64_t); __LA_DECL int archive_match_include_uname(struct archive *, const char *); __LA_DECL int archive_match_include_uname_w(struct archive *, const wchar_t *); __LA_DECL int archive_match_include_gname(struct archive *, const char *); __LA_DECL int archive_match_include_gname_w(struct archive *, const wchar_t *); /* Utility functions */ /* Convenience function to sort a NULL terminated list of strings */ __LA_DECL int archive_utility_string_sort(char **); #ifdef __cplusplus } #endif /* These are meaningless outside of this header. */ #undef __LA_DECL #endif /* !ARCHIVE_H_INCLUDED */ ================================================ FILE: Sources/ContainerizationArchive/CArchive/include/archive_bridge.h ================================================ // #pragma once #include "archive.h" #include void archive_set_error_wrapper(struct archive *a, int error_number, const char *error_string); /// Decompress a zstd-compressed file at \p src_fd into \p dst_fd. /// Returns 0 on success, or a non-zero error code on failure. int zstd_decompress_fd(int src_fd, int dst_fd); ================================================ FILE: Sources/ContainerizationArchive/CArchive/include/archive_entry.h ================================================ /*- * Copyright (c) 2003-2008 Tim Kientzle * Copyright (c) 2016 Martin Matuska * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #ifndef ARCHIVE_ENTRY_H_INCLUDED #define ARCHIVE_ENTRY_H_INCLUDED /* Note: Compiler will complain if this does not match archive.h! */ #define ARCHIVE_VERSION_NUMBER 3007007 /* * Note: archive_entry.h is for use outside of libarchive; the * configuration headers (config.h, archive_platform.h, etc.) are * purely internal. Do NOT use HAVE_XXX configuration macros to * control the behavior of this header! If you must conditionalize, * use predefined compiler and/or platform macros. */ #include #include /* for wchar_t */ #include #include #if defined(_WIN32) && !defined(__CYGWIN__) #include #endif /* Get a suitable 64-bit integer type. */ #if !defined(__LA_INT64_T_DEFINED) # if ARCHIVE_VERSION_NUMBER < 4000000 #define __LA_INT64_T la_int64_t # endif #define __LA_INT64_T_DEFINED # if defined(_WIN32) && !defined(__CYGWIN__) && !defined(__WATCOMC__) typedef __int64 la_int64_t; # else #include # if defined(_SCO_DS) || defined(__osf__) typedef long long la_int64_t; # else typedef int64_t la_int64_t; # endif # endif #endif /* The la_ssize_t should match the type used in 'struct stat' */ #if !defined(__LA_SSIZE_T_DEFINED) /* Older code relied on the __LA_SSIZE_T macro; after 4.0 we'll switch to the typedef exclusively. */ # if ARCHIVE_VERSION_NUMBER < 4000000 #define __LA_SSIZE_T la_ssize_t # endif #define __LA_SSIZE_T_DEFINED # if defined(_WIN32) && !defined(__CYGWIN__) && !defined(__WATCOMC__) # if defined(_SSIZE_T_DEFINED) || defined(_SSIZE_T_) typedef ssize_t la_ssize_t; # elif defined(_WIN64) typedef __int64 la_ssize_t; # else typedef long la_ssize_t; # endif # else # include /* ssize_t */ typedef ssize_t la_ssize_t; # endif #endif /* Get a suitable definition for mode_t */ #if ARCHIVE_VERSION_NUMBER >= 3999000 /* Switch to plain 'int' for libarchive 4.0. It's less broken than 'mode_t' */ # define __LA_MODE_T int #elif defined(_WIN32) && !defined(__CYGWIN__) && !defined(__BORLANDC__) && !defined(__WATCOMC__) # define __LA_MODE_T unsigned short #else # define __LA_MODE_T mode_t #endif /* Large file support for Android */ #if defined(__LIBARCHIVE_BUILD) && defined(__ANDROID__) #include "android_lf.h" #endif /* * On Windows, define LIBARCHIVE_STATIC if you're building or using a * .lib. The default here assumes you're building a DLL. Only * libarchive source should ever define __LIBARCHIVE_BUILD. */ #if ((defined __WIN32__) || (defined _WIN32) || defined(__CYGWIN__)) && (!defined LIBARCHIVE_STATIC) # ifdef __LIBARCHIVE_BUILD # ifdef __GNUC__ # define __LA_DECL __attribute__((dllexport)) extern # else # define __LA_DECL __declspec(dllexport) # endif # else # ifdef __GNUC__ # define __LA_DECL # else # define __LA_DECL __declspec(dllimport) # endif # endif #elif defined __LIBARCHIVE_ENABLE_VISIBILITY # define __LA_DECL __attribute__((visibility("default"))) #else /* Static libraries on all platforms and shared libraries on non-Windows. */ # define __LA_DECL #endif #if defined(__GNUC__) && __GNUC__ >= 3 && __GNUC_MINOR__ >= 1 # define __LA_DEPRECATED __attribute__((deprecated)) #else # define __LA_DEPRECATED #endif #ifdef __cplusplus extern "C" { #endif /* * Description of an archive entry. * * You can think of this as "struct stat" with some text fields added in. * * TODO: Add "comment", "charset", and possibly other entries that are * supported by "pax interchange" format. However, GNU, ustar, cpio, * and other variants don't support these features, so they're not an * excruciatingly high priority right now. * * TODO: "pax interchange" format allows essentially arbitrary * key/value attributes to be attached to any entry. Supporting * such extensions may make this library useful for special * applications (e.g., a package manager could attach special * package-management attributes to each entry). */ struct archive; struct archive_entry; /* * File-type constants. These are returned from archive_entry_filetype() * and passed to archive_entry_set_filetype(). * * These values match S_XXX defines on every platform I've checked, * including Windows, AIX, Linux, Solaris, and BSD. They're * (re)defined here because platforms generally don't define the ones * they don't support. For example, Windows doesn't define S_IFLNK or * S_IFBLK. Instead of having a mass of conditional logic and system * checks to define any S_XXX values that aren't supported locally, * I've just defined a new set of such constants so that * libarchive-based applications can manipulate and identify archive * entries properly even if the hosting platform can't store them on * disk. * * These values are also used directly within some portable formats, * such as cpio. If you find a platform that varies from these, the * correct solution is to leave these alone and translate from these * portable values to platform-native values when entries are read from * or written to disk. */ /* * In libarchive 4.0, we can drop the casts here. * They're needed to work around Borland C's broken mode_t. */ #define AE_IFMT ((__LA_MODE_T)0170000) #define AE_IFREG ((__LA_MODE_T)0100000) #define AE_IFLNK ((__LA_MODE_T)0120000) #define AE_IFSOCK ((__LA_MODE_T)0140000) #define AE_IFCHR ((__LA_MODE_T)0020000) #define AE_IFBLK ((__LA_MODE_T)0060000) #define AE_IFDIR ((__LA_MODE_T)0040000) #define AE_IFIFO ((__LA_MODE_T)0010000) /* * Symlink types */ #define AE_SYMLINK_TYPE_UNDEFINED 0 #define AE_SYMLINK_TYPE_FILE 1 #define AE_SYMLINK_TYPE_DIRECTORY 2 /* * Basic object manipulation */ __LA_DECL struct archive_entry *archive_entry_clear(struct archive_entry *); /* The 'clone' function does a deep copy; all of the strings are copied too. */ __LA_DECL struct archive_entry *archive_entry_clone(struct archive_entry *); __LA_DECL void archive_entry_free(struct archive_entry *); __LA_DECL struct archive_entry *archive_entry_new(void); /* * This form of archive_entry_new2() will pull character-set * conversion information from the specified archive handle. The * older archive_entry_new(void) form is equivalent to calling * archive_entry_new2(NULL) and will result in the use of an internal * default character-set conversion. */ __LA_DECL struct archive_entry *archive_entry_new2(struct archive *); /* * Retrieve fields from an archive_entry. * * There are a number of implicit conversions among these fields. For * example, if a regular string field is set and you read the _w wide * character field, the entry will implicitly convert narrow-to-wide * using the current locale. Similarly, dev values are automatically * updated when you write devmajor or devminor and vice versa. * * In addition, fields can be "set" or "unset." Unset string fields * return NULL, non-string fields have _is_set() functions to test * whether they've been set. You can "unset" a string field by * assigning NULL; non-string fields have _unset() functions to * unset them. * * Note: There is one ambiguity in the above; string fields will * also return NULL when implicit character set conversions fail. * This is usually what you want. */ __LA_DECL time_t archive_entry_atime(struct archive_entry *); __LA_DECL long archive_entry_atime_nsec(struct archive_entry *); __LA_DECL int archive_entry_atime_is_set(struct archive_entry *); __LA_DECL time_t archive_entry_birthtime(struct archive_entry *); __LA_DECL long archive_entry_birthtime_nsec(struct archive_entry *); __LA_DECL int archive_entry_birthtime_is_set(struct archive_entry *); __LA_DECL time_t archive_entry_ctime(struct archive_entry *); __LA_DECL long archive_entry_ctime_nsec(struct archive_entry *); __LA_DECL int archive_entry_ctime_is_set(struct archive_entry *); __LA_DECL dev_t archive_entry_dev(struct archive_entry *); __LA_DECL int archive_entry_dev_is_set(struct archive_entry *); __LA_DECL dev_t archive_entry_devmajor(struct archive_entry *); __LA_DECL dev_t archive_entry_devminor(struct archive_entry *); __LA_DECL __LA_MODE_T archive_entry_filetype(struct archive_entry *); __LA_DECL int archive_entry_filetype_is_set(struct archive_entry *); __LA_DECL void archive_entry_fflags(struct archive_entry *, unsigned long * /* set */, unsigned long * /* clear */); __LA_DECL const char *archive_entry_fflags_text(struct archive_entry *); __LA_DECL la_int64_t archive_entry_gid(struct archive_entry *); __LA_DECL int archive_entry_gid_is_set(struct archive_entry *); __LA_DECL const char *archive_entry_gname(struct archive_entry *); __LA_DECL const char *archive_entry_gname_utf8(struct archive_entry *); __LA_DECL const wchar_t *archive_entry_gname_w(struct archive_entry *); __LA_DECL void archive_entry_set_link_to_hardlink(struct archive_entry *); __LA_DECL const char *archive_entry_hardlink(struct archive_entry *); __LA_DECL const char *archive_entry_hardlink_utf8(struct archive_entry *); __LA_DECL const wchar_t *archive_entry_hardlink_w(struct archive_entry *); __LA_DECL int archive_entry_hardlink_is_set(struct archive_entry *); __LA_DECL la_int64_t archive_entry_ino(struct archive_entry *); __LA_DECL la_int64_t archive_entry_ino64(struct archive_entry *); __LA_DECL int archive_entry_ino_is_set(struct archive_entry *); __LA_DECL __LA_MODE_T archive_entry_mode(struct archive_entry *); __LA_DECL time_t archive_entry_mtime(struct archive_entry *); __LA_DECL long archive_entry_mtime_nsec(struct archive_entry *); __LA_DECL int archive_entry_mtime_is_set(struct archive_entry *); __LA_DECL unsigned int archive_entry_nlink(struct archive_entry *); __LA_DECL const char *archive_entry_pathname(struct archive_entry *); __LA_DECL const char *archive_entry_pathname_utf8(struct archive_entry *); __LA_DECL const wchar_t *archive_entry_pathname_w(struct archive_entry *); __LA_DECL __LA_MODE_T archive_entry_perm(struct archive_entry *); __LA_DECL int archive_entry_perm_is_set(struct archive_entry *); __LA_DECL int archive_entry_rdev_is_set(struct archive_entry *); __LA_DECL dev_t archive_entry_rdev(struct archive_entry *); __LA_DECL dev_t archive_entry_rdevmajor(struct archive_entry *); __LA_DECL dev_t archive_entry_rdevminor(struct archive_entry *); __LA_DECL const char *archive_entry_sourcepath(struct archive_entry *); __LA_DECL const wchar_t *archive_entry_sourcepath_w(struct archive_entry *); __LA_DECL la_int64_t archive_entry_size(struct archive_entry *); __LA_DECL int archive_entry_size_is_set(struct archive_entry *); __LA_DECL const char *archive_entry_strmode(struct archive_entry *); __LA_DECL void archive_entry_set_link_to_symlink(struct archive_entry *); __LA_DECL const char *archive_entry_symlink(struct archive_entry *); __LA_DECL const char *archive_entry_symlink_utf8(struct archive_entry *); __LA_DECL int archive_entry_symlink_type(struct archive_entry *); __LA_DECL const wchar_t *archive_entry_symlink_w(struct archive_entry *); __LA_DECL la_int64_t archive_entry_uid(struct archive_entry *); __LA_DECL int archive_entry_uid_is_set(struct archive_entry *); __LA_DECL const char *archive_entry_uname(struct archive_entry *); __LA_DECL const char *archive_entry_uname_utf8(struct archive_entry *); __LA_DECL const wchar_t *archive_entry_uname_w(struct archive_entry *); __LA_DECL int archive_entry_is_data_encrypted(struct archive_entry *); __LA_DECL int archive_entry_is_metadata_encrypted(struct archive_entry *); __LA_DECL int archive_entry_is_encrypted(struct archive_entry *); /* * Set fields in an archive_entry. * * Note: Before libarchive 2.4, there were 'set' and 'copy' versions * of the string setters. 'copy' copied the actual string, 'set' just * stored the pointer. In libarchive 2.4 and later, strings are * always copied. */ __LA_DECL void archive_entry_set_atime(struct archive_entry *, time_t, long); __LA_DECL void archive_entry_unset_atime(struct archive_entry *); #if defined(_WIN32) && !defined(__CYGWIN__) __LA_DECL void archive_entry_copy_bhfi(struct archive_entry *, BY_HANDLE_FILE_INFORMATION *); #endif __LA_DECL void archive_entry_set_birthtime(struct archive_entry *, time_t, long); __LA_DECL void archive_entry_unset_birthtime(struct archive_entry *); __LA_DECL void archive_entry_set_ctime(struct archive_entry *, time_t, long); __LA_DECL void archive_entry_unset_ctime(struct archive_entry *); __LA_DECL void archive_entry_set_dev(struct archive_entry *, dev_t); __LA_DECL void archive_entry_set_devmajor(struct archive_entry *, dev_t); __LA_DECL void archive_entry_set_devminor(struct archive_entry *, dev_t); __LA_DECL void archive_entry_set_filetype(struct archive_entry *, unsigned int); __LA_DECL void archive_entry_set_fflags(struct archive_entry *, unsigned long /* set */, unsigned long /* clear */); /* Returns pointer to start of first invalid token, or NULL if none. */ /* Note that all recognized tokens are processed, regardless. */ __LA_DECL const char *archive_entry_copy_fflags_text(struct archive_entry *, const char *); __LA_DECL const char *archive_entry_copy_fflags_text_len(struct archive_entry *, const char *, size_t); __LA_DECL const wchar_t *archive_entry_copy_fflags_text_w(struct archive_entry *, const wchar_t *); __LA_DECL void archive_entry_set_gid(struct archive_entry *, la_int64_t); __LA_DECL void archive_entry_set_gname(struct archive_entry *, const char *); __LA_DECL void archive_entry_set_gname_utf8(struct archive_entry *, const char *); __LA_DECL void archive_entry_copy_gname(struct archive_entry *, const char *); __LA_DECL void archive_entry_copy_gname_w(struct archive_entry *, const wchar_t *); __LA_DECL int archive_entry_update_gname_utf8(struct archive_entry *, const char *); __LA_DECL void archive_entry_set_hardlink(struct archive_entry *, const char *); __LA_DECL void archive_entry_set_hardlink_utf8(struct archive_entry *, const char *); __LA_DECL void archive_entry_copy_hardlink(struct archive_entry *, const char *); __LA_DECL void archive_entry_copy_hardlink_w(struct archive_entry *, const wchar_t *); __LA_DECL int archive_entry_update_hardlink_utf8(struct archive_entry *, const char *); __LA_DECL void archive_entry_set_ino(struct archive_entry *, la_int64_t); __LA_DECL void archive_entry_set_ino64(struct archive_entry *, la_int64_t); __LA_DECL void archive_entry_set_link(struct archive_entry *, const char *); __LA_DECL void archive_entry_set_link_utf8(struct archive_entry *, const char *); __LA_DECL void archive_entry_copy_link(struct archive_entry *, const char *); __LA_DECL void archive_entry_copy_link_w(struct archive_entry *, const wchar_t *); __LA_DECL int archive_entry_update_link_utf8(struct archive_entry *, const char *); __LA_DECL void archive_entry_set_mode(struct archive_entry *, __LA_MODE_T); __LA_DECL void archive_entry_set_mtime(struct archive_entry *, time_t, long); __LA_DECL void archive_entry_unset_mtime(struct archive_entry *); __LA_DECL void archive_entry_set_nlink(struct archive_entry *, unsigned int); __LA_DECL void archive_entry_set_pathname(struct archive_entry *, const char *); __LA_DECL void archive_entry_set_pathname_utf8(struct archive_entry *, const char *); __LA_DECL void archive_entry_copy_pathname(struct archive_entry *, const char *); __LA_DECL void archive_entry_copy_pathname_w(struct archive_entry *, const wchar_t *); __LA_DECL int archive_entry_update_pathname_utf8(struct archive_entry *, const char *); __LA_DECL void archive_entry_set_perm(struct archive_entry *, __LA_MODE_T); __LA_DECL void archive_entry_set_rdev(struct archive_entry *, dev_t); __LA_DECL void archive_entry_set_rdevmajor(struct archive_entry *, dev_t); __LA_DECL void archive_entry_set_rdevminor(struct archive_entry *, dev_t); __LA_DECL void archive_entry_set_size(struct archive_entry *, la_int64_t); __LA_DECL void archive_entry_unset_size(struct archive_entry *); __LA_DECL void archive_entry_copy_sourcepath(struct archive_entry *, const char *); __LA_DECL void archive_entry_copy_sourcepath_w(struct archive_entry *, const wchar_t *); __LA_DECL void archive_entry_set_symlink(struct archive_entry *, const char *); __LA_DECL void archive_entry_set_symlink_type(struct archive_entry *, int); __LA_DECL void archive_entry_set_symlink_utf8(struct archive_entry *, const char *); __LA_DECL void archive_entry_copy_symlink(struct archive_entry *, const char *); __LA_DECL void archive_entry_copy_symlink_w(struct archive_entry *, const wchar_t *); __LA_DECL int archive_entry_update_symlink_utf8(struct archive_entry *, const char *); __LA_DECL void archive_entry_set_uid(struct archive_entry *, la_int64_t); __LA_DECL void archive_entry_set_uname(struct archive_entry *, const char *); __LA_DECL void archive_entry_set_uname_utf8(struct archive_entry *, const char *); __LA_DECL void archive_entry_copy_uname(struct archive_entry *, const char *); __LA_DECL void archive_entry_copy_uname_w(struct archive_entry *, const wchar_t *); __LA_DECL int archive_entry_update_uname_utf8(struct archive_entry *, const char *); __LA_DECL void archive_entry_set_is_data_encrypted(struct archive_entry *, char is_encrypted); __LA_DECL void archive_entry_set_is_metadata_encrypted(struct archive_entry *, char is_encrypted); /* * Routines to bulk copy fields to/from a platform-native "struct * stat." Libarchive used to just store a struct stat inside of each * archive_entry object, but this created issues when trying to * manipulate archives on systems different than the ones they were * created on. * * TODO: On Linux and other LFS systems, provide both stat32 and * stat64 versions of these functions and all of the macro glue so * that archive_entry_stat is magically defined to * archive_entry_stat32 or archive_entry_stat64 as appropriate. */ __LA_DECL const struct stat *archive_entry_stat(struct archive_entry *); __LA_DECL void archive_entry_copy_stat(struct archive_entry *, const struct stat *); /* * Storage for Mac OS-specific AppleDouble metadata information. * Apple-format tar files store a separate binary blob containing * encoded metadata with ACL, extended attributes, etc. * This provides a place to store that blob. */ __LA_DECL const void * archive_entry_mac_metadata(struct archive_entry *, size_t *); __LA_DECL void archive_entry_copy_mac_metadata(struct archive_entry *, const void *, size_t); /* * Digest routine. This is used to query the raw hex digest for the * given entry. The type of digest is provided as an argument. */ #define ARCHIVE_ENTRY_DIGEST_MD5 0x00000001 #define ARCHIVE_ENTRY_DIGEST_RMD160 0x00000002 #define ARCHIVE_ENTRY_DIGEST_SHA1 0x00000003 #define ARCHIVE_ENTRY_DIGEST_SHA256 0x00000004 #define ARCHIVE_ENTRY_DIGEST_SHA384 0x00000005 #define ARCHIVE_ENTRY_DIGEST_SHA512 0x00000006 __LA_DECL const unsigned char * archive_entry_digest(struct archive_entry *, int /* type */); /* * ACL routines. This used to simply store and return text-format ACL * strings, but that proved insufficient for a number of reasons: * = clients need control over uname/uid and gname/gid mappings * = there are many different ACL text formats * = would like to be able to read/convert archives containing ACLs * on platforms that lack ACL libraries * * This last point, in particular, forces me to implement a reasonably * complete set of ACL support routines. */ /* * Permission bits. */ #define ARCHIVE_ENTRY_ACL_EXECUTE 0x00000001 #define ARCHIVE_ENTRY_ACL_WRITE 0x00000002 #define ARCHIVE_ENTRY_ACL_READ 0x00000004 #define ARCHIVE_ENTRY_ACL_READ_DATA 0x00000008 #define ARCHIVE_ENTRY_ACL_LIST_DIRECTORY 0x00000008 #define ARCHIVE_ENTRY_ACL_WRITE_DATA 0x00000010 #define ARCHIVE_ENTRY_ACL_ADD_FILE 0x00000010 #define ARCHIVE_ENTRY_ACL_APPEND_DATA 0x00000020 #define ARCHIVE_ENTRY_ACL_ADD_SUBDIRECTORY 0x00000020 #define ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS 0x00000040 #define ARCHIVE_ENTRY_ACL_WRITE_NAMED_ATTRS 0x00000080 #define ARCHIVE_ENTRY_ACL_DELETE_CHILD 0x00000100 #define ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES 0x00000200 #define ARCHIVE_ENTRY_ACL_WRITE_ATTRIBUTES 0x00000400 #define ARCHIVE_ENTRY_ACL_DELETE 0x00000800 #define ARCHIVE_ENTRY_ACL_READ_ACL 0x00001000 #define ARCHIVE_ENTRY_ACL_WRITE_ACL 0x00002000 #define ARCHIVE_ENTRY_ACL_WRITE_OWNER 0x00004000 #define ARCHIVE_ENTRY_ACL_SYNCHRONIZE 0x00008000 #define ARCHIVE_ENTRY_ACL_PERMS_POSIX1E \ (ARCHIVE_ENTRY_ACL_EXECUTE \ | ARCHIVE_ENTRY_ACL_WRITE \ | ARCHIVE_ENTRY_ACL_READ) #define ARCHIVE_ENTRY_ACL_PERMS_NFS4 \ (ARCHIVE_ENTRY_ACL_EXECUTE \ | ARCHIVE_ENTRY_ACL_READ_DATA \ | ARCHIVE_ENTRY_ACL_LIST_DIRECTORY \ | ARCHIVE_ENTRY_ACL_WRITE_DATA \ | ARCHIVE_ENTRY_ACL_ADD_FILE \ | ARCHIVE_ENTRY_ACL_APPEND_DATA \ | ARCHIVE_ENTRY_ACL_ADD_SUBDIRECTORY \ | ARCHIVE_ENTRY_ACL_READ_NAMED_ATTRS \ | ARCHIVE_ENTRY_ACL_WRITE_NAMED_ATTRS \ | ARCHIVE_ENTRY_ACL_DELETE_CHILD \ | ARCHIVE_ENTRY_ACL_READ_ATTRIBUTES \ | ARCHIVE_ENTRY_ACL_WRITE_ATTRIBUTES \ | ARCHIVE_ENTRY_ACL_DELETE \ | ARCHIVE_ENTRY_ACL_READ_ACL \ | ARCHIVE_ENTRY_ACL_WRITE_ACL \ | ARCHIVE_ENTRY_ACL_WRITE_OWNER \ | ARCHIVE_ENTRY_ACL_SYNCHRONIZE) /* * Inheritance values (NFS4 ACLs only); included in permset. */ #define ARCHIVE_ENTRY_ACL_ENTRY_INHERITED 0x01000000 #define ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT 0x02000000 #define ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT 0x04000000 #define ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT 0x08000000 #define ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY 0x10000000 #define ARCHIVE_ENTRY_ACL_ENTRY_SUCCESSFUL_ACCESS 0x20000000 #define ARCHIVE_ENTRY_ACL_ENTRY_FAILED_ACCESS 0x40000000 #define ARCHIVE_ENTRY_ACL_INHERITANCE_NFS4 \ (ARCHIVE_ENTRY_ACL_ENTRY_FILE_INHERIT \ | ARCHIVE_ENTRY_ACL_ENTRY_DIRECTORY_INHERIT \ | ARCHIVE_ENTRY_ACL_ENTRY_NO_PROPAGATE_INHERIT \ | ARCHIVE_ENTRY_ACL_ENTRY_INHERIT_ONLY \ | ARCHIVE_ENTRY_ACL_ENTRY_SUCCESSFUL_ACCESS \ | ARCHIVE_ENTRY_ACL_ENTRY_FAILED_ACCESS \ | ARCHIVE_ENTRY_ACL_ENTRY_INHERITED) /* We need to be able to specify combinations of these. */ #define ARCHIVE_ENTRY_ACL_TYPE_ACCESS 0x00000100 /* POSIX.1e only */ #define ARCHIVE_ENTRY_ACL_TYPE_DEFAULT 0x00000200 /* POSIX.1e only */ #define ARCHIVE_ENTRY_ACL_TYPE_ALLOW 0x00000400 /* NFS4 only */ #define ARCHIVE_ENTRY_ACL_TYPE_DENY 0x00000800 /* NFS4 only */ #define ARCHIVE_ENTRY_ACL_TYPE_AUDIT 0x00001000 /* NFS4 only */ #define ARCHIVE_ENTRY_ACL_TYPE_ALARM 0x00002000 /* NFS4 only */ #define ARCHIVE_ENTRY_ACL_TYPE_POSIX1E (ARCHIVE_ENTRY_ACL_TYPE_ACCESS \ | ARCHIVE_ENTRY_ACL_TYPE_DEFAULT) #define ARCHIVE_ENTRY_ACL_TYPE_NFS4 (ARCHIVE_ENTRY_ACL_TYPE_ALLOW \ | ARCHIVE_ENTRY_ACL_TYPE_DENY \ | ARCHIVE_ENTRY_ACL_TYPE_AUDIT \ | ARCHIVE_ENTRY_ACL_TYPE_ALARM) /* Tag values mimic POSIX.1e */ #define ARCHIVE_ENTRY_ACL_USER 10001 /* Specified user. */ #define ARCHIVE_ENTRY_ACL_USER_OBJ 10002 /* User who owns the file. */ #define ARCHIVE_ENTRY_ACL_GROUP 10003 /* Specified group. */ #define ARCHIVE_ENTRY_ACL_GROUP_OBJ 10004 /* Group who owns the file. */ #define ARCHIVE_ENTRY_ACL_MASK 10005 /* Modify group access (POSIX.1e only) */ #define ARCHIVE_ENTRY_ACL_OTHER 10006 /* Public (POSIX.1e only) */ #define ARCHIVE_ENTRY_ACL_EVERYONE 10107 /* Everyone (NFS4 only) */ /* * Set the ACL by clearing it and adding entries one at a time. * Unlike the POSIX.1e ACL routines, you must specify the type * (access/default) for each entry. Internally, the ACL data is just * a soup of entries. API calls here allow you to retrieve just the * entries of interest. This design (which goes against the spirit of * POSIX.1e) is useful for handling archive formats that combine * default and access information in a single ACL list. */ __LA_DECL void archive_entry_acl_clear(struct archive_entry *); __LA_DECL int archive_entry_acl_add_entry(struct archive_entry *, int /* type */, int /* permset */, int /* tag */, int /* qual */, const char * /* name */); __LA_DECL int archive_entry_acl_add_entry_w(struct archive_entry *, int /* type */, int /* permset */, int /* tag */, int /* qual */, const wchar_t * /* name */); /* * To retrieve the ACL, first "reset", then repeatedly ask for the * "next" entry. The want_type parameter allows you to request only * certain types of entries. */ __LA_DECL int archive_entry_acl_reset(struct archive_entry *, int /* want_type */); __LA_DECL int archive_entry_acl_next(struct archive_entry *, int /* want_type */, int * /* type */, int * /* permset */, int * /* tag */, int * /* qual */, const char ** /* name */); /* * Construct a text-format ACL. The flags argument is a bitmask that * can include any of the following: * * Flags only for archive entries with POSIX.1e ACL: * ARCHIVE_ENTRY_ACL_TYPE_ACCESS - Include POSIX.1e "access" entries. * ARCHIVE_ENTRY_ACL_TYPE_DEFAULT - Include POSIX.1e "default" entries. * ARCHIVE_ENTRY_ACL_STYLE_MARK_DEFAULT - Include "default:" before each * default ACL entry. * ARCHIVE_ENTRY_ACL_STYLE_SOLARIS - Output only one colon after "other" and * "mask" entries. * * Flags only for archive entries with NFSv4 ACL: * ARCHIVE_ENTRY_ACL_STYLE_COMPACT - Do not output the minus character for * unset permissions and flags in NFSv4 ACL permission and flag fields * * Flags for for archive entries with POSIX.1e ACL or NFSv4 ACL: * ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID - Include extra numeric ID field in * each ACL entry. * ARCHIVE_ENTRY_ACL_STYLE_SEPARATOR_COMMA - Separate entries with comma * instead of newline. */ #define ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID 0x00000001 #define ARCHIVE_ENTRY_ACL_STYLE_MARK_DEFAULT 0x00000002 #define ARCHIVE_ENTRY_ACL_STYLE_SOLARIS 0x00000004 #define ARCHIVE_ENTRY_ACL_STYLE_SEPARATOR_COMMA 0x00000008 #define ARCHIVE_ENTRY_ACL_STYLE_COMPACT 0x00000010 __LA_DECL wchar_t *archive_entry_acl_to_text_w(struct archive_entry *, la_ssize_t * /* len */, int /* flags */); __LA_DECL char *archive_entry_acl_to_text(struct archive_entry *, la_ssize_t * /* len */, int /* flags */); __LA_DECL int archive_entry_acl_from_text_w(struct archive_entry *, const wchar_t * /* wtext */, int /* type */); __LA_DECL int archive_entry_acl_from_text(struct archive_entry *, const char * /* text */, int /* type */); /* Deprecated constants */ #define OLD_ARCHIVE_ENTRY_ACL_STYLE_EXTRA_ID 1024 #define OLD_ARCHIVE_ENTRY_ACL_STYLE_MARK_DEFAULT 2048 /* Deprecated functions */ __LA_DECL const wchar_t *archive_entry_acl_text_w(struct archive_entry *, int /* flags */) __LA_DEPRECATED; __LA_DECL const char *archive_entry_acl_text(struct archive_entry *, int /* flags */) __LA_DEPRECATED; /* Return bitmask of ACL types in an archive entry */ __LA_DECL int archive_entry_acl_types(struct archive_entry *); /* Return a count of entries matching 'want_type' */ __LA_DECL int archive_entry_acl_count(struct archive_entry *, int /* want_type */); /* Return an opaque ACL object. */ /* There's not yet anything clients can actually do with this... */ struct archive_acl; __LA_DECL struct archive_acl *archive_entry_acl(struct archive_entry *); /* * extended attributes */ __LA_DECL void archive_entry_xattr_clear(struct archive_entry *); __LA_DECL void archive_entry_xattr_add_entry(struct archive_entry *, const char * /* name */, const void * /* value */, size_t /* size */); /* * To retrieve the xattr list, first "reset", then repeatedly ask for the * "next" entry. */ __LA_DECL int archive_entry_xattr_count(struct archive_entry *); __LA_DECL int archive_entry_xattr_reset(struct archive_entry *); __LA_DECL int archive_entry_xattr_next(struct archive_entry *, const char ** /* name */, const void ** /* value */, size_t *); /* * sparse */ __LA_DECL void archive_entry_sparse_clear(struct archive_entry *); __LA_DECL void archive_entry_sparse_add_entry(struct archive_entry *, la_int64_t /* offset */, la_int64_t /* length */); /* * To retrieve the xattr list, first "reset", then repeatedly ask for the * "next" entry. */ __LA_DECL int archive_entry_sparse_count(struct archive_entry *); __LA_DECL int archive_entry_sparse_reset(struct archive_entry *); __LA_DECL int archive_entry_sparse_next(struct archive_entry *, la_int64_t * /* offset */, la_int64_t * /* length */); /* * Utility to match up hardlinks. * * The 'struct archive_entry_linkresolver' is a cache of archive entries * for files with multiple links. Here's how to use it: * 1. Create a lookup object with archive_entry_linkresolver_new() * 2. Tell it the archive format you're using. * 3. Hand each archive_entry to archive_entry_linkify(). * That function will return 0, 1, or 2 entries that should * be written. * 4. Call archive_entry_linkify(resolver, NULL) until * no more entries are returned. * 5. Call archive_entry_linkresolver_free(resolver) to free resources. * * The entries returned have their hardlink and size fields updated * appropriately. If an entry is passed in that does not refer to * a file with multiple links, it is returned unchanged. The intention * is that you should be able to simply filter all entries through * this machine. * * To make things more efficient, be sure that each entry has a valid * nlinks value. The hardlink cache uses this to track when all links * have been found. If the nlinks value is zero, it will keep every * name in the cache indefinitely, which can use a lot of memory. * * Note that archive_entry_size() is reset to zero if the file * body should not be written to the archive. Pay attention! */ struct archive_entry_linkresolver; /* * There are three different strategies for marking hardlinks. * The descriptions below name them after the best-known * formats that rely on each strategy: * * "Old cpio" is the simplest, it always returns any entry unmodified. * As far as I know, only cpio formats use this. Old cpio archives * store every link with the full body; the onus is on the dearchiver * to detect and properly link the files as they are restored. * "tar" is also pretty simple; it caches a copy the first time it sees * any link. Subsequent appearances are modified to be hardlink * references to the first one without any body. Used by all tar * formats, although the newest tar formats permit the "old cpio" strategy * as well. This strategy is very simple for the dearchiver, * and reasonably straightforward for the archiver. * "new cpio" is trickier. It stores the body only with the last * occurrence. The complication is that we might not * see every link to a particular file in a single session, so * there's no easy way to know when we've seen the last occurrence. * The solution here is to queue one link until we see the next. * At the end of the session, you can enumerate any remaining * entries by calling archive_entry_linkify(NULL) and store those * bodies. If you have a file with three links l1, l2, and l3, * you'll get the following behavior if you see all three links: * linkify(l1) => NULL (the resolver stores l1 internally) * linkify(l2) => l1 (resolver stores l2, you write l1) * linkify(l3) => l2, l3 (all links seen, you can write both). * If you only see l1 and l2, you'll get this behavior: * linkify(l1) => NULL * linkify(l2) => l1 * linkify(NULL) => l2 (at end, you retrieve remaining links) * As the name suggests, this strategy is used by newer cpio variants. * It's noticeably more complex for the archiver, slightly more complex * for the dearchiver than the tar strategy, but makes it straightforward * to restore a file using any link by simply continuing to scan until * you see a link that is stored with a body. In contrast, the tar * strategy requires you to rescan the archive from the beginning to * correctly extract an arbitrary link. */ __LA_DECL struct archive_entry_linkresolver *archive_entry_linkresolver_new(void); __LA_DECL void archive_entry_linkresolver_set_strategy( struct archive_entry_linkresolver *, int /* format_code */); __LA_DECL void archive_entry_linkresolver_free(struct archive_entry_linkresolver *); __LA_DECL void archive_entry_linkify(struct archive_entry_linkresolver *, struct archive_entry **, struct archive_entry **); __LA_DECL struct archive_entry *archive_entry_partial_links( struct archive_entry_linkresolver *res, unsigned int *links); #ifdef __cplusplus } #endif /* This is meaningless outside of this header. */ #undef __LA_DECL #endif /* !ARCHIVE_ENTRY_H_INCLUDED */ ================================================ FILE: Sources/ContainerizationArchive/TempDir.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationExtras import Foundation internal func createTemporaryDirectory(baseName: String) -> URL? { let url = FileManager.default.uniqueTemporaryDirectory().appendingPathComponent( "\(baseName).XXXXXX") var path = url.absoluteURL.path return path.withUTF8 { utf8Bytes in var mutablePath = Array(utf8Bytes) + [0] return mutablePath.withUnsafeMutableBufferPointer { buffer -> URL? in guard let baseAddress = buffer.baseAddress else { return nil } mkdtemp(baseAddress) let resultPath = String(decoding: buffer[..<(buffer.count - 1)], as: UTF8.self) return URL(fileURLWithPath: resultPath, isDirectory: true) } } } ================================================ FILE: Sources/ContainerizationArchive/WriteEntry.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import CArchive import Foundation /// Represents a single entry (e.g., a file, directory, symbolic link) /// that is to be read/written into an archive. public final class WriteEntry { let underlying: OpaquePointer public init(_ archive: ArchiveWriter) { underlying = archive_entry_new2(archive.underlying) } public init() { underlying = archive_entry_new() } deinit { archive_entry_free(underlying) } } extension WriteEntry { /// The size of the entry in bytes. public var size: Int64? { get { guard archive_entry_size_is_set(underlying) != 0 else { return nil } return archive_entry_size(underlying) } set { if let s = newValue { archive_entry_set_size(underlying, s) } else { archive_entry_unset_size(underlying) } } } /// The mode of the entry. public var permissions: mode_t { get { archive_entry_perm(underlying) } set { archive_entry_set_perm(underlying, newValue) } } /// The owner id of the entry. public var owner: uid_t? { get { uid_t(exactly: archive_entry_uid(underlying)) } set { archive_entry_set_uid(underlying, Int64(newValue ?? 0)) } } /// The group id of the entry public var group: gid_t? { get { gid_t(exactly: archive_entry_gid(underlying)) } set { archive_entry_set_gid(underlying, Int64(newValue ?? 0)) } } /// The path of file this entry hardlinks to public var hardlink: String? { get { guard let cstr = archive_entry_hardlink(underlying) else { return nil } return String(cString: cstr) } set { guard let newValue else { archive_entry_set_hardlink(underlying, nil) return } newValue.withCString { archive_entry_set_hardlink(underlying, $0) } } } /// The UTF-8 encoded path of file this entry hardlinks to public var hardlinkUtf8: String? { get { guard let cstr = archive_entry_hardlink_utf8(underlying) else { return nil } return String(cString: cstr, encoding: .utf8) } set { guard let newValue else { archive_entry_set_hardlink_utf8(underlying, nil) return } newValue.withCString { archive_entry_set_hardlink_utf8(underlying, $0) } } } /// The string representation of the permissions of the entry public var strmode: String? { if let cstr = archive_entry_strmode(underlying) { return String(cString: cstr) } return nil } /// The type of file this entry represents. public var fileType: URLFileResourceType { get { switch archive_entry_filetype(underlying) { case S_IFIFO: return .namedPipe case S_IFCHR: return .characterSpecial case S_IFDIR: return .directory case S_IFBLK: return .blockSpecial case S_IFREG: return .regular case S_IFLNK: return .symbolicLink case S_IFSOCK: return .socket default: return .unknown } } set { switch newValue { case .namedPipe: archive_entry_set_filetype(underlying, UInt32(S_IFIFO as mode_t)) case .characterSpecial: archive_entry_set_filetype(underlying, UInt32(S_IFCHR as mode_t)) case .directory: archive_entry_set_filetype(underlying, UInt32(S_IFDIR as mode_t)) case .blockSpecial: archive_entry_set_filetype(underlying, UInt32(S_IFBLK as mode_t)) case .regular: archive_entry_set_filetype(underlying, UInt32(S_IFREG as mode_t)) case .symbolicLink: archive_entry_set_filetype(underlying, UInt32(S_IFLNK as mode_t)) case .socket: archive_entry_set_filetype(underlying, UInt32(S_IFSOCK as mode_t)) default: archive_entry_set_filetype(underlying, 0) } } } /// The date that the entry was last accessed public var contentAccessDate: Date? { get { Date( underlying, archive_entry_atime_is_set, archive_entry_atime, archive_entry_atime_nsec) } set { setDate( newValue, underlying, archive_entry_set_atime, archive_entry_unset_atime) } } /// The date that the entry was created public var creationDate: Date? { get { Date( underlying, archive_entry_ctime_is_set, archive_entry_ctime, archive_entry_ctime_nsec) } set { setDate( newValue, underlying, archive_entry_set_ctime, archive_entry_unset_ctime) } } /// The date that the entry was modified public var modificationDate: Date? { get { Date( underlying, archive_entry_mtime_is_set, archive_entry_mtime, archive_entry_mtime_nsec) } set { setDate( newValue, underlying, archive_entry_set_mtime, archive_entry_unset_mtime) } } /// The file path of the entry public var path: String? { get { guard let pathname = archive_entry_pathname(underlying) else { return nil } return String(cString: pathname) } set { guard let newValue else { archive_entry_set_pathname(underlying, nil) return } newValue.withCString { archive_entry_set_pathname(underlying, $0) } } } /// The UTF-8 encoded file path of the entry public var pathUtf8: String? { get { guard let pathname = archive_entry_pathname_utf8(underlying) else { return nil } return String(cString: pathname) } set { guard let newValue else { archive_entry_set_pathname_utf8(underlying, nil) return } newValue.withCString { archive_entry_set_pathname_utf8(underlying, $0) } } } /// The symlink target that the entry points to public var symlinkTarget: String? { get { guard let target = archive_entry_symlink(underlying) else { return nil } return String(cString: target) } set { guard let newValue else { archive_entry_set_symlink(underlying, nil) return } newValue.withCString { archive_entry_set_symlink(underlying, $0) } } } /// The extended attributes of the entry public var xattrs: [String: Data] { get { archive_entry_xattr_reset(self.underlying) var attrs: [String: Data] = [:] var namePtr: UnsafePointer? var valuePtr: UnsafeRawPointer? var size: Int = 0 while archive_entry_xattr_next(self.underlying, &namePtr, &valuePtr, &size) == 0 { let _name = namePtr.map { String(cString: $0) } let _value = valuePtr.map { Data(bytes: $0, count: size) } guard let name = _name, let value = _value else { continue } attrs[name] = value } return attrs } set { archive_entry_xattr_clear(self.underlying) for (key, value) in newValue { value.withUnsafeBytes { ptr in archive_entry_xattr_add_entry(self.underlying, key, ptr.baseAddress, [UInt8](value).count) } } } } fileprivate func setDate( _ date: Date?, _ underlying: OpaquePointer, _ setter: (OpaquePointer, time_t, CLong) -> Void, _ unset: (OpaquePointer) -> Void ) { if let d = date { let ti = d.timeIntervalSince1970 let seconds = floor(ti) let nsec = max(0, min(1_000_000_000, ti - seconds * 1_000_000_000)) setter(underlying, time_t(seconds), CLong(nsec)) } else { unset(underlying) } } } extension Date { init?( _ underlying: OpaquePointer, _ isSet: (OpaquePointer) -> CInt, _ seconds: (OpaquePointer) -> time_t, _ nsec: (OpaquePointer) -> CLong ) { guard isSet(underlying) != 0 else { return nil } let ti = TimeInterval(seconds(underlying)) + TimeInterval(nsec(underlying)) * 0.000_000_001 self.init(timeIntervalSince1970: ti) } } ================================================ FILE: Sources/ContainerizationEXT4/Documentation.docc/ext4.md ================================================ # ``ContainerizationEXT4`` `ContainerizationEXT4` provides functionality to read the superblock of an existing ext4 block device and format a new block device with the ext4 file system. ================================================ FILE: Sources/ContainerizationEXT4/EXT4+Extensions.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation extension EXT4.InodeFlag { public static func | (lhs: Self, rhs: Self) -> Self { Self(rawValue: lhs.rawValue | rhs.rawValue) } public static func | (lhs: Self, rhs: Self) -> UInt32 { lhs.rawValue | rhs.rawValue } public static func | (lhs: Self, rhs: UInt32) -> UInt32 { lhs.rawValue | rhs } } extension EXT4.CompatFeature { public static func | (lhs: Self, rhs: Self) -> Self { EXT4.CompatFeature(rawValue: lhs.rawValue | rhs.rawValue) } public static func | (lhs: Self, rhs: Self) -> UInt32 { lhs.rawValue | rhs.rawValue } } extension EXT4.IncompatFeature { public static func | (lhs: Self, rhs: Self) -> Self { EXT4.IncompatFeature(rawValue: lhs.rawValue | rhs.rawValue) } public static func | (lhs: Self, rhs: Self) -> UInt32 { lhs.rawValue | rhs.rawValue } } extension EXT4.RoCompatFeature { public static func | (lhs: Self, rhs: Self) -> Self { EXT4.RoCompatFeature(rawValue: lhs.rawValue | rhs.rawValue) } public static func | (lhs: Self, rhs: Self) -> UInt32 { lhs.rawValue | rhs.rawValue } } extension EXT4.FileModeFlag { public static func | (lhs: Self, rhs: Self) -> Self { Self(rawValue: lhs.rawValue | rhs.rawValue) } public static func | (lhs: Self, rhs: Self) -> UInt16 { lhs.rawValue | rhs.rawValue } } extension EXT4.XAttrEntry { init(using bytes: [UInt8]) throws { guard bytes.count == 16 else { throw EXT4.Error.invalidXattrEntry } nameLength = bytes[0] nameIndex = bytes[1] let rawValue = Array(bytes[2...3]) valueOffset = UInt16(littleEndian: rawValue.withUnsafeBytes { $0.load(as: UInt16.self) }) let rawValueInum = Array(bytes[4...7]) valueInum = UInt32(littleEndian: rawValueInum.withUnsafeBytes { $0.load(as: UInt32.self) }) let rawSize = Array(bytes[8...11]) valueSize = UInt32(littleEndian: rawSize.withUnsafeBytes { $0.load(as: UInt32.self) }) let rawHash = Array(bytes[12...]) hash = UInt32(littleEndian: rawHash.withUnsafeBytes { $0.load(as: UInt32.self) }) } } extension EXT4 { static func tupleToArray(_ tuple: T) -> [UInt8] { let reflection = Mirror(reflecting: tuple) return reflection.children.compactMap { $0.value as? UInt8 } } } ================================================ FILE: Sources/ContainerizationEXT4/EXT4+FileTree.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import SystemPackage extension EXT4 { class FileTree { class FileTreeNode { let inode: InodeNumber let name: String var children: [Ptr] = [] var blocks: (start: UInt32, end: UInt32)? var additionalBlocks: [(start: UInt32, end: UInt32)]? var link: InodeNumber? private var parent: Ptr? init( inode: InodeNumber, name: String, parent: Ptr?, children: [Ptr] = [], blocks: (start: UInt32, end: UInt32)? = nil, additionalBlocks: [(start: UInt32, end: UInt32)]? = nil, link: InodeNumber? = nil ) { self.inode = inode self.name = name self.children = children self.blocks = blocks self.additionalBlocks = additionalBlocks self.link = link self.parent = parent } deinit { self.children.removeAll() self.children = [] self.blocks = nil self.additionalBlocks = nil self.link = nil } var path: FilePath? { var components: [String] = [self.name] var _ptr = self.parent while let ptr = _ptr { components.append(ptr.pointee.name) _ptr = ptr.pointee.parent } guard let last = components.last else { return nil } guard components.count > 1 else { return FilePath(last) } components = components.dropLast() let path = components.reversed().joined(separator: "/") guard let data = path.data(using: .utf8) else { return nil } guard let dataPath = String(data: data, encoding: .utf8) else { return nil } return FilePath(dataPath).pushing(FilePath(last)).lexicallyNormalized() } } var root: Ptr init(_ root: InodeNumber, _ name: String) { self.root = Ptr.allocate(capacity: 1) self.root.initialize(to: FileTreeNode(inode: root, name: name, parent: nil)) } func lookup(path: FilePath) -> Ptr? { var components: [String] = path.items var node = self.root if components.first == "/" { components = Array(components.dropFirst()) } if components.count == 0 { return node } for component in components { var found = false for childPtr in node.pointee.children { let child = childPtr.pointee if child.name == component { node = childPtr found = true break } } guard found else { return nil } } return node } } } ================================================ FILE: Sources/ContainerizationEXT4/EXT4+Formatter.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // swiftlint: disable discouraged_direct_init shorthand_operator syntactic_sugar import ContainerizationArchive import ContainerizationOS import Foundation import SystemPackage extension EXT4 { /// The `EXT4.Formatter` class provides methods to format a block device with the ext4 filesystem. /// It allows customization of block size and maximum disk size. public class Formatter { let blockSize: UInt32 private var size: UInt64 private let groupDescriptorSize: UInt32 = 32 private var blocksPerGroup: UInt32 { blockSize * 8 } private var maxInodesPerGroup: UInt32 { blockSize * 8 // limited by inode bitmap } private var groupsPerDescriptorBlock: UInt32 { blockSize / groupDescriptorSize } private var blockCount: UInt32 { ((size - 1) / blockSize) + 1 } private var groupCount: UInt32 { (blockCount - 1) / blocksPerGroup + 1 } private var groupDescriptorBlocks: UInt32 { ((groupCount - 1) / groupsPerDescriptorBlock + 1) * 32 } /// Initializes an ext4 filesystem formatter. /// /// This constructor creates an instance of the ext4 formatter designed to format a block device /// with the ext4 filesystem. The formatter takes the path to the destination block device and /// the desired block size of the filesystem as parameters. /// /// - Parameters: /// - devicePath: The path to the block device where the ext4 filesystem will be created. /// - blockSize: The block size of the ext4 filesystem, specified in bytes. Common values are /// 4096 (4KB) or 1024 (1KB). Default is 4096 (4KB) /// - minDiskSize: The minimum disk size required for the formatted filesystem. /// /// - Note: This ext4 formatter is designed for creating block devices out of container images and does not support all the /// features and options available in the full ext4 filesystem implementation. It focuses /// on the core functionality required for formatting a block device with ext4. /// /// - Important: Ensure that the destination block device is accessible and has sufficient permissions /// for formatting. The formatting process will erase all existing data on the device. public init(_ devicePath: FilePath, blockSize: UInt32 = 4096, minDiskSize: UInt64 = 256.kib()) throws { /// The constructor performs the following steps: /// /// 1. Creates the first 10 inodes: /// - Inode 2 is reserved for the root directory ('/'). /// - Inodes 1 and 3-10 are reserved for other special purposes. /// /// 2. Marks inode 11 as the first inode available for consumption by files, directories, sockets, /// FIFOs, etc. /// /// 3. Initializes a directory tree with the root directory pointing to inode 2. /// /// 4. Moves the file descriptor to the start of the block where file metadata and data can be /// written, which is located past the filesystem superblocks and group descriptor blocks. /// /// 5. Creates a "/lost+found" directory to satisfy the requirements of e2fsck (ext2/3/4 filesystem /// checker). if !FileManager.default.fileExists(atPath: devicePath.description) { FileManager.default.createFile(atPath: devicePath.description, contents: nil) } guard let fileHandle = FileHandle(forWritingTo: devicePath) else { throw Error.notFound(devicePath) } self.handle = fileHandle self.blockSize = blockSize self.size = minDiskSize // make this a 0 byte file guard ftruncate(self.handle.fileDescriptor, 0) == 0 else { throw Error.cannotTruncateFile(devicePath) } // make it a sparse file guard lseek(self.handle.fileDescriptor, off_t(self.size - 1), 0) == self.size - 1 else { throw Error.cannotCreateSparseFile(devicePath) } let zero: [UInt8] = [0] try self.handle.write(contentsOf: zero) // step #1 self.inodes = [ Ptr.allocate(capacity: 1), // defective block inode { let root = Inode.Root() let rootPtr = Ptr.allocate(capacity: 1) rootPtr.initialize(to: root) return rootPtr }(), ] // reserved inodes for _ in 2...allocate(capacity: 1)) } // step #2 self.tree = FileTree(EXT4.RootInode, "/") // skip past the superblock and block descriptor table try self.seek(block: self.groupDescriptorBlocks + 1) // lost+found directory is required for e2fsck to pass try self.create(path: FilePath("/lost+found"), mode: Inode.Mode(.S_IFDIR, 0o700)) } // Creates a hard link at the path specified by `link` that points to the same file or directory as the path specified by `target`. // // A hard link is a directory entry that points to the same inode as another directory entry. It allows multiple paths to refer to the same file on the file system. // // - `link`: The path at which to create the new hard link. // - `target`: The path of the existing file or directory to which the hard link should point. // // Throws an error if `target` path does not exist, or `target` is a directory. public func link( link: FilePath, target: FilePath ) throws { // ensure that target exists guard let targetPtr = self.tree.lookup(path: target) else { throw Error.notFound(target) } let targetNode = targetPtr.pointee let targetInodePtr = self.inodes[Int(targetNode.inode) - 1] var targetInode = targetInodePtr.pointee // ensure that target is not a directory since hardlinks cannot be // created to directories if targetInode.mode.isDir() { throw Error.cannotCreateHardlinksToDirTarget(link) } targetInode.linksCount += 1 targetInodePtr.initialize(to: targetInode) let parentPath: FilePath = link.dir if self.tree.lookup(path: link) != nil { try self.unlink(path: link) } guard let parentTreeNodePtr = self.tree.lookup(path: parentPath) else { throw Error.notFound(parentPath) } let parentTreeNode = parentTreeNodePtr.pointee let parentInodePtr = self.inodes[Int(parentTreeNode.inode) - 1] let parentInode = parentInodePtr.pointee guard parentInode.linksCount < EXT4.MaxLinks else { throw Error.maximumLinksExceeded(parentPath) } let linkTreeNodePtr = Ptr.allocate(capacity: 1) let linkTreeNode = FileTree.FileTreeNode( inode: InodeNumber(2), // this field is ignored, using 2 so array operations dont panic name: link.base, parent: parentTreeNodePtr, children: [], blocks: nil, link: targetNode.inode ) linkTreeNodePtr.initialize(to: linkTreeNode) parentTreeNode.children.append(linkTreeNodePtr) parentTreeNodePtr.initialize(to: parentTreeNode) } // Deletes the file or directory at the specified path from the filesystem. // // It performs the following actions // - set link count of the file's inode to 0 // - recursively set link count to 0 for its children // - free the inode // - free data blocks // - remove directory entry // // - `path`: The `FilePath` specifying the path of the file or directory to delete. public func unlink(path: FilePath, directoryWhiteout: Bool = false) throws { guard let pathPtr = self.tree.lookup(path: path) else { // We are being asked to unlink something that does not exist. Ignore return } let pathNode = pathPtr.pointee let inodeNumber = Int(pathNode.inode) - 1 let pathInodePtr = self.inodes[inodeNumber] var pathInode = pathInodePtr.pointee if directoryWhiteout && !pathInode.mode.isDir() { throw Error.notDirectory(path) } for childPtr in pathNode.children { try self.unlink(path: path.join(childPtr.pointee.name)) } guard !directoryWhiteout else { return } if let parentNodePtr = self.tree.lookup(path: path.dir) { let parentNode = parentNodePtr.pointee let parentInodePtr = self.inodes[Int(parentNode.inode) - 1] var parentInode = parentInodePtr.pointee if pathInode.mode.isDir() { if parentInode.linksCount > 2 { parentInode.linksCount -= 1 } } parentInodePtr.initialize(to: parentInode) parentNode.children.removeAll { childPtr in childPtr.pointee.name == path.base } parentNodePtr.initialize(to: parentNode) } if let hardlink = pathNode.link { // the file we are deleting is a hardlink, decrement the link count let linkedInodePtr = self.inodes[Int(hardlink - 1)] var linkedInode = linkedInodePtr.pointee if linkedInode.linksCount > 2 { linkedInode.linksCount -= 1 linkedInodePtr.initialize(to: linkedInode) } } guard inodeNumber > FirstInode else { // Free the inodes and the blocks related to the inode only if its valid return } if let blocks = pathNode.blocks { if !(blocks.start == blocks.end) { self.deletedBlocks.append((start: blocks.start, end: blocks.end)) } } for block in pathNode.additionalBlocks ?? [] { self.deletedBlocks.append((start: block.start, end: block.end)) } let now = Date().fs() pathInode = Inode() pathInode.dtime = now.lo pathInodePtr.initialize(to: pathInode) } // Creates a file, directory, or symlink at the specified path, recursively creating parent directories if they don't already exist. // // - Parameters: // - path: The FilePath representing the path where the file, directory, or symlink should be created. // - link: An optional FilePath representing the target path for a symlink. If `nil`, a regular file or directory will be created. Preceding '/' should be omitted // - mode: The permissions to set for the created file, directory, or symlink. // - buf: A `ReadableStream` object providing the contents for the created file. Ignored when creating directories or symlinks. // // - Note: // - This function recursively creates parent directories if they don't already exist. The `uid` and `gid` of the created parent directories are set to the values of their parent's `uid` and `gid`. // - It is expected that the user sets the permissions explicitly later // - This function only supports creating files, directories, and symlinks. Attempting to create other types of file system objects will result in an error. // - In case of symlinks, the preceding '/' should be omitted // // - Example usage: // ```swift // let formatter = EXT4.Formatter(devicePath: "ext4.img") // // create a directory // try formatter.create(path: FilePath("/dir"), // mode: EXT4.Inode.Mode(.S_IFDIR, 0o700)) // // // create a file // let inputStream = InputStream(data: "data".data(using: .utf8)!) // inputStream.open() // try formatter.create(path: FilePath("/dir/file"), // mode: EXT4.Inode.Mode(.S_IFREG, 0o755), buf: inputStream) // inputStream.close() // // // create a symlink // try formatter.create(path: FilePath("/symlink"), link: "/dir/file", // mode: EXT4.Inode.Mode(.S_IFLNK, 0o700)) // ``` public func create( path: FilePath, link: FilePath? = nil, // to create symbolic links mode: UInt16, ts: FileTimestamps = FileTimestamps(), buf: (any ReadableStream)? = nil, uid: UInt32? = nil, gid: UInt32? = nil, xattrs: [String: Data]? = nil, recursion: Bool = false, fileBuffer: UnsafeMutableBufferPointer? = nil ) throws { if let nodePtr = self.tree.lookup(path: path) { let node = nodePtr.pointee let inodePtr = self.inodes[Int(node.inode) - 1] let inode = inodePtr.pointee // Allowed replace // ----------------------------- // // Original Type File Directory Symlink // ---------------------------------------------- // File | ✔ | ✘ | ✔ // Directory | ✘ | ✔ | ✔ // Symlink | ✔ | ✘ | ✔ if mode.isDir() { if !inode.mode.isDir() { guard inode.mode.isLink() else { throw Error.notDirectory(path) } } // mkdir -p if path.base == node.name { guard !recursion else { return } // create a new tree node to replace this one var inode = inode inode.mode = mode if let uid { inode.uid = uid.lo inode.uidHigh = uid.hi } if let gid { inode.gid = gid.lo inode.gidHigh = gid.hi } inodePtr.initialize(to: inode) return } } else if let _ = node.link { // ok to overwrite links try self.unlink(path: path) } else { // file can only be overwritten by another file if inode.mode.isDir() { guard mode.isLink() else { // unless it is a link, then it can be replaced by a dir throw Error.notFile(path) } } try self.unlink(path: path) } } // create all predecessors recursively let parentPath: FilePath = path.dir try self.create(path: parentPath, mode: Inode.Mode(.S_IFDIR, 0o755), recursion: true) guard let parentTreeNodePtr = self.tree.lookup(path: parentPath) else { throw Error.notFound(parentPath) } let parentTreeNode = parentTreeNodePtr.pointee let parentInodePtr = self.inodes[Int(parentTreeNode.inode) - 1] var parentInode = parentInodePtr.pointee guard parentInode.linksCount < EXT4.MaxLinks else { throw Error.maximumLinksExceeded(parentPath) } let childInodePtr = Ptr.allocate(capacity: 1) var childInode = Inode() var startBlock: UInt32 = 0 var endBlock: UInt32 = 0 defer { // update metadata childInodePtr.initialize(to: childInode) parentInodePtr.initialize(to: parentInode) self.inodes.append(childInodePtr) let childTreeNodePtr = Ptr.allocate(capacity: 1) let childTreeNode = FileTree.FileTreeNode( inode: InodeNumber(self.inodes.count), name: path.base, parent: parentTreeNodePtr, children: [], blocks: (startBlock, endBlock) ) childTreeNodePtr.initialize(to: childTreeNode) parentTreeNode.children.append(childTreeNodePtr) parentTreeNodePtr.initialize(to: parentTreeNode) } childInode.mode = mode // uid,gid if let uid { childInode.uid = UInt16(uid & 0xffff) childInode.uidHigh = UInt16((uid >> 16) & 0xffff) } else { childInode.uid = parentInode.uid childInode.uidHigh = parentInode.uidHigh } if let gid { childInode.gid = UInt16(gid & 0xffff) childInode.gidHigh = UInt16((gid >> 16) & 0xffff) } else { childInode.gid = parentInode.gid childInode.gidHigh = parentInode.gidHigh } if let xattrs, !xattrs.isEmpty { var state = FileXattrsState( inode: UInt32(self.inodes.count), inodeXattrCapacity: EXT4.InodeExtraSize, blockCapacity: blockSize) try state.add(ExtendedAttribute(name: "system.data", value: [])) for (s, d) in xattrs { let attribute = ExtendedAttribute(name: s, value: [UInt8](d)) try state.add(attribute) } if !state.inlineAttributes.isEmpty { var buffer: [UInt8] = .init(repeating: 0, count: Int(EXT4.InodeExtraSize)) try state.writeInlineAttributes(buffer: &buffer) childInode.inlineXattrs = ( buffer[0], buffer[1], buffer[2], buffer[3], buffer[4], buffer[5], buffer[6], buffer[7], buffer[8], buffer[9], buffer[10], buffer[11], buffer[12], buffer[13], buffer[14], buffer[15], buffer[16], buffer[17], buffer[18], buffer[19], buffer[20], buffer[21], buffer[22], buffer[23], buffer[24], buffer[25], buffer[26], buffer[27], buffer[28], buffer[29], buffer[30], buffer[31], buffer[32], buffer[33], buffer[34], buffer[35], buffer[36], buffer[37], buffer[38], buffer[39], buffer[40], buffer[41], buffer[42], buffer[43], buffer[44], buffer[45], buffer[46], buffer[47], buffer[48], buffer[49], buffer[50], buffer[51], buffer[52], buffer[53], buffer[54], buffer[55], buffer[56], buffer[57], buffer[58], buffer[59], buffer[60], buffer[61], buffer[62], buffer[63], buffer[64], buffer[65], buffer[66], buffer[67], buffer[68], buffer[69], buffer[70], buffer[71], buffer[72], buffer[73], buffer[74], buffer[75], buffer[76], buffer[77], buffer[78], buffer[79], buffer[80], buffer[81], buffer[82], buffer[83], buffer[84], buffer[85], buffer[86], buffer[87], buffer[88], buffer[89], buffer[90], buffer[91], buffer[92], buffer[93], buffer[94], buffer[95] ) } if !state.blockAttributes.isEmpty { var buffer: [UInt8] = .init(repeating: 0, count: Int(blockSize)) try state.writeBlockAttributes(buffer: &buffer) if self.pos % self.blockSize != 0 { try self.seek(block: self.currentBlock + 1) } childInode.xattrBlockLow = self.currentBlock try self.handle.write(contentsOf: buffer) childInode.blocksLow += 1 } } childInode.atime = ts.accessLo childInode.atimeExtra = ts.accessHi // ctime is the last time the inode was changed which is now childInode.ctime = ts.nowLo childInode.ctimeExtra = ts.nowHi childInode.mtime = ts.modificationLo childInode.mtimeExtra = ts.modificationHi childInode.crtime = ts.creationLo childInode.crtimeExtra = ts.creationHi childInode.linksCount = 1 childInode.extraIsize = UInt16(EXT4.ExtraIsize) // flags childInode.flags = InodeFlag.hugeFile.rawValue // size check var size: UInt64 = 0 // align with block boundary if self.pos % self.blockSize != 0 { try self.seek(block: self.currentBlock + 1) } // dir if childInode.mode.isDir() { childInode.linksCount += 1 parentInode.linksCount += 1 // to pass e2fsck, the convention is to sort children // before committing to disk. Therefore, we are deferring // writing dentries until commit() is called return } // symbolic link if let link { startBlock = self.currentBlock let linkPath = link.bytes if linkPath.count < 60 { size += UInt64(linkPath.count) var blockData: [UInt8] = .init(repeating: 0, count: 60) for i in 0.. let bufferSize: Int let shouldDeallocate: Bool if let fileBuffer { tempBuf = fileBuffer.baseAddress! bufferSize = fileBuffer.count shouldDeallocate = false } else { tempBuf = UnsafeMutablePointer.allocate(capacity: Int(self.blockSize)) bufferSize = Int(self.blockSize) shouldDeallocate = true } defer { if shouldDeallocate { tempBuf.deallocate() } } while case let block = buf.read(tempBuf, maxLength: bufferSize), block > 0 { size += UInt64(block) if size > EXT4.MaxFileSize { throw Error.fileTooBig(size) } let data = UnsafeRawBufferPointer(start: tempBuf, count: block) try withUnsafeLittleEndianBuffer(of: data) { b in try self.handle.write(contentsOf: b) } } } if self.pos % self.blockSize != 0 { try self.seek(block: self.currentBlock + 1) } endBlock = self.currentBlock childInode.sizeLow = size.lo childInode.sizeHigh = size.hi childInode = try self.writeExtents(childInode, (startBlock, endBlock)) return } // FIFO, Socket and other types are not handled throw Error.unsupportedFiletype } // Completes the formatting of an ext4 filesystem after writing the necessary structures. // // This function is responsible for finalizing the formatting process of an ext4 filesystem // after the following structures have been written: // - Inode table: Contains information about each file and directory in the filesystem. // - Block bitmap: Tracks the allocation status of each block in the filesystem. // - Inode bitmap: Tracks the allocation status of each inode in the filesystem. // - Directory tree: Represents the hierarchical structure of directories and files. // - Group descriptors: Stores metadata about each block group in the filesystem. // - Superblock: Contains essential information about the filesystem's configuration. // // The function performs any necessary final steps to ensure the integrity and consistency // of the ext4 filesystem before it can be mounted and used. public func close() throws { var breathWiseChildTree: [(parent: Ptr?, child: Ptr)] = [ (nil, self.tree.root) ] while !breathWiseChildTree.isEmpty { let (parent, child) = breathWiseChildTree.removeFirst() try self.commit(parent, child) // commit directories iteratively if child.pointee.link != nil { continue } breathWiseChildTree.append(contentsOf: child.pointee.children.map { (child, $0) }) } let blockGroupSize = optimizeBlockGroupLayout(blocks: self.currentBlock, inodes: UInt32(self.inodes.count)) let inodeTableOffset = try self.commitInodeTable( blockGroups: blockGroupSize.blockGroups, inodesPerGroup: blockGroupSize.inodesPerGroup ) if self.pos % self.blockSize != 0 { try self.seek(block: self.currentBlock + 1) } // write bitmaps and group descriptors let bitmapOffset = self.currentBlock let bitmapSize: UInt32 = blockGroupSize.blockGroups * 2 // each group has two bitmaps - for inodes, and for blocks let dataSize: UInt32 = bitmapOffset + bitmapSize // last data block var diskSize = dataSize var minimumDiskSize = (blockGroupSize.blockGroups - 1) * self.blocksPerGroup + 1 if blockGroupSize.blockGroups == 1 { minimumDiskSize = self.blocksPerGroup // at least 1 block group } if diskSize < minimumDiskSize { // for data + metadata diskSize = minimumDiskSize } if self.size < minimumDiskSize { self.size = UInt64(minimumDiskSize) * self.blockSize } // number of blocks needed for group descriptors let groupDescriptorBlockCount: UInt32 = (blockGroupSize.blockGroups - 1) / self.groupsPerDescriptorBlock + 1 guard groupDescriptorBlockCount <= self.groupDescriptorBlocks else { throw Error.insufficientSpaceForGroupDescriptorBlocks } var totalBlocks: UInt32 = 0 var totalInodes: UInt32 = 0 let inodeTableSizePerGroup: UInt32 = blockGroupSize.inodesPerGroup * EXT4.InodeSize / self.blockSize var groupDescriptors: [GroupDescriptor] = [] let minGroups = (((self.pos / UInt64(self.blockSize)) - 1) / UInt64(self.blocksPerGroup)) + 1 if self.size < minGroups * blocksPerGroup * blockSize { self.size = UInt64(minGroups * blocksPerGroup * blockSize) let pos = self.pos guard lseek(self.handle.fileDescriptor, off_t(self.size - 1), 0) == self.size - 1 else { throw Error.cannotResizeFS(self.size) } let zero: [UInt8] = [0] try self.handle.write(contentsOf: zero) try self.handle.seek(toOffset: pos) } let totalGroups = (((self.size / UInt64(self.blockSize)) - 1) / UInt64(self.blocksPerGroup)) + 1 // If the provided disk size is not aligned to a blockgroup boundary, it needs to // be expanded to the next blockgroup boundary. // Example: // Provided disk size: 2 GB + 100MB: 2148 MB // BlockSize: 4096 // Blockgroup size: 32768 blocks: 128MB // Number of blocks: 549888 // Number of blockgroups = 549888 / 32768 = 16.78125 // Aligned disk size = 557056 blocks = 17 blockgroups: 2176 MB if self.size < totalGroups * blocksPerGroup * blockSize { self.size = UInt64(totalGroups * blocksPerGroup * blockSize) let pos = self.pos guard lseek(self.handle.fileDescriptor, off_t(self.size - 1), 0) == self.size - 1 else { throw Error.cannotResizeFS(self.size) } let zero: [UInt8] = [0] try self.handle.write(contentsOf: zero) try self.handle.seek(toOffset: pos) } for group in 0..> (j % 8)) & 1) bitmap[Int(j / 8)] &= ~(1 << (j % 8)) } } // inodes bitmap goes into second bitmap block for i in 0.. self.inodes.count { continue } let inode = self.inodes[Int(ino) - 1] if ino > 10 && inode.pointee.linksCount == 0 { // deleted files continue } bitmap[Int(self.blockSize) + Int(i / 8)] |= 1 << (i % 8) inodes += 1 if inode.pointee.mode.isDir() { dirs += 1 } } for i in (blockGroupSize.inodesPerGroup / 8)...init(repeating: 0, count: 1024)) let computedInodes = totalGroups * blockGroupSize.inodesPerGroup var blocksCount = totalGroups * self.blocksPerGroup while blocksCount < totalBlocks { blocksCount = UInt64(totalBlocks) } let totalFreeBlocks: UInt64 if totalBlocks > blocksCount { totalFreeBlocks = 0 } else { totalFreeBlocks = blocksCount - totalBlocks } var superblock = SuperBlock() superblock.inodesCount = computedInodes.lo superblock.blocksCountLow = blocksCount.lo superblock.blocksCountHigh = blocksCount.hi superblock.freeBlocksCountLow = totalFreeBlocks.lo superblock.freeBlocksCountHigh = totalFreeBlocks.hi let freeInodesCount = computedInodes.lo - totalInodes superblock.freeInodesCount = freeInodesCount superblock.firstDataBlock = 0 superblock.logBlockSize = 2 superblock.logClusterSize = 2 superblock.blocksPerGroup = self.blocksPerGroup superblock.clustersPerGroup = self.blocksPerGroup superblock.inodesPerGroup = blockGroupSize.inodesPerGroup superblock.magic = EXT4.SuperBlockMagic superblock.state = 1 // cleanly unmounted superblock.errors = 1 // continue on error superblock.creatorOS = 3 // freeBSD superblock.revisionLevel = 1 // dynamic inode sizes superblock.firstInode = EXT4.FirstInode superblock.lpfInode = EXT4.LostAndFoundInode superblock.inodeSize = UInt16(EXT4.InodeSize) superblock.featureCompat = CompatFeature.sparseSuper2 | CompatFeature.extAttr superblock.featureIncompat = IncompatFeature.filetype | IncompatFeature.extents | IncompatFeature.flexBg superblock.featureRoCompat = RoCompatFeature.largeFile | RoCompatFeature.hugeFile | RoCompatFeature.extraIsize superblock.minExtraIsize = EXT4.ExtraIsize superblock.wantExtraIsize = EXT4.ExtraIsize superblock.logGroupsPerFlex = 31 superblock.uuid = UUID().uuid try withUnsafeLittleEndianBytes(of: superblock) { bytes in try self.handle.write(contentsOf: bytes) } try self.handle.write(contentsOf: Array.init(repeating: 0, count: 2048)) } // MARK: Private Methods and Properties private var handle: FileHandle private var inodes: [Ptr] private var tree: FileTree private var deletedBlocks: [(start: UInt32, end: UInt32)] = [] private var pos: UInt64 { guard let offset = try? self.handle.offset() else { return 0 } return offset } private var currentBlock: UInt32 { self.pos / self.blockSize } private func seek(block: UInt32) throws { try self.handle.seek(toOffset: UInt64(block) * blockSize) } private func commitInodeTable(blockGroups: UInt32, inodesPerGroup: UInt32) throws -> UInt64 { // inodeTable must go into a new block if self.pos % blockSize != 0 { try seek(block: currentBlock + 1) } let inodeTableOffset = UInt64(currentBlock) let inodeSize = MemoryLayout.size // Write InodeTable for inode in self.inodes { try withUnsafeLittleEndianBytes(of: inode.pointee) { bytes in try handle.write(contentsOf: bytes) } try self.handle.write( contentsOf: Array.init(repeating: 0, count: Int(EXT4.InodeSize) - inodeSize)) } let tableSize: UInt64 = UInt64(EXT4.InodeSize) * blockGroups * inodesPerGroup let rest = tableSize - uint32(self.inodes.count) * EXT4.InodeSize let zeroBlock = Array.init(repeating: 0, count: Int(self.blockSize)) for _ in 0..<(rest / self.blockSize) { try self.handle.write(contentsOf: zeroBlock) } try self.handle.write(contentsOf: Array.init(repeating: 0, count: Int(rest % self.blockSize))) return inodeTableOffset } // optimizes the distribution of blockGroups to obtain the lowest number of blockGroups needed to // represent all the inodes and all the blocks in the FS private func optimizeBlockGroupLayout(blocks: UInt32, inodes: UInt32) -> ( blockGroups: UInt32, inodesPerGroup: UInt32 ) { // counts the number of blockGroups given a particular inodesPerGroup size let groupCount: (_ blocks: UInt32, _ inodes: UInt32, _ inodesPerGroup: UInt32) -> UInt32 = { blocks, inodes, inodesPerGroup in let inodeBlocksPerGroup: UInt32 = inodesPerGroup * EXT4.InodeSize / self.blockSize let dataBlocksPerGroup: UInt32 = self.blocksPerGroup - inodeBlocksPerGroup - 2 // save room for the bitmaps // Increase the block count to ensure there are enough groups for all the inodes. let minBlocks: UInt32 = (inodes - 1) / inodesPerGroup * dataBlocksPerGroup + 1 var updatedBlocks = blocks if blocks < minBlocks { updatedBlocks = minBlocks } return (updatedBlocks + dataBlocksPerGroup - 1) / dataBlocksPerGroup } var groups: UInt32 = UInt32.max var inodesPerGroup: UInt32 = 0 let inc = Int(self.blockSize * 512) / Int(EXT4.InodeSize) // inodesPerGroup // minimizes the number of blockGroups needed to its lowest value for ipg in stride(from: inc, through: Int(self.maxInodesPerGroup), by: inc) { let g = groupCount(blocks, inodes, UInt32(ipg)) if g < groups { groups = g inodesPerGroup = UInt32(ipg) } } return (groups, inodesPerGroup) } private func commit(_ parentPtr: Ptr?, _ nodePtr: Ptr) throws { let node = nodePtr.pointee let inodePtr = self.inodes[Int(node.inode) - 1] var inode = inodePtr.pointee guard inode.linksCount > 0 else { return } if node.link != nil { return } if self.pos % self.blockSize != 0 { try self.seek(block: self.currentBlock + 1) } if inode.mode.isDir() { let startBlock = self.currentBlock var left: Int = Int(self.blockSize) try writeDirEntry(name: ".", inode: node.inode, left: &left) if let parent = parentPtr { try writeDirEntry(name: "..", inode: parent.pointee.inode, left: &left) } else { try writeDirEntry(name: "..", inode: node.inode, left: &left) } var sortedChildren = Array(node.children) sortedChildren.sort { left, right in left.pointee.inode < right.pointee.inode } for childPtr in sortedChildren { let child = childPtr.pointee try writeDirEntry(name: child.name, inode: child.inode, left: &left, link: child.link) } try finishDirEntryBlock(&left) let endBlock = self.currentBlock let size: UInt64 = UInt64(endBlock - startBlock) * self.blockSize inode.sizeLow = size.lo inode.sizeHigh = size.hi inodePtr.initialize(to: inode) node.blocks = (startBlock, endBlock) nodePtr.initialize(to: node) if self.pos % self.blockSize != 0 { try self.seek(block: self.currentBlock + 1) } inode = try self.writeExtents(inode, (startBlock, endBlock)) inodePtr.initialize(to: inode) } } private func fillExtents( node: inout ExtentLeafNode, numExtents: UInt32, numBlocks: UInt32, start: UInt32, offset: UInt32 ) { for i in 0.. EXT4.MaxBlocksPerExtent { length = EXT4.MaxBlocksPerExtent } let extentStart: UInt32 = start + extentBlock let extent = ExtentLeaf( block: extentBlock, length: UInt16(length), startHigh: 0, startLow: extentStart ) node.leaves.append(extent) } } private func writeExtents(_ inode: Inode, _ blocks: (start: UInt32, end: UInt32)) throws -> Inode { var inode = inode // rest of code assumes that extents MUST go into a new block if self.pos % self.blockSize != 0 { try self.seek(block: self.currentBlock + 1) } let dataBlocks = blocks.end - blocks.start let numExtents = (dataBlocks + EXT4.MaxBlocksPerExtent - 1) / EXT4.MaxBlocksPerExtent var usedBlocks = dataBlocks let extentNodeSize = 12 let extentsPerBlock = self.blockSize / extentNodeSize - 1 var blockData: [UInt8] = .init(repeating: 0, count: 60) var blockIndex: Int = 0 switch numExtents { case 0: return inode // noop case 1..<5: let extentHeader = ExtentHeader( magic: EXT4.ExtentHeaderMagic, entries: UInt16(numExtents), max: 4, depth: 0, generation: 0) var node = ExtentLeafNode(header: extentHeader, leaves: []) fillExtents(node: &node, numExtents: numExtents, numBlocks: dataBlocks, start: blocks.start, offset: 0) withUnsafeLittleEndianBytes(of: node.header) { bytes in for b in bytes { blockData[blockIndex] = b blockIndex = blockIndex + 1 } } for leaf in node.leaves { withUnsafeLittleEndianBytes(of: leaf) { bytes in for b in bytes { blockData[blockIndex] = b blockIndex = blockIndex + 1 } } } case 5..<4 * UInt32(extentsPerBlock) + 1: let extentBlocks = numExtents / extentsPerBlock + 1 usedBlocks += extentBlocks let extentHeader = ExtentHeader( magic: EXT4.ExtentHeaderMagic, entries: UInt16(extentBlocks), max: 4, depth: 1, generation: 0 ) var root = ExtentIndexNode(header: extentHeader, indices: []) for i in 0.. extentsPerBlock { extentsInBlock = extentsPerBlock } let leafHeader = ExtentHeader( magic: EXT4.ExtentHeaderMagic, entries: UInt16(extentsInBlock), max: UInt16(extentsPerBlock), depth: 0, generation: 0 ) var leafNode = ExtentLeafNode(header: leafHeader, leaves: []) let offset = i * extentsPerBlock * EXT4.MaxBlocksPerExtent fillExtents( node: &leafNode, numExtents: extentsInBlock, numBlocks: dataBlocks, start: blocks.start + offset, offset: offset) try withUnsafeLittleEndianBytes(of: leafNode.header) { bytes in try self.handle.write(contentsOf: bytes) } for leaf in leafNode.leaves { try withUnsafeLittleEndianBytes(of: leaf) { bytes in try self.handle.write(contentsOf: bytes) } } let extentTail = ExtentTail(checksum: leafNode.leaves.last!.block) try withUnsafeLittleEndianBytes(of: extentTail) { bytes in try self.handle.write(contentsOf: bytes) } root.indices.append(extentIdx) } withUnsafeLittleEndianBytes(of: root.header) { bytes in for b in bytes { blockData[blockIndex] = b blockIndex = blockIndex + 1 } } for leaf in root.indices { withUnsafeLittleEndianBytes(of: leaf) { bytes in for b in bytes { blockData[blockIndex] = b blockIndex = blockIndex + 1 } } } default: throw Error.fileTooBig(UInt64(dataBlocks) * self.blockSize) } inode.block = ( blockData[0], blockData[1], blockData[2], blockData[3], blockData[4], blockData[5], blockData[6], blockData[7], blockData[8], blockData[9], blockData[10], blockData[11], blockData[12], blockData[13], blockData[14], blockData[15], blockData[16], blockData[17], blockData[18], blockData[19], blockData[20], blockData[21], blockData[22], blockData[23], blockData[24], blockData[25], blockData[26], blockData[27], blockData[28], blockData[29], blockData[30], blockData[31], blockData[32], blockData[33], blockData[34], blockData[35], blockData[36], blockData[37], blockData[38], blockData[39], blockData[40], blockData[41], blockData[42], blockData[43], blockData[44], blockData[45], blockData[46], blockData[47], blockData[48], blockData[49], blockData[50], blockData[51], blockData[52], blockData[53], blockData[54], blockData[55], blockData[56], blockData[57], blockData[58], blockData[59] ) // ensure that inode's block count includes extent blocks inode.blocksLow += usedBlocks inode.flags = InodeFlag.extents | inode.flags return inode } // writes a single directory entry private func writeDirEntry(name: String, inode: InodeNumber, left: inout Int, link: InodeNumber? = nil) throws { guard self.inodes[Int(inode) - 1].pointee.linksCount > 0 else { return } guard let nameData = name.data(using: .utf8) else { throw Error.invalidName(name) } let directoryEntrySize = MemoryLayout.size let rlb = directoryEntrySize + nameData.count let rl = (rlb + 3) & ~3 if left < rl + 12 { try self.finishDirEntryBlock(&left) } var mode = self.inodes[Int(inode) - 1].pointee.mode var inodeNum = inode if let link { mode = self.inodes[Int(link) - 1].pointee.mode | 0o777 inodeNum = link } let entry = DirectoryEntry( inode: inodeNum, recordLength: UInt16(rl), nameLength: UInt8(nameData.count), fileType: mode.fileType() ) try withUnsafeLittleEndianBytes(of: entry) { bytes in try self.handle.write(contentsOf: bytes) } try nameData.withUnsafeBytes { buffer in try withUnsafeLittleEndianBuffer(of: buffer) { b in try self.handle.write(contentsOf: b) } } try self.handle.write(contentsOf: [UInt8](repeating: 0, count: rl - rlb)) left = left - rl } private func finishDirEntryBlock(_ left: inout Int) throws { defer { left = Int(self.blockSize) } if left <= 0 { return } let entry = DirectoryEntry( inode: InodeNumber(0), recordLength: UInt16(left), nameLength: 0, fileType: 0 ) try withUnsafeLittleEndianBytes(of: entry) { bytes in try self.handle.write(contentsOf: bytes) } left = left - MemoryLayout.size if left < 4 { throw Error.noSpaceForTrailingDEntry } try self.handle.write(contentsOf: [UInt8](repeating: 0, count: Int(left))) } public enum Error: Swift.Error, CustomStringConvertible, Sendable, Equatable { case notDirectory(_ path: FilePath) case notFile(_ path: FilePath) case notFound(_ path: FilePath) case alreadyExists(_ path: FilePath) case unsupportedFiletype case maximumLinksExceeded(_ path: FilePath) case fileTooBig(_ size: UInt64) case invalidLink(_ path: FilePath) case invalidName(_ name: String) case noSpaceForTrailingDEntry case insufficientSpaceForGroupDescriptorBlocks case cannotCreateHardlinksToDirTarget(_ path: FilePath) case cannotTruncateFile(_ path: FilePath) case cannotCreateSparseFile(_ path: FilePath) case cannotResizeFS(_ size: UInt64) public var description: String { switch self { case .notDirectory(let path): return "\(path) is not a directory" case .notFile(let path): return "\(path) is not a file" case .notFound(let path): return "\(path) not found" case .alreadyExists(let path): return "\(path) already exists" case .unsupportedFiletype: return "file type not supported" case .maximumLinksExceeded(let path): return "maximum links exceeded for path: \(path)" case .fileTooBig(let size): return "\(size) exceeds max file size (128 GiB)" case .invalidLink(let path): return "'\(path)' is an invalid link" case .invalidName(let name): return "'\(name)' is an invalid name" case .noSpaceForTrailingDEntry: return "not enough space for trailing dentry" case .insufficientSpaceForGroupDescriptorBlocks: return "not enough space for group descriptor blocks" case .cannotCreateHardlinksToDirTarget(let path): return "cannot create hard links to directory target: \(path)" case .cannotTruncateFile(let path): return "cannot truncate file: \(path)" case .cannotCreateSparseFile(let path): return "cannot create sparse file at \(path)" case .cannotResizeFS(let size): return "cannot resize fs to \(size) bytes" } } } deinit { for inode in inodes { inode.deinitialize(count: 1) inode.deallocate() } self.inodes.removeAll() } } } extension Date { func fs() -> UInt64 { if self == Date.distantPast { return 0 } let s = self.timeIntervalSince1970 if s < -0x8000_0000 { return 0x8000_0000 } if s > 0x3_7fff_ffff { return 0x3_7fff_ffff } let seconds = UInt64(s) let nanoseconds = UInt64(self.timeIntervalSince1970.truncatingRemainder(dividingBy: 1) * 1_000_000_000) return seconds | (nanoseconds << 34) } } ================================================ FILE: Sources/ContainerizationEXT4/EXT4+Ptr.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation extension EXT4 { class Ptr { let underlying: UnsafeMutablePointer private var capacity: Int private var initialized: Bool private var allocated: Bool var pointee: T { underlying.pointee } init(capacity: Int) { self.underlying = UnsafeMutablePointer.allocate(capacity: capacity) self.capacity = capacity self.allocated = true self.initialized = false } static func allocate(capacity: Int) -> Ptr { Ptr(capacity: capacity) } func initialize(to value: T) { guard self.allocated else { return } if self.initialized { self.underlying.deinitialize(count: self.capacity) } self.underlying.initialize(to: value) self.allocated = true self.initialized = true } func deallocate() { guard self.allocated else { return } self.underlying.deallocate() self.allocated = false self.initialized = false } func deinitialize(count: Int) { guard self.allocated else { return } guard self.initialized else { return } self.underlying.deinitialize(count: count) self.initialized = false self.allocated = true } func move() -> T { self.initialized = false self.allocated = true return self.underlying.move() } deinit { self.deinitialize(count: self.capacity) self.deallocate() } } } ================================================ FILE: Sources/ContainerizationEXT4/EXT4+Reader.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import SystemPackage extension EXT4 { /// The `EXT4Reader` opens a block device, parses the superblock, and loads group descriptors & inodes. public class EXT4Reader { public var superBlock: EXT4.SuperBlock { self._superBlock } let handle: FileHandle let _superBlock: EXT4.SuperBlock private var groupDescriptors: [UInt32: EXT4.GroupDescriptor] = [:] private var inodes: [InodeNumber: EXT4.Inode] = [:] var hardlinks: [FilePath: InodeNumber] = [:] var tree: EXT4.FileTree = EXT4.FileTree(EXT4.RootInode, ".") var blockSize: UInt64 { UInt64(1024 * (1 << _superBlock.logBlockSize)) } private var groupDescriptorSize: UInt16 { if _superBlock.featureIncompat & EXT4.IncompatFeature.bit64.rawValue != 0 { return _superBlock.descSize } return UInt16(MemoryLayout.size) } public init(blockDevice: FilePath) throws { guard FileManager.default.fileExists(atPath: blockDevice.description) else { throw EXT4.Error.notFound(blockDevice.description) } guard let fileHandle = FileHandle(forReadingAtPath: blockDevice) else { throw Error.notFound(blockDevice.description) } self.handle = fileHandle try handle.seek(toOffset: EXT4.SuperBlockOffset) let superBlockSize = MemoryLayout.size guard let data = try? self.handle.read(upToCount: superBlockSize) else { throw EXT4.Error.couldNotReadSuperBlock(blockDevice.description, EXT4.SuperBlockOffset, superBlockSize) } let sb = data.withUnsafeBytes { ptr in ptr.loadLittleEndian(as: EXT4.SuperBlock.self) } guard sb.magic == EXT4.SuperBlockMagic else { throw EXT4.Error.invalidSuperBlock } self._superBlock = sb var items: [(item: Ptr, inode: InodeNumber)] = [ (self.tree.root, EXT4.RootInode) ] while items.count > 0 { guard let item = items.popLast() else { break } let (itemPtr, inodeNum) = item let childItems = try self.children(of: inodeNum) let root = itemPtr.pointee for (itemName, itemInodeNum) in childItems { if itemName == "." || itemName == ".." { continue } if self.inodes[itemInodeNum] != nil { // we have seen this inode before, we will hard link this file to it guard let parentPath = itemPtr.pointee.path else { continue } let path = parentPath.join(itemName) self.hardlinks[path] = itemInodeNum continue } let blocks = try self.getExtents(inode: itemInodeNum) let itemTreeNodePtr = Ptr.allocate(capacity: 1) let itemTreeNode = FileTree.FileTreeNode( inode: itemInodeNum, name: itemName, parent: itemPtr, children: [] ) if let blocks { if blocks.count > 1 { itemTreeNode.additionalBlocks = Array(blocks.dropFirst()) } itemTreeNode.blocks = blocks.first } itemTreeNodePtr.initialize(to: itemTreeNode) root.children.append(itemTreeNodePtr) itemPtr.initialize(to: root) let itemInode = try self.getInode(number: itemInodeNum) if itemInode.mode.isDir() { items.append((itemTreeNodePtr, itemInodeNum)) } } } } deinit { try? self.handle.close() } private func readGroupDescriptor(_ number: UInt32) throws -> GroupDescriptor { let bs = UInt64(1024 * (1 << _superBlock.logBlockSize)) let offset = bs + UInt64(number) * UInt64(self.groupDescriptorSize) try self.handle.seek(toOffset: offset) guard let data = try? self.handle.read(upToCount: MemoryLayout.size) else { throw EXT4.Error.couldNotReadGroup(number) } let gd = data.withUnsafeBytes { ptr in ptr.loadLittleEndian(as: EXT4.GroupDescriptor.self) } return gd } private func readInode(_ number: UInt32) throws -> Inode { let inodeGroupNumber = ((number - 1) / self._superBlock.inodesPerGroup) let numberInGroup = UInt64((number - 1) % self._superBlock.inodesPerGroup) let gd = try getGroupDescriptor(inodeGroupNumber) let inodeTableStart = UInt64(gd.inodeTableLow) * self.blockSize let inodeOffset: UInt64 = inodeTableStart + numberInGroup * UInt64(_superBlock.inodeSize) try self.handle.seek(toOffset: inodeOffset) guard let inodeData = try self.handle.read(upToCount: MemoryLayout.size) else { throw EXT4.Error.couldNotReadInode(number) } let inode = inodeData.withUnsafeBytes { ptr in ptr.loadLittleEndian(as: EXT4.Inode.self) } return inode } private func getDirTree(_ number: InodeNumber) throws -> [(String, InodeNumber)] { var children: [(String, InodeNumber)] = [] let extents = try getExtents(inode: number) ?? [] for (start, end) in extents { try self.seek(block: start) for i in 0..<(end - start) { guard let dirEntryBlock = try self.handle.read(upToCount: Int(self.blockSize)) else { throw EXT4.Error.couldNotReadBlock(start + i) } let childEntries = try getDirEntries(dirTree: dirEntryBlock) children.append(contentsOf: childEntries) } } return children.sorted { a, b in a.0 < b.0 } } private func getDirEntries(dirTree: Data) throws -> [(String, InodeNumber)] { var children: [(String, InodeNumber)] = [] var offset = 0 while offset < dirTree.count { let length = MemoryLayout.size let dirEntry = dirTree.subdata(in: offset.. [(start: UInt32, end: UInt32)]? { let inode = try self.getInode(number: inode) let inodeBlock = Data(tupleToArray(inode.block)) var offset = 0 var extents: [(start: UInt32, end: UInt32)] = [] let extentHeaderSize = MemoryLayout.size let extentIndexSize = MemoryLayout.size let extentLeafSize = MemoryLayout.size // read extent header let header = inodeBlock.subdata(in: offset.. Inode { if let inode = self.inodes[number] { return inode } let inode = try readInode(number) self.inodes[number] = inode return inode } func getGroupDescriptor(_ number: UInt32) throws -> GroupDescriptor { if let gd = self.groupDescriptors[number] { return gd } let gd = try readGroupDescriptor(number) self.groupDescriptors[number] = gd return gd } func children(of number: EXT4.InodeNumber) throws -> [(String, InodeNumber)] { try getDirTree(number) } } } ================================================ FILE: Sources/ContainerizationEXT4/EXT4+Types.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // swiftlint:disable large_tuple import Foundation extension EXT4 { public struct SuperBlock { public var inodesCount: UInt32 = 0 public var blocksCountLow: UInt32 = 0 public var rootBlocksCountLow: UInt32 = 0 public var freeBlocksCountLow: UInt32 = 0 public var freeInodesCount: UInt32 = 0 public var firstDataBlock: UInt32 = 0 public var logBlockSize: UInt32 = 0 public var logClusterSize: UInt32 = 0 public var blocksPerGroup: UInt32 = 0 public var clustersPerGroup: UInt32 = 0 public var inodesPerGroup: UInt32 = 0 public var mtime: UInt32 = 0 public var wtime: UInt32 = 0 public var mountCount: UInt16 = 0 public var maxMountCount: UInt16 = 0 public var magic: UInt16 = 0 public var state: UInt16 = 0 public var errors: UInt16 = 0 public var minorRevisionLevel: UInt16 = 0 public var lastCheck: UInt32 = 0 public var checkInterval: UInt32 = 0 public var creatorOS: UInt32 = 0 public var revisionLevel: UInt32 = 0 public var defaultReservedUid: UInt16 = 0 public var defaultReservedGid: UInt16 = 0 public var firstInode: UInt32 = 0 public var inodeSize: UInt16 = 0 public var blockGroupNr: UInt16 = 0 public var featureCompat: UInt32 = 0 public var featureIncompat: UInt32 = 0 public var featureRoCompat: UInt32 = 0 public var uuid: ( UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8 ) = ( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) public var volumeName: ( UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8 ) = ( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) public var lastMounted: ( UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8 ) = ( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) public var algorithmUsageBitmap: UInt32 = 0 public var preallocBlocks: UInt8 = 0 public var preallocDirBlocks: UInt8 = 0 public var reservedGdtBlocks: UInt16 = 0 public var journalUUID: ( UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8 ) = ( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) public var journalInum: UInt32 = 0 public var journalDev: UInt32 = 0 public var lastOrphan: UInt32 = 0 public var hashSeed: (UInt32, UInt32, UInt32, UInt32) = (0, 0, 0, 0) public var defHashVersion: UInt8 = 0 public var journalBackupType: UInt8 = 0 public var descSize: UInt16 = UInt16(MemoryLayout.size) public var defaultMountOpts: UInt32 = 0 public var firstMetaBg: UInt32 = 0 public var mkfsTime: UInt32 = 0 public var journalBlocks: ( UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32 ) = ( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) public var blocksCountHigh: UInt32 = 0 public var rBlocksCountHigh: UInt32 = 0 public var freeBlocksCountHigh: UInt32 = 0 public var minExtraIsize: UInt16 = 0 public var wantExtraIsize: UInt16 = 0 public var flags: UInt32 = 0 public var raidStride: UInt16 = 0 public var mmpInterval: UInt16 = 0 public var mmpBlock: UInt64 = 0 public var raidStripeWidth: UInt32 = 0 public var logGroupsPerFlex: UInt8 = 0 public var checksumType: UInt8 = 0 public var reservedPad: UInt16 = 0 public var kbytesWritten: UInt64 = 0 public var snapshotInum: UInt32 = 0 public var snapshotID: UInt32 = 0 public var snapshotRBlocksCount: UInt64 = 0 public var snapshotList: UInt32 = 0 public var errorCount: UInt32 = 0 public var firstErrorTime: UInt32 = 0 public var firstErrorInode: UInt32 = 0 public var firstErrorBlock: UInt64 = 0 public var firstErrorFunc: ( UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8 ) = ( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) public var firstErrorLine: UInt32 = 0 public var lastErrorTime: UInt32 = 0 public var lastErrorInode: UInt32 = 0 public var lastErrorLine: UInt32 = 0 public var lastErrorBlock: UInt64 = 0 public var lastErrorFunc: ( UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8 ) = ( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) public var mountOpts: ( UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8 ) = ( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) public var userQuotaInum: UInt32 = 0 public var groupQuotaInum: UInt32 = 0 public var overheadBlocks: UInt32 = 0 public var backupBgs: (UInt32, UInt32) = (0, 0) public var encryptAlgos: (UInt8, UInt8, UInt8, UInt8) = (0, 0, 0, 0) public var encryptPwSalt: ( UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8 ) = ( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) public var lpfInode: UInt32 = 0 public var projectQuotaInum: UInt32 = 0 public var checksumSeed: UInt32 = 0 public var wtimeHigh: UInt8 = 0 public var mtimeHigh: UInt8 = 0 public var mkfsTimeHigh: UInt8 = 0 public var lastcheckHigh: UInt8 = 0 public var firstErrorTimeHigh: UInt8 = 0 public var lastErrorTimeHigh: UInt8 = 0 public var pad: (UInt8, UInt8) = (0, 0) public var reserved: ( UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32, UInt32 ) = ( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) public var checksum: UInt32 = 0 } struct CompatFeature { let rawValue: UInt32 static let dirPrealloc = CompatFeature(rawValue: 0x1) static let imagicInodes = CompatFeature(rawValue: 0x2) static let hasJournal = CompatFeature(rawValue: 0x4) static let extAttr = CompatFeature(rawValue: 0x8) static let resizeInode = CompatFeature(rawValue: 0x10) static let dirIndex = CompatFeature(rawValue: 0x20) static let lazyBg = CompatFeature(rawValue: 0x40) static let excludeInode = CompatFeature(rawValue: 0x80) static let excludeBitmap = CompatFeature(rawValue: 0x100) static let sparseSuper2 = CompatFeature(rawValue: 0x200) } struct IncompatFeature { let rawValue: UInt32 static let compression = IncompatFeature(rawValue: 0x1) static let filetype = IncompatFeature(rawValue: 0x2) static let recover = IncompatFeature(rawValue: 0x4) static let journalDev = IncompatFeature(rawValue: 0x8) static let metaBg = IncompatFeature(rawValue: 0x10) static let extents = IncompatFeature(rawValue: 0x40) static let bit64 = IncompatFeature(rawValue: 0x80) static let mmp = IncompatFeature(rawValue: 0x100) static let flexBg = IncompatFeature(rawValue: 0x200) static let eaInode = IncompatFeature(rawValue: 0x400) static let dirdata = IncompatFeature(rawValue: 0x1000) static let csumSeed = IncompatFeature(rawValue: 0x2000) static let largedir = IncompatFeature(rawValue: 0x4000) static let inlineData = IncompatFeature(rawValue: 0x8000) static let encrypt = IncompatFeature(rawValue: 0x10000) } struct RoCompatFeature { let rawValue: UInt32 static let sparseSuper = RoCompatFeature(rawValue: 0x1) static let largeFile = RoCompatFeature(rawValue: 0x2) static let btreeDir = RoCompatFeature(rawValue: 0x4) static let hugeFile = RoCompatFeature(rawValue: 0x8) static let gdtCsum = RoCompatFeature(rawValue: 0x10) static let dirNlink = RoCompatFeature(rawValue: 0x20) static let extraIsize = RoCompatFeature(rawValue: 0x40) static let hasSnapshot = RoCompatFeature(rawValue: 0x80) static let quota = RoCompatFeature(rawValue: 0x100) static let bigalloc = RoCompatFeature(rawValue: 0x200) static let metadataCsum = RoCompatFeature(rawValue: 0x400) static let replica = RoCompatFeature(rawValue: 0x800) static let readonly = RoCompatFeature(rawValue: 0x1000) static let project = RoCompatFeature(rawValue: 0x2000) } struct BlockGroupFlag { let rawValue: UInt16 static let inodeUninit = BlockGroupFlag(rawValue: 0x1) static let blockUninit = BlockGroupFlag(rawValue: 0x2) static let inodeZeroed = BlockGroupFlag(rawValue: 0x4) } struct GroupDescriptor { let blockBitmapLow: UInt32 let inodeBitmapLow: UInt32 let inodeTableLow: UInt32 let freeBlocksCountLow: UInt16 let freeInodesCountLow: UInt16 let usedDirsCountLow: UInt16 let flags: UInt16 let excludeBitmapLow: UInt32 let blockBitmapCsumLow: UInt16 let inodeBitmapCsumLow: UInt16 let itableUnusedLow: UInt16 let checksum: UInt16 } struct GroupDescriptor64 { let groupDescriptor: GroupDescriptor let blockBitmapHigh: UInt32 let inodeBitmapHigh: UInt32 let inodeTableHigh: UInt32 let freeBlocksCountHigh: UInt16 let freeInodesCountHigh: UInt16 let usedDirsCountHigh: UInt16 let itableUnusedHigh: UInt16 let excludeBitmapHigh: UInt32 let blockBitmapCsumHigh: UInt16 let inodeBitmapCsumHigh: UInt16 let reserved: UInt32 } public struct FileModeFlag: Sendable { let rawValue: UInt16 public static let S_IXOTH = FileModeFlag(rawValue: 0x1) public static let S_IWOTH = FileModeFlag(rawValue: 0x2) public static let S_IROTH = FileModeFlag(rawValue: 0x4) public static let S_IXGRP = FileModeFlag(rawValue: 0x8) public static let S_IWGRP = FileModeFlag(rawValue: 0x10) public static let S_IRGRP = FileModeFlag(rawValue: 0x20) public static let S_IXUSR = FileModeFlag(rawValue: 0x40) public static let S_IWUSR = FileModeFlag(rawValue: 0x80) public static let S_IRUSR = FileModeFlag(rawValue: 0x100) public static let S_ISVTX = FileModeFlag(rawValue: 0x200) public static let S_ISGID = FileModeFlag(rawValue: 0x400) public static let S_ISUID = FileModeFlag(rawValue: 0x800) public static let S_IFIFO = FileModeFlag(rawValue: 0x1000) public static let S_IFCHR = FileModeFlag(rawValue: 0x2000) public static let S_IFDIR = FileModeFlag(rawValue: 0x4000) public static let S_IFBLK = FileModeFlag(rawValue: 0x6000) public static let S_IFREG = FileModeFlag(rawValue: 0x8000) public static let S_IFLNK = FileModeFlag(rawValue: 0xA000) public static let S_IFSOCK = FileModeFlag(rawValue: 0xC000) public static let TypeMask = FileModeFlag(rawValue: 0xF000) } public typealias InodeNumber = UInt32 public struct Inode { public var mode: UInt16 = 0 public var uid: UInt16 = 0 public var sizeLow: UInt32 = 0 public var atime: UInt32 = 0 public var ctime: UInt32 = 0 public var mtime: UInt32 = 0 public var dtime: UInt32 = 0 public var gid: UInt16 = 0 public var linksCount: UInt16 = 0 public var blocksLow: UInt32 = 0 public var flags: UInt32 = 0 public var version: UInt32 = 0 public var block: ( UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8 ) = ( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) public var generation: UInt32 = 0 public var xattrBlockLow: UInt32 = 0 public var sizeHigh: UInt32 = 0 public var obsoleteFragmentAddr: UInt32 = 0 public var blocksHigh: UInt16 = 0 public var xattrBlockHigh: UInt16 = 0 public var uidHigh: UInt16 = 0 public var gidHigh: UInt16 = 0 public var checksumLow: UInt16 = 0 public var reserved: UInt16 = 0 public var extraIsize: UInt16 = 0 public var checksumHigh: UInt16 = 0 public var ctimeExtra: UInt32 = 0 public var mtimeExtra: UInt32 = 0 public var atimeExtra: UInt32 = 0 public var crtime: UInt32 = 0 public var crtimeExtra: UInt32 = 0 public var versionHigh: UInt32 = 0 public var projid: UInt32 = 0 // Size until this point is 160 bytes public var inlineXattrs: ( // 96 bytes for extended attributes UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8, UInt8 ) = ( 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 ) public static func Mode(_ mode: FileModeFlag, _ perm: UInt16) -> UInt16 { mode.rawValue | perm } } struct InodeFlag { let rawValue: UInt32 static let secRm = InodeFlag(rawValue: 0x1) static let unRm = InodeFlag(rawValue: 0x2) static let compressed = InodeFlag(rawValue: 0x4) static let sync = InodeFlag(rawValue: 0x8) static let immutable = InodeFlag(rawValue: 0x10) static let append = InodeFlag(rawValue: 0x20) static let noDump = InodeFlag(rawValue: 0x40) static let noAtime = InodeFlag(rawValue: 0x80) static let dirtyCompressed = InodeFlag(rawValue: 0x100) static let compressedClusters = InodeFlag(rawValue: 0x200) static let noCompress = InodeFlag(rawValue: 0x400) static let encrypted = InodeFlag(rawValue: 0x800) static let hashedIndex = InodeFlag(rawValue: 0x1000) static let magic = InodeFlag(rawValue: 0x2000) static let journalData = InodeFlag(rawValue: 0x4000) static let noTail = InodeFlag(rawValue: 0x8000) static let dirSync = InodeFlag(rawValue: 0x10000) static let topDir = InodeFlag(rawValue: 0x20000) static let hugeFile = InodeFlag(rawValue: 0x40000) static let extents = InodeFlag(rawValue: 0x80000) static let eaInode = InodeFlag(rawValue: 0x200000) static let eofBlocks = InodeFlag(rawValue: 0x400000) static let snapfile = InodeFlag(rawValue: 0x0100_0000) static let snapfileDeleted = InodeFlag(rawValue: 0x0400_0000) static let snapfileShrunk = InodeFlag(rawValue: 0x0800_0000) static let inlineData = InodeFlag(rawValue: 0x1000_0000) static let projectIDInherit = InodeFlag(rawValue: 0x2000_0000) static let reserved = InodeFlag(rawValue: 0x8000_0000) } struct ExtentHeader { let magic: UInt16 let entries: UInt16 let max: UInt16 let depth: UInt16 let generation: UInt32 } struct ExtentIndex { let block: UInt32 let leafLow: UInt32 let leafHigh: UInt16 let unused: UInt16 } struct ExtentLeaf { let block: UInt32 let length: UInt16 let startHigh: UInt16 let startLow: UInt32 } struct ExtentTail { let checksum: UInt32 } struct ExtentIndexNode { var header: ExtentHeader var indices: [ExtentIndex] } struct ExtentLeafNode { var header: ExtentHeader var leaves: [ExtentLeaf] } struct DirectoryEntry { let inode: InodeNumber let recordLength: UInt16 let nameLength: UInt8 let fileType: UInt8 // let name: [UInt8] } enum FileType: UInt8 { case unknown = 0x0 case regular = 0x1 case directory = 0x2 case character = 0x3 case block = 0x4 case fifo = 0x5 case socket = 0x6 case symbolicLink = 0x7 } struct DirectoryEntryTail { let reservedZero1: UInt32 let recordLength: UInt16 let reservedZero2: UInt8 let fileType: UInt8 let checksum: UInt32 } struct DirectoryTreeRoot { let dot: DirectoryEntry let dotName: [UInt8] let dotDot: DirectoryEntry let dotDotName: [UInt8] let reservedZero: UInt32 let hashVersion: UInt8 let infoLength: UInt8 let indirectLevels: UInt8 let unusedFlags: UInt8 let limit: UInt16 let count: UInt16 let block: UInt32 // let entries: [DirectoryTreeEntry] } struct DirectoryTreeNode { let fakeInode: UInt32 let fakeRecordLength: UInt16 let nameLength: UInt8 let fileType: UInt8 let limit: UInt16 let count: UInt16 let block: UInt32 // let entries: [DirectoryTreeEntry] } struct DirectoryTreeEntry { let hash: UInt32 let block: UInt32 } struct DirectoryTreeTail { let reserved: UInt32 let checksum: UInt32 } struct XAttrEntry { let nameLength: UInt8 let nameIndex: UInt8 let valueOffset: UInt16 let valueInum: UInt32 let valueSize: UInt32 let hash: UInt32 } struct XAttrHeader { let magic: UInt32 let referenceCount: UInt32 let blocks: UInt32 let hash: UInt32 let checksum: UInt32 let reserved: [UInt32] } } extension EXT4.Inode { public static func Root() -> EXT4.Inode { var inode = Self() // inode inode.mode = Self.Mode(.S_IFDIR, 0o755) inode.linksCount = 2 inode.uid = 0 inode.gid = 0 // time let now = Date().fs() let now_lo: UInt32 = now.lo let now_hi: UInt32 = now.hi inode.atime = now_lo inode.atimeExtra = now_hi inode.ctime = now_lo inode.ctimeExtra = now_hi inode.mtime = now_lo inode.mtimeExtra = now_hi inode.crtime = now_lo inode.crtimeExtra = now_hi inode.flags = EXT4.InodeFlag.hugeFile.rawValue inode.extraIsize = UInt16(EXT4.ExtraIsize) return inode } } ================================================ FILE: Sources/ContainerizationEXT4/EXT4+Xattrs.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /* * Note: Both the entries and values for the attributes need to occupy a size that is a multiple of 4, * meaning, in cases where the attribute name or value is less than not a multiple of 4, it is padded with 0 * until it reaches that size. */ extension EXT4 { public struct ExtendedAttribute { public static let prefixMap: [Int: String] = [ 1: "user.", 2: "system.posix_acl_access", 3: "system.posix_acl_default", 4: "trusted.", 6: "security.", 7: "system.", 8: "system.richacl", ] let name: String let index: UInt8 let value: [UInt8] var sizeValue: UInt32 { UInt32((value.count + 3) & ~3) } var sizeEntry: UInt32 { UInt32((name.count + 3) & ~3 + 16) // 16 bytes are needed to store other metadata for the xattr entry } var size: UInt32 { sizeEntry + sizeValue } var fullName: String { Self.decompressName(id: Int(index), suffix: name) } var hash: UInt32 { var hash: UInt32 = 0 for char in name { hash = (hash << 5) ^ (hash >> 27) ^ UInt32(char.asciiValue!) } var i = 0 while i + 3 < value.count { let s = value[i..> 16) ^ v i += 4 } if value.count % 4 != 0 { let last = value.count & ~3 var buff: [UInt8] = [0, 0, 0, 0] for (i, byte) in value[last...].enumerated() { buff[i] = byte } let v = UInt32(littleEndian: buff.withUnsafeBytes { $0.load(as: UInt32.self) }) hash = (hash << 16) ^ (hash >> 16) ^ v } return hash } init(name: String, value: [UInt8]) { let compressed = Self.compressName(name) self.name = compressed.str self.index = compressed.id self.value = value } init(idx: UInt8, compressedName name: String, value: [UInt8]) { self.name = name self.index = idx self.value = value } // MARK: Class methods public static func compressName(_ name: String) -> (id: UInt8, str: String) { for (id, prefix) in prefixMap.sorted(by: { $1.1.count < $0.1.count }) where name.hasPrefix(prefix) { return (UInt8(id), String(name.dropFirst(prefix.count))) } return (0, name) } public static func decompressName(id: Int, suffix: String) -> String { guard let prefix = prefixMap[id] else { return suffix } return "\(prefix)\(suffix)" } } public struct FileXattrsState { private let inodeCapacity: UInt32 private let blockCapacity: UInt32 private let inode: UInt32 // the inode number for which we are tracking these xattrs var inlineAttributes: [ExtendedAttribute] = [] var blockAttributes: [ExtendedAttribute] = [] private var usedSizeInline: UInt32 = 0 private var usedSizeBlock: UInt32 = 0 private var inodeFreeBytes: UInt32 { self.inodeCapacity - EXT4.XattrInodeHeaderSize - usedSizeInline - 4 // need to have 4 null bytes b/w xattr entries and values } private var blockFreeBytes: UInt32 { self.blockCapacity - EXT4.XattrBlockHeaderSize - usedSizeBlock - 4 } init(inode: UInt32, inodeXattrCapacity: UInt32, blockCapacity: UInt32) { self.inode = inode self.inodeCapacity = inodeXattrCapacity self.blockCapacity = blockCapacity } public mutating func add(_ attribute: ExtendedAttribute) throws { let size = attribute.size if size <= inodeFreeBytes { usedSizeInline += size inlineAttributes.append(attribute) return } if size <= blockFreeBytes { usedSizeBlock += size blockAttributes.append(attribute) return } throw Error.insufficientSpace(Int(self.inode)) } public func writeInlineAttributes(buffer: inout [UInt8]) throws { var idx = 0 withUnsafeLittleEndianBytes( of: EXT4.XAttrHeaderMagic, body: { bytes in for byte in bytes { buffer[idx] = byte idx += 1 } }) try Self.write(buffer: &buffer, attrs: self.inlineAttributes, start: UInt16(idx), delta: 0, inline: true) } public func writeBlockAttributes(buffer: inout [UInt8]) throws { var idx = 0 for val in [EXT4.XAttrHeaderMagic, 1, 1] { withUnsafeLittleEndianBytes( of: UInt32(val), body: { bytes in for byte in bytes { buffer[idx] = byte idx += 1 } }) } while idx != 32 { buffer[idx] = 0 idx += 1 } var attributes = self.blockAttributes attributes.sort(by: { if ($0.index < $1.index) || ($0.name.count < $1.name.count) || ($0.name < $1.name) { return true } return false }) try Self.write(buffer: &buffer, attrs: attributes, start: UInt16(idx), delta: UInt16(idx), inline: false) } /// Writes the specified list of extended attribute entries and their values to the provided /// This method does not fill in any headers (Inode inline / block level) that may be required to parse these attributes /// /// - Parameters: /// - buffer: An array of [UInt8] where the data will be written into /// - attrs: The list of ExtendedAttributes to write /// - start: the index from where data should be put into the buffer - useful when if you dont want this method to be overwriting existing data /// - delta: index from where the begin the offset calculations /// - inline: if the byte buffer being written into is an inline data block for an inode: Determines the hash calculation private static func write( buffer: inout [UInt8], attrs: [ExtendedAttribute], start: UInt16, delta: UInt16, inline: Bool ) throws { var offset: UInt16 = UInt16(buffer.count) + delta - start var front = Int(start) var end = buffer.count for attribute in attrs { guard end - front >= 4 else { throw Error.malformedXattrBuffer } var out: [UInt8] = [] let v = attribute.sizeValue offset -= UInt16(v) out.append(UInt8(attribute.name.count)) out.append(attribute.index) withUnsafeLittleEndianBytes( of: UInt16(offset), body: { bytes in out.append(contentsOf: bytes) }) out.append(contentsOf: [0, 0, 0, 0]) // these next four bytes indicate that the attr values are in the same block withUnsafeLittleEndianBytes( of: UInt32(attribute.value.count), body: { bytes in out.append(contentsOf: bytes) }) if !inline { withUnsafeLittleEndianBytes( of: UInt32(attribute.hash), body: { bytes in out.append(contentsOf: bytes) }) } else { out.append(contentsOf: [0, 0, 0, 0]) } guard let name = attribute.name.data(using: .ascii) else { throw Error.convertAsciiString(attribute.name) } out.append(contentsOf: [UInt8](name)) while out.count < Int(attribute.sizeEntry) { // ensure that xattr entry size is a multiple of 4 out.append(0) } for (i, byte) in out.enumerated() { buffer[front + i] = byte } front += out.count end -= Int(attribute.sizeValue) for (i, byte) in attribute.value.enumerated() { buffer[end + i] = byte } } } public static func read(buffer: [UInt8], start: Int, offset: Int) throws -> [ExtendedAttribute] { var i = start var attribs: [ExtendedAttribute] = [] // 16 is the size of 1 XAttrEntry while i + 16 < buffer.count { let attributeStart = i let rawXattrEntry = Array(buffer[i.. Data blocks. In this implementation, inode size is set to 256 bytes. Inode table uses extents to efficiently describe the mapping. +-----------------------+ | Inode Table | +-----------------------+ | Inode | Metadata | +-------+---------------+ | 1 | permissions | | | size | | | user ID | | | group ID | | | timestamps | | | block | | | blocks count | +-------+---------------+ | 2 | ... | +-------+---------------+ | ... | ... | +-------+---------------+ The length of `block` field in the inode table is 60 bytes. This field contains an extent tree that holds information about ranges of blocks used by the file. For smaller files, the entire extent tree can be stored within this field. +-----------------------+ | Inode | +-----------------------+ | Metadata | +-----------------------+ | Extent Tree | | +-------------------+ | | | Extent Leaf Node | | | +-------------------+ | | | - Start Block | | | | - Block Count | | | | - ... | | | +-------------------+ | +-----------------------+ For larger files which span across multiple non-contiguous blocks, extent tree's root points to extent blocks, which in-turn point to the blocks used by the file +-----------------------+ | Extent Tree | | +-------------------+ | | | Extent Root | | | +-------------------+ | | | - Pointers to | | | | Extent Blocks | | | +-------------------+ | +-----------------------+ | v +-----------------------+ | Extent Block | +-----------------------+ | +-------------------+ | | | Extent Leaf Node | | | +-------------------+ | | | - Start Block | | | | - Block Count | | | | - ... | | | +-------------------+ | | +-------------------+ | | | Extent Leaf Node | | | +-------------------+ | | | - Start Block | | | | - Block Count | | | | - ... | | | +-------------------+ | +-----------------------+ ## Directory entries The data blocks for directory inodes point to a list of directory entrees. Each entry consists of only a name and inode number. The name and inode number correspond to the name and inode number of the children of the directory +-------------------------+ | Directory Entry | +-------------------------+ | inode | rec_len | name | +-------------------------+ | 2 | 1 | "." | +-------------------------+ | Directory Entry | +-------------------------+ | inode | rec_len | name | +-------------------------+ | 1 | 2 | ".." | +-------------------------+ | Directory Entry | +-------------------------+ | inode | rec_len | name | +-------------------------+ | 11 | 10 | lost& | | | | found | +-------------------------+ More details can be found here https://ext4.wiki.kernel.org/index.php/Ext4_Disk_Layout ``` */ /// A type for interacting with ext4 file systems. /// /// The `Ext4` class provides functionality to read the superblock of an existing ext4 block device /// and format a new block device with the ext4 file system. /// /// Usage: /// - To read the superblock of an existing ext4 block device, create an instance of `Ext4` with the /// path to the block device /// - To format a new block device with ext4, create an instance of `Ext4.Formatter` with the path to the block /// device and call the `close()` method. /// /// Example 1: Read an existing block device /// ```swift /// let blockDevice = URL(filePath: "/dev/sdb") /// // succeeds if a valid ext4 fs is found at path /// let ext4 = try Ext4(blockDevice: blockDevice) /// print("Block size: \(ext4.blockSize)") /// print("Total size: \(ext4.size)") /// /// // Reading the superblock /// let superblock = ext4.superblock /// print("Superblock information:") /// print("Total blocks: \(superblock.blocksCountLow)") /// ``` /// /// Example 2: Format a new block device (Refer [`EXT4.Formatter`](x-source-tag://EXT4.Formatter) for more info) /// ```swift /// let devicePath = URL(filePath: "/dev/sdc") /// let formatter = try EXT4.Formatter(devicePath, blockSize: 4096) /// try formatter.close() /// ``` public enum EXT4 { public static let SuperBlockMagic: UInt16 = 0xef53 static let ExtentHeaderMagic: UInt16 = 0xf30a static let XAttrHeaderMagic: UInt32 = 0xea02_0000 static let DefectiveBlockInode: InodeNumber = 1 static let RootInode: InodeNumber = 2 static let FirstInode: InodeNumber = 11 static let LostAndFoundInode: InodeNumber = 11 static let InodeActualSize: UInt32 = 160 // 160 bytes used by metadata static let InodeExtraSize: UInt32 = 96 // 96 bytes for inline xattrs static let InodeSize: UInt32 = UInt32(MemoryLayout.size) // 256 bytes. This is the max size of an inode static let XattrInodeHeaderSize: UInt32 = 4 static let XattrBlockHeaderSize: UInt32 = 32 static let ExtraIsize: UInt16 = UInt16(InodeActualSize) - 128 static let MaxLinks: UInt32 = 65000 static let MaxBlocksPerExtent: UInt32 = 0x8000 static let MaxFileSize: UInt64 = 128.gib() static let SuperBlockOffset: UInt64 = 1024 } extension EXT4 { // `EXT4` errors. public enum Error: Swift.Error, CustomStringConvertible, Sendable, Equatable { case notFound(_ path: String) case couldNotReadSuperBlock(_ path: String, _ offset: UInt64, _ size: Int) case invalidSuperBlock case deepExtentsUnimplemented case invalidExtents case invalidXattrEntry case couldNotReadBlock(_ block: UInt32) case invalidPathEncoding(_ path: String) case couldNotReadInode(_ inode: UInt32) case couldNotReadGroup(_ group: UInt32) public var description: String { switch self { case .notFound(let path): return "file at path \(path) not found" case .couldNotReadSuperBlock(let path, let offset, let size): return "could not read \(size) bytes of superblock from \(path) at offset \(offset)" case .invalidSuperBlock: return "not a valid EXT4 superblock" case .deepExtentsUnimplemented: return "deep extents are not supported" case .invalidExtents: return "extents invalid or corrupted" case .invalidXattrEntry: return "invalid extended attribute entry" case .couldNotReadBlock(let block): return "could not read block \(block)" case .invalidPathEncoding(let path): return "path encoding for '\(path)' is invalid, must be ascii or utf8" case .couldNotReadInode(let inode): return "could not read inode \(inode)" case .couldNotReadGroup(let group): return "could not read group descriptor \(group)" } } } } ================================================ FILE: Sources/ContainerizationEXT4/EXT4Reader+Export.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import ContainerizationArchive import Foundation import SystemPackage extension EXT4.EXT4Reader { public func export(archive: FilePath) throws { let config = ArchiveWriterConfiguration( format: .paxRestricted, filter: .none, options: [Options.xattrformat(.schily)]) let writer = try ArchiveWriter(configuration: config) try writer.open(file: archive.url) var items = self.tree.root.pointee.children let hardlinkedInodes = Set(self.hardlinks.values) var hardlinkTargets: [EXT4.InodeNumber: FilePath] = [:] while items.count > 0 { let itemPtr = items.removeFirst() let item = itemPtr.pointee let inode = try self.getInode(number: item.inode) let entry = WriteEntry() let mode = inode.mode let size: UInt64 = (UInt64(inode.sizeHigh) << 32) | UInt64(inode.sizeLow) entry.permissions = mode guard let path = item.path else { continue } if hardlinkedInodes.contains(item.inode) { hardlinkTargets[item.inode] = path } guard self.hardlinks[path] == nil else { continue } var attributes: [EXT4.ExtendedAttribute] = [] let buffer: [UInt8] = EXT4.tupleToArray(inode.inlineXattrs) if !buffer.allZeros { try attributes.append(contentsOf: Self.readInlineExtendedAttributes(from: buffer)) } if inode.xattrBlockLow != 0 { let block = inode.xattrBlockLow try self.seek(block: block) guard let buffer = try self.handle.read(upToCount: Int(self.blockSize)) else { throw EXT4.Error.couldNotReadBlock(block) } try attributes.append(contentsOf: Self.readBlockExtendedAttributes(from: [UInt8](buffer))) } var xattrs: [String: Data] = [:] for attribute in attributes { guard attribute.fullName != "system.data" else { continue } xattrs[attribute.fullName] = Data(attribute.value) } let pathStr = path.description entry.path = pathStr entry.size = Int64(size) entry.group = gid_t(inode.gid) entry.owner = uid_t(inode.uid) entry.creationDate = Date(fsTimestamp: UInt64((inode.ctimeExtra << 32) | inode.ctime)) entry.modificationDate = Date(fsTimestamp: UInt64((inode.mtimeExtra << 32) | inode.mtime)) entry.contentAccessDate = Date(fsTimestamp: UInt64((inode.atimeExtra << 32) | inode.atime)) entry.xattrs = xattrs if mode.isDir() { entry.fileType = .directory for child in item.children { items.append(child) } if pathStr == "" { continue } try writer.writeEntry(entry: entry, data: nil) } else if mode.isReg() { entry.fileType = .regular var data = Data() var remaining: UInt64 = size if let block = item.blocks { for dataBlock in block.start.. self.blockSize { count = self.blockSize } else { count = remaining } guard let dataBytes = try self.handle.read(upToCount: Int(count)) else { throw EXT4.Error.couldNotReadBlock(dataBlock) } data.append(dataBytes) remaining -= UInt64(dataBytes.count) } } if let additionalBlocks = item.additionalBlocks { for block in additionalBlocks { for dataBlock in block.start.. self.blockSize { count = self.blockSize } else { count = remaining } guard let dataBytes = try self.handle.read(upToCount: Int(count)) else { throw EXT4.Error.couldNotReadBlock(dataBlock) } data.append(dataBytes) remaining -= UInt64(dataBytes.count) } } } try writer.writeEntry(entry: entry, data: data) } else if mode.isLink() { entry.fileType = .symbolicLink if size < 60 { let linkBytes = EXT4.tupleToArray(inode.block) entry.symlinkTarget = String(bytes: linkBytes, encoding: .utf8) ?? "" } else { if let block = item.blocks { try self.seek(block: block.start) guard let linkBytes = try self.handle.read(upToCount: Int(size)) else { throw EXT4.Error.couldNotReadBlock(block.start) } entry.symlinkTarget = String(bytes: linkBytes, encoding: .utf8) ?? "" } } try writer.writeEntry(entry: entry, data: nil) } else { // do not process sockets, fifo, character and block devices continue } } for (path, number) in self.hardlinks { guard let targetPath = hardlinkTargets[number] else { continue } let inode = try self.getInode(number: number) let entry = WriteEntry() entry.path = path.description entry.hardlink = targetPath.description entry.permissions = inode.mode entry.group = gid_t(inode.gid) entry.owner = uid_t(inode.uid) entry.creationDate = Date(fsTimestamp: UInt64((inode.ctimeExtra << 32) | inode.ctime)) entry.modificationDate = Date(fsTimestamp: UInt64((inode.mtimeExtra << 32) | inode.mtime)) entry.contentAccessDate = Date(fsTimestamp: UInt64((inode.atimeExtra << 32) | inode.atime)) try writer.writeEntry(entry: entry, data: nil) } try writer.finishEncoding() } @available(*, deprecated, renamed: "readInlineExtendedAttributes(from:)") public static func readInlineExtenedAttributes(from buffer: [UInt8]) throws -> [EXT4.ExtendedAttribute] { try readInlineExtendedAttributes(from: buffer) } public static func readInlineExtendedAttributes(from buffer: [UInt8]) throws -> [EXT4.ExtendedAttribute] { let header = UInt32(littleEndian: buffer[0...4].withUnsafeBytes { $0.load(as: UInt32.self) }) if header != EXT4.XAttrHeaderMagic { throw EXT4.FileXattrsState.Error.missingXAttrHeader } return try EXT4.FileXattrsState.read(buffer: buffer, start: 4, offset: 4) } @available(*, deprecated, renamed: "readBlockExtendedAttributes(from:)") public static func readBlockExtenedAttributes(from buffer: [UInt8]) throws -> [EXT4.ExtendedAttribute] { try readBlockExtendedAttributes(from: buffer) } public static func readBlockExtendedAttributes(from buffer: [UInt8]) throws -> [EXT4.ExtendedAttribute] { let header = UInt32(littleEndian: buffer[0...4].withUnsafeBytes { $0.load(as: UInt32.self) }) if header != EXT4.XAttrHeaderMagic { throw EXT4.FileXattrsState.Error.missingXAttrHeader } return try EXT4.FileXattrsState.read(buffer: [UInt8](buffer), start: 32, offset: 0) } func seek(block: UInt32) throws { try self.handle.seek(toOffset: UInt64(block) * blockSize) } } extension Date { init(fsTimestamp: UInt64) { if fsTimestamp == 0 { self = Date.distantPast return } let seconds = Int64(fsTimestamp & 0x3_ffff_ffff) let nanoseconds = Double(fsTimestamp >> 34) / 1_000_000_000 self = Date(timeIntervalSince1970: Double(seconds) + nanoseconds) } } #endif ================================================ FILE: Sources/ContainerizationEXT4/EXT4Reader+IO.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import SystemPackage extension EXT4 { public enum PathIOError: Swift.Error, CustomStringConvertible { case notFound(String) case notAFile(String) case isDirectory(String) case notADirectory(String) case symlinkLoop(String) case invalidPath(String) public var description: String { switch self { case .notFound(let p): return "no such file or directory: \(p)" case .notAFile(let p): return "not a regular file: \(p)" case .isDirectory(let p): return "is a directory: \(p)" case .notADirectory(let p): return "not a directory: \(p)" case .symlinkLoop(let p): return "symlink loop while resolving: \(p)" case .invalidPath(let p): return "invalid path: \(p)" } } } } // MARK: - Public API extension EXT4.EXT4Reader { /// Return true if a path exists (file or directory) in this ext4 device. public func exists(_ path: FilePath, followSymlinks: Bool = true) -> Bool { (try? resolvePath(path, followSymlinks: followSymlinks).inode) != nil } /// Get the total number of blocks in the filesystem private var totalBlocks: UInt64 { let lo = UInt64(_superBlock.blocksCountLow) let hi = UInt64(_superBlock.blocksCountHigh) return lo | (hi << 32) } /// Validate that a physical block address is within device bounds private func validateBlockAddress(_ block: UInt32) throws { guard UInt64(block) < totalBlocks else { throw EXT4.PathIOError.invalidPath("block address \(block) exceeds device bounds (\(totalBlocks) blocks)") } } /// Metadata (inode + inode number) for a path. public func stat(_ path: FilePath, followSymlinks: Bool = true) throws -> (inodeNumber: EXT4.InodeNumber, inode: EXT4.Inode) { let resolved = try resolvePath(path, followSymlinks: followSymlinks) return (resolved.inodeNum, try getInode(number: resolved.inodeNum)) } /// List a directory's entries (names only). Does not include "." or "..". public func listDirectory(_ path: FilePath) throws -> [String] { let (inoNum, ino) = try stat(path) guard ino.mode.isDir() else { throw EXT4.PathIOError.notADirectory(path.description) } let children = try children(of: inoNum) return children .map { $0.0 } .filter { $0 != "." && $0 != ".." } .sorted() } /// Read bytes from a regular file at `path` into `buffer`, starting at `offset`. /// Returns the number of bytes written to `buffer` (may be less than `buffer.count` at EOF). /// - Note: Semantics mirror `read(2)`: partial reads are possible. @discardableResult public func readFile( at path: FilePath, into buffer: UnsafeMutableRawBufferPointer, offset: UInt64 = 0, followSymlinks: Bool = true ) throws -> Int { let context = try prepareRead(path: path, offset: offset, followSymlinks: followSymlinks) if buffer.count == 0 || context.maxReadable == 0 { return 0 } let want = min(UInt64(buffer.count), context.maxReadable) return try performRead( inodeNumber: context.inodeNumber, start: context.start, wantedBytes: want, into: buffer ) } /// Read bytes from a regular file at `path` starting at `offset`. /// If `count` is nil, reads to EOF. Returns exactly the requested bytes (or less at EOF). public func readFile( at path: FilePath, offset: UInt64 = 0, count: Int? = nil, followSymlinks: Bool = true ) throws -> Data { let context = try prepareRead(path: path, offset: offset, followSymlinks: followSymlinks) let want = count.map { min(UInt64($0), context.maxReadable) } ?? context.maxReadable if want == 0 { return Data() } var out = Data(count: Int(want)) let wrote = try out.withUnsafeMutableBytes { try performRead( inodeNumber: context.inodeNumber, start: context.start, wantedBytes: want, into: $0 ) } if wrote < Int(want) { out.removeSubrange(wrote.. (inodeNumber: EXT4.InodeNumber, start: UInt64, maxReadable: UInt64) { let (inoNum, inode) = try stat(path, followSymlinks: followSymlinks) if inode.mode.isDir() { throw EXT4.PathIOError.isDirectory(path.description) } if !inode.mode.isReg() { throw EXT4.PathIOError.notAFile(path.description) } let fileSize: UInt64 = inodeFileSize(inode) let start = min(offset, fileSize) let maxReadable = fileSize - start return (inodeNumber: inoNum, start: start, maxReadable: maxReadable) } private func performRead( inodeNumber: EXT4.InodeNumber, start: UInt64, wantedBytes: UInt64, into buffer: UnsafeMutableRawBufferPointer ) throws -> Int { if wantedBytes == 0 { return 0 } guard let extents = try self.getExtents(inode: inodeNumber), !extents.isEmpty else { return 0 } for (physStartBlk, physEndBlk) in extents { try validateBlockAddress(physStartBlk) if physEndBlk > physStartBlk { try validateBlockAddress(physEndBlk - 1) } } guard let base = buffer.baseAddress else { return 0 } let desiredBytes = Int(min(wantedBytes, UInt64(buffer.count))) if desiredBytes == 0 { return 0 } let blockSizeBytes = self.blockSize let reqStart = start let reqEnd = start + UInt64(desiredBytes) var logicalOffset: UInt64 = 0 var bytesWritten = 0 for (physStartBlk, physEndBlk) in extents { let extentBytes = UInt64(physEndBlk - physStartBlk) * blockSizeBytes let logicalEnd = logicalOffset + extentBytes if logicalEnd <= reqStart { logicalOffset = logicalEnd continue } if logicalOffset >= reqEnd { break } let overlapStart = max(logicalOffset, reqStart) let overlapEnd = min(logicalEnd, reqEnd) var remaining = overlapEnd - overlapStart if remaining == 0 { logicalOffset = logicalEnd continue } let offsetIntoExtent = overlapStart - logicalOffset let absoluteByteOffset = (UInt64(physStartBlk) * blockSizeBytes) + offsetIntoExtent do { try self.handle.seek(toOffset: absoluteByteOffset) } catch { if bytesWritten > 0 { return bytesWritten } throw EXT4.PathIOError.invalidPath("failed to seek to offset \(absoluteByteOffset): \(error)") } while remaining > 0 && bytesWritten < desiredBytes { let chunk = min(desiredBytes - bytesWritten, Int(min(remaining, UInt64(1 << 20)))) let dest = UnsafeMutableRawBufferPointer( start: base.advanced(by: bytesWritten), count: chunk ) do { guard let data = try self.handle.read(upToCount: chunk) else { return bytesWritten } if data.count == 0 { return bytesWritten } // Copy the data to the destination buffer data.withUnsafeBytes { sourceBytes in dest.copyMemory(from: UnsafeRawBufferPointer(sourceBytes)) } bytesWritten += data.count remaining -= UInt64(data.count) if data.count < chunk && remaining > 0 { return bytesWritten } } catch { if bytesWritten > 0 { return bytesWritten } throw error } } logicalOffset = logicalEnd if bytesWritten >= desiredBytes { break } } return bytesWritten } // MARK: - Internals inside EXT4Reader public struct ResolvedPath { let inodeNum: EXT4.InodeNumber let inode: EXT4.Inode } /// Resolve a path to an inode (optionally following symlinks). /// Paths may be absolute ("/...") or relative (from "/"). public func resolvePath(_ path: FilePath, followSymlinks: Bool, maxSymlinks: Int = 40) throws -> ResolvedPath { var components: [String] = normalize(path: path) var current: EXT4.InodeNumber = EXT4.RootInode var parentStack: [EXT4.InodeNumber] = [] // Track parent chain for proper ".." handling var symlinkHops = 0 var visitedInodes = Set() // Process components one at a time to handle symlinks in the middle of paths var componentIndex = 0 while componentIndex < components.count { let name = components[componentIndex] if name == "." { componentIndex += 1 continue } if name == ".." { // Handle parent directory traversal if current == EXT4.RootInode { // At root, ".." points to itself componentIndex += 1 continue } // Use parent stack if available if !parentStack.isEmpty { current = parentStack.removeLast() } else { // Fallback: look up ".." entry in filesystem let entries = try children(of: current) if let parent = entries.first(where: { $0.0 == ".." })?.1 { current = parent } } componentIndex += 1 continue } // Regular component: verify current is a directory and look up child let currentInode = try getInode(number: current) guard currentInode.mode.isDir() else { throw EXT4.PathIOError.notADirectory(name) } let entries = try children(of: current) guard let child = entries.first(where: { $0.0 == name }) else { throw EXT4.PathIOError.notFound(name) } // Check if child is a symlink let childInode = try getInode(number: child.1) if childInode.mode.isLink() && followSymlinks { // Check for symlink loop if visitedInodes.contains(child.1) { throw EXT4.PathIOError.symlinkLoop(FilePath(components.joined(separator: "/")).description) } visitedInodes.insert(child.1) // Enforce max symlink depth symlinkHops += 1 if symlinkHops > maxSymlinks { throw EXT4.PathIOError.symlinkLoop(FilePath(components.joined(separator: "/")).description) } // Read symlink target let linkBytes = try readFileFromInode(inodeNum: child.1) guard let linkTarget = String(data: linkBytes, encoding: .utf8), !linkTarget.isEmpty else { throw EXT4.PathIOError.invalidPath("empty symlink target") } // Parse symlink target into components let targetComponents = normalize(path: FilePath(linkTarget)) // Replace current component with symlink target components and continue if linkTarget.hasPrefix("/") { // Absolute symlink: reset to root current = EXT4.RootInode parentStack = [] // Replace the symlink component with target components + remaining path components = targetComponents + Array(components[(componentIndex + 1)...]) componentIndex = 0 // Start from beginning with new path } else { // Relative symlink: continue from current directory // Replace the symlink component with target components + remaining path components = Array(components[0.. (EXT4.InodeNumber, [EXT4.InodeNumber]) { var current = start var parentStack = initialStack if components.isEmpty { return (current, parentStack) } for name in components { if name == "." { continue } if name == ".." { // Handle parent directory traversal with proper tracking if current == EXT4.RootInode { // At root, ".." points to itself (POSIX behavior) continue } // Use parent stack if available for accurate traversal if !parentStack.isEmpty { current = parentStack.removeLast() } else { // No parent tracking available - look up ".." entry in filesystem // This happens when we start traversal from a non-root inode let entries = try children(of: current) if let parent = entries.first(where: { $0.0 == ".." })?.1 { current = parent } } continue } // Regular component: verify current is a directory before traversing let currentInode = try getInode(number: current) guard currentInode.mode.isDir() else { throw EXT4.PathIOError.notADirectory(name) } // Look up child in current directory let entries = try children(of: current) guard let child = entries.first(where: { $0.0 == name }) else { throw EXT4.PathIOError.notFound(name) } // Push current to parent stack before descending parentStack.append(current) current = child.1 } return (current, parentStack) } /// Walk a sequence of path components from a starting inode. private func walk(current start: EXT4.InodeNumber, components: [String]) throws -> EXT4.InodeNumber { let (result, _) = try walkWithParents(current: start, components: components, parentStack: []) return result } /// Normalize a path into components, handling absolute and relative paths. private func normalize(path: FilePath) -> [String] { let s = path.description let trimmed = s.hasPrefix("/") ? String(s.dropFirst()) : s if trimmed.isEmpty { return [] } return trimmed.split(separator: "/").map(String.init) } /// Read entire file content of a regular file given an inode (used for symlink targets). private func readFileFromInode(inodeNum: EXT4.InodeNumber) throws -> Data { let ino = try getInode(number: inodeNum) guard ino.mode.isReg() || ino.mode.isLink() else { return Data() } let size = inodeFileSize(ino) if size == 0 { return Data() } // Handle fast symlinks (target stored directly in inode block field) if ino.mode.isLink() && size < 60 { // Extract target from inode block field let blockData = withUnsafeBytes(of: ino.block) { Data($0) } return blockData.prefix(Int(size)) } return try readFileBytesFromExtents(inodeNum: inodeNum, offset: 0, count: size) } /// Low-level read using extents, with explicit offset & length (in bytes). private func readFileBytesFromExtents(inodeNum: EXT4.InodeNumber, offset: UInt64, count: UInt64) throws -> Data { guard let extents = try self.getExtents(inode: inodeNum), !extents.isEmpty else { return Data() } // Validate all extent blocks are within device bounds for (startBlk, endBlk) in extents { try validateBlockAddress(startBlk) if endBlk > startBlk { try validateBlockAddress(endBlk - 1) } } var out = Data(capacity: Int(count)) var logicalOffset: UInt64 = 0 var bytesReadSuccessfully: Int = 0 let reqStart = offset let reqEnd = offset + count let bs = self.blockSize for (startBlk, endBlk) in extents { let extentBytes = UInt64(endBlk - startBlk) * bs let logicalEnd = logicalOffset + extentBytes if logicalEnd <= reqStart { logicalOffset = logicalEnd continue } if logicalOffset >= reqEnd { break } let ovlStart = max(logicalOffset, reqStart) let ovlEnd = min(logicalEnd, reqEnd) let ovlLen = ovlEnd - ovlStart if ovlLen == 0 { logicalOffset = logicalEnd continue } let offsetIntoExtent = ovlStart - logicalOffset let absByteOffset = UInt64(startBlk) * bs + offsetIntoExtent do { try self.handle.seek(toOffset: absByteOffset) } catch { if bytesReadSuccessfully > 0 { // Return partial data that was successfully read return out } throw EXT4.PathIOError.invalidPath("failed to seek to offset \(absByteOffset): \(error)") } var left = ovlLen while left > 0 { let chunk = Int(min(left, 1 << 20)) do { guard let data = try self.handle.read(upToCount: chunk) else { let blk = UInt32(absByteOffset / bs) throw EXT4.Error.couldNotReadBlock(blk) } out.append(data) bytesReadSuccessfully += data.count left -= UInt64(data.count) if data.count < chunk && left > 0 { // Partial read - return what we have return out } } catch { if bytesReadSuccessfully > 0 { // Return partial data on error return out } throw error } } logicalOffset = logicalEnd if out.count >= Int(count) { break } } if out.count > Int(count) { out.removeSubrange(Int(count).. UInt64 { // The Containerization EXT4 Inode struct exposes mode and block fields; size fields // are commonly named sizeLo/sizeHigh in this codebase. // EXT4 supports 64-bit file sizes - always use both low and high parts. let lo = UInt64(inode.sizeLow) let hi = UInt64(inode.sizeHigh) return lo | (hi << 32) } } ================================================ FILE: Sources/ContainerizationEXT4/FilePath+Extensions.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import SystemPackage extension FilePath { public static let Separator: String = "/" public var bytes: [UInt8] { self.withCString { cstr in var ptr = cstr var rawBytes: [UInt8] = [] while UInt(bitPattern: ptr) != 0 { if ptr.pointee == 0x00 { break } rawBytes.append(UInt8(bitPattern: ptr.pointee)) ptr = ptr.successor() } return rawBytes } } public var base: String { self.lastComponent?.string ?? "/" } public var dir: FilePath { self.removingLastComponent() } public var url: URL { URL(fileURLWithPath: self.string) } public var items: [String] { self.components.map { $0.string } } public init(_ url: URL) { self.init(url.path(percentEncoded: false)) } public init?(_ data: Data) { let cstr: String? = data.withUnsafeBytes { (rbp: UnsafeRawBufferPointer) in guard let baseAddress = rbp.baseAddress else { return nil } let cString = baseAddress.bindMemory(to: CChar.self, capacity: data.count) return String(cString: cString) } guard let cstr else { return nil } self.init(cstr) } public func join(_ path: FilePath) -> FilePath { self.pushing(path) } public func join(_ path: String) -> FilePath { self.join(FilePath(path)) } public func split() -> (dir: FilePath, base: String) { (self.dir, self.base) } public func clean() -> FilePath { self.lexicallyNormalized() } public static func rel(_ basepath: String, _ targpath: String) -> FilePath { let base = FilePath(basepath) let targ = FilePath(targpath) if base == targ { return "." } let baseComponents = base.items let targComponents = targ.items var commonPrefix = 0 while commonPrefix < min(baseComponents.count, targComponents.count) && baseComponents[commonPrefix] == targComponents[commonPrefix] { commonPrefix += 1 } let upCount = baseComponents.count - commonPrefix let relComponents = Array(repeating: "..", count: upCount) + targComponents[commonPrefix...] return FilePath(relComponents.joined(separator: Self.Separator)) } } extension FileHandle { public convenience init?(forWritingTo path: FilePath) { self.init(forWritingAtPath: path.description) } public convenience init?(forReadingAtPath path: FilePath) { self.init(forReadingAtPath: path.description) } public convenience init?(forReadingFrom path: FilePath) { self.init(forReadingAtPath: path.description) } } ================================================ FILE: Sources/ContainerizationEXT4/FileTimestamps.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation public struct FileTimestamps { public var access: Date public var modification: Date public var creation: Date public var now: Date public var accessLo: UInt32 { access.fs().lo } public var accessHi: UInt32 { access.fs().hi } public var modificationLo: UInt32 { modification.fs().lo } public var modificationHi: UInt32 { modification.fs().hi } public var creationLo: UInt32 { creation.fs().lo } public var creationHi: UInt32 { creation.fs().hi } public var nowLo: UInt32 { now.fs().lo } public var nowHi: UInt32 { now.fs().hi } public init(access: Date?, modification: Date?, creation: Date?) { now = Date() self.access = access ?? now self.modification = modification ?? now self.creation = creation ?? now } public init() { self.init(access: nil, modification: nil, creation: nil) } } ================================================ FILE: Sources/ContainerizationEXT4/Formatter+Unpack.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import ContainerizationArchive import Foundation import ContainerizationOS import SystemPackage import ContainerizationExtras private typealias Hardlinks = [FilePath: FilePath] extension EXT4.Formatter { /// Unpack the provided archive on to the ext4 filesystem. public func unpack(reader: ArchiveReader, progress: ProgressHandler? = nil) throws { var hardlinks: Hardlinks = [:] // Allocate a single 128KiB reusable buffer for all files to minimize allocations // and reduce the number of read calls to libarchive. let bufferSize = 128 * 1024 let reusableBuffer = UnsafeMutableBufferPointer.allocate(capacity: bufferSize) defer { reusableBuffer.deallocate() } for (entry, streamReader) in reader.makeStreamingIterator() { try Task.checkCancellation() guard var pathEntry = entry.path else { continue } defer { // Count the number of entries if let progress { Task { await progress([ .addItems(1) ]) } } } pathEntry = preProcessPath(s: pathEntry) let path = FilePath(pathEntry) if path.base.hasPrefix(".wh.") { if path.base == ".wh..wh..opq" { // whiteout directory try self.unlink(path: path.dir, directoryWhiteout: true) continue } let startIndex = path.base.index(path.base.startIndex, offsetBy: ".wh.".count) let filePath = String(path.base[startIndex...]) let dir: FilePath = path.dir try self.unlink(path: dir.join(filePath)) continue } if let hardlink = entry.hardlink { let hl = preProcessPath(s: hardlink) hardlinks[path] = FilePath(hl) continue } let ts = FileTimestamps( access: entry.contentAccessDate, modification: entry.modificationDate, creation: entry.creationDate) switch entry.fileType { case .directory: try self.create( path: path, mode: EXT4.Inode.Mode(.S_IFDIR, entry.permissions), ts: ts, uid: entry.owner, gid: entry.group, xattrs: entry.xattrs) case .regular: try self.create( path: path, mode: EXT4.Inode.Mode(.S_IFREG, entry.permissions), ts: ts, buf: streamReader, uid: entry.owner, gid: entry.group, xattrs: entry.xattrs, fileBuffer: reusableBuffer) // Count the size of files if let progress, let size = entry.size { Task { await progress([ .addSize(Int64(size)) ]) } } case .symbolicLink: var symlinkTarget: FilePath? if let target = entry.symlinkTarget { symlinkTarget = FilePath(target) } try self.create( path: path, link: symlinkTarget, mode: EXT4.Inode.Mode(.S_IFLNK, entry.permissions), ts: ts, uid: entry.owner, gid: entry.group, xattrs: entry.xattrs) default: continue } } guard hardlinks.acyclic else { throw UnpackError.circularLinks } for (path, _) in hardlinks { if let resolvedTarget = try hardlinks.resolve(path) { try self.link(link: path, target: resolvedTarget) } } } /// Unpack an archive at the source URL on to the ext4 filesystem. public func unpack( source: URL, format: ContainerizationArchive.Format = .paxRestricted, compression: ContainerizationArchive.Filter = .gzip, progress: ProgressHandler? = nil ) throws { let reader = try ArchiveReader( format: format, filter: compression, file: source ) try self.unpack(reader: reader, progress: progress) } private func preProcessPath(s: String) -> String { var p = s if p.hasPrefix("./") { p = String(p.dropFirst()) } if !p.hasPrefix("/") { p = "/" + p } return p } } /// Common errors for unpacking an archive onto an ext4 filesystem. public enum UnpackError: Swift.Error, CustomStringConvertible, Sendable, Equatable { /// The name is invalid. case invalidName(_ name: String) /// A circular link is found. case circularLinks /// The description of the error. public var description: String { switch self { case .invalidName(let name): return "'\(name)' is an invalid name" case .circularLinks: return "circular links found" } } } extension Hardlinks { fileprivate var acyclic: Bool { for (_, target) in self { var visited: Set = [target] var next = target while let item = self[next] { if visited.contains(item) { return false } next = item visited.insert(next) } } return true } fileprivate func resolve(_ key: FilePath) throws -> FilePath? { let target = self[key] guard let target else { return nil } var next = target let visited: Set = [next] while let item = self[next] { if visited.contains(item) { throw UnpackError.circularLinks } next = item } return next } } #endif ================================================ FILE: Sources/ContainerizationEXT4/Integer+Extensions.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation extension UInt64 { public var lo: UInt32 { UInt32(self & 0xffff_ffff) } public var hi: UInt32 { UInt32(self >> 32) } public static func - (lhs: Self, rhs: UInt32) -> UInt64 { lhs - UInt64(rhs) } public static func % (lhs: Self, rhs: UInt32) -> UInt64 { lhs % UInt64(rhs) } public static func / (lhs: Self, rhs: UInt32) -> UInt32 { (lhs / UInt64(rhs)).lo } public static func * (lhs: Self, rhs: UInt32) -> UInt64 { lhs * UInt64(rhs) } public static func * (lhs: Self, rhs: Int) -> UInt64 { lhs * UInt64(rhs) } } extension UInt32 { public var lo: UInt16 { UInt16(self & 0xffff) } public var hi: UInt16 { UInt16(self >> 16) } public static func + (lhs: Self, rhs: Int.IntegerLiteralType) -> UInt32 { lhs + UInt32(rhs) } public static func - (lhs: Self, rhs: Int.IntegerLiteralType) -> UInt32 { lhs - UInt32(rhs) } public static func / (lhs: Self, rhs: Int.IntegerLiteralType) -> UInt32 { lhs / UInt32(rhs) } public static func - (lhs: Self, rhs: UInt16) -> UInt32 { lhs - UInt32(rhs) } public static func * (lhs: Self, rhs: Int.IntegerLiteralType) -> Int { Int(lhs) * rhs } } extension Int { public static func + (lhs: Self, rhs: UInt32) -> Int { lhs + Int(rhs) } public static func + (lhs: Self, rhs: UInt32) -> UInt32 { UInt32(lhs) + rhs } } extension UInt16 { func isDir() -> Bool { self & EXT4.FileModeFlag.TypeMask.rawValue == EXT4.FileModeFlag.S_IFDIR.rawValue } func isLink() -> Bool { self & EXT4.FileModeFlag.TypeMask.rawValue == EXT4.FileModeFlag.S_IFLNK.rawValue } func isReg() -> Bool { self & EXT4.FileModeFlag.TypeMask.rawValue == EXT4.FileModeFlag.S_IFREG.rawValue } func fileType() -> UInt8 { typealias FMode = EXT4.FileModeFlag typealias FileType = EXT4.FileType switch self & FMode.TypeMask.rawValue { case FMode.S_IFREG.rawValue: return FileType.regular.rawValue case FMode.S_IFDIR.rawValue: return FileType.directory.rawValue case FMode.S_IFCHR.rawValue: return FileType.character.rawValue case FMode.S_IFBLK.rawValue: return FileType.block.rawValue case FMode.S_IFIFO.rawValue: return FileType.fifo.rawValue case FMode.S_IFSOCK.rawValue: return FileType.socket.rawValue case FMode.S_IFLNK.rawValue: return FileType.symbolicLink.rawValue default: return FileType.unknown.rawValue } } } extension [UInt8] { var allZeros: Bool { for num in self where num != 0 { return false } return true } } ================================================ FILE: Sources/ContainerizationEXT4/README.md ================================================ # ``ContainerizationEXT4`` `ContainerizationEXT4` provides functionality to read the superblock of an existing ext4 block device and format a new block device with the ext4 file system. ================================================ FILE: Sources/ContainerizationEXT4/UnsafeLittleEndianBytes.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation // takes a pointer and converts its contents to native endian bytes public func withUnsafeLittleEndianBytes(of value: T, body: (UnsafeRawBufferPointer) throws -> Result) rethrows -> Result { switch Endian { case .little: return try withUnsafeBytes(of: value) { bytes in try body(bytes) } case .big: return try withUnsafeBytes(of: value) { buffer in let reversedBuffer = Array(buffer.reversed()) return try reversedBuffer.withUnsafeBytes { buf in try body(buf) } } } } public func withUnsafeLittleEndianBuffer( of value: UnsafeRawBufferPointer, body: (UnsafeRawBufferPointer) throws -> T ) rethrows -> T { switch Endian { case .little: return try body(value) case .big: let reversed = Array(value.reversed()) return try reversed.withUnsafeBytes { buf in try body(buf) } } } extension UnsafeRawBufferPointer { // loads littleEndian raw data, converts it native endian format and calls UnsafeRawBufferPointer.load public func loadLittleEndian(as type: T.Type) -> T { switch Endian { case .little: return self.load(as: T.self) case .big: let buffer = Array(self.reversed()) return buffer.withUnsafeBytes { ptr in ptr.load(as: T.self) } } } } public enum Endianness { case little case big } // returns current endianness public var Endian: Endianness { switch CFByteOrderGetCurrent() { case CFByteOrder(CFByteOrderLittleEndian.rawValue): return .little case CFByteOrder(CFByteOrderBigEndian.rawValue): return .big default: fatalError("impossible") } } ================================================ FILE: Sources/ContainerizationError/ContainerizationError.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// The core error type for Containerization. /// /// Most API surfaces for the core container/process/agent types will /// return a ContainerizationError. public struct ContainerizationError: Swift.Error, Sendable { /// A code describing the error encountered. public var code: Code /// A description of the error. public var message: String /// The original error which led to this error being thrown. public var cause: (any Error)? /// Creates a new error. /// /// - Parameters: /// - code: The error code. /// - message: A description of the error. /// - cause: The original error which led to this error being thrown. public init(_ code: Code, message: String, cause: (any Error)? = nil) { self.code = code self.message = message self.cause = cause } /// Creates a new error. /// /// - Parameters: /// - rawCode: The error code value as a String. /// - message: A description of the error. /// - cause: The original error which led to this error being thrown. public init(_ rawCode: String, message: String, cause: (any Error)? = nil) { self.code = Code(rawValue: rawCode) self.message = message self.cause = cause } /// Provides a unique hash of the error. public func hash(into hasher: inout Hasher) { hasher.combine(self.code) hasher.combine(self.message) } /// Equality operator for the error. Uses the code and message. public static func == (lhs: Self, rhs: Self) -> Bool { lhs.code == rhs.code && lhs.message == rhs.message } /// Checks if the given error has the provided code. public func isCode(_ code: Code) -> Bool { self.code == code } } extension ContainerizationError: CustomStringConvertible { /// Description of the error. public var description: String { guard let cause = self.cause else { return "\(self.code): \"\(self.message)\"" } return "\(self.code): \"\(self.message)\" (cause: \"\(cause)\")" } } extension ContainerizationError: LocalizedError { /// A localized message describing what error occurred. public var errorDescription: String? { guard let cause = self.cause else { return message } return "\(message) (cause: \"\(cause)\")" } } extension ContainerizationError { /// Codes for a `ContainerizationError`. public struct Code: Sendable, Hashable { private enum Value: Hashable, Sendable, CaseIterable { case unknown case invalidArgument case internalError case exists case notFound case cancelled case invalidState case empty case timeout case unsupported case interrupted } private var value: Value private init(_ value: Value) { self.value = value } init(rawValue: String) { let values = Value.allCases.reduce(into: [String: Value]()) { $0[String(describing: $1)] = $1 } let match = values[rawValue] guard let match else { fatalError("invalid code value \(rawValue)") } self.value = match } public static var unknown: Self { Self(.unknown) } public static var invalidArgument: Self { Self(.invalidArgument) } public static var internalError: Self { Self(.internalError) } public static var exists: Self { Self(.exists) } public static var notFound: Self { Self(.notFound) } public static var cancelled: Self { Self(.cancelled) } public static var invalidState: Self { Self(.invalidState) } public static var empty: Self { Self(.empty) } public static var timeout: Self { Self(.timeout) } public static var unsupported: Self { Self(.unsupported) } public static var interrupted: Self { Self(.interrupted) } } } extension ContainerizationError.Code: CustomStringConvertible { public var description: String { String(describing: self.value) } } ================================================ FILE: Sources/ContainerizationExtras/AddressAllocator.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// Conforming objects can allocate and free various address types. public protocol AddressAllocator: Sendable { associatedtype AddressType: Sendable /// Allocate a new address. func allocate() throws -> AddressType /// Attempt to reserve a specific address. func reserve(_ address: AddressType) throws /// Free an allocated address. func release(_ address: AddressType) throws /// If no addresses are allocated, prevent future allocations and return true. func disableAllocator() -> Bool } /// Errors that a type implementing AddressAllocator should throw. public enum AllocatorError: Swift.Error, CustomStringConvertible, Equatable { case allocatorDisabled case allocatorFull case alreadyAllocated(_ address: String) case invalidAddress(_ index: String) case invalidArgument(_ msg: String) case invalidIndex(_ index: Int) case notAllocated(_ address: String) case rangeExceeded public var description: String { switch self { case .allocatorDisabled: return "the allocator is shutting down" case .allocatorFull: return "no free indices are available for allocation" case .alreadyAllocated(let address): return "cannot choose already-allocated address \(address)" case .invalidAddress(let address): return "cannot create index using address \(address)" case .invalidArgument(let msg): return "invalid argument: \(msg)" case .invalidIndex(let index): return "cannot create address using index \(index)" case .notAllocated(let address): return "cannot free unallocated address \(address)" case .rangeExceeded: return "cannot create allocator that overflows maximum address value" } } } ================================================ FILE: Sources/ContainerizationExtras/AddressError.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// public struct AddressError: Error, Equatable, Hashable, CustomStringConvertible { public var description: String { String(describing: self.base) } @usableFromInline enum Base: Equatable, Hashable, Sendable { case unableToParse case invalidZoneIdentifier case invalidIPv4Suffix case multipleEllipsis case invalidHexGroup case malformedAddress case incompleteAddress } @usableFromInline let base: Base @inlinable init(_ base: Base) { self.base = base } public static var unableToParse: Self { Self(.unableToParse) } public static var invalidZoneIdentifier: Self { Self(.invalidZoneIdentifier) } public static var invalidIPv4SuffixInIPv6Address: Self { Self(.invalidIPv4Suffix) } public static var multipleEllipsis: Self { Self(.multipleEllipsis) } public static var invalidHexGroup: Self { Self(.invalidHexGroup) } public static var malformedAddress: Self { Self(.malformedAddress) } public static var incompleteAddress: Self { Self(.incompleteAddress) } } ================================================ FILE: Sources/ContainerizationExtras/AsyncLock.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Logging /// `AsyncLock` provides a familiar locking API, with the main benefit being that it /// is safe to call async methods while holding the lock. This is primarily used in spots /// where an actor makes sense, but we may need to ensure we don't fall victim to actor /// reentrancy issues. public actor AsyncLock { private var busy = false private var queue: ArraySlice> = [] private var log: Logger? public struct Context: Sendable { fileprivate init() {} } public init(log: Logger? = nil) { self.log = log } /// withLock provides a scoped locking API to run a function while holding the lock. public func withLock(logMetadata: Logger.Metadata? = nil, _ body: @Sendable @escaping (Context) async throws -> T) async rethrows -> T { log?.debug("acquiring lock", metadata: logMetadata) while self.busy { await withCheckedContinuation { cc in self.queue.append(cc) } } self.busy = true defer { self.busy = false if let next = self.queue.popFirst() { next.resume(returning: ()) } else { self.queue = [] } } log?.debug("holding lock", metadata: logMetadata) defer { log?.debug("releasing lock", metadata: logMetadata) } let context = Context() return try await body(context) } } ================================================ FILE: Sources/ContainerizationExtras/AsyncMutex.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// `AsyncMutex` provides a mutex that protects a piece of data, with the main benefit being that it /// is safe to call async methods while holding the lock. This is primarily used in spots /// where an actor makes sense, but we may need to ensure we don't fall victim to actor /// reentrancy issues. public actor AsyncMutex { private final class Box: @unchecked Sendable { var value: T init(_ value: T) { self.value = value } } private var busy = false private var queue: ArraySlice> = [] private let box: Box public init(_ initialValue: T) { self.box = Box(initialValue) } /// withLock provides a scoped locking API to run a function while holding the lock. /// The protected value is passed to the closure for safe access. public func withLock(_ body: @Sendable @escaping (inout T) async throws -> R) async rethrows -> R { while self.busy { await withCheckedContinuation { cc in self.queue.append(cc) } } self.busy = true defer { self.busy = false if let next = self.queue.popFirst() { next.resume(returning: ()) } else { self.queue = [] } } return try await body(&self.box.value) } } ================================================ FILE: Sources/ContainerizationExtras/CIDR.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// Describes an IPv4 or IPv6 CIDR address block. @frozen public enum CIDR: CustomStringConvertible, Equatable, Sendable, Hashable { case v4(IPv4Address, Prefix) case v6(IPv6Address, Prefix) /// Create a CIDR address block. public init(_ cidr: String) throws { if let cidrV4 = try? CIDRv4(cidr) { self = .v4(cidrV4.address, cidrV4.prefix) } else if let cidrV6 = try? CIDRv6(cidr) { self = .v6(cidrV6.address, cidrV6.prefix) } else { throw Error.invalidCIDR(cidr: cidr) } } /// Create a CIDR address from a member IP and a prefix length. public init(_ address: IPAddress, prefix: Prefix) throws { switch address { case .v4(let addr): guard prefix.length <= 32 else { throw Error.invalidCIDR(cidr: "\(address)/\(prefix)") } self = .v4(addr, prefix) case .v6(let addr): guard prefix.length <= 128 else { throw Error.invalidCIDR(cidr: "\(address)/\(prefix)") } self = .v6(addr, prefix) } } /// Create the smallest CIDR block that includes the lower and upper bounds. /// /// For type-safe construction, prefer `v4Range(lower:upper:)` or `v6Range(lower:upper:)`. public init(lower: IPAddress, upper: IPAddress) throws { switch (lower, upper) { case (.v4(let lowerAddr), .v4(let upperAddr)): let cidr = try CIDRv4(lower: lowerAddr, upper: upperAddr) self = .v4(cidr.address, cidr.prefix) case (.v6(let lowerAddr), .v6(let upperAddr)): let cidr = try CIDRv6(lower: lowerAddr, upper: upperAddr) self = .v6(cidr.address, cidr.prefix) default: throw Error.invalidAddressRange(lower: lower.description, upper: upper.description) } } /// The IP component of this CIDR address. @inlinable public var address: IPAddress { switch self { case .v4(let addr, _): return .v4(addr) case .v6(let addr, _): return .v6(addr) } } /// The prefix length of this CIDR address. @inlinable public var prefix: Prefix { switch self { case .v4(_, let prefix), .v6(_, let prefix): return prefix } } /// The lowest address in this CIDR block @inlinable public var lower: IPAddress { switch self { case (.v4(let addr, let prefix)): return .v4(IPv4Address(addr.value & prefix.prefixMask32)) case (.v6(let addr, let prefix)): return .v6(IPv6Address(addr.value & prefix.prefixMask128)) } } /// The highest address in this CIDR block (broadcast address). @inlinable public var upper: IPAddress { switch self { case .v4(let addr, let prefix): return .v4(IPv4Address(addr.value | prefix.suffixMask32)) case .v6(let addr, let prefix): return .v6(IPv6Address(addr.value | prefix.suffixMask128, zone: addr.zone)) } } /// Return true if the CIDR block contains the specified address. /// /// Compares network portion of the given IP address. @inlinable public func contains(_ ip: IPAddress) -> Bool { switch (self, ip) { case (.v4(let network, let prefix), .v4(let ip)): return network.value == (ip.value & prefix.prefixMask32) case (.v6(let network, let prefix), .v6(let ip)): return (network.zone == ip.zone) && (network.value == (ip.value & prefix.prefixMask128)) default: return false } } /// Retrieve the text representation of the CIDR block. public var description: String { "\(address)/\(prefix)" } } extension CIDR { public enum Error: Swift.Error { case invalidCIDR(cidr: String) case invalidAddressRange(lower: String, upper: String) } } extension CIDR: Codable { public init(from decoder: Decoder) throws { let container = try decoder.singleValueContainer() let string = try container.decode(String.self) try self.init(string) } public func encode(to encoder: Encoder) throws { var container = encoder.singleValueContainer() try container.encode(description) } } ================================================ FILE: Sources/ContainerizationExtras/CIDRv4.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// Describes an IPv4 CIDR address block. @frozen public struct CIDRv4: CustomStringConvertible, Equatable, Sendable, Hashable { /// The IP component of this CIDR address. public let address: IPv4Address /// The prefix length of this CIDR address. public let prefix: Prefix /// Create a CIDR address block. public init(_ cidr: String) throws { let split = cidr.split(separator: "/") guard split.count == 2 else { throw CIDR.Error.invalidCIDR(cidr: cidr) } guard let prefixLength = UInt8(split[1]), let prefix = Prefix(length: prefixLength) else { throw CIDR.Error.invalidCIDR(cidr: cidr) } let address = try IPv4Address(String(split[0])) try self.init(address, prefix: prefix) } /// Create a CIDR address from a member IP and a prefix length. public init(_ address: IPv4Address, prefix: Prefix) throws { guard prefix.length <= 32 else { throw CIDR.Error.invalidCIDR(cidr: "\(address)/\(prefix)") } self.address = address self.prefix = prefix } /// Create the smallest IPv4 CIDR block that includes the lower and upper bounds. /// /// - Parameters: /// - lower: The lower bound IPv4 address /// - upper: The upper bound IPv4 address /// - Returns: The smallest CIDR block containing both addresses /// - Throws: If lower > upper public init(lower: IPv4Address, upper: IPv4Address) throws { guard lower.value <= upper.value else { throw CIDR.Error.invalidAddressRange(lower: lower.description, upper: upper.description) } for length in 1...32 { let prefixLength = Prefix(unchecked: UInt8(length)) let mask = prefixLength.prefixMask32 if (lower.value & mask) != (upper.value & mask) { let prefix = Prefix(unchecked: UInt8(length - 1)) let networkAddr = IPv4Address(lower.value & prefix.prefixMask32) try self.init(networkAddr, prefix: prefix) return } } // Same address - /32 block let prefix = Prefix(unchecked: 32) let networkAddr = IPv4Address(lower.value & prefix.prefixMask32) try self.init(networkAddr, prefix: prefix) } /// The lowest address in this CIDR block @inlinable public var lower: IPv4Address { IPv4Address(address.value & prefix.prefixMask32) } /// The highest address in this CIDR block (broadcast address). @inlinable public var upper: IPv4Address { IPv4Address(address.value | prefix.suffixMask32) } /// Return true if the CIDR block contains the specified address. /// /// Compares network portion of the given IP address. @inlinable public func contains(_ ip: IPv4Address) -> Bool { (address.value & prefix.prefixMask32) == (ip.value & prefix.prefixMask32) } /// Retrieve the text representation of the CIDR block. public var description: String { "\(address)/\(prefix)" } } extension CIDRv4: Codable { public init(from decoder: Decoder) throws { let container = try decoder.singleValueContainer() let string = try container.decode(String.self) try self.init(string) } public func encode(to encoder: Encoder) throws { var container = encoder.singleValueContainer() try container.encode(description) } } ================================================ FILE: Sources/ContainerizationExtras/CIDRv6.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// Describes an IPv4 or IPv6 CIDR address block. @frozen public struct CIDRv6: CustomStringConvertible, Equatable, Sendable, Hashable { /// The IP component of this CIDR address. public let address: IPv6Address /// The prefix length of this CIDR address. public let prefix: Prefix /// Create a CIDR address block. public init(_ cidr: String) throws { let split = cidr.split(separator: "/") guard split.count == 2 else { throw CIDR.Error.invalidCIDR(cidr: cidr) } guard let prefixLength = UInt8(split[1]), let prefix = Prefix(length: prefixLength) else { throw CIDR.Error.invalidCIDR(cidr: cidr) } let address = try IPv6Address(String(split[0])) try self.init(address, prefix: prefix) } /// Create a CIDR address from a member IP and a prefix length. public init(_ address: IPv6Address, prefix: Prefix) throws { guard prefix.length <= 128 else { throw CIDR.Error.invalidCIDR(cidr: "\(address)/\(prefix)") } self.address = address self.prefix = prefix } /// Create the smallest IPv6 CIDR block that includes the lower and upper bounds. /// /// - Parameters: /// - lower: The lower bound IPv6 address /// - upper: The upper bound IPv6 address /// - Returns: The smallest CIDR block containing both addresses /// - Throws: If lower > upper or zones don't match public init(lower: IPv6Address, upper: IPv6Address) throws { guard lower.value <= upper.value && lower.zone == upper.zone else { throw CIDR.Error.invalidAddressRange(lower: lower.description, upper: upper.description) } for length in 1...128 { let prefixLength = Prefix(unchecked: UInt8(length)) let mask = prefixLength.prefixMask128 if (lower.value & mask) != (upper.value & mask) { let prefix = Prefix(unchecked: UInt8(length - 1)) let networkAddr = IPv6Address(lower.value & prefix.prefixMask128, zone: lower.zone) try self.init(networkAddr, prefix: prefix) return } } // Same address - /128 block let prefix = Prefix(unchecked: 128) let networkAddr = IPv6Address(lower.value & prefix.prefixMask128, zone: lower.zone) try self.init(networkAddr, prefix: prefix) } /// The lowest address in this CIDR block @inlinable public var lower: IPv6Address { IPv6Address(address.value & prefix.prefixMask128) } /// The highest address in this CIDR block (broadcast address). @inlinable public var upper: IPv6Address { IPv6Address(address.value | prefix.suffixMask128, zone: address.zone) } /// Return true if the CIDR block contains the specified address. /// /// Compares network portion of the given IP address. @inlinable public func contains(_ ip: IPv6Address) -> Bool { (address.zone == ip.zone) && ((address.value & prefix.prefixMask128) == (ip.value & prefix.prefixMask128)) } /// Retrieve the text representation of the CIDR block. public var description: String { "\(address)/\(prefix)" } } extension CIDRv6: Codable { public init(from decoder: Decoder) throws { let container = try decoder.singleValueContainer() let string = try container.decode(String.self) try self.init(string) } public func encode(to encoder: Encoder) throws { var container = encoder.singleValueContainer() try container.encode(description) } } ================================================ FILE: Sources/ContainerizationExtras/FileManager+Temporary.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation extension FileManager { /// Returns a unique temporary directory to use. public func uniqueTemporaryDirectory(create: Bool = true) -> URL { let tempDirectoryURL = temporaryDirectory let uniqueDirectoryURL = tempDirectoryURL.appendingPathComponent(UUID().uuidString) if create { try? createDirectory(at: uniqueDirectoryURL, withIntermediateDirectories: true, attributes: nil) } return uniqueDirectoryURL } } ================================================ FILE: Sources/ContainerizationExtras/IPAddress.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// Represents an IP address that can be either IPv4 or IPv6. @frozen public enum IPAddress: Sendable, Hashable, CustomStringConvertible, Equatable { /// An IPv4 address case v4(IPv4Address) /// An IPv6 address case v6(IPv6Address) /// Parses an IP address string, automatically detecting IPv4 or IPv6 format. /// /// - Parameter string: IP address string to parse /// - Returns: An `IPAddress` containing either an IPv4 or IPv6 address /// - Throws: `AddressError.unableToParse` if invalid public init(_ string: String) throws { let utf8 = string.utf8 var hasColon = false var hasDot = false for byte in utf8 { if byte == 58 { // ASCII ':' hasColon = true break } if byte == 46 { // ASCII '.' hasDot = true } } if hasColon { let ipv6 = try IPv6Address.parse(string) self = .v6(ipv6) } else if hasDot { let ipv4 = try IPv4Address(string) self = .v4(ipv4) } else { throw AddressError.unableToParse } } /// String representation of the IP address. public var description: String { switch self { case .v4(let addr): return addr.description case .v6(let addr): return addr.description } } /// Returns `true` if this is an IPv4 address. @inlinable public var isV4: Bool { if case .v4 = self { return true } return false } /// Returns `true` if this is an IPv6 address. @inlinable public var isV6: Bool { if case .v6 = self { return true } return false } /// Returns the underlying IPv4 address if this is an IPv4 address, otherwise `nil`. @inlinable public var ipv4: IPv4Address? { if case .v4(let addr) = self { return addr } return nil } /// Returns the underlying IPv6 address if this is an IPv6 address, otherwise `nil`. @inlinable public var ipv6: IPv6Address? { if case .v6(let addr) = self { return addr } return nil } /// Returns `true` if this is a loopback address (127.0.0.0/8 or ::1). @inlinable public var isLoopback: Bool { switch self { case .v4(let addr): return addr.isLoopback case .v6(let addr): return addr.isLoopback } } /// Returns `true` if this is a multicast address. @inlinable public var isMulticast: Bool { switch self { case .v4(let addr): return addr.isMulticast case .v6(let addr): return addr.isMulticast } } /// Returns `true` if this is an unspecified address (0.0.0.0 or ::). @inlinable public var isUnspecified: Bool { switch self { case .v4(let addr): return addr.isUnspecified case .v6(let addr): return addr.isUnspecified } } } extension IPAddress: Codable { public init(from decoder: Decoder) throws { let container = try decoder.singleValueContainer() let string = try container.decode(String.self) try self.init(string) } public func encode(to encoder: Encoder) throws { var container = encoder.singleValueContainer() try container.encode(description) } } ================================================ FILE: Sources/ContainerizationExtras/IPv4Address.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// @frozen public struct IPv4Address: Sendable, Hashable, CustomStringConvertible, Equatable, Comparable { public let value: UInt32 /// Creates an IPv4Address from an unsigned integer. /// /// - Parameter string: The integer representation of the address. @inlinable public init(_ value: UInt32) { self.value = value } /// Creates an IPv4Address from 4 bytes. /// /// - Parameters: /// - bytes: 4-byte array in network byte order representing the IPv4 address /// - Throws: `AddressError.unableToParse` if the byte array length is not 4 @inlinable public init(_ bytes: [UInt8]) throws { guard bytes.count == 4 else { throw AddressError.unableToParse } self.value = (UInt32(bytes[0]) << 24) | (UInt32(bytes[1]) << 16) | (UInt32(bytes[2]) << 16) | UInt32(bytes[3]) } /// Creates an IPv4Address from a string representation. /// /// - Parameter string: The IPv4 address string in dotted decimal notation (e.g., "192.168.1.1") /// - Throws: `AddressError.unableToParse` if the string is not a valid IPv4 address @inlinable public init(_ string: String) throws { self.value = try Self.parse(string) } @inlinable public var bytes: [UInt8] { Self.bytes(value) } @usableFromInline static func bytes(_ value: UInt32) -> [UInt8] { var result = [UInt8](repeating: 0, count: 4) result[0] = UInt8((value >> 24) & 0xff) result[1] = UInt8((value >> 16) & 0xff) result[2] = UInt8((value >> 8) & 0xff) result[3] = UInt8(value & 0xff) return result } // TODO: spans? @available(macOS 26.0, *) @usableFromInline static func bytes(_ value: UInt32) -> InlineArray<4, UInt8> { let result: InlineArray<4, UInt8> = [ UInt8((value >> 24) & 0xff), UInt8((value >> 16) & 0xff), UInt8((value >> 8) & 0xff), UInt8(value & 0xff), ] return result } @inlinable public var description: String { "\(bytes[0]).\(bytes[1]).\(bytes[2]).\(bytes[3])" } /// Parses an IPv4 address string in dotted decimal notation into a UInt32 representation. /// /// ## Validation Rules /// - Exactly 4 octets separated by dots /// - Each octet must be 0-255 /// - No leading zeros (except for "0" itself) /// - No whitespace characters /// - Only digits and dots allowed /// /// ## Examples /// ```swift /// IPv4Address.parse("192.168.1.1") // Returns: 3232235777 /// IPv4Address.parse("127.0.0.1") // Returns: 2130706433 /// IPv4Address.parse("0.0.0.0") // Returns: 0 /// IPv4Address.parse("255.255.255.255") // Returns: 4294967295 /// /// // Invalid examples: /// IPv4Address.parse("192.168.1") // Wrong number of octets /// IPv4Address.parse("192.168.1.256") // Octet out of range /// IPv4Address.parse("192.168.001.1") // Leading zeros /// IPv4Address.parse(" 192.168.1.1 ") // Whitespace /// ``` /// /// - Parameter s: The IPv4 address string to parse /// - Returns: The 32-bit representation of the IP address, or `nil` if parsing fails /// - Note: The returned value is in network byte order (big-endian) @usableFromInline internal static func parse(_ s: String) throws -> UInt32 { guard !s.isEmpty, s.count >= 7, s.count <= 15 else { throw AddressError.unableToParse } // IP addresses should only contain ASCII digits and dots let utf8 = s.utf8 for byte in utf8 { // ASCII whitespace: space(32), tab(9), newline(10), return(13) if byte == 32 || byte == 9 || byte == 10 || byte == 13 { throw AddressError.unableToParse } } // accumulator for the 32bit representation of the IPv4 address var result: UInt32 = 0 // tracking octet count, max 4 allowed var octetCount = 0 var currentOctet = 0 // number of digits in the string representation of the octet, max 3 var digitCount = 0 for byte in utf8 { if byte == 46 { // ASCII '.' // Validate octet before processing guard octetCount < 3, digitCount > 0, digitCount <= 3, currentOctet <= 255 else { throw AddressError.unableToParse } // Shift result and add current octet result = (result << 8) | UInt32(currentOctet) // Reset for next octet octetCount += 1 currentOctet = 0 digitCount = 0 } else if byte >= 48 && byte <= 57 { // ASCII '0'-'9' let digit = Int(byte - 48) digitCount += 1 // Check for invalid leading zeros: "01", "001", etc. // Allow single "0" but reject multi-digit numbers starting with 0 if digitCount == 1 && digit == 0 { // First digit is 0 - this is only valid if it's the only digit currentOctet = 0 } else if digitCount > 1 && currentOctet == 0 { // We had a leading zero and now have more digits - invalid throw AddressError.unableToParse } else { // Normal case: build the octet value currentOctet = currentOctet * 10 + digit } // Early termination if octet becomes too large guard currentOctet <= 255, digitCount <= 3 else { throw AddressError.unableToParse } } else { throw AddressError.unableToParse } } // Validate final octet guard octetCount == 3, digitCount > 0, digitCount <= 3, currentOctet <= 255 else { throw AddressError.unableToParse } return (result << 8) | UInt32(currentOctet) } // MARK: - Address Classification Methods /// Returns `true` if this is the unspecified address (0.0.0.0). /// /// Per RFC 791, 0.0.0.0 is the "this network" address. @inlinable public var isUnspecified: Bool { value == 0 } /// Returns `true` if this is a loopback address (127.0.0.0/8). /// /// Per RFC 1122 Section 3.2.1.3, the entire 127.0.0.0/8 block is reserved for loopback. @inlinable public var isLoopback: Bool { (value & 0xFF00_0000) == 0x7F00_0000 } /// Returns `true` if this is a multicast address (224.0.0.0/4). /// /// Per RFC 1112, addresses in the range 224.0.0.0 to 239.255.255.255 are multicast addresses. @inlinable public var isMulticast: Bool { (value & 0xF000_0000) == 0xE000_0000 } /// Returns `true` if this is a link-local address (169.254.0.0/16). /// /// Per RFC 3927, 169.254.0.0/16 is reserved for link-local addresses (APIPA/Auto-IP). @inlinable public var isLinkLocal: Bool { (value & 0xFFFF_0000) == 0xA9FE_0000 } /// Returns `true` if this is the limited broadcast address (255.255.255.255). /// /// Per RFC 919/922, 255.255.255.255 is the limited broadcast address. @inlinable public var isBroadcast: Bool { value == 0xFFFF_FFFF } /// Compares two IPv4 addresses numerically. @inlinable public static func < (lhs: IPv4Address, rhs: IPv4Address) -> Bool { lhs.value < rhs.value } } extension IPv4Address: Codable { public init(from decoder: Decoder) throws { let container = try decoder.singleValueContainer() let string = try container.decode(String.self) try self.init(string) } public func encode(to encoder: Encoder) throws { var container = encoder.singleValueContainer() try container.encode(description) } } ================================================ FILE: Sources/ContainerizationExtras/IPv6Address+Parse.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// extension IPv6Address { /// Parses an IPv6 address string into an IPv6Address instance. /// /// Follows RFC 4291 and RFC 5952. /// /// This function supports standard IPv6 notation including: /// - Full addresses: `2001:0db8:0000:0042:0000:8a2e:0370:7334` /// - Zero compression: `2001:db8::8a2e:370:7334` /// - Leading zero omission: `2001:db8:0:42:0:8a2e:370:7334` /// - Unspecified address: `::` /// - Zone identifiers: `fe80::1%eth0` /// /// - Parameter input: IPv6 address string (with optional zone identifier after %) /// - Returns: An `IPv6Address` instance representing the parsed address /// /// ## Example Usage /// ```swift /// let addr1 = try IPv6Address.parse("2001:db8::1") /// let addr2 = try IPv6Address.parse("::") // Unspecified address /// let addr3 = try IPv6Address.parse("fe80::1%eth0") // With zone identifier /// ``` static func parse(_ input: String) throws -> IPv6Address { var ipBytes = [UInt8](repeating: 0, count: 16) var ellipsisPosition: Int? // Extract zone identifier let (address, zone) = try extractZoneIdentifier(from: input) // RFC 4291 Section 2.2.3: IPv4 suffix must be at the end (last 32 bits) var remainingAddress = address var ipv6ByteLimit = 16 // Maximum bytes available for IPv6 hex groups var hasIPv4Suffix = false // check if the IPv6 address has IPv4 address in it. if let (ipv6Part, ipv4Bytes) = try extractIPv4Suffix(from: address) { // If IPv4 present, save directly to last 4 bytes. ipBytes[12] = ipv4Bytes[0] ipBytes[13] = ipv4Bytes[1] ipBytes[14] = ipv4Bytes[2] ipBytes[15] = ipv4Bytes[3] // Update address and limit IPv6 parsing to first 12 bytes (6 groups max) remainingAddress = ipv6Part ipv6ByteLimit = 12 hasIPv4Suffix = true } // Handle leading ellipsis in the IPv6 part if remainingAddress.utf8.starts(with: [58, 58]) { // "::" ellipsisPosition = 0 remainingAddress = String(remainingAddress.dropFirst(2)) // Special case: "::" represents the unspecified address (all zeros) // But if we have IPv4 suffix, the IPv4 bytes are already set correctly if remainingAddress.isEmpty { // If we have IPv4 suffix, ipBytes already has the IPv4 data, just return if hasIPv4Suffix { return try Self(ipBytes, zone: zone) } // Pure "::" - Return the unspecified address, handling zone identifiers if let zone = zone, !zone.isEmpty { return try Self(ipBytes, zone: zone) } return .unspecified } } // Parse IPv6 hex groups up to the byte limit var byteIndex = 0 let utf8 = remainingAddress.utf8 var currentPosition = utf8.startIndex while byteIndex < ipv6ByteLimit && currentPosition < utf8.endIndex { let (hexValue, nextPosition) = try parseHexadecimal( from: utf8, startingAt: currentPosition ) // Store the UInt16 in network-byte order ipBytes[byteIndex] = UInt8(hexValue >> 8) ipBytes[byteIndex + 1] = UInt8(hexValue & 0xFF) byteIndex += 2 currentPosition = nextPosition // Terminate early if we have consumed the whole string if currentPosition == utf8.endIndex { break } // Parse separator and handle ellipsis detection currentPosition = try skipColonSeparator( from: utf8, at: currentPosition, currentByteIndex: byteIndex, ellipsisPosition: &ellipsisPosition ) } // Validate complete consumption of input guard currentPosition >= utf8.endIndex else { throw AddressError.malformedAddress } // Apply ellipsis expansion for the IPv6 portion try expandEllipsis( in: &ipBytes, parsedBytes: byteIndex, ellipsisPosition: ellipsisPosition, byteLimit: ipv6ByteLimit ) let value = ipBytes.reduce(UInt128(0)) { ($0 << 8) | UInt128($1) } return Self(value, zone: zone) } // MARK: - Helper Functions /// Extracts IPv4 suffix if present at the end of the address /// /// Follows: RFC 4291 Section 2.2.3: Alternative form x:x:x:x:x:x:d.d.d.d /// IPv4 must be the last 32 bits and preceded by a colon /// /// - Parameter input: The IPv6 address string to check /// - Returns: Optional tuple of (IPv6 part without IPv4, IPv4 bytes array) if IPv4 found, nil otherwise /// - Throws: `AddressError.invalidIPv4Suffix` for invalid IPv4 addresses internal static func extractIPv4Suffix(from input: String) throws -> (String, [UInt8])? { // must contain a dot to be IPv4 guard input.utf8.contains(46) else { // ASCII '.' return nil } // IPv4 address must be present after last colon guard let lastColonIndex = input.lastIndex(of: ":") else { return nil } // TODO: maybe refactor for performance let afterColon = input.index(after: lastColonIndex) guard afterColon < input.endIndex else { return nil } let possibleIPv4 = String(input[afterColon...]) guard let ipv4Value = try? IPv4Address.parse(possibleIPv4) else { throw AddressError.invalidIPv4SuffixInIPv6Address } // Check if lastColonIndex is the second ':' of '::'. If so, ensure to include it. let isDoubleColon = lastColonIndex > input.startIndex && input[input.index(before: lastColonIndex)] == ":" let ipv6Part = isDoubleColon ? String(input[...lastColonIndex]) : String(input[.. (String, String?) { guard let percentIndex = input.lastIndex(of: "%") else { return (input, nil) } let zoneStartIndex = input.index(after: percentIndex) guard zoneStartIndex < input.endIndex else { throw AddressError.invalidZoneIdentifier } let addressPart = String(input[.. (UInt16, String.UTF8View.Index) { var accumulator: UInt16 = 0 var digitCount = 0 var currentIndex = startIndex while currentIndex < group.endIndex && digitCount < 4 { let byte = group[currentIndex] // Fast hex digit parsing using ASCII values let hexValue: UInt16 if byte >= 48 && byte <= 57 { // '0'-'9' hexValue = UInt16(byte - 48) } else if byte >= 65 && byte <= 70 { // 'A'-'F' hexValue = UInt16(byte - 65 + 10) } else if byte >= 97 && byte <= 102 { // 'a'-'f' hexValue = UInt16(byte - 97 + 10) } else { break // Not a hex digit } accumulator = (accumulator << 4) + hexValue digitCount += 1 currentIndex = group.index(after: currentIndex) } guard digitCount > 0 else { // No hex digits found throw AddressError.invalidHexGroup } return (accumulator, currentIndex) } /// Parses a colon separator between IPv6 groups and detects ellipsis notation (::). /// /// - Parameters: /// - utf8: The UTF-8 view being parsed /// - position: Current position in the UTF-8 view (must point to a colon) /// - currentByteIndex: Current byte index in the IP array /// - ellipsisPosition: Inout parameter tracking ellipsis position /// - Returns: Next position in the UTF-8 view after parsing separator /// /// ## Example /// ```swift /// let utf8 = "2001:db8::1".utf8 /// var ellipsisPos: Int? = nil /// // After parsing "2001", position points to first ':' /// let nextPos = try skipColonSeparator(from: utf8, at: position, /// currentByteIndex: 2, /// ellipsisPosition: &ellipsisPos) /// // For single colon: nextPos points to 'd' in 'db8' /// // For double colon (::): ellipsisPos = 2, nextPos points to '1' /// ``` private static func skipColonSeparator( from group: String.UTF8View, at position: String.UTF8View.Index, currentByteIndex: Int, ellipsisPosition: inout Int? ) throws -> String.UTF8View.Index { // Expect colon separator guard group[position] == 58 else { // ASCII ':' throw AddressError.malformedAddress } let afterFirstColon = group.index(after: position) guard afterFirstColon < group.endIndex else { // Trailing colon not allowed throw AddressError.malformedAddress } // Check for double colon, return position after that if group[afterFirstColon] == 58 { // ASCII ':' guard ellipsisPosition == nil else { // Multiple :: not allowed throw AddressError.multipleEllipsis } ellipsisPosition = currentByteIndex let afterSecondColon = group.index(after: afterFirstColon) return afterSecondColon } return afterFirstColon } /// Expands ellipsis for IPv6 addresses /// /// - Parameters: /// - ipBytes: Inout array of IP bytes to modify /// - parsedBytes: Number of bytes already parsed for IPv6 groups /// - ellipsisPosition: Optional position where ellipsis was found /// - byteLimit: Maximum bytes available for IPv6 (16 for pure IPv6, 12 if IPv4 suffix present) /// - Throws: `AddressError.incompleteAddress` for invalid address lengths private static func expandEllipsis( in ipBytes: inout [UInt8], parsedBytes: Int, ellipsisPosition: Int?, byteLimit: Int = 16 ) throws { guard let ellipsisPosition = ellipsisPosition else { // No ellipsis - validate we have exactly filled the available bytes guard parsedBytes == byteLimit else { throw AddressError.incompleteAddress // Incomplete address without ellipsis } return } // Calculate expansion within the byte limit let bytesToExpand = byteLimit - parsedBytes guard bytesToExpand > 0 else { throw AddressError.malformedAddress // No room for ellipsis expansion } let suffixBytes = Array(ipBytes[ellipsisPosition..> 112) & 0xFFFF), UInt16((value >> 96) & 0xFFFF), UInt16((value >> 80) & 0xFFFF), UInt16((value >> 64) & 0xFFFF), UInt16((value >> 48) & 0xFFFF), UInt16((value >> 32) & 0xFFFF), UInt16((value >> 16) & 0xFFFF), UInt16(value & 0xFFFF), ] // Find the longest run of consecutive zeros for :: compression var longestZeroStart = -1 var longestZeroLength = 0 var currentZeroStart = -1 var currentZeroLength = 0 for (index, group) in groups.enumerated() { if group == 0 { if currentZeroStart == -1 { currentZeroStart = index currentZeroLength = 1 } else { currentZeroLength += 1 } } else { if currentZeroLength > longestZeroLength { longestZeroStart = currentZeroStart longestZeroLength = currentZeroLength } currentZeroStart = -1 currentZeroLength = 0 } } if currentZeroLength > longestZeroLength { longestZeroStart = currentZeroStart longestZeroLength = currentZeroLength } let useCompression = longestZeroLength >= 2 var result = "" var index = 0 while index < 8 { if useCompression && index == longestZeroStart { if index == 0 { result += "::" } else { result += ":" } // Skip the compressed zeros index += longestZeroLength // If we compressed to the end, we're done if index >= 8 { break } } else { // Add the group in lowercase hex without leading zeros result += String(groups[index], radix: 16, uppercase: false) index += 1 // Add colon if not at the end if index < 8 { result += ":" } } } if let zone = zone { result += "%" + zone } return result } @inlinable public var bytes: [UInt8] { Self.bytes(self.value) } @usableFromInline internal static func bytes(_ value: UInt128) -> [UInt8] { var result = [UInt8](repeating: 0, count: 16) result[0] = UInt8((value >> 120) & 0xff) result[1] = UInt8((value >> 112) & 0xff) result[2] = UInt8((value >> 104) & 0xff) result[3] = UInt8((value >> 96) & 0xff) result[4] = UInt8((value >> 88) & 0xff) result[5] = UInt8((value >> 80) & 0xff) result[6] = UInt8((value >> 72) & 0xff) result[7] = UInt8((value >> 64) & 0xff) result[8] = UInt8((value >> 56) & 0xff) result[9] = UInt8((value >> 48) & 0xff) result[10] = UInt8((value >> 40) & 0xff) result[11] = UInt8((value >> 32) & 0xff) result[12] = UInt8((value >> 24) & 0xff) result[13] = UInt8((value >> 16) & 0xff) result[14] = UInt8((value >> 8) & 0xff) result[15] = UInt8(value & 0xff) return result } @available(macOS 26.0, *) @usableFromInline internal static func bytes(_ value: UInt128) -> InlineArray<16, UInt8> { let result: InlineArray<16, UInt8> = [ UInt8((value >> 120) & 0xff), UInt8((value >> 112) & 0xff), UInt8((value >> 104) & 0xff), UInt8((value >> 96) & 0xff), UInt8((value >> 88) & 0xff), UInt8((value >> 80) & 0xff), UInt8((value >> 72) & 0xff), UInt8((value >> 64) & 0xff), UInt8((value >> 56) & 0xff), UInt8((value >> 48) & 0xff), UInt8((value >> 40) & 0xff), UInt8((value >> 32) & 0xff), UInt8((value >> 24) & 0xff), UInt8((value >> 16) & 0xff), UInt8((value >> 8) & 0xff), UInt8(value & 0xff), ] return result } /// The unspecified IPv6 address (::) public static let unspecified = IPv6Address(0) /// The loopback IPv6 address (::1) public static let loopback = IPv6Address(1) // MARK: - Address Classification Methods /// Returns `true` if this is the unspecified address (::). @inlinable public var isUnspecified: Bool { value == 0 } /// Returns `true` if this is the loopback address (::1). @inlinable public var isLoopback: Bool { value == 1 } /// Returns `true` if this is a multicast address (ff00::/8). @inlinable public var isMulticast: Bool { (value >> 120) == 0xFF } /// Returns `true` if this is a link-local unicast address (fe80::/10). @inlinable public var isLinkLocal: Bool { (value >> 118) == 0x3FA // fe80::/10 = top 10 bits are 1111111010 } /// Returns `true` if this is a unique local address (fc00::/7). @inlinable public var isUniqueLocal: Bool { (value >> 121) == 0x7E // fc00::/7 = top 7 bits are 1111110 } /// Returns `true` if this is a global unicast address. @inlinable public var isGlobalUnicast: Bool { !isUnspecified && !isLoopback && !isMulticast && !isLinkLocal && !isUniqueLocal } /// Returns `true` if this is a documentation address (2001:db8::/32). @inlinable public var isDocumentation: Bool { (value >> 96) == 0x2001_0DB8 // 2001:db8::/32 } /// Compares two IPv6 addresses numerically, then by zone if values are equal. @inlinable public static func < (lhs: IPv6Address, rhs: IPv6Address) -> Bool { if lhs.value != rhs.value { return lhs.value < rhs.value } // Same value, compare zones lexicographically return (lhs.zone ?? "") < (rhs.zone ?? "") } } extension IPv6Address: Codable { public init(from decoder: Decoder) throws { let container = try decoder.singleValueContainer() let string = try container.decode(String.self) try self.init(string) } public func encode(to encoder: Encoder) throws { var container = encoder.singleValueContainer() try container.encode(description) } } ================================================ FILE: Sources/ContainerizationExtras/IndexedAddressAllocator.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Collections import Synchronization /// Maps a network address to an array index value, or nil in the case of a domain error. package typealias AddressToIndexTransform = @Sendable (AddressType) -> Int? /// Maps an array index value to a network address, or nil in the case of a domain error. package typealias IndexToAddressTransform = @Sendable (Int) -> AddressType? package final class IndexedAddressAllocator: AddressAllocator { private class State { var allocations: BitArray var enabled: Bool var allocationCount: Int let addressToIndex: AddressToIndexTransform let indexToAddress: IndexToAddressTransform init( size: Int, addressToIndex: @escaping AddressToIndexTransform, indexToAddress: @escaping IndexToAddressTransform ) { self.allocations = BitArray.init(repeating: false, count: size) self.enabled = true self.allocationCount = 0 self.addressToIndex = addressToIndex self.indexToAddress = indexToAddress } } private let state: Mutex /// Create an allocator with specified size and index mappings. package init( size: Int, addressToIndex: @escaping AddressToIndexTransform, indexToAddress: @escaping IndexToAddressTransform ) { let state = State( size: size, addressToIndex: addressToIndex, indexToAddress: indexToAddress ) self.state = Mutex(state) } public func allocate() throws -> AddressType { try self.state.withLock { state in guard state.enabled else { throw AllocatorError.allocatorDisabled } guard let index = state.allocations.firstIndex(of: false) else { throw AllocatorError.allocatorFull } guard let address = state.indexToAddress(index) else { throw AllocatorError.invalidIndex(index) } state.allocations[index] = true state.allocationCount += 1 return address } } package func reserve(_ address: AddressType) throws { try self.state.withLock { state in guard state.enabled else { throw AllocatorError.allocatorDisabled } guard let index = state.addressToIndex(address) else { throw AllocatorError.invalidAddress(address.description) } guard !state.allocations[index] else { throw AllocatorError.alreadyAllocated("\(address.description)") } state.allocations[index] = true state.allocationCount += 1 } } package func release(_ address: AddressType) throws { try self.state.withLock { state in guard let index = state.addressToIndex(address) else { throw AllocatorError.invalidAddress(address.description) } guard state.allocations[index] else { throw AllocatorError.notAllocated("\(address.description)") } state.allocations[index] = false state.allocationCount -= 1 } } package func disableAllocator() -> Bool { self.state.withLock { state in guard state.allocationCount == 0 else { return false } state.enabled = false return true } } } ================================================ FILE: Sources/ContainerizationExtras/MACAddress.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// An EUI-48 MAC address as specified by IEEE 802. @frozen public struct MACAddress: Sendable, Hashable, CustomStringConvertible, Equatable, Comparable { public let value: UInt64 /// Creates an MACAddress from an integer. /// /// - Parameter value: The big-endian value of the MAC address. /// The most significant 16 bits of the value are ignored. @inlinable public init(_ value: UInt64) { self.value = value & 0x0000_ffff_ffff_ffff } /// Creates an IPv4Address from 6 bytes. /// /// - Parameters: /// - bytes: 6-byte array in network byte order representing the IPv4 address /// - Throws: `AddressError.unableToParse` if the byte array length is not 6 @inlinable public init(_ bytes: [UInt8]) throws { guard bytes.count == 6 else { throw AddressError.unableToParse } self.value = (UInt64(bytes[0]) << 40) | (UInt64(bytes[1]) << 32) | (UInt64(bytes[2]) << 24) | (UInt64(bytes[3]) << 16) | (UInt64(bytes[4]) << 8) | UInt64(bytes[5]) } /// Creates an MACAddress from a string representation. /// /// - Parameter string: The MAC address string with colon or dash delimiters. /// - Throws: `AddressError.unableToParse` if the string is not a valid MAC address @inlinable public init(_ string: String) throws { self.value = try Self.parse(string) } @inlinable public var bytes: [UInt8] { Self.bytes(value) } @usableFromInline static func bytes(_ value: UInt64) -> [UInt8] { var result = [UInt8](repeating: 0, count: 6) result[0] = UInt8((value >> 40) & 0xff) result[1] = UInt8((value >> 32) & 0xff) result[2] = UInt8((value >> 24) & 0xff) result[3] = UInt8((value >> 16) & 0xff) result[4] = UInt8((value >> 8) & 0xff) result[5] = UInt8(value & 0xff) return result } @available(macOS 26.0, *) @usableFromInline static func bytes(_ value: UInt64) -> InlineArray<6, UInt8> { let result: InlineArray<6, UInt8> = [ UInt8((value >> 40) & 0xff), UInt8((value >> 32) & 0xff), UInt8((value >> 24) & 0xff), UInt8((value >> 16) & 0xff), UInt8((value >> 8) & 0xff), UInt8(value & 0xff), ] return result } @inlinable public var description: String { bytes.map { String(format: "%02x", $0) }.joined(separator: ":") } /// Parses an MAC address string into a UInt64 representation. /// /// ## Validation Rules /// - Exactly six groups of two hexadecimal digits, separated by colons /// or dashes /// - No whitespace characters /// - Only hexadecimal digits and colons allowed /// /// ## Examples /// ```swift /// MACAddress.parse("01:23:45:67:89:ab") // Returns: 0x0000_0123_4567_89ab /// MACAddress.parse("01-23-45-67-89-AB") // Returns: 0x0000_0123_4567_89ab /// MACAddress.parse("00:00:00:00:00:00") // Returns: 0x0000_0000_0000_0000 /// MACAddress.parse("ff:ff:ff:ff:ff:ff") // Returns: 0x0000_ffff_ffff_ffff /// /// // Invalid examples: /// MACAddress.parse("01:23:45:67:89") // Wrong number of octets /// MACAddress.parse("01:23:45:67:89:a") // Invalid octet length /// MACAddress.parse("01:23:45:67:89:hi") // Invalid octet content /// MACAddress.parse("01:23-45:67-89:ab") // Inconsistent separators /// MACAddress.parse(" 01:23:45:67:89:ab ") // Whitespace /// ``` /// /// - Parameter s: The MAC address string to parse /// - Returns: The 64-bit representation of the IP address, or `nil` if parsing fails /// - Note: The returned value is in network byte order (big-endian) @usableFromInline internal static func parse(_ s: String) throws -> UInt64 { guard !s.isEmpty, s.count == 17 else { throw AddressError.unableToParse } // MAC addresses should only contain ASCII hex digits and dots let utf8 = s.utf8 for byte in utf8 { // ASCII whitespace: space(32), tab(9), newline(10), return(13) if byte == 32 || byte == 9 || byte == 10 || byte == 13 { throw AddressError.unableToParse } } // accumulator for the 64 bit representation of the MAC address var result: UInt64 = 0 // tracking octet count, max 6 allowed var octetCount = 0 var currentOctet = 0 // number of digits in the string representation of the octet var digitCount = 0 // separator character to use var separator: String.UTF8View.Element? for byte in utf8 { if byte == 0x3a || byte == 0x2d { // ASCII ':' // Ensure separator is consistent guard separator == nil || byte == separator else { throw AddressError.unableToParse } separator = byte // Validate octet before processing guard octetCount < 5, digitCount == 2 else { throw AddressError.unableToParse } // Shift result and add current octet result = (result << 8) | UInt64(currentOctet) // Reset for next octet octetCount += 1 currentOctet = 0 digitCount = 0 } else if byte >= 0x30 && byte <= 0x39 { // ASCII '0'-'9' let digit = Int(byte - 0x30) digitCount += 1 currentOctet = (currentOctet << 4) + digit // Early termination if octet becomes too large guard digitCount <= 2 else { throw AddressError.unableToParse } } else if byte >= 0x41 && byte <= 0x46 { // ASCII 'A'-'F' let digit = Int(byte - 0x41 + 10) digitCount += 1 currentOctet = (currentOctet << 4) + digit // Early termination if octet becomes too large guard digitCount <= 2 else { throw AddressError.unableToParse } } else if byte >= 0x61 && byte <= 0x66 { // ASCII 'A'-'F' let digit = Int(byte - 0x61 + 10) digitCount += 1 currentOctet = (currentOctet << 4) + digit // Early termination if octet becomes too large guard digitCount <= 2 else { throw AddressError.unableToParse } } else { throw AddressError.unableToParse } } // Validate final octet guard octetCount == 5, digitCount == 2 else { throw AddressError.unableToParse } return (result << 8) | UInt64(currentOctet) } // MARK: - Address Classification Methods /// Returns `true` if the MAC address is locally administered. /// /// IEEE 802 specifies that the second-least-significant bit of /// the first octet of the MAC address determines whether the /// address is globally unique (bit cleared) or locally /// administered (bit set). @inlinable public var isLocallyAdministered: Bool { (value & 0x0000_0200_0000_0000) != 0 } /// Returns `true` if the MAC address is multicast. /// /// IEEE 802 specifies that the least-significant bit of /// the first octet of the MAC address determines whether the /// address is unicast (bit cleared) or multicast (bit set). @inlinable public var isMulticast: Bool { (value & 0x0000_0100_0000_0000) != 0 } /// Returns the link local IP address based on the EUI-64 version /// of the MAC address. /// /// - Parameter network: The IPv6 address to use for the network prefix /// - Returns: The link local IP address for the MAC address @inlinable public func ipv6Address(network: IPv6Address) throws -> IPv6Address { let prefixBytes = network.bytes return try IPv6Address([ prefixBytes[0], prefixBytes[1], prefixBytes[2], prefixBytes[3], prefixBytes[4], prefixBytes[5], prefixBytes[6], prefixBytes[7], bytes[0] ^ 0x02, bytes[1], bytes[2], 0xff, 0xfe, bytes[3], bytes[4], bytes[5], ]) } /// Compares two IPv4 addresses numerically. @inlinable public static func < (lhs: MACAddress, rhs: MACAddress) -> Bool { lhs.value < rhs.value } } extension MACAddress: Codable { public init(from decoder: Decoder) throws { let container = try decoder.singleValueContainer() let string = try container.decode(String.self) try self.init(string) } public func encode(to encoder: Encoder) throws { var container = encoder.singleValueContainer() try container.encode(description) } } ================================================ FILE: Sources/ContainerizationExtras/NetworkAddress+Allocator.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// extension IPv4Address { /// Creates an allocator for IPv4 addresses. public static func allocator(lower: UInt32, size: Int) throws -> any AddressAllocator { // NOTE: 2^31 - 1 size limit in the very improbable case that we run on 32-bit. guard size > 0 && size < Int.max && 0xffff_ffff - lower >= size - 1 else { throw AllocatorError.rangeExceeded } return IndexedAddressAllocator( size: size, addressToIndex: { address in guard address.value >= lower && address.value - lower <= UInt32(size) else { return nil } return Int(address.value - lower) }, indexToAddress: { IPv4Address(lower + UInt32($0)) } ) } } extension UInt16 { /// Creates an allocator for TCP/UDP ports and other UInt16 values. public static func allocator(lower: UInt16, size: Int) throws -> any AddressAllocator { guard 0xffff - lower + 1 >= size else { throw AllocatorError.rangeExceeded } return IndexedAddressAllocator( size: size, addressToIndex: { address in guard address >= lower && address <= lower + UInt16(size) else { return nil } return Int(address - lower) }, indexToAddress: { lower + UInt16($0) } ) } } extension UInt32 { /// Creates an allocator for vsock ports, or any UInt32 values. public static func allocator(lower: UInt32, size: Int) throws -> any AddressAllocator { guard 0xffff_ffff - lower + 1 >= size else { throw AllocatorError.rangeExceeded } return IndexedAddressAllocator( size: size, addressToIndex: { address in guard address >= lower && address <= lower + UInt32(size) else { return nil } return Int(address - lower) }, indexToAddress: { lower + UInt32($0) } ) } /// Creates a rotating allocator for vsock ports, or any UInt32 values. public static func rotatingAllocator(lower: UInt32, size: UInt32) throws -> any AddressAllocator { guard 0xffff_ffff - lower + 1 >= size else { throw AllocatorError.rangeExceeded } return RotatingAddressAllocator( size: size, addressToIndex: { address in guard address >= lower && address <= lower + UInt32(size) else { return nil } return Int(address - lower) }, indexToAddress: { lower + UInt32($0) } ) } } extension Character { private static let deviceLetters = Array("abcdefghijklmnopqrstuvwxyz") /// Creates an allocator for block device tags, or any character values. public static func blockDeviceTagAllocator() -> any AddressAllocator { IndexedAddressAllocator( size: Self.deviceLetters.count, addressToIndex: { address in Self.deviceLetters.firstIndex(of: address) }, indexToAddress: { Self.deviceLetters[$0] } ) } } ================================================ FILE: Sources/ContainerizationExtras/Prefix.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// CIDR prefix length (e.g., `/24` for a 24-bit network mask). @frozen public struct Prefix: Sendable, CustomStringConvertible, Hashable, Codable { public let length: UInt8 /// Create a prefix (0-128). Use `ipv4(_:)` or `ipv6(_:)` for version-specific validation. public init?(length: UInt8) { guard length <= 128 else { return nil } self.length = length } /// Create an IPv4 prefix (0-32). Returns `nil` if length > 32. public static func ipv4(_ length: UInt8) -> Prefix? { guard length <= 32 else { return nil } return Prefix(unchecked: length) } /// Create an IPv6 prefix (0-128). Returns `nil` if length > 128. public static func ipv6(_ length: UInt8) -> Prefix? { guard length <= 128 else { return nil } return Prefix(unchecked: length) } /// Internal unchecked initializer for known-valid values. internal init(unchecked length: UInt8) { self.length = length } public var description: String { "\(length)" } } extension Prefix { /// Computes a 32-bit mask for the suffix (host) portion of an IPv4 address. /// /// Example: Prefix `/24` → `0x0000_00FF` (255 host addresses) @inlinable public var suffixMask32: UInt32 { if self.length <= 0 { return 0xffff_ffff } return self.length >= 32 ? 0x0000_0000 : (1 << (32 - self.length)) - 1 } /// Network portion mask (high-order bits) for IPv4. /// /// Example: Prefix `/24` → `0xFFFF_FF00` (255.255.255.0) @inlinable public var prefixMask32: UInt32 { ~self.suffixMask32 } /// Computes a 128-bit mask for the suffix (host) portion of an IPv6 address. /// /// Example: Prefix `/64` → `0x0000_0000_0000_0000_FFFF_FFFF_FFFF_FFFF` @inlinable public var suffixMask128: UInt128 { if self.length <= 0 { return UInt128.max } return self.length >= 128 ? 0 : (1 << (128 - self.length)) - 1 } /// Network portion mask (high-order bits) for IPv6. /// /// Example: Prefix `/64` → `0xFFFF_FFFF_FFFF_FFFF_0000_0000_0000_0000` @inlinable public var prefixMask128: UInt128 { ~self.suffixMask128 } } ================================================ FILE: Sources/ContainerizationExtras/ProgressEvent.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// A progress update event. public enum ProgressEvent: Sendable { /// The possible values: /// - `add-items`: Increment the number of processed items by `value`. /// - `add-total-items`: Increment the total number of items to process by `value`. /// - `add-size`: Increment the size of processed items by `value`. /// - `add-total-size`: Increment the total size of items to process by `value`. case addItems(Int) case addTotalItems(Int) case addSize(Int64) case addTotalSize(Int64) /// The event name. public var event: String { switch self { case .addItems: "add-items" case .addTotalItems: "add-total-items" case .addSize: "add-size" case .addTotalSize: "add-total-size" } } /// The event value. public var value: any Sendable { switch self { case .addItems(let value): value case .addTotalItems(let value): value case .addSize(let value): value case .addTotalSize(let value): value } } } /// The progress update handler. public typealias ProgressHandler = @Sendable (_ events: [ProgressEvent]) async -> Void ================================================ FILE: Sources/ContainerizationExtras/ProxyUtils.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import Foundation /// A small utility to resolve proxy settings (HTTP(S)_PROXY / NO_PROXY). public enum ProxyUtils { /// Resolves the proxy URL for a given host based on environment variables. /// Malformed http_proxy or https_proxy URLs are ignored. /// Uses Go-style handling rules: /// - Uppercase environment variables take priority over lowercase counterparts. /// - Leading dot on no_proxy component implies prefix matching. /// /// - Parameters: /// - scheme: The request scheme. /// - host: The request hostname. /// - env: Environment variables to check, dafaulting to the process environment. /// /// - Returns: The proxy URL to use, or `nil` for transparent connection. public static func proxyFromEnvironment( scheme: String?, host: String, env: [String: String] = ProcessInfo.processInfo.environment ) -> URL? { guard let scheme else { return nil } let httpProxy = env["HTTP_PROXY"] ?? env["http_proxy"] let httpsProxy = env["HTTPS_PROXY"] ?? env["https_proxy"] let noProxy = env["NO_PROXY"] ?? env["no_proxy"] // If NO_PROXY matches → skip proxy if let noProxy, shouldBypassProxy(host: host, noProxy: noProxy) { return nil } // Select proxy based on scheme, defaulting to http. let proxy = scheme == "https" ? httpsProxy : httpProxy guard let proxy, let proxyUrl = URL(string: proxy) else { return nil } return proxyUrl } /// Check if a host should bypass proxy according to NO_PROXY. /// - Example: NO_PROXY=".example.com,localhost,127.0.0.1" private static func shouldBypassProxy(host: String, noProxy: String) -> Bool { let entries = noProxy.split(separator: ",").map { $0.trimmingCharacters(in: .whitespaces) } for entry in entries { if entry.isEmpty { continue } if entry == "*" { return true } if host == entry { return true } if entry.hasPrefix("*.") { let suffix = String(entry.dropFirst()) if host.hasSuffix(suffix) { return true } } if entry.hasPrefix(".") && host.hasSuffix(entry) { return true } } return false } } ================================================ FILE: Sources/ContainerizationExtras/RotatingAddressAllocator.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Synchronization package final class RotatingAddressAllocator: AddressAllocator { package typealias AddressType = UInt32 private struct State { var allocations: [AddressType] var enabled: Bool var allocationCount: Int let addressToIndex: AddressToIndexTransform let indexToAddress: IndexToAddressTransform init( size: UInt32, addressToIndex: @escaping AddressToIndexTransform, indexToAddress: @escaping IndexToAddressTransform ) { self.allocations = [UInt32](0.. /// Create an allocator with specified size and index mappings. package init( size: UInt32, addressToIndex: @escaping AddressToIndexTransform, indexToAddress: @escaping IndexToAddressTransform ) { let state = State( size: size, addressToIndex: addressToIndex, indexToAddress: indexToAddress ) self.state = Mutex(state) } public func allocate() throws -> AddressType { try self.state.withLock { state in guard state.enabled else { throw AllocatorError.allocatorDisabled } guard state.allocations.count > 0 else { throw AllocatorError.allocatorFull } let value = state.allocations.removeFirst() guard let address = state.indexToAddress(Int(value)) else { throw AllocatorError.invalidIndex(Int(value)) } state.allocationCount += 1 return address } } package func reserve(_ address: AddressType) throws { try self.state.withLock { state in guard state.enabled else { throw AllocatorError.allocatorDisabled } guard let index = state.addressToIndex(address) else { throw AllocatorError.invalidAddress(address.description) } let i = state.allocations.firstIndex(of: UInt32(index)) guard let i else { throw AllocatorError.alreadyAllocated("\(address.description)") } _ = state.allocations.remove(at: i) state.allocationCount += 1 } } package func release(_ address: AddressType) throws { try self.state.withLock { state in guard let index = (state.addressToIndex(address)) else { throw AllocatorError.invalidAddress(address.description) } let value = UInt32(index) guard !state.allocations.contains(value) else { throw AllocatorError.notAllocated("\(address.description)") } state.allocations.append(value) state.allocationCount -= 1 } } package func disableAllocator() -> Bool { self.state.withLock { state in guard state.allocationCount == 0 else { return false } state.enabled = false return true } } } ================================================ FILE: Sources/ContainerizationExtras/TLSUtils.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import NIO import NIOSSL public enum TLSUtils { public static func makeEnvironmentAwareTLSConfiguration() -> TLSConfiguration { var tlsConfig = TLSConfiguration.makeClientConfiguration() // Check standard SSL environment variables in priority order let customCAPath = ProcessInfo.processInfo.environment["SSL_CERT_FILE"] ?? ProcessInfo.processInfo.environment["CURL_CA_BUNDLE"] ?? ProcessInfo.processInfo.environment["REQUESTS_CA_BUNDLE"] if let caPath = customCAPath { tlsConfig.trustRoots = .file(caPath) } // else: use .default return tlsConfig } } ================================================ FILE: Sources/ContainerizationExtras/Timeout.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// `Timeout` contains helpers to run an operation and error out if /// the operation does not finish within a provided time. public struct Timeout { /// Performs the passed in `operation` and throws a `CancellationError` if the operation /// doesn't finish in the provided `seconds` amount. public static func run( seconds: UInt32, operation: @escaping @Sendable () async throws -> T ) async throws -> T { try await withThrowingTaskGroup(of: T.self) { group in group.addTask { try await operation() } group.addTask { try await Task.sleep(for: .seconds(seconds)) throw CancellationError() } guard let result = try await group.next() else { fatalError() } group.cancelAll() return result } } public static func run( for duration: Duration, operation: @escaping @Sendable () async throws -> T ) async throws -> T { try await withThrowingTaskGroup(of: T.self) { group in group.addTask { try await operation() } group.addTask { try await Task.sleep(for: duration) throw CancellationError() } guard let result = try await group.next() else { fatalError() } group.cancelAll() return result } } } ================================================ FILE: Sources/ContainerizationExtras/UInt8+DataBinding.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation package enum BindError: Error, CustomStringConvertible { case recvMarshalFailure(type: String, field: String) case sendMarshalFailure(type: String, field: String) package var description: String { switch self { case .recvMarshalFailure(let type, let field): return "failed to unmarshal \(type).\(field)" case .sendMarshalFailure(let type, let field): return "failed to marshal \(type).\(field)" } } } package protocol Bindable: Sendable { static var size: Int { get } func appendBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int mutating func bindBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int } extension ArraySlice { package func hexEncodedString() -> String { self.map { String(format: "%02hhx", $0) }.joined() } } extension [UInt8] { package func hexEncodedString() -> String { self.map { String(format: "%02hhx", $0) }.joined() } package mutating func bind(as type: T.Type, offset: Int = 0, size: Int? = nil) -> UnsafeMutablePointer? { guard self.count >= (size ?? MemoryLayout.size) + offset else { return nil } return self.withUnsafeMutableBytes { $0.baseAddress?.advanced(by: offset).assumingMemoryBound(to: T.self) } } package mutating func copyIn(as type: T.Type, value: T, offset: Int = 0, size: Int? = nil) -> Int? { let size = size ?? MemoryLayout.size guard self.count >= size + offset else { return nil } return self.withUnsafeMutableBytes { $0.baseAddress?.advanced(by: offset).assumingMemoryBound(to: T.self).pointee = value return offset + MemoryLayout.size } } package func copyOut(as type: T.Type, offset: Int = 0, size: Int? = nil) -> (Int, T)? { guard self.count >= (size ?? MemoryLayout.size) + offset else { return nil } return self.withUnsafeBytes { guard let value = $0.baseAddress?.advanced(by: offset).assumingMemoryBound(to: T.self).pointee else { return nil } return (offset + MemoryLayout.size, value) } } package mutating func copyIn(buffer: [UInt8], offset: Int = 0) -> Int? { guard offset + buffer.count <= self.count else { return nil } self[offset.. Int? { guard offset + buffer.count <= self.count else { return nil } buffer[0.. { AsyncStream { cont in self._stream.open() defer { self._stream.close() } let readBuffer = UnsafeMutablePointer.allocate(capacity: buffSize) while true { let byteRead = self._stream.read(readBuffer, maxLength: buffSize) if byteRead <= 0 { readBuffer.deallocate() cont.finish() break } else { let data = Data(bytes: readBuffer, count: byteRead) let buffer = ByteBuffer(bytes: data) cont.yield(buffer) } } } } /// Get access to an `AsyncStream` of `Data` objects from the input source. public var dataStream: AsyncStream { AsyncStream { cont in self._stream.open() defer { self._stream.close() } let readBuffer = UnsafeMutablePointer.allocate(capacity: self.buffSize) while true { let byteRead = self._stream.read(readBuffer, maxLength: self.buffSize) if byteRead <= 0 { readBuffer.deallocate() cont.finish() break } else { let data = Data(bytes: readBuffer, count: byteRead) cont.yield(data) } } } } } extension ReadStream { /// Errors that can be encountered while using a `ReadStream`. public enum Error: Swift.Error, CustomStringConvertible { case failedToCreateStream case noSuchFileOrDirectory(_ p: URL) public var description: String { switch self { case .failedToCreateStream: return "failed to create stream" case .noSuchFileOrDirectory(let p): return "no such file or directory: \(p.path)" } } } } ================================================ FILE: Sources/ContainerizationNetlink/NetlinkSession.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationExtras import ContainerizationOS import Logging /// `NetlinkSession` facilitates interacting with netlink via a provided `NetlinkSocket`. This is /// the core high-level type offered to perform actions to the netlink surface in the kernel. public struct NetlinkSession { private static let receiveDataLength = 65536 private static let mtu: UInt32 = 1280 private let socket: any NetlinkSocket private let log: Logger /// Creates a new `NetlinkSession`. /// - Parameters: /// - socket: The `NetlinkSocket` to use for netlink interaction. /// - log: The logger to use. The default value is `nil`. public init(socket: any NetlinkSocket, log: Logger? = nil) { self.socket = socket self.log = log ?? Logger(label: "com.apple.containerization.netlink") } /// Errors that may occur during netlink interaction. public enum Error: Swift.Error, CustomStringConvertible, Equatable { case invalidIpAddress case invalidPrefixLength case unexpectedInfo(type: UInt16) case unexpectedOffset(offset: Int, size: Int) case unexpectedResidualPackets case unexpectedResultSet(count: Int, expected: Int) /// The description of the errors. public var description: String { switch self { case .invalidIpAddress: return "invalid IP address" case .invalidPrefixLength: return "invalid prefix length" case .unexpectedInfo(let type): return "unexpected response information, type = \(type)" case .unexpectedOffset(let offset, let size): return "unexpected buffer state, offset = \(offset), size = \(size)" case .unexpectedResidualPackets: return "unexpected residual response packets" case .unexpectedResultSet(let count, let expected): return "unexpected result set size, count = \(count), expected = \(expected)" } } } /// Performs a link set command on an interface. /// - Parameters: /// - interface: The name of the interface. /// - up: The value to set the interface state to. public func linkSet(interface: String, up: Bool, mtu: UInt32? = nil) throws { // ip link set dev [interface] [up|down] let interfaceIndex = try getInterfaceIndex(interface) // build the attribute only when mtu is supplied let attr: RTAttribute? = (mtu != nil) ? RTAttribute( len: UInt16(RTAttribute.size + MemoryLayout.size), type: LinkAttributeType.IFLA_MTU) : nil let requestSize = NetlinkMessageHeader.size + InterfaceInfo.size + (attr?.paddedLen ?? 0) var requestBuffer = [UInt8](repeating: 0, count: requestSize) var requestOffset = 0 let requestHeader = NetlinkMessageHeader( len: UInt32(requestBuffer.count), type: NetlinkType.RTM_NEWLINK, flags: NetlinkFlags.NLM_F_REQUEST | NetlinkFlags.NLM_F_ACK, pid: socket.pid) requestOffset = try requestHeader.appendBuffer(&requestBuffer, offset: requestOffset) let flags = up ? InterfaceFlags.IFF_UP : 0 let requestInfo = InterfaceInfo( family: UInt8(AddressFamily.AF_PACKET), index: interfaceIndex, flags: flags, change: InterfaceFlags.DEFAULT_CHANGE) requestOffset = try requestInfo.appendBuffer(&requestBuffer, offset: requestOffset) if let attr = attr, let m = mtu { requestOffset = try attr.appendBuffer(&requestBuffer, offset: requestOffset) guard let newRequestOffset = requestBuffer.copyIn(as: UInt32.self, value: m, offset: requestOffset) else { throw BindError.sendMarshalFailure(type: "RTAttribute", field: "IFLA_MTU") } requestOffset = newRequestOffset } guard requestOffset == requestSize else { throw Error.unexpectedOffset(offset: requestOffset, size: requestSize) } try sendRequest(buffer: &requestBuffer) let (infos, _) = try parseResponse(infoType: NetlinkType.RTM_NEWLINK) { InterfaceInfo() } guard infos.count == 0 else { throw Error.unexpectedResultSet(count: infos.count, expected: 0) } } /// Performs a link get command on an interface. /// Returns information about the interface. /// - Parameter interface: The name of the interface to query. public func linkGet(interface: String? = nil, includeStats: Bool = false) throws -> [LinkResponse] { // ip link ip show let maskAttr = RTAttribute( len: UInt16(RTAttribute.size + MemoryLayout.size), type: LinkAttributeType.IFLA_EXT_MASK) let interfaceName = try interface.map { try getInterfaceName($0) } let interfaceNameAttr = interfaceName.map { RTAttribute(len: UInt16(RTAttribute.size + $0.count), type: LinkAttributeType.IFLA_IFNAME) } let requestSize = NetlinkMessageHeader.size + InterfaceInfo.size + maskAttr.paddedLen + (interfaceNameAttr?.paddedLen ?? 0) var requestBuffer = [UInt8](repeating: 0, count: requestSize) var requestOffset = 0 let flags = interface != nil ? NetlinkFlags.NLM_F_REQUEST : (NetlinkFlags.NLM_F_REQUEST | NetlinkFlags.NLM_F_DUMP) let requestHeader = NetlinkMessageHeader( len: UInt32(requestBuffer.count), type: NetlinkType.RTM_GETLINK, flags: flags, pid: socket.pid) requestOffset = try requestHeader.appendBuffer(&requestBuffer, offset: requestOffset) let requestInfo = InterfaceInfo( family: UInt8(AddressFamily.AF_PACKET), index: 0, flags: InterfaceFlags.IFF_UP, change: InterfaceFlags.DEFAULT_CHANGE) requestOffset = try requestInfo.appendBuffer(&requestBuffer, offset: requestOffset) var filters = LinkAttributeMaskFilter.RTEXT_FILTER_VF if !includeStats { filters |= LinkAttributeMaskFilter.RTEXT_FILTER_SKIP_STATS } requestOffset = try maskAttr.appendBuffer(&requestBuffer, offset: requestOffset) guard var requestOffset = requestBuffer.copyIn( as: UInt32.self, value: filters, offset: requestOffset) else { throw BindError.sendMarshalFailure(type: "RTAttribute", field: "IFLA_EXT_MASK") } if let interfaceNameAttr { if let interfaceName { requestOffset = try interfaceNameAttr.appendBuffer(&requestBuffer, offset: requestOffset) guard let updatedRequestOffset = requestBuffer.copyIn(buffer: interfaceName, offset: requestOffset) else { throw BindError.sendMarshalFailure(type: "RTAttribute", field: "IFLA_IFNAME") } requestOffset = updatedRequestOffset } } guard requestOffset == requestSize else { throw Error.unexpectedOffset(offset: requestOffset, size: requestSize) } try sendRequest(buffer: &requestBuffer) let (infos, attrDataLists) = try parseResponse(infoType: NetlinkType.RTM_NEWLINK) { InterfaceInfo() } var linkResponses: [LinkResponse] = [] for i in 0...size * ipAddressBytes.count let requestSize = NetlinkMessageHeader.size + AddressInfo.size + 2 * addressAttrSize var requestBuffer = [UInt8](repeating: 0, count: requestSize) var requestOffset = 0 let header = NetlinkMessageHeader( len: UInt32(requestBuffer.count), type: NetlinkType.RTM_NEWADDR, flags: NetlinkFlags.NLM_F_REQUEST | NetlinkFlags.NLM_F_ACK | NetlinkFlags.NLM_F_EXCL | NetlinkFlags.NLM_F_CREATE, seq: 0, pid: socket.pid) requestOffset = try header.appendBuffer(&requestBuffer, offset: requestOffset) let requestInfo = AddressInfo( family: UInt8(AddressFamily.AF_INET), prefixLength: ipv4Address.prefix.length, flags: 0, scope: NetlinkScope.RT_SCOPE_UNIVERSE, index: UInt32(interfaceIndex)) requestOffset = try requestInfo.appendBuffer(&requestBuffer, offset: requestOffset) let ipLocalAttr = RTAttribute(len: UInt16(addressAttrSize), type: AddressAttributeType.IFA_LOCAL) requestOffset = try ipLocalAttr.appendBuffer(&requestBuffer, offset: requestOffset) guard var requestOffset = requestBuffer.copyIn(buffer: ipAddressBytes, offset: requestOffset) else { throw BindError.sendMarshalFailure(type: "RTAttribute", field: "IFA_LOCAL") } let ipAddressAttr = RTAttribute(len: UInt16(addressAttrSize), type: AddressAttributeType.IFA_ADDRESS) requestOffset = try ipAddressAttr.appendBuffer(&requestBuffer, offset: requestOffset) guard let requestOffset = requestBuffer.copyIn(buffer: ipAddressBytes, offset: requestOffset) else { throw BindError.sendMarshalFailure(type: "RTAttribute", field: "IFA_ADDRESS") } guard requestOffset == requestSize else { throw Error.unexpectedOffset(offset: requestOffset, size: requestSize) } try sendRequest(buffer: &requestBuffer) let (infos, _) = try parseResponse(infoType: NetlinkType.RTM_NEWLINK) { AddressInfo() } guard infos.count == 0 else { throw Error.unexpectedResultSet(count: infos.count, expected: 0) } } /// Adds an IPv4 route to an interface. /// - Parameters: /// - interface: The name of the interface. /// - dstIpv4Addr: The CIDRv4 address describing the gateway IP and subnet prefix length. /// - srcIpv4Addr: The source IPv4 address to route from. public func routeAdd( interface: String, dstIpv4Addr: CIDRv4, srcIpv4Addr: IPv4Address? ) throws { // ip route add [dest-cidr] dev [interface] [src [src-addr]] proto kernel let interfaceIndex = try getInterfaceIndex(interface) let dstAddrBytes = dstIpv4Addr.address.bytes let dstAddrAttrSize = RTAttribute.size + dstAddrBytes.count let srcAddrAttrSize: Int if let srcIpv4Addr { let srcAddrBytes = srcIpv4Addr.bytes srcAddrAttrSize = RTAttribute.size + srcAddrBytes.count } else { srcAddrAttrSize = 0 } let interfaceAttrSize = RTAttribute.size + MemoryLayout.size let requestSize = NetlinkMessageHeader.size + RouteInfo.size + dstAddrAttrSize + srcAddrAttrSize + interfaceAttrSize var requestBuffer = [UInt8](repeating: 0, count: requestSize) var requestOffset = 0 let header = NetlinkMessageHeader( len: UInt32(requestBuffer.count), type: NetlinkType.RTM_NEWROUTE, flags: NetlinkFlags.NLM_F_REQUEST | NetlinkFlags.NLM_F_ACK | NetlinkFlags.NLM_F_EXCL | NetlinkFlags.NLM_F_CREATE, pid: socket.pid) requestOffset = try header.appendBuffer(&requestBuffer, offset: requestOffset) let requestInfo = RouteInfo( family: UInt8(AddressFamily.AF_INET), dstLen: dstIpv4Addr.prefix.length, srcLen: 0, tos: 0, table: RouteTable.MAIN, proto: RouteProtocol.KERNEL, scope: RouteScope.LINK, type: RouteType.UNICAST, flags: 0) requestOffset = try requestInfo.appendBuffer(&requestBuffer, offset: requestOffset) let dstAddrAttr = RTAttribute(len: UInt16(dstAddrAttrSize), type: RouteAttributeType.DST) requestOffset = try dstAddrAttr.appendBuffer(&requestBuffer, offset: requestOffset) guard var requestOffset = requestBuffer.copyIn(buffer: dstAddrBytes, offset: requestOffset) else { throw BindError.sendMarshalFailure(type: "RTAttribute", field: "RTA_DST") } if let srcIpv4Addr { let srcAddrBytes = srcIpv4Addr.bytes let srcAddrAttr = RTAttribute(len: UInt16(srcAddrAttrSize), type: RouteAttributeType.PREFSRC) requestOffset = try srcAddrAttr.appendBuffer(&requestBuffer, offset: requestOffset) guard let newOffset = requestBuffer.copyIn(buffer: srcAddrBytes, offset: requestOffset) else { throw BindError.sendMarshalFailure(type: "RTAttribute", field: "RTA_PREFSRC") } requestOffset = newOffset } let interfaceAttr = RTAttribute(len: UInt16(interfaceAttrSize), type: RouteAttributeType.OIF) requestOffset = try interfaceAttr.appendBuffer(&requestBuffer, offset: requestOffset) guard let requestOffset = requestBuffer.copyIn( as: UInt32.self, value: UInt32(interfaceIndex), offset: requestOffset) else { throw BindError.sendMarshalFailure(type: "RTAttribute", field: "RTA_OIF") } guard requestOffset == requestSize else { throw Error.unexpectedOffset(offset: requestOffset, size: requestSize) } try sendRequest(buffer: &requestBuffer) let (infos, _) = try parseResponse(infoType: NetlinkType.RTM_NEWLINK) { AddressInfo() } guard infos.count == 0 else { throw Error.unexpectedResultSet(count: infos.count, expected: 0) } } /// Adds a default IPv4 route to an interface. /// - Parameters: /// - interface: The name of the interface. /// - ipv4Gateway: The gateway address. public func routeAddDefault( interface: String, ipv4Gateway: IPv4Address ) throws { // ip route add default via [dst-address] src [src-address] let dstAddrBytes = ipv4Gateway.bytes let dstAddrAttrSize = RTAttribute.size + dstAddrBytes.count let interfaceAttrSize = RTAttribute.size + MemoryLayout.size let interfaceIndex = try getInterfaceIndex(interface) let requestSize = NetlinkMessageHeader.size + RouteInfo.size + dstAddrAttrSize + interfaceAttrSize var requestBuffer = [UInt8](repeating: 0, count: requestSize) var requestOffset = 0 let header = NetlinkMessageHeader( len: UInt32(requestBuffer.count), type: NetlinkType.RTM_NEWROUTE, flags: NetlinkFlags.NLM_F_REQUEST | NetlinkFlags.NLM_F_ACK | NetlinkFlags.NLM_F_EXCL | NetlinkFlags.NLM_F_CREATE, pid: socket.pid) requestOffset = try header.appendBuffer(&requestBuffer, offset: requestOffset) let requestInfo = RouteInfo( family: UInt8(AddressFamily.AF_INET), dstLen: 0, srcLen: 0, tos: 0, table: RouteTable.MAIN, proto: RouteProtocol.BOOT, scope: RouteScope.UNIVERSE, type: RouteType.UNICAST, flags: 0) requestOffset = try requestInfo.appendBuffer(&requestBuffer, offset: requestOffset) let dstAddrAttr = RTAttribute(len: UInt16(dstAddrAttrSize), type: RouteAttributeType.GATEWAY) requestOffset = try dstAddrAttr.appendBuffer(&requestBuffer, offset: requestOffset) guard var requestOffset = requestBuffer.copyIn(buffer: dstAddrBytes, offset: requestOffset) else { throw BindError.sendMarshalFailure(type: "RTAttribute", field: "RTA_GATEWAY") } let interfaceAttr = RTAttribute(len: UInt16(interfaceAttrSize), type: RouteAttributeType.OIF) requestOffset = try interfaceAttr.appendBuffer(&requestBuffer, offset: requestOffset) guard let requestOffset = requestBuffer.copyIn( as: UInt32.self, value: UInt32(interfaceIndex), offset: requestOffset) else { throw BindError.sendMarshalFailure(type: "RTAttribute", field: "RTA_OIF") } guard requestOffset == requestSize else { throw Error.unexpectedOffset(offset: requestOffset, size: requestSize) } try sendRequest(buffer: &requestBuffer) let (infos, _) = try parseResponse(infoType: NetlinkType.RTM_NEWLINK) { AddressInfo() } guard infos.count == 0 else { throw Error.unexpectedResultSet(count: infos.count, expected: 0) } } private func getInterfaceName(_ interface: String) throws -> [UInt8] { guard let interfaceNameData = interface.data(using: .utf8) else { throw BindError.sendMarshalFailure(type: "String", field: "interface") } var interfaceName = [UInt8](interfaceNameData) interfaceName.append(0) while interfaceName.count % MemoryLayout.size != 0 { interfaceName.append(0) } return interfaceName } private func getInterfaceIndex(_ interface: String) throws -> Int32 { let linkResponses = try linkGet(interface: interface) guard linkResponses.count == 1 else { throw Error.unexpectedResultSet(count: linkResponses.count, expected: 1) } return linkResponses[0].interfaceIndex } private func sendRequest(buffer: inout [UInt8]) throws { log.trace("SEND-LENGTH: \(buffer.count)") log.trace("SEND-DUMP: \(buffer[0.. ([UInt8], Int) { var buffer = [UInt8](repeating: 0, count: Self.receiveDataLength) let size = try socket.recv(buf: &buffer, len: Self.receiveDataLength, flags: 0) log.trace("RECV-LENGTH: \(size)") log.trace("RECV-DUMP: \(buffer[0..(infoType: UInt16? = nil, _ infoProvider: () -> T) throws -> ( [T], [[RTAttributeData]] ) { var infos: [T] = [] var attrDataLists: [[RTAttributeData]] = [] var moreResponses = false repeat { var (buffer, size) = try receiveResponse() var offset = 0 // A single buffer may contain multiple netlink messages while offset < size { let messageStart = offset let header: NetlinkMessageHeader (header, offset) = try parseHeader(buffer: &buffer, offset: offset) if let infoType { if header.type == infoType { log.trace( "RECV-INFO-DUMP: dump = \(buffer[offset.. (Int32, Int) { guard let errorPtr = buffer.bind(as: Int32.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "NetlinkErrorMessage", field: "error") } let rc = errorPtr.pointee log.trace("RECV-ERR-CODE: \(rc)") return (rc, offset + MemoryLayout.size) } private func parseErrorResponse(buffer: inout [UInt8], offset: Int) throws -> Int { var (rc, offset) = try parseErrorCode(buffer: &buffer, offset: offset) log.trace( "RECV-ERR-HEADER-DUMP: dump = \(buffer[offset.. (NetlinkMessageHeader, Int) { log.trace("RECV-HEADER-DUMP: dump = \(buffer[offset.. ( [RTAttributeData], Int ) { var attrDatas: [RTAttributeData] = [] var offset = offset var residualCount = residualCount log.trace("RECV-RESIDUAL: \(residualCount)") while residualCount > 0 { var attr = RTAttribute() log.trace(" RECV-ATTR-DUMP: dump = \(buffer[offset..= 0 { log.trace(" RECV-ATTR-DATA-DUMP: dump = \(buffer[offset.. Int func recv(buf: UnsafeMutableRawPointer!, len: Int, flags: Int32) throws -> Int } /// A netlink socket provider. public typealias NetlinkSocketProvider = () throws -> any NetlinkSocket /// Errors thrown when interacting with a netlink socket. public enum NetlinkSocketError: Swift.Error, CustomStringConvertible, Equatable { case socketFailure(rc: Int32) case bindFailure(rc: Int32) case sendFailure(rc: Int32) case recvFailure(rc: Int32) case notImplemented /// The description of the errors. public var description: String { switch self { case .socketFailure(let rc): return "could not create netlink socket, rc = \(rc)" case .bindFailure(let rc): return "could not bind netlink socket, rc = \(rc)" case .sendFailure(let rc): return "could not send netlink packet, rc = \(rc)" case .recvFailure(let rc): return "could not receive netlink packet, rc = \(rc)" case .notImplemented: return "socket function not implemented for platform" } } } #if canImport(Musl) import Musl let osSocket = Musl.socket let osBind = Musl.bind let osSend = Musl.send let osRecv = Musl.recv /// A default implementation of `NetlinkSocket`. public class DefaultNetlinkSocket: NetlinkSocket { private let sockfd: Int32 /// The process identifier of the process creating this socket. public let pid: UInt32 /// Creates a new instance. public init() throws { pid = UInt32(getpid()) sockfd = osSocket(Int32(AddressFamily.AF_NETLINK), SocketType.SOCK_RAW, NetlinkProtocol.NETLINK_ROUTE) guard sockfd >= 0 else { throw NetlinkSocketError.socketFailure(rc: errno) } let addr = SockaddrNetlink(family: AddressFamily.AF_NETLINK, pid: pid) var buffer = [UInt8](repeating: 0, count: SockaddrNetlink.size) _ = try addr.appendBuffer(&buffer, offset: 0) guard let ptr = buffer.bind(as: sockaddr.self, size: buffer.count) else { throw NetlinkSocketError.bindFailure(rc: 0) } guard osBind(sockfd, ptr, UInt32(buffer.count)) >= 0 else { throw NetlinkSocketError.bindFailure(rc: errno) } } deinit { close(sockfd) } /// Sends a request to a netlink socket. /// Returns the number of bytes sent. /// - Parameters: /// - buf: The buffer to send. /// - len: The length of the buffer to send. /// - flags: The send flags. public func send(buf: UnsafeRawPointer!, len: Int, flags: Int32) throws -> Int { let count = osSend(sockfd, buf, len, flags) guard count >= 0 else { throw NetlinkSocketError.sendFailure(rc: errno) } return count } /// Receives a response from a netlink socket. /// Returns the number of bytes received. /// - Parameters: /// - buf: The buffer to receive into. /// - len: The maximum number of bytes to receive. /// - flags: The receive flags. public func recv(buf: UnsafeMutableRawPointer!, len: Int, flags: Int32) throws -> Int { let count = osRecv(sockfd, buf, len, flags) guard count >= 0 else { throw NetlinkSocketError.recvFailure(rc: errno) } return count } } #else public class DefaultNetlinkSocket: NetlinkSocket { public var pid: UInt32 { 0 } public init() throws {} public func send(buf: UnsafeRawPointer!, len: Int, flags: Int32) throws -> Int { throw NetlinkSocketError.notImplemented } public func recv(buf: UnsafeMutableRawPointer!, len: Int, flags: Int32) throws -> Int { throw NetlinkSocketError.notImplemented } } #endif ================================================ FILE: Sources/ContainerizationNetlink/Types.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationExtras import Foundation struct SocketType { static let SOCK_RAW: Int32 = 3 } struct AddressFamily { static let AF_UNSPEC: UInt16 = 0 static let AF_INET: UInt16 = 2 static let AF_INET6: UInt16 = 10 static let AF_NETLINK: UInt16 = 16 static let AF_PACKET: UInt16 = 17 } struct ArpHardware { static let ARPHRD_ETHER: UInt16 = 1 } struct NetlinkProtocol { static let NETLINK_ROUTE: Int32 = 0 } struct NetlinkType { static let NLMSG_NOOP: UInt16 = 1 static let NLMSG_ERROR: UInt16 = 2 static let NLMSG_DONE: UInt16 = 3 static let NLMSG_OVERRUN: UInt16 = 4 static let RTM_NEWLINK: UInt16 = 16 static let RTM_DELLINK: UInt16 = 17 static let RTM_GETLINK: UInt16 = 18 static let RTM_NEWADDR: UInt16 = 20 static let RTM_NEWROUTE: UInt16 = 24 } struct NetlinkFlags { static let NLM_F_REQUEST: UInt16 = 0x01 static let NLM_F_MULTI: UInt16 = 0x02 static let NLM_F_ACK: UInt16 = 0x04 static let NLM_F_ECHO: UInt16 = 0x08 static let NLM_F_DUMP_INTR: UInt16 = 0x10 static let NLM_F_DUMP_FILTERED: UInt16 = 0x20 // GET request static let NLM_F_ROOT: UInt16 = 0x100 static let NLM_F_MATCH: UInt16 = 0x200 static let NLM_F_ATOMIC: UInt16 = 0x400 static let NLM_F_DUMP: UInt16 = NetlinkFlags.NLM_F_ROOT | NetlinkFlags.NLM_F_MATCH // NEW request flags static let NLM_F_REPLACE: UInt16 = 0x100 static let NLM_F_EXCL: UInt16 = 0x200 static let NLM_F_CREATE: UInt16 = 0x400 static let NLM_F_APPEND: UInt16 = 0x800 } struct NetlinkScope { static let RT_SCOPE_UNIVERSE: UInt8 = 0 } struct InterfaceFlags { static let IFF_UP: UInt32 = 1 << 0 static let IFF_LOOPBACK: UInt32 = 1 << 3 static let IFF_POINTOPOINT: UInt32 = 1 << 4 static let DEFAULT_CHANGE: UInt32 = 0xffff_ffff } struct LinkAttributeType { static let IFLA_ADDRESS: UInt16 = 1 static let IFLA_BROADCAST: UInt16 = 2 static let IFLA_IFNAME: UInt16 = 3 static let IFLA_MTU: UInt16 = 4 static let IFLA_STATS64: UInt16 = 23 static let IFLA_EXT_MASK: UInt16 = 29 } struct LinkAttributeMaskFilter { static let RTEXT_FILTER_VF: UInt32 = 1 << 0 static let RTEXT_FILTER_SKIP_STATS: UInt32 = 1 << 3 } struct AddressAttributeType { // subnet mask static let IFA_ADDRESS: UInt16 = 1 // IPv4 address static let IFA_LOCAL: UInt16 = 2 } struct RouteTable { static let MAIN: UInt8 = 254 } struct RouteProtocol { static let UNSPEC: UInt8 = 0 static let REDIRECT: UInt8 = 1 static let KERNEL: UInt8 = 2 static let BOOT: UInt8 = 3 static let STATIC: UInt8 = 4 } struct RouteScope { static let UNIVERSE: UInt8 = 0 static let LINK: UInt8 = 253 } struct RouteType { static let UNSPEC: UInt8 = 0 static let UNICAST: UInt8 = 1 } struct RouteAttributeType { static let UNSPEC: UInt16 = 0 static let DST: UInt16 = 1 static let SRC: UInt16 = 2 static let IIF: UInt16 = 3 static let OIF: UInt16 = 4 static let GATEWAY: UInt16 = 5 static let PRIORITY: UInt16 = 6 static let PREFSRC: UInt16 = 7 } struct SockaddrNetlink: Bindable, Equatable { static let size = 12 var family: UInt16 var _pad: UInt16 = 0 var pid: UInt32 var groups: UInt32 init(family: UInt16 = 0, pid: UInt32 = 0, groups: UInt32 = 0) { self.family = family self.pid = pid self.groups = groups } func appendBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int { guard let offset = buffer.copyIn(as: UInt16.self, value: family, offset: offset) else { throw BindError.sendMarshalFailure(type: "SockaddrNetlink", field: "family") } guard let offset = buffer.copyIn(as: UInt16.self, value: 0, offset: offset) else { throw BindError.sendMarshalFailure(type: "SockaddrNetlink", field: "_pad") } guard let offset = buffer.copyIn(as: UInt32.self, value: pid, offset: offset) else { throw BindError.sendMarshalFailure(type: "SockaddrNetlink", field: "pid") } guard let offset = buffer.copyIn(as: UInt32.self, value: groups, offset: offset) else { throw BindError.sendMarshalFailure(type: "SockaddrNetlink", field: "groups") } return offset } mutating func bindBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int { guard let (offset, value) = buffer.copyOut(as: UInt16.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "SockaddrNetlink", field: "family") } family = value guard let (offset, value) = buffer.copyOut(as: UInt16.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "SockaddrNetlink", field: "_pad") } _pad = value guard let (offset, value) = buffer.copyOut(as: UInt32.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "SockaddrNetlink", field: "pid") } pid = value guard let (offset, value) = buffer.copyOut(as: UInt32.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "SockaddrNetlink", field: "groups") } groups = value return offset } } struct NetlinkMessageHeader: Bindable, Equatable { static let size = 16 var len: UInt32 var type: UInt16 var flags: UInt16 var seq: UInt32 var pid: UInt32 init(len: UInt32 = 0, type: UInt16 = 0, flags: UInt16 = 0, seq: UInt32? = nil, pid: UInt32 = 0) { self.len = len self.type = type self.flags = flags self.seq = seq ?? UInt32.random(in: 0.. Int { guard let offset = buffer.copyIn(as: UInt32.self, value: len, offset: offset) else { throw BindError.sendMarshalFailure(type: "NetlinkMessageHeader", field: "len") } guard let offset = buffer.copyIn(as: UInt16.self, value: type, offset: offset) else { throw BindError.sendMarshalFailure(type: "NetlinkMessageHeader", field: "type") } guard let offset = buffer.copyIn(as: UInt16.self, value: flags, offset: offset) else { throw BindError.sendMarshalFailure(type: "NetlinkMessageHeader", field: "flags") } guard let offset = buffer.copyIn(as: UInt32.self, value: seq, offset: offset) else { throw BindError.sendMarshalFailure(type: "NetlinkMessageHeader", field: "seq") } guard let offset = buffer.copyIn(as: UInt32.self, value: pid, offset: offset) else { throw BindError.sendMarshalFailure(type: "NetlinkMessageHeader", field: "pid") } return offset } mutating func bindBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int { guard let (offset, value) = buffer.copyOut(as: UInt32.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "NetlinkMessageHeader", field: "len") } len = value guard let (offset, value) = buffer.copyOut(as: UInt16.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "NetlinkMessageHeader", field: "type") } type = value guard let (offset, value) = buffer.copyOut(as: UInt16.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "NetlinkMessageHeader", field: "flags") } flags = value guard let (offset, value) = buffer.copyOut(as: UInt32.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "NetlinkMessageHeader", field: "seq") } seq = value guard let (offset, value) = buffer.copyOut(as: UInt32.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "NetlinkMessageHeader", field: "pid") } pid = value return offset } var moreResponses: Bool { (self.flags & NetlinkFlags.NLM_F_MULTI) != 0 && (self.type != NetlinkType.NLMSG_DONE && self.type != NetlinkType.NLMSG_ERROR && self.type != NetlinkType.NLMSG_OVERRUN) } } struct InterfaceInfo: Bindable, Equatable { static let size = 16 var family: UInt8 var _pad: UInt8 = 0 var type: UInt16 var index: Int32 var flags: UInt32 var change: UInt32 init( family: UInt8 = UInt8(AddressFamily.AF_UNSPEC), type: UInt16 = 0, index: Int32 = 0, flags: UInt32 = 0, change: UInt32 = 0 ) { self.family = family self.type = type self.index = index self.flags = flags self.change = change } func appendBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int { guard let offset = buffer.copyIn(as: UInt8.self, value: family, offset: offset) else { throw BindError.sendMarshalFailure(type: "InterfaceInfo", field: "family") } guard let offset = buffer.copyIn(as: UInt8.self, value: _pad, offset: offset) else { throw BindError.sendMarshalFailure(type: "InterfaceInfo", field: "_pad") } guard let offset = buffer.copyIn(as: UInt16.self, value: type, offset: offset) else { throw BindError.sendMarshalFailure(type: "InterfaceInfo", field: "type") } guard let offset = buffer.copyIn(as: Int32.self, value: index, offset: offset) else { throw BindError.sendMarshalFailure(type: "InterfaceInfo", field: "index") } guard let offset = buffer.copyIn(as: UInt32.self, value: flags, offset: offset) else { throw BindError.sendMarshalFailure(type: "InterfaceInfo", field: "flags") } guard let offset = buffer.copyIn(as: UInt32.self, value: change, offset: offset) else { throw BindError.sendMarshalFailure(type: "InterfaceInfo", field: "change") } return offset } mutating func bindBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int { guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "InterfaceInfo", field: "family") } family = value guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "InterfaceInfo", field: "_pad") } _pad = value guard let (offset, value) = buffer.copyOut(as: UInt16.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "InterfaceInfo", field: "type") } type = value guard let (offset, value) = buffer.copyOut(as: Int32.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "InterfaceInfo", field: "index") } index = value guard let (offset, value) = buffer.copyOut(as: UInt32.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "InterfaceInfo", field: "flags") } flags = value guard let (offset, value) = buffer.copyOut(as: UInt32.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "InterfaceInfo", field: "change") } change = value return offset } } struct AddressInfo: Bindable, Equatable { static let size = 8 var family: UInt8 var prefixLength: UInt8 var flags: UInt8 var scope: UInt8 var index: UInt32 init( family: UInt8 = UInt8(AddressFamily.AF_UNSPEC), prefixLength: UInt8 = 32, flags: UInt8 = 0, scope: UInt8 = 0, index: UInt32 = 0 ) { self.family = family self.prefixLength = prefixLength self.flags = flags self.scope = scope self.index = index } func appendBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int { guard let offset = buffer.copyIn(as: UInt8.self, value: family, offset: offset) else { throw BindError.sendMarshalFailure(type: "AddressInfo", field: "family") } guard let offset = buffer.copyIn(as: UInt8.self, value: prefixLength, offset: offset) else { throw BindError.sendMarshalFailure(type: "AddressInfo", field: "prefixLength") } guard let offset = buffer.copyIn(as: UInt8.self, value: flags, offset: offset) else { throw BindError.sendMarshalFailure(type: "AddressInfo", field: "flags") } guard let offset = buffer.copyIn(as: UInt8.self, value: scope, offset: offset) else { throw BindError.sendMarshalFailure(type: "AddressInfo", field: "scope") } guard let offset = buffer.copyIn(as: UInt32.self, value: index, offset: offset) else { throw BindError.sendMarshalFailure(type: "AddressInfo", field: "index") } return offset } mutating func bindBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int { guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "AddressInfo", field: "family") } family = value guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "AddressInfo", field: "prefixLength") } prefixLength = value guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "AddressInfo", field: "flags") } flags = value guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "AddressInfo", field: "scope") } scope = value guard let (offset, value) = buffer.copyOut(as: UInt32.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "AddressInfo", field: "index") } index = value return offset } } struct RouteInfo: Bindable, Equatable { static let size = 12 var family: UInt8 var dstLen: UInt8 var srcLen: UInt8 var tos: UInt8 var table: UInt8 var proto: UInt8 var scope: UInt8 var type: UInt8 var flags: UInt32 init( family: UInt8 = UInt8(AddressFamily.AF_INET), dstLen: UInt8, srcLen: UInt8, tos: UInt8, table: UInt8, proto: UInt8, scope: UInt8, type: UInt8, flags: UInt32 ) { self.family = family self.dstLen = dstLen self.srcLen = srcLen self.tos = tos self.table = table self.proto = proto self.scope = scope self.type = type self.flags = flags } func appendBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int { guard let offset = buffer.copyIn(as: UInt8.self, value: family, offset: offset) else { throw BindError.sendMarshalFailure(type: "RouteInfo", field: "family") } guard let offset = buffer.copyIn(as: UInt8.self, value: dstLen, offset: offset) else { throw BindError.sendMarshalFailure(type: "RouteInfo", field: "dstLen") } guard let offset = buffer.copyIn(as: UInt8.self, value: srcLen, offset: offset) else { throw BindError.sendMarshalFailure(type: "RouteInfo", field: "srcLen") } guard let offset = buffer.copyIn(as: UInt8.self, value: tos, offset: offset) else { throw BindError.sendMarshalFailure(type: "RouteInfo", field: "tos") } guard let offset = buffer.copyIn(as: UInt8.self, value: table, offset: offset) else { throw BindError.sendMarshalFailure(type: "RouteInfo", field: "table") } guard let offset = buffer.copyIn(as: UInt8.self, value: proto, offset: offset) else { throw BindError.sendMarshalFailure(type: "RouteInfo", field: "proto") } guard let offset = buffer.copyIn(as: UInt8.self, value: scope, offset: offset) else { throw BindError.sendMarshalFailure(type: "RouteInfo", field: "scope") } guard let offset = buffer.copyIn(as: UInt8.self, value: type, offset: offset) else { throw BindError.sendMarshalFailure(type: "RouteInfo", field: "type") } guard let offset = buffer.copyIn(as: UInt32.self, value: flags, offset: offset) else { throw BindError.sendMarshalFailure(type: "RouteInfo", field: "flags") } return offset } mutating func bindBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int { guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "RouteInfo", field: "family") } family = value guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "RouteInfo", field: "dstLen") } dstLen = value guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "RouteInfo", field: "srcLen") } srcLen = value guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "RouteInfo", field: "tos") } tos = value guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "RouteInfo", field: "table") } table = value guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "RouteInfo", field: "proto") } proto = value guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "RouteInfo", field: "scope") } scope = value guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "RouteInfo", field: "type") } type = value guard let (offset, value) = buffer.copyOut(as: UInt32.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "RouteInfo", field: "flags") } flags = value return offset } } /// A route information. public struct RTAttribute: Bindable, Equatable { package static let size = 4 public var len: UInt16 public var type: UInt16 public var paddedLen: Int { Int(((len + 3) >> 2) << 2) } init(len: UInt16 = 0, type: UInt16 = 0) { self.len = len self.type = type } package func appendBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int { guard let offset = buffer.copyIn(as: UInt16.self, value: len, offset: offset) else { throw BindError.sendMarshalFailure(type: "RTAttribute", field: "len") } guard let offset = buffer.copyIn(as: UInt16.self, value: type, offset: offset) else { throw BindError.sendMarshalFailure(type: "RTAttribute", field: "type") } return offset } package mutating func bindBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int { guard let (offset, value) = buffer.copyOut(as: UInt16.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "RTAttribute", field: "len") } len = value guard let (offset, value) = buffer.copyOut(as: UInt16.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "RTAttribute", field: "type") } type = value return offset } } /// A route information with data. public struct RTAttributeData { public let attribute: RTAttribute public let data: [UInt8] } /// A response from the get link command. public struct LinkResponse { public let interfaceIndex: Int32 public let interfaceFlags: UInt32 public let interfaceType: UInt16 public let attrDatas: [RTAttributeData] public var isLoopback: Bool { (interfaceFlags & InterfaceFlags.IFF_LOOPBACK) != 0 } public var isEthernet: Bool { interfaceType == ArpHardware.ARPHRD_ETHER && (interfaceFlags & (InterfaceFlags.IFF_LOOPBACK | InterfaceFlags.IFF_POINTOPOINT)) == 0 } public var address: [UInt8]? { attrDatas .filter { $0.attribute.type == LinkAttributeType.IFLA_ADDRESS } .first .map { $0.data } } /// Extract network interface statistics from the response attributes public func getStatistics() throws -> LinkStatistics64? { for attrData in attrDatas { if attrData.attribute.type == LinkAttributeType.IFLA_STATS64 { var stats = LinkStatistics64() var buffer = attrData.data _ = try stats.bindBuffer(&buffer, offset: 0) return stats } } return nil } } /// Network interface statistics (64-bit version) public struct LinkStatistics64: Bindable, Equatable { package static let size = 23 * 8 public var rxPackets: UInt64 public var txPackets: UInt64 public var rxBytes: UInt64 public var txBytes: UInt64 public var rxErrors: UInt64 public var txErrors: UInt64 public var rxDropped: UInt64 public var txDropped: UInt64 public var multicast: UInt64 public var collisions: UInt64 public var rxLengthErrors: UInt64 public var rxOverErrors: UInt64 public var rxCrcErrors: UInt64 public var rxFrameErrors: UInt64 public var rxFifoErrors: UInt64 public var rxMissedErrors: UInt64 public var txAbortedErrors: UInt64 public var txCarrierErrors: UInt64 public var txFifoErrors: UInt64 public var txHeartbeatErrors: UInt64 public var txWindowErrors: UInt64 public var rxCompressed: UInt64 public var txCompressed: UInt64 public init() { self.rxPackets = 0 self.txPackets = 0 self.rxBytes = 0 self.txBytes = 0 self.rxErrors = 0 self.txErrors = 0 self.rxDropped = 0 self.txDropped = 0 self.multicast = 0 self.collisions = 0 self.rxLengthErrors = 0 self.rxOverErrors = 0 self.rxCrcErrors = 0 self.rxFrameErrors = 0 self.rxFifoErrors = 0 self.rxMissedErrors = 0 self.txAbortedErrors = 0 self.txCarrierErrors = 0 self.txFifoErrors = 0 self.txHeartbeatErrors = 0 self.txWindowErrors = 0 self.rxCompressed = 0 self.txCompressed = 0 } package func appendBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int { guard let offset = buffer.copyIn(as: UInt64.self, value: rxPackets, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "rxPackets") } guard let offset = buffer.copyIn(as: UInt64.self, value: txPackets, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "txPackets") } guard let offset = buffer.copyIn(as: UInt64.self, value: rxBytes, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "rxBytes") } guard let offset = buffer.copyIn(as: UInt64.self, value: txBytes, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "txBytes") } guard let offset = buffer.copyIn(as: UInt64.self, value: rxErrors, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "rxErrors") } guard let offset = buffer.copyIn(as: UInt64.self, value: txErrors, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "txErrors") } guard let offset = buffer.copyIn(as: UInt64.self, value: rxDropped, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "rxDropped") } guard let offset = buffer.copyIn(as: UInt64.self, value: txDropped, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "txDropped") } guard let offset = buffer.copyIn(as: UInt64.self, value: multicast, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "multicast") } guard let offset = buffer.copyIn(as: UInt64.self, value: collisions, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "collisions") } guard let offset = buffer.copyIn(as: UInt64.self, value: rxLengthErrors, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "rxLengthErrors") } guard let offset = buffer.copyIn(as: UInt64.self, value: rxOverErrors, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "rxOverErrors") } guard let offset = buffer.copyIn(as: UInt64.self, value: rxCrcErrors, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "rxCrcErrors") } guard let offset = buffer.copyIn(as: UInt64.self, value: rxFrameErrors, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "rxFrameErrors") } guard let offset = buffer.copyIn(as: UInt64.self, value: rxFifoErrors, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "rxFifoErrors") } guard let offset = buffer.copyIn(as: UInt64.self, value: rxMissedErrors, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "rxMissedErrors") } guard let offset = buffer.copyIn(as: UInt64.self, value: txAbortedErrors, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "txAbortedErrors") } guard let offset = buffer.copyIn(as: UInt64.self, value: txCarrierErrors, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "txCarrierErrors") } guard let offset = buffer.copyIn(as: UInt64.self, value: txFifoErrors, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "txFifoErrors") } guard let offset = buffer.copyIn(as: UInt64.self, value: txHeartbeatErrors, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "txHeartbeatErrors") } guard let offset = buffer.copyIn(as: UInt64.self, value: txWindowErrors, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "txWindowErrors") } guard let offset = buffer.copyIn(as: UInt64.self, value: rxCompressed, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "rxCompressed") } guard let offset = buffer.copyIn(as: UInt64.self, value: txCompressed, offset: offset) else { throw BindError.sendMarshalFailure(type: "LinkStatistics64", field: "txCompressed") } return offset } package mutating func bindBuffer(_ buffer: inout [UInt8], offset: Int) throws -> Int { guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "rxPackets") } rxPackets = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "txPackets") } txPackets = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "rxBytes") } rxBytes = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "txBytes") } txBytes = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "rxErrors") } rxErrors = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "txErrors") } txErrors = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "rxDropped") } rxDropped = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "txDropped") } txDropped = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "multicast") } multicast = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "collisions") } collisions = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "rxLengthErrors") } rxLengthErrors = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "rxOverErrors") } rxOverErrors = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "rxCrcErrors") } rxCrcErrors = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "rxFrameErrors") } rxFrameErrors = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "rxFifoErrors") } rxFifoErrors = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "rxMissedErrors") } rxMissedErrors = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "txAbortedErrors") } txAbortedErrors = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "txCarrierErrors") } txCarrierErrors = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "txFifoErrors") } txFifoErrors = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "txHeartbeatErrors") } txHeartbeatErrors = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "txWindowErrors") } txWindowErrors = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "rxCompressed") } rxCompressed = value guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: offset) else { throw BindError.recvMarshalFailure(type: "LinkStatistics64", field: "txCompressed") } txCompressed = value return offset } } /// Errors thrown when parsing netlink data. public enum NetlinkDataError: Swift.Error, CustomStringConvertible, Equatable { case responseError(rc: Int32) case unsupportedPlatform /// The description of the errors. public var description: String { switch self { case .responseError(let rc): return "netlink response indicates error, rc = \(rc)" case .unsupportedPlatform: return "unsupported platform" } } } ================================================ FILE: Sources/ContainerizationOCI/AnnotationKeys.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// AnnotationKeys contains a subset of "dictionary keys" for commonly used annotations in an OCI Image Descriptor /// https://github.com/opencontainers/image-spec/blob/main/annotations.md public struct AnnotationKeys: Codable, Sendable { public static let containerizationIndexIndirect = "com.apple.containerization.index.indirect" public static let containerizationImageName = "com.apple.containerization.image.name" public static let containerdImageName = "io.containerd.image.name" public static let openContainersImageName = "org.opencontainers.image.ref.name" } ================================================ FILE: Sources/ContainerizationOCI/Bundle.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import Foundation #if canImport(Musl) import Musl private let _mount = Musl.mount private let _umount = Musl.umount2 #elseif canImport(Glibc) import Glibc private let _mount = Glibc.mount private let _umount = Glibc.umount2 #endif /// `Bundle` represents an OCI runtime spec bundle for running /// a container. public struct Bundle: Sendable { /// The path to the bundle. public let path: URL /// The path to the OCI runtime spec config.json file. public var configPath: URL { self.path.appending(path: "config.json") } /// The path to a rootfs mount inside the bundle. public var rootfsPath: URL { self.path.appending(path: "rootfs") } /// Create the OCI bundle. /// /// - Parameters: /// - path: A URL pointing to where to create the bundle on the filesystem. /// - spec: A data blob that should contain an OCI runtime spec. This will be written /// to the bundle as a "config.json" file. public static func create(path: URL, spec: Data) throws -> Bundle { try self.init(path: path, spec: spec) } /// Create the OCI bundle. /// /// - Parameters: /// - path: A URL pointing to where to create the bundle on the filesystem. /// - spec: An OCI runtime spec that will be written to the bundle as a "config.json" /// file. public static func create(path: URL, spec: ContainerizationOCI.Spec) throws -> Bundle { try self.init(path: path, spec: spec) } /// Load an OCI bundle from the provided path. /// /// - Parameters: /// - path: A URL pointing to where to load the bundle from on the filesystem. public static func load(path: URL) throws -> Bundle { try self.init(path: path) } private init(path: URL) throws { let fm = FileManager.default if !fm.fileExists(atPath: path.path) { throw ContainerizationError(.invalidArgument, message: "no bundle at \(path.path)") } self.path = path } // This constructor does not do any validation that data is actually a // valid OCI spec. private init(path: URL, spec: Data) throws { self.path = path let fm = FileManager.default try fm.createDirectory( atPath: self.path.appending(component: "rootfs").path, withIntermediateDirectories: true ) try spec.write(to: self.configPath) } private init(path: URL, spec: ContainerizationOCI.Spec) throws { self.path = path let fm = FileManager.default try fm.createDirectory( atPath: self.path.appending(component: "rootfs").path, withIntermediateDirectories: true ) let specData = try JSONEncoder().encode(spec) try specData.write(to: self.configPath) } /// Delete the OCI bundle from the filesystem. public func delete() throws { // Unmount, and then blow away the dir. #if os(Linux) let rootfs = self.rootfsPath if Self.isMountpoint(rootfs) { guard _umount(rootfs.path, 0) == 0 else { throw POSIXError.fromErrno() } } #endif // removeItem is recursive so should blow away the rootfs dir inside as well. let fm = FileManager.default try fm.removeItem(at: self.path) } /// Load and return the OCI runtime spec written to the bundle. public func loadConfig() throws -> ContainerizationOCI.Spec { let data = try Data(contentsOf: self.configPath) return try JSONDecoder().decode(ContainerizationOCI.Spec.self, from: data) } private static func isMountpoint(_ path: URL) -> Bool { var st = stat() var parent_st = stat() guard stat(path.path, &st) == 0 else { return false } let parentPath = path.deletingLastPathComponent() guard stat(parentPath.path, &parent_st) == 0 else { return false } return st.st_dev != parent_st.st_dev } } ================================================ FILE: Sources/ContainerizationOCI/Client/Authentication.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// Abstraction for returning a token needed for logging into an OCI compliant registry. public protocol Authentication: Sendable { func token() async throws -> String } /// Type representing authentication information for client to access the registry. public struct BasicAuthentication: Authentication { /// The username for the authentication. let username: String /// The password or identity token for the user. let password: String public init(username: String, password: String) { self.username = username self.password = password } /// Get a token using the provided username and password. This will be a /// base64 encoded string of the username and password delimited by a colon. public func token() async throws -> String { let credentials = "\(username):\(password)" if let authenticationData = credentials.data(using: .utf8)?.base64EncodedString() { return "Basic \(authenticationData)" } throw Error.invalidCredentials } /// `BasicAuthentication` errors. public enum Error: Swift.Error { case invalidCredentials } } ================================================ FILE: Sources/ContainerizationOCI/Client/KeychainHelper.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import Foundation import ContainerizationOS /// Helper type to lookup registry related values in the macOS keychain. public struct KeychainHelper: Sendable { private let securityDomain: String private let accessGroup: String? /// Create a new keychain helper. /// - Parameters: /// - securityDomain: The security domain used to fetch registry entries in the keychain. /// - accessGroup: If present, the access group used to fetch registry entries in the keychain. public init(securityDomain: String, accessGroup: String? = nil) { self.securityDomain = securityDomain self.accessGroup = accessGroup } /// Lookup authentication data for a given registry hostname. /// - Parameters: /// - hostname: The hostname for the registry. /// - Returns: The authentication object for the registry. /// - Throws: An error if the keychain query fails. public func lookup(hostname: String) throws -> Authentication { let kq = KeychainQuery() do { guard let fetched = try kq.get( securityDomain: self.securityDomain, accessGroup: self.accessGroup, hostname: hostname) else { throw Self.Error.keyNotFound } return BasicAuthentication( username: fetched.username, password: fetched.password ) } catch let err as KeychainQuery.Error { switch err { case .keyNotPresent(_): throw Self.Error.keyNotFound default: throw Self.Error.queryError("query failure: \(String(describing: err))") } } } /// Lists all registry entries for this security domain. /// - Returns: An array of registry metadata for each matching entry, or an empty array if none are found. /// - Throws: An error if the keychain query fails. public func list() throws -> [RegistryInfo] { let kq = KeychainQuery() return try kq.list(securityDomain: self.securityDomain, accessGroup: self.accessGroup) } /// Delete authorization data for a given hostname from the keychain. /// - Parameters: /// - hostname: The hostname for the registry. /// - Throws: An error if the keychain query fails. public func delete(hostname: String) throws { let kq = KeychainQuery() try kq.delete(securityDomain: self.securityDomain, accessGroup: self.accessGroup, hostname: hostname) } /// Save authorization data for a given hostname to the keychain. /// - Parameters: /// - hostname: The hostname for the registry. /// - username: The username to present to the registry. /// - password: The password to present to the registry. /// - Throws: An error if the keychain query fails or returns unexpected data. public func save(hostname: String, username: String, password: String) throws { let kq = KeychainQuery() try kq.save( securityDomain: self.securityDomain, accessGroup: self.accessGroup, hostname: hostname, username: username, password: password ) } /// Prompt for authorization data for a given hostname to be saved to the keychain. /// This will cause the current terminal to enter a password prompt state where /// key strokes are hidden. public func credentialPrompt(hostname: String) throws -> Authentication { let username = try userPrompt(hostname: hostname) let password = try passwordPrompt() return BasicAuthentication(username: username, password: password) } /// Prompts the current stdin for a username entry and then returns the value. public func userPrompt(hostname: String) throws -> String { print("Provide registry username \(hostname): ", terminator: "") guard let username = readLine() else { throw Self.Error.invalidInput } return username } /// Prompts the current stdin for a password entry and then returns the value. /// This will cause the current stdin (if it is a terminal) to hide keystrokes /// by disabling echo. public func passwordPrompt() throws -> String { print("Provide registry password: ", terminator: "") let console = try Terminal.current defer { console.tryReset() } try console.disableEcho() guard let password = readLine() else { throw Self.Error.invalidInput } return password } } extension KeychainHelper { /// `KeychainHelper` errors. public enum Error: Swift.Error { case keyNotFound case invalidInput case queryError(String) } } #endif ================================================ FILE: Sources/ContainerizationOCI/Client/LocalOCILayoutClient.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationExtras import Crypto import Foundation import NIOCore import NIOFoundationCompat package final class LocalOCILayoutClient: ContentClient { let cs: LocalContentStore package init(root: URL) throws { self.cs = try LocalContentStore(path: root) } private func _fetch(digest: String) async throws -> Content { guard let c: Content = try await self.cs.get(digest: digest) else { throw Error.missingContent(digest) } return c } private func calculateFileDigest(at url: URL) throws -> SHA256Digest { let fileHandle = try FileHandle(forReadingFrom: url) defer { try? fileHandle.close() } var hasher = SHA256() let chunkSize = Int(getpagesize()) * 1024 while true { let chunk = fileHandle.readData(ofLength: chunkSize) if chunk.isEmpty { break } hasher.update(data: chunk) } return hasher.finalize() } package func fetch(name: String, descriptor: Descriptor) async throws -> T { let c = try await self._fetch(digest: descriptor.digest) return try c.decode() } package func fetchBlob(name: String, descriptor: Descriptor, into file: URL, progress: ProgressHandler?) async throws -> (Int64, SHA256Digest) { let c = try await self._fetch(digest: descriptor.digest) let fileManager = FileManager.default let filePath = file.absolutePath() do { let src = c.path try fileManager.copyItem(at: src, to: file) if let progress, let fileSize = fileManager.fileSize(atPath: filePath) { await progress([ .addSize(fileSize) ]) } } catch let error as NSError { guard error.code == NSFileWriteFileExistsError else { throw error } do { let expectedDigest = try c.digest() let existingDigest = try calculateFileDigest(at: file) guard existingDigest.digestString == expectedDigest.digestString else { throw ContainerizationError( .internalError, message: "file \(filePath) exists but contains different content, expected digest: \(expectedDigest.digestString), existing digest: \(existingDigest.digestString)" ) } if let progress, let fileSize = fileManager.fileSize(atPath: filePath) { await progress([ .addSize(fileSize) ]) } } catch { throw error } } let size = try Int64(c.size()) let digest = try c.digest() return (size, digest) } package func fetchData(name: String, descriptor: Descriptor) async throws -> Data { let c = try await self._fetch(digest: descriptor.digest) return try c.data() } package func push( name: String, ref: String, descriptor: Descriptor, streamGenerator: () throws -> T, progress: ProgressHandler? ) async throws where T.Element == ByteBuffer { let input = try streamGenerator() let (id, dir) = try await self.cs.newIngestSession() do { let into = dir.appendingPathComponent(descriptor.digest.trimmingDigestPrefix) guard FileManager.default.createFile(atPath: into.path, contents: nil) else { throw Error.cannotCreateFile } let fd = try FileHandle(forWritingTo: into) defer { try? fd.close() } var wrote = 0 var hasher = SHA256() for try await buffer in input { wrote += buffer.readableBytes try fd.write(contentsOf: buffer.readableBytesView) hasher.update(data: buffer.readableBytesView) } try await self.cs.completeIngestSession(id) } catch { try await self.cs.cancelIngestSession(id) } } } extension LocalOCILayoutClient { private static let ociLayoutFileName = "oci-layout" private static let ociLayoutVersionString = "imageLayoutVersion" private static let ociLayoutIndexFileName = "index.json" package func loadIndexFromOCILayout(directory: URL) throws -> ContainerizationOCI.Index { let fm = FileManager.default let decoder = JSONDecoder() let ociLayoutFile = directory.appendingPathComponent(Self.ociLayoutFileName) guard fm.fileExists(atPath: ociLayoutFile.absolutePath()) else { throw ContainerizationError(.notFound, message: ociLayoutFile.absolutePath()) } var data = try Data(contentsOf: ociLayoutFile) let ociLayout = try decoder.decode([String: String].self, from: data) guard ociLayout[Self.ociLayoutVersionString] != nil else { throw ContainerizationError(.empty, message: "missing key \(Self.ociLayoutVersionString) in \(ociLayoutFile.absolutePath())") } let indexFile = directory.appendingPathComponent(Self.ociLayoutIndexFileName) guard fm.fileExists(atPath: indexFile.absolutePath()) else { throw ContainerizationError(.notFound, message: indexFile.absolutePath()) } data = try Data(contentsOf: indexFile) let index = try decoder.decode(ContainerizationOCI.Index.self, from: data) return index } package func createOCILayoutStructure(directory: URL, manifests: [Descriptor]) throws { let fm = FileManager.default let encoder = JSONEncoder() encoder.outputFormatting = [.withoutEscapingSlashes] let ingestDir = directory.appendingPathComponent("ingest") try? fm.removeItem(at: ingestDir) let ociLayoutContent: [String: String] = [ Self.ociLayoutVersionString: "1.0.0" ] var data = try encoder.encode(ociLayoutContent) var p = directory.appendingPathComponent(Self.ociLayoutFileName).absolutePath() guard fm.createFile(atPath: p, contents: data) else { throw ContainerizationError(.internalError, message: "failed to create file \(p)") } let idx = ContainerizationOCI.Index(schemaVersion: 2, manifests: manifests) data = try encoder.encode(idx) p = directory.appendingPathComponent(Self.ociLayoutIndexFileName).absolutePath() guard fm.createFile(atPath: p, contents: data) else { throw ContainerizationError(.internalError, message: "failed to create file \(p)") } } package func setImageReferenceAnnotation(descriptor: inout Descriptor, reference: String) { var annotations = descriptor.annotations ?? [:] annotations[AnnotationKeys.containerizationImageName] = reference annotations[AnnotationKeys.containerdImageName] = reference annotations[AnnotationKeys.openContainersImageName] = reference descriptor.annotations = annotations } package func getImageReferencefromDescriptor(descriptor: Descriptor) -> String { let annotations = descriptor.annotations // Annotations here do not conform to the OCI image specification. // The interpretation of the annotations "org.opencontainers.image.ref.name" and // "io.containerd.image.name" is under debate: // - OCI spec examples suggest it should be the image tag: // https://github.com/opencontainers/image-spec/blob/fbb4662eb53b80bd38f7597406cf1211317768f0/image-layout.md?plain=1#L175 // - Buildkitd maintainers argue it should represent the full image name: // https://github.com/moby/buildkit/issues/4615#issuecomment-2521810830 // Until a consensus is reached, the preference is given to "com.apple.containerization.image.name" and then to // using "io.containerd.image.name" as it is the next safest choice if let annotations { if let name = annotations[AnnotationKeys.containerizationImageName] { return name } if let name = annotations[AnnotationKeys.containerdImageName] { return name } if let name = annotations[AnnotationKeys.openContainersImageName] { return name } } // Fallback: Generate digest-based reference for images without annotations // This makes sure OCI spec compliance as annotations are optional return "untagged@\(descriptor.digest)" } package enum Error: Swift.Error { case missingContent(_ digest: String) case unsupportedInput case cannotCreateFile } } ================================================ FILE: Sources/ContainerizationOCI/Client/RegistryClient+Catalog.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import AsyncHTTPClient import ContainerizationError import Foundation import NIOFoundationCompat private struct CatalogResponse: Sendable, Decodable { let repositories: [String] } extension RegistryClient { /// List repositories in the registry. /// /// Implements GET /v2/_catalog from the OCI Distribution Spec with pagination. /// When prefix is provided, pagination skips ahead to the relevant portion of /// the lexically-sorted catalog and stops once results move past the prefix. /// /// - Parameter prefix: Optional prefix to filter repository names. Must be at least /// two characters long to enable the skip-ahead optimization; shorter values are /// treated as no prefix. /// - Returns: An array of repository names matching the prefix (or all repositories /// if no prefix is given). public func catalog(prefix: String? = nil) async throws -> [String] { let effectivePrefix = prefix.flatMap { $0.count >= 2 ? $0 : nil } var allRepos: [String] = [] // When a prefix is provided, skip ahead in the lexically-sorted catalog // by setting last to one position before the prefix. The OCI spec // returns entries that sort after last, so dropping the last character // of the prefix positions the cursor just before matching entries. var last: String? = effectivePrefix.map { String($0.dropLast()) } let pageSize = 100 while true { var components = base components.path = "/v2/_catalog" var queryItems = [URLQueryItem(name: "n", value: String(pageSize))] if let last { queryItems.append(URLQueryItem(name: "last", value: last)) } components.queryItems = queryItems let repos: [String] = try await request(components: components) { response in guard response.status == .ok else { let url = components.url?.absoluteString ?? "unknown" let reason = await ErrorResponse.fromResponseBody(response.body)?.jsonString throw Error.invalidStatus(url: url, response.status, reason: reason) } let buffer = try await response.body.collect(upTo: self.bufferSize) return try JSONDecoder().decode(CatalogResponse.self, from: buffer).repositories } if let effectivePrefix { let matching = repos.filter { $0.hasPrefix(effectivePrefix) } allRepos.append(contentsOf: matching) if let lastRepo = repos.last, !lastRepo.hasPrefix(effectivePrefix) && lastRepo > effectivePrefix { break } } else { allRepos.append(contentsOf: repos) } if repos.count < pageSize { break } last = repos.last } return allRepos } } ================================================ FILE: Sources/ContainerizationOCI/Client/RegistryClient+Error.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import AsyncHTTPClient import Foundation import NIOHTTP1 extension RegistryClient { /// `RegistryClient` errors. public enum Error: Swift.Error, CustomStringConvertible { case invalidStatus(url: String, HTTPResponseStatus, reason: String? = nil) /// Description of the errors. public var description: String { switch self { case .invalidStatus(let u, let response, let reason): return "HTTP request to \(u) failed with response: \(response.description). Reason: \(reason ?? "Unknown")" } } } /// The container registry typically returns actionable failure reasons in the response body /// of the failing HTTP Request. This type models the structure of the error message. /// Reference: https://distribution.github.io/distribution/spec/api/#errors internal struct ErrorResponse: Codable { let errors: [RemoteError] internal struct RemoteError: Codable { let code: String let message: String let detail: String? } internal static func fromResponseBody(_ body: HTTPClientResponse.Body) async -> ErrorResponse? { guard var buffer = try? await body.collect(upTo: Int(1.mib())) else { return nil } guard let bytes = buffer.readBytes(length: buffer.readableBytes) else { return nil } let data = Data(bytes) guard let jsonError = try? JSONDecoder().decode(ErrorResponse.self, from: data) else { return nil } return jsonError } public var jsonString: String { let data = try? JSONEncoder().encode(self) guard let data else { return "{}" } return String(data: data, encoding: .utf8) ?? "{}" } } } ================================================ FILE: Sources/ContainerizationOCI/Client/RegistryClient+Fetch.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import AsyncHTTPClient import ContainerizationError import ContainerizationExtras import Crypto import Foundation import NIOFoundationCompat #if os(macOS) import _NIOFileSystem #endif extension RegistryClient { /// Resolve sends a HEAD request to the registry to find root manifest descriptor. /// This descriptor serves as an entry point to retrieve resources from the registry. public func resolve(name: String, tag: String) async throws -> Descriptor { var components = base // Make HEAD request to retrieve the digest header components.path = "/v2/\(name)/manifests/\(tag)" // The client should include an Accept header indicating which manifest content types it supports. let mediaTypes = [ MediaTypes.dockerManifest, MediaTypes.dockerManifestList, MediaTypes.imageManifest, MediaTypes.index, "*/*", ] let headers = [ ("Accept", mediaTypes.joined(separator: ", ")) ] return try await request(components: components, method: .HEAD, headers: headers) { response in guard response.status == .ok else { let url = components.url?.absoluteString ?? "unknown" let reason = await ErrorResponse.fromResponseBody(response.body)?.jsonString throw Error.invalidStatus(url: url, response.status, reason: reason) } guard let digest = response.headers.first(name: "Docker-Content-Digest") else { throw ContainerizationError(.invalidArgument, message: "missing required header Docker-Content-Digest") } guard let type = response.headers.first(name: "Content-Type") else { throw ContainerizationError(.invalidArgument, message: "missing required header Content-Type") } guard let sizeStr = response.headers.first(name: "Content-Length") else { throw ContainerizationError(.invalidArgument, message: "missing required header Content-Length") } guard let size = Int64(sizeStr) else { throw ContainerizationError(.invalidArgument, message: "cannot convert \(sizeStr) to Int64") } return Descriptor(mediaType: type, digest: digest, size: size) } } /// Fetch resource (either manifest or blob) to memory with JSON decoding. public func fetch(name: String, descriptor: Descriptor) async throws -> T { var components = base let manifestTypes = [ MediaTypes.dockerManifest, MediaTypes.dockerManifestList, MediaTypes.imageManifest, MediaTypes.index, ] let isManifest = manifestTypes.contains(where: { $0 == descriptor.mediaType }) let resource = isManifest ? "manifests" : "blobs" components.path = "/v2/\(name)/\(resource)/\(descriptor.digest)" let mediaType = descriptor.mediaType if mediaType.isEmpty { throw ContainerizationError(.invalidArgument, message: "missing media type for descriptor \(descriptor.digest)") } let headers = [ ("Accept", mediaType) ] return try await requestJSON(components: components, headers: headers) } /// Fetch resource (either manifest or blob) to memory as raw `Data`. public func fetchData(name: String, descriptor: Descriptor) async throws -> Data { var components = base let manifestTypes = [ MediaTypes.dockerManifest, MediaTypes.dockerManifestList, MediaTypes.imageManifest, MediaTypes.index, ] let isManifest = manifestTypes.contains(where: { $0 == descriptor.mediaType }) let resource = isManifest ? "manifests" : "blobs" components.path = "/v2/\(name)/\(resource)/\(descriptor.digest)" let mediaType = descriptor.mediaType if mediaType.isEmpty { throw ContainerizationError(.invalidArgument, message: "missing media type for descriptor \(descriptor.digest)") } let headers = [ ("Accept", mediaType) ] return try await requestData(components: components, headers: headers) } /// Fetch a blob from remote registry. /// This method is suitable for streaming data. public func fetchBlob( name: String, descriptor: Descriptor, closure: (Int64, HTTPClientResponse.Body) async throws -> Void ) async throws { var components = base components.path = "/v2/\(name)/blobs/\(descriptor.digest)" let mediaType = descriptor.mediaType if mediaType.isEmpty { throw ContainerizationError(.invalidArgument, message: "missing media type for descriptor \(descriptor.digest)") } let headers = [ ("Accept", mediaType) ] try await request(components: components, headers: headers) { response in guard response.status == .ok else { let url = components.url?.absoluteString ?? "unknown" let reason = await ErrorResponse.fromResponseBody(response.body)?.jsonString throw Error.invalidStatus(url: url, response.status, reason: reason) } // How many bytes to expect guard let expectedBytes = response.headers.first(name: "Content-Length").flatMap(Int64.init) else { throw ContainerizationError(.invalidArgument, message: "missing required header Content-Length") } try await closure(expectedBytes, response.body) } } #if os(macOS) /// Fetch a blob from remote registry and write the contents into a file in the provided directory. public func fetchBlob(name: String, descriptor: Descriptor, into file: URL, progress: ProgressHandler?) async throws -> (Int64, SHA256Digest) { var hasher = SHA256() var received: Int64 = 0 let fs = _NIOFileSystem.FileSystem.shared let handle = try await fs.openFile(forWritingAt: FilePath(file.absolutePath()), options: .newFile(replaceExisting: true)) var writer = handle.bufferedWriter() do { try await self.fetchBlob(name: name, descriptor: descriptor) { (size, body) in var itr = body.makeAsyncIterator() while let buf = try await itr.next() { let readBytes = Int64(buf.readableBytes) received += readBytes let written = try await writer.write(contentsOf: buf) await progress?([ .addSize(written) ]) guard written == readBytes else { throw ContainerizationError( .internalError, message: "could not write \(readBytes) bytes to file \(file)" ) } hasher.update(data: buf.readableBytesView) } } try await writer.flush() try await handle.close() } catch { do { try await handle.close() } catch { // Use `detachUnsafeFileDescriptor()` as suggested by the error message to prevent a leak detection crash when `close()` fails. _ = try handle.detachUnsafeFileDescriptor() } throw error } let computedDigest = hasher.finalize() return (received, computedDigest) } #else /// Fetch a blob from remote registry and write the contents into a file in the provided directory. public func fetchBlob(name: String, descriptor: Descriptor, into file: URL, progress: ProgressHandler?) async throws -> (Int64, SHA256Digest) { var hasher = SHA256() var received: Int64 = 0 guard FileManager.default.createFile(atPath: file.path, contents: nil) else { throw ContainerizationError(.internalError, message: "cannot create file at path \(file.path)") } try await self.fetchBlob(name: name, descriptor: descriptor) { (size, body) in let fd = try FileHandle(forWritingTo: file) defer { try? fd.close() } var itr = body.makeAsyncIterator() while let buf = try await itr.next() { let readBytes = Int64(buf.readableBytes) received += readBytes await progress?([ .addSize(readBytes) ]) try fd.write(contentsOf: buf.readableBytesView) hasher.update(data: buf.readableBytesView) } } let computedDigest = hasher.finalize() return (received, computedDigest) } #endif } ================================================ FILE: Sources/ContainerizationOCI/Client/RegistryClient+Push.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import AsyncHTTPClient import ContainerizationError import ContainerizationExtras import Foundation import NIO extension RegistryClient { /// Pushes the content specified by a descriptor to a remote registry. /// - Parameters: /// - name: The namespace which the descriptor should belong under. /// - tag: The tag or digest for uniquely identifying the manifest. /// By convention, any portion that may be a partial or whole digest /// will be proceeded by an `@`. Anything preceding the `@` will be referred /// to as "tag". /// This is usually broken down into the following possibilities: /// 1. /// 2. @ /// 3. @ /// The tag is anything except `@` and `:`, and digest is anything after the `@` /// - descriptor: The OCI descriptor of the content to be pushed. /// - streamGenerator: A closure that produces an`AsyncStream` of `ByteBuffer` /// for streaming data to the `HTTPClientRequest.Body`. /// The caller is responsible for providing the `AsyncStream` where the data may come from /// a file on disk, data in memory, etc. /// - progress: The progress handler to invoke as data is sent. public func push( name: String, ref tag: String, descriptor: Descriptor, streamGenerator: () throws -> T, progress: ProgressHandler? ) async throws where T.Element == ByteBuffer { var components = base let mediaType = descriptor.mediaType if mediaType.isEmpty { throw ContainerizationError(.invalidArgument, message: "missing media type for descriptor \(descriptor.digest)") } var isManifest = false var existCheck: [String] = [] switch mediaType { case MediaTypes.dockerManifest, MediaTypes.dockerManifestList, MediaTypes.imageManifest, MediaTypes.index: isManifest = true existCheck = self.getManifestPath(tag: tag, digest: descriptor.digest) default: existCheck = ["blobs", descriptor.digest] } // Check if the content already exists. components.path = "/v2/\(name)/\(existCheck.joined(separator: "/"))" let mediaTypes = [ mediaType, "*/*", ] var headers = [ ("Accept", mediaTypes.joined(separator: ", ")) ] try await request(components: components, method: .HEAD, headers: headers) { response in if response.status == .ok { var exists = false if isManifest && existCheck[1] != descriptor.digest { if descriptor.digest == response.headers.first(name: "Docker-Content-Digest") { exists = true } } else { exists = true } if exists { throw ContainerizationError(.exists, message: "content already exists \(descriptor.digest)") } } else if response.status != .notFound { let url = components.url?.absoluteString ?? "unknown" let reason = await ErrorResponse.fromResponseBody(response.body)?.jsonString throw Error.invalidStatus(url: url, response.status, reason: reason) } } if isManifest { let path = self.getManifestPath(tag: tag, digest: descriptor.digest) components.path = "/v2/\(name)/\(path.joined(separator: "/"))" headers = [ ("Content-Type", mediaType) ] } else { // Start upload request for blobs. components.path = "/v2/\(name)/blobs/uploads/" try await request(components: components, method: .POST) { response in switch response.status { case .ok, .accepted, .noContent: break case .created: throw ContainerizationError(.exists, message: "content already exists \(descriptor.digest)") default: let url = components.url?.absoluteString ?? "unknown" let reason = await ErrorResponse.fromResponseBody(response.body)?.jsonString throw Error.invalidStatus(url: url, response.status, reason: reason) } // Get the location to upload the blob. guard let location = response.headers.first(name: "Location") else { throw ContainerizationError(.invalidArgument, message: "missing required header Location") } guard let urlComponents = URLComponents(string: location) else { throw ContainerizationError(.invalidArgument, message: "invalid url \(location)") } var queryItems = urlComponents.queryItems ?? [] queryItems.append(URLQueryItem(name: "digest", value: descriptor.digest)) components.path = urlComponents.path components.queryItems = queryItems headers = [ ("Content-Type", "application/octet-stream"), ("Content-Length", String(descriptor.size)), ] } } // We have to pass a body closure rather than a body to reset the stream when retrying. let bodyClosure = { let stream = try streamGenerator() let body = HTTPClientRequest.Body.stream(stream, length: .known(descriptor.size)) return body } return try await request(components: components, method: .PUT, bodyClosure: bodyClosure, headers: headers) { response in switch response.status { case .ok, .created, .noContent: break default: let url = components.url?.absoluteString ?? "unknown" let reason = await ErrorResponse.fromResponseBody(response.body)?.jsonString throw Error.invalidStatus(url: url, response.status, reason: reason) } guard descriptor.digest == response.headers.first(name: "Docker-Content-Digest") else { let required = response.headers.first(name: "Docker-Content-Digest") ?? "" throw ContainerizationError(.internalError, message: "digest mismatch \(descriptor.digest) != \(required)") } } } private func getManifestPath(tag: String, digest: String) -> [String] { var object = tag if let i = tag.firstIndex(of: "@") { let index = tag.index(after: i) if String(tag[index...]) != digest { object = "" } else { object = String(tag[...i]) } } if object == "" { return ["manifests", digest] } return ["manifests", object] } } ================================================ FILE: Sources/ContainerizationOCI/Client/RegistryClient+Referrers.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import AsyncHTTPClient import ContainerizationError import Foundation import NIOFoundationCompat extension RegistryClient { /// Query the OCI referrers API for artifacts that reference a given manifest digest. /// /// Implements `GET /v2/{name}/referrers/{digest}` from the OCI Distribution Spec v1.1. /// Falls back to the referrers tag schema when the API is not available (404). /// /// - Parameters: /// - name: The repository name (e.g., "library/ubuntu"). /// - digest: The digest of the subject manifest (e.g., "sha256:abc123..."). /// - artifactType: Optional filter to return only referrers with a matching artifactType. /// - Returns: An `Index` whose `manifests` array contains descriptors of referring artifacts. /// Returns an empty index if the registry does not support the referrers API /// and no tag schema fallback is available. public func referrers(name: String, digest: String, artifactType: String? = nil) async throws -> Index { var components = base components.path = "/v2/\(name)/referrers/\(digest)" if let artifactType { components.queryItems = [URLQueryItem(name: "artifactType", value: artifactType)] } let headers = [("Accept", MediaTypes.index)] let result: Index = try await request(components: components, method: .GET, headers: headers) { response in if response.status == .notFound { return await self.referrersTagFallback(name: name, digest: digest, artifactType: artifactType) } guard response.status == .ok else { let url = components.url?.absoluteString ?? "unknown" let reason = await ErrorResponse.fromResponseBody(response.body)?.jsonString throw Error.invalidStatus(url: url, response.status, reason: reason) } let buffer = try await response.body.collect(upTo: self.bufferSize) return try JSONDecoder().decode(Index.self, from: buffer) } return result } /// Fallback for registries that don't support the referrers API. /// /// Uses the OCI referrers tag schema: referrers for a digest are stored as an /// index at the tag `-` (e.g., `sha256-abc123...`). private func referrersTagFallback(name: String, digest: String, artifactType: String? = nil) async -> Index { let referrerTag = digest.replacingOccurrences(of: ":", with: "-") let descriptor: Descriptor do { descriptor = try await resolve(name: name, tag: referrerTag) } catch { return Index(schemaVersion: 2, manifests: []) } let index: Index do { index = try await fetch(name: name, descriptor: descriptor) } catch { return Index(schemaVersion: 2, manifests: []) } guard let artifactType else { return index } let filtered = index.manifests.filter { $0.artifactType == artifactType } return Index(schemaVersion: 2, manifests: filtered) } } ================================================ FILE: Sources/ContainerizationOCI/Client/RegistryClient+Token.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import AsyncHTTPClient import ContainerizationError import Foundation struct TokenRequest { public static let authenticateHeaderName = "WWW-Authenticate" /// The credentials that will be used in the authentication header when fetching the token. let authentication: Authentication? /// The realm against which the token should be requested. let realm: String /// The name of the service which hosts the resource. let service: String /// Whether to return a refresh token along with the bearer token. let offlineToken: Bool /// String identifying the client. let clientId: String /// The resource in question, formatted as one of the space-delimited entries from the scope parameters from the WWW-Authenticate header shown above. let scope: String? init( realm: String, service: String, clientId: String, scope: String?, offlineToken: Bool = false, authentication: Authentication? = nil ) { self.realm = realm self.service = service self.offlineToken = offlineToken self.clientId = clientId self.scope = scope self.authentication = authentication } } struct TokenResponse: Codable, Hashable { /// An opaque Bearer token that clients should supply to subsequent requests in the Authorization header. let token: String? /// For compatibility with OAuth 2.0, we will also accept token under the name access_token. /// At least one of these fields must be specified, but both may also appear (for compatibility with older clients). /// When both are specified, they should be equivalent; if they differ the client's choice is undefined. let accessToken: String? /// The duration in seconds since the token was issued that it will remain valid. /// When omitted, this defaults to 60 seconds. let expiresIn: UInt? /// The RFC3339-serialized UTC standard time at which a given token was issued. /// If issued_at is omitted, the expiration is from when the token exchange completed. let issuedAt: String? /// Token which can be used to get additional access tokens for the same subject with different scopes. /// This token should be kept secure by the client and only sent to the authorization server which issues bearer tokens. /// This field will only be set when `offline_token=true` is provided in the request. let refreshToken: String? var scope: String? private enum CodingKeys: String, CodingKey { case token = "token" case accessToken = "access_token" case expiresIn = "expires_in" case issuedAt = "issued_at" case refreshToken = "refresh_token" } func getToken() -> String? { if let t = token ?? accessToken { return "Bearer \(t)" } return nil } func isValid(scope: String?) -> Bool { guard let issuedAt else { return false } let isoFormatter = ISO8601DateFormatter() isoFormatter.formatOptions = [.withInternetDateTime, .withFractionalSeconds] guard let issued = isoFormatter.date(from: issuedAt) else { return false } let expiresIn = expiresIn ?? 0 let now = Date() let elapsed = now.timeIntervalSince(issued) guard elapsed < Double(expiresIn) else { return false } if let requiredScope = scope { return requiredScope == self.scope } return false } } struct AuthenticateChallenge: Equatable { let type: String let realm: String? let service: String? let scope: String? let error: String? init(type: String, realm: String?, service: String?, scope: String?, error: String?) { self.type = type self.realm = realm self.service = service self.scope = scope self.error = error } init(type: String, values: [String: String]) { self.type = type self.realm = values["realm"] self.service = values["service"] self.scope = values["scope"] self.error = values["error"] } } extension RegistryClient { /// Fetch an auto token for all subsequent HTTP requests /// See https://docs.docker.com/registry/spec/auth/token/ internal func fetchToken(request: TokenRequest) async throws -> TokenResponse { guard var components = URLComponents(string: request.realm) else { throw ContainerizationError(.invalidArgument, message: "cannot create URL from \(request.realm)") } components.queryItems = [ URLQueryItem(name: "client_id", value: request.clientId), URLQueryItem(name: "service", value: request.service), ] var scope = "" if let reqScope = request.scope { scope = reqScope components.queryItems?.append(URLQueryItem(name: "scope", value: reqScope)) } if request.offlineToken { components.queryItems?.append(URLQueryItem(name: "offline_token", value: "true")) } var response: TokenResponse = try await requestJSON(components: components, headers: []) response.scope = scope return response } internal func createTokenRequest(parsing authenticateHeaders: [String]) throws -> TokenRequest { let parsedHeaders = Self.parseWWWAuthenticateHeaders(headers: authenticateHeaders) let bearerChallenge = parsedHeaders.first { $0.type == "Bearer" } guard let bearerChallenge else { throw ContainerizationError(.invalidArgument, message: "missing Bearer challenge in \(TokenRequest.authenticateHeaderName) header") } guard let realm = bearerChallenge.realm else { throw ContainerizationError(.invalidArgument, message: "cannot parse realm from \(TokenRequest.authenticateHeaderName) header") } guard let service = bearerChallenge.service else { throw ContainerizationError(.invalidArgument, message: "cannot parse service from \(TokenRequest.authenticateHeaderName) header") } let scope = bearerChallenge.scope let tokenRequest = TokenRequest(realm: realm, service: service, clientId: self.clientID, scope: scope, authentication: self.authentication) return tokenRequest } internal static func parseWWWAuthenticateHeaders(headers: [String]) -> [AuthenticateChallenge] { var parsed: [String: [String: String]] = [:] for challenge in headers { let trimmedChallenge = challenge.trimmingCharacters(in: .whitespacesAndNewlines) let parts = trimmedChallenge.split(separator: " ", maxSplits: 1) guard parts.count == 2 else { continue } guard let scheme = parts.first else { continue } var params: [String: String] = [:] let header = String(parts[1]) let pattern = #"(\w+)="([^"]+)"# let regex = try! NSRegularExpression(pattern: pattern, options: []) let matches = regex.matches(in: header, options: [], range: NSRange(header.startIndex..., in: header)) for match in matches { if let keyRange = Range(match.range(at: 1), in: header), let valueRange = Range(match.range(at: 2), in: header) { let key = String(header[keyRange]) let value = String(header[valueRange]) params[key] = value } } parsed[String(scheme)] = params } var parsedChallenges: [AuthenticateChallenge] = [] for (type, values) in parsed { parsedChallenges.append(.init(type: type, values: values)) } return parsedChallenges } } ================================================ FILE: Sources/ContainerizationOCI/Client/RegistryClient.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import AsyncHTTPClient import ContainerizationError import ContainerizationExtras import ContainerizationOS import Foundation import Logging import NIO import NIOHTTP1 import NIOSSL #if os(macOS) import Network #endif /// Data used to control retry behavior for `RegistryClient`. public struct RetryOptions: Sendable { /// The maximum number of retries to attempt before failing. public var maxRetries: Int /// The retry interval in nanoseconds. public var retryInterval: UInt64 /// A provided closure to handle if a given HTTP response should be /// retried. public var shouldRetry: (@Sendable (HTTPClientResponse) -> Bool)? public init(maxRetries: Int, retryInterval: UInt64, shouldRetry: (@Sendable (HTTPClientResponse) -> Bool)? = nil) { self.maxRetries = maxRetries self.retryInterval = retryInterval self.shouldRetry = shouldRetry } } /// A client for interacting with OCI compliant container registries. public final class RegistryClient: ContentClient { private static let defaultRetryOptions = RetryOptions( maxRetries: 3, retryInterval: 1_000_000_000, shouldRetry: ({ response in response.status.code >= 500 }) ) let client: HTTPClient let proxyURL: URL? let base: URLComponents let clientID: String let authentication: Authentication? let retryOptions: RetryOptions? let bufferSize: Int public convenience init( reference: String, insecure: Bool = false, auth: Authentication? = nil, tlsConfiguration: TLSConfiguration? = nil, logger: Logger? = nil, ) throws { let ref = try Reference.parse(reference) guard let domain = ref.resolvedDomain else { throw ContainerizationError(.invalidArgument, message: "invalid domain for image reference \(reference)") } let scheme = insecure ? "http" : "https" let _url = "\(scheme)://\(domain)" guard let url = URL(string: _url) else { throw ContainerizationError(.invalidArgument, message: "cannot convert \(_url) to URL") } guard let host = url.host else { throw ContainerizationError(.invalidArgument, message: "invalid host \(domain)") } let port = url.port self.init( host: host, scheme: scheme, port: port, authentication: auth, retryOptions: Self.defaultRetryOptions, tlsConfiguration: tlsConfiguration, ) } public init( host: String, scheme: String? = "https", port: Int? = nil, authentication: Authentication? = nil, clientID: String? = nil, retryOptions: RetryOptions? = nil, bufferSize: Int = Int(4.mib()), tlsConfiguration: TLSConfiguration? = nil, logger: Logger? = nil, ) { var components = URLComponents() components.scheme = scheme components.host = host components.port = port self.base = components self.clientID = clientID ?? "containerization-registry-client" self.authentication = authentication self.retryOptions = retryOptions self.bufferSize = bufferSize var httpConfiguration = HTTPClient.Configuration() // proxy configuration assumes all client requests will go to `base` URL self.proxyURL = ProxyUtils.proxyFromEnvironment(scheme: scheme, host: host) if let proxyURL = self.proxyURL, let proxyHost = proxyURL.host { let proxyPort = proxyURL.port ?? (proxyURL.scheme == "https" ? 443 : 80) httpConfiguration.proxy = HTTPClient.Configuration.Proxy.server(host: proxyHost, port: proxyPort) } if tlsConfiguration != nil { httpConfiguration.tlsConfiguration = tlsConfiguration } if let logger { self.client = HTTPClient(eventLoopGroupProvider: .singleton, configuration: httpConfiguration, backgroundActivityLogger: logger) } else { self.client = HTTPClient(eventLoopGroupProvider: .singleton, configuration: httpConfiguration) } } deinit { _ = client.shutdown() } func host() -> String { base.host ?? "" } internal func request( components: URLComponents, method: HTTPMethod = .GET, bodyClosure: () throws -> HTTPClientRequest.Body? = { nil }, headers: [(String, String)]? = nil, closure: (HTTPClientResponse) async throws -> T ) async throws -> T { guard let path = components.url?.absoluteString else { throw ContainerizationError(.invalidArgument, message: "invalid url \(components.path)") } var request = HTTPClientRequest(url: path) request.method = method var currentToken: TokenResponse? let token: String? = try await { if let basicAuth = authentication { return try await basicAuth.token() } return nil }() if let token { request.headers.add(name: "Authorization", value: "\(token)") } // Add any arbitrary headers headers?.forEach { (k, v) in request.headers.add(name: k, value: v) } var retryCount = 0 var response: HTTPClientResponse? while true { request.body = try bodyClosure() do { let _response = try await client.execute(request, deadline: .distantFuture) response = _response if _response.status == .unauthorized || _response.status == .forbidden { let authHeader = _response.headers[TokenRequest.authenticateHeaderName] let tokenRequest: TokenRequest do { tokenRequest = try self.createTokenRequest(parsing: authHeader) } catch { // The server did not tell us how to authenticate our requests, // Or we do not support scheme the server is requesting for. // Throw the 401/403 to the caller, and let them decide how to proceed. throw RegistryClient.Error.invalidStatus(url: path, _response.status, reason: String(describing: error)) } if let ct = currentToken, ct.isValid(scope: tokenRequest.scope) { break } do { let _currentToken = try await fetchToken(request: tokenRequest) guard let token = _currentToken.getToken() else { throw ContainerizationError(.internalError, message: "failed to fetch Bearer token") } currentToken = _currentToken request.headers.replaceOrAdd(name: "Authorization", value: token) retryCount += 1 } catch let err as RegistryClient.Error { guard case .invalidStatus(_, let status, _) = err else { throw err } if status == .unauthorized || status == .forbidden { throw RegistryClient.Error.invalidStatus(url: path, _response.status, reason: "access denied or wrong credentials") } throw err } continue } guard let retryOptions = self.retryOptions else { break } guard retryCount < retryOptions.maxRetries else { break } guard let shouldRetry = retryOptions.shouldRetry, shouldRetry(_response) else { break } retryCount += 1 try await Task.sleep(nanoseconds: retryOptions.retryInterval) continue } catch let err as RegistryClient.Error { throw err } catch { #if os(macOS) if let err = error as? NWError { if err.errorCode == kDNSServiceErr_NoSuchRecord { let message: String if let proxyURL = self.proxyURL, let proxyHost = proxyURL.host { message = "failed to resolve either repository hostname \(host()) or proxy hostname \(proxyHost)" } else { message = "failed to resolve either repository hostname \(host())" } throw ContainerizationError(.internalError, message: message) } } #endif guard let retryOptions = self.retryOptions, retryCount < retryOptions.maxRetries else { throw error } retryCount += 1 try await Task.sleep(nanoseconds: retryOptions.retryInterval) } } guard let response else { throw ContainerizationError(.internalError, message: "invalid response") } return try await closure(response) } internal func requestData( components: URLComponents, headers: [(String, String)]? = nil ) async throws -> Data { let bytes: ByteBuffer = try await requestBuffer(components: components, headers: headers) return Data(buffer: bytes) } internal func requestBuffer( components: URLComponents, headers: [(String, String)]? = nil ) async throws -> ByteBuffer { try await request(components: components, method: .GET, headers: headers) { response in guard response.status == .ok else { let url = components.url?.absoluteString ?? "unknown" let reason = await ErrorResponse.fromResponseBody(response.body)?.jsonString throw Error.invalidStatus(url: url, response.status, reason: reason) } return try await response.body.collect(upTo: self.bufferSize) } } internal func requestJSON( components: URLComponents, headers: [(String, String)]? = nil ) async throws -> T { let buffer = try await self.requestBuffer(components: components, headers: headers) return try JSONDecoder().decode(T.self, from: buffer) } /// A minimal endpoint, mounted at /v2/ will provide version support information based on its response statuses. /// See https://distribution.github.io/distribution/spec/api/#api-version-check public func ping() async throws { var components = base components.path = "/v2/" try await request(components: components) { response in guard response.status == .ok else { let url = components.url?.absoluteString ?? "unknown" let reason = await ErrorResponse.fromResponseBody(response.body)?.jsonString throw Error.invalidStatus(url: url, response.status, reason: reason) } } } } ================================================ FILE: Sources/ContainerizationOCI/Content/AsyncTypes.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// package actor AsyncStore { private var _value: T? package init(_ value: T? = nil) { self._value = value } package func get() -> T? { self._value } package func set(_ value: T) { self._value = value } } package actor AsyncSet { private var buffer: Set package init(_ elements: S) where S.Element == T { buffer = Set(elements) } package var count: Int { buffer.count } package func insert(_ element: T) { buffer.insert(element) } @discardableResult package func remove(_ element: T) -> T? { buffer.remove(element) } package func contains(_ element: T) -> Bool { buffer.contains(element) } } ================================================ FILE: Sources/ContainerizationOCI/Content/Content.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationExtras import Crypto import Foundation import NIOCore /// Protocol for defining a single OCI content public protocol Content: Sendable { /// URL to the content var path: URL { get } /// sha256 of content func digest() throws -> SHA256.Digest /// Size of content func size() throws -> UInt64 /// Data representation of entire content func data() throws -> Data /// Data representation partial content func data(offset: UInt64, length: Int) throws -> Data? /// Decode the content into an object func decode() throws -> T where T: Decodable } /// Protocol defining methods to fetch and push OCI content public protocol ContentClient: Sendable { func fetch(name: String, descriptor: Descriptor) async throws -> T func fetchBlob(name: String, descriptor: Descriptor, into file: URL, progress: ProgressHandler?) async throws -> (Int64, SHA256Digest) func fetchData(name: String, descriptor: Descriptor) async throws -> Data func push( name: String, ref: String, descriptor: Descriptor, streamGenerator: () throws -> T, progress: ProgressHandler? ) async throws where T.Element == ByteBuffer } ================================================ FILE: Sources/ContainerizationOCI/Content/ContentStoreProtocol.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Crypto import Foundation /// Protocol for defining a content store where OCI image metadata and layers will be managed /// and manipulated. public protocol ContentStore: Sendable { /// Retrieves a piece of Content based on the digest string. /// Returns `nil` if the requested digest is not found. func get(digest: String) async throws -> Content? /// Retrieves a specific content metadata type based on the digest string. /// Returns `nil` if the requested digest is not found. func get(digest: String) async throws -> T? /// Remove a list of digests in the content store. @discardableResult func delete(digests: [String]) async throws -> ([String], UInt64) /// Removes all content from the store except for the digests in the provided list. @discardableResult func delete(keeping: [String]) async throws -> ([String], UInt64) /// Creates a transactional write to the content store. /// The function takes a closure given a temporary `URL` of the base directory which all contents should be written to. /// This is transaction write where any failed operation in the closure (caught exception) will result in all contents written /// in the closure to be deleted. /// /// If the closure succeeds, then all the content that have been written to the temporary `URL` will be moved into the actual /// blobs path of the content store. @discardableResult func ingest(_ body: @Sendable @escaping (URL) async throws -> Void) async throws -> [String] /// Creates a new ingest session and returns the session ID and temporary ingest directory corresponding to the session. /// The contents from the ingest directory are processed and moved into the content store once the session is marked complete. /// This can be done by invoking the `completeIngestSession` method with the returned session ID. func newIngestSession() async throws -> (id: String, ingestDir: URL) /// Completes a previously started ingest session corresponding to `id`. /// The contents from the ingest directory from the session are moved into the content store atomically. /// Any failure encountered will result in a transaction failure causing none of the contents to be ingested into the store. @discardableResult func completeIngestSession(_ id: String) async throws -> [String] /// Cancels a previously started ingest session corresponding to `id`. /// The contents from the ingest directory corresponding to the session are removed. func cancelIngestSession(_ id: String) async throws } ================================================ FILE: Sources/ContainerizationOCI/Content/ContentWriter.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import Crypto import Foundation import NIOCore /// Provides a context to write data into a directory. public class ContentWriter { private let base: URL private let encoder = JSONEncoder() /// Create a new ContentWriter. /// - Parameters: /// - base: The URL to write content to. If this is not a directory a /// ContainerizationError will be thrown with a code of .internalError. public init(for base: URL) throws { self.encoder.outputFormatting = [JSONEncoder.OutputFormatting.sortedKeys] self.base = base var isDirectory = ObjCBool(true) let exists = FileManager.default.fileExists(atPath: base.path, isDirectory: &isDirectory) guard exists && isDirectory.boolValue else { throw ContainerizationError(.internalError, message: "cannot create ContentWriter for path \(base.absolutePath()), not a directory") } } /// Writes the data blob to the base URL provided in the constructor. /// - Parameters: /// - data: The data blob to write to a file under the base path. @discardableResult public func write(_ data: Data) throws -> (size: Int64, digest: SHA256.Digest) { let digest = SHA256.hash(data: data) let destination = base.appendingPathComponent(digest.encoded) try data.write(to: destination) return (Int64(data.count), digest) } /// Reads the data present in the passed in URL and writes it to the base path. /// - Parameters: /// - url: The URL to read the data from. @discardableResult public func create(from url: URL) throws -> (size: Int64, digest: SHA256.Digest) { let data = try Data(contentsOf: url) return try self.write(data) } /// Encodes the passed in type as a JSON blob and writes it to the base path. /// - Parameters: /// - content: The type to convert to JSON. @discardableResult public func create(from content: T) throws -> (size: Int64, digest: SHA256.Digest) { let data = try self.encoder.encode(content) return try self.write(data) } } ================================================ FILE: Sources/ContainerizationOCI/Content/LocalContent.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import Crypto import Foundation public final class LocalContent: Content { public let path: URL private let file: FileHandle public init(path: URL) throws { guard FileManager.default.fileExists(atPath: path.path) else { throw ContainerizationError(.notFound, message: "content at path \(path.absolutePath())") } self.file = try FileHandle(forReadingFrom: path) self.path = path } public func digest() throws -> SHA256.Digest { let bufferSize = 64 * 1024 // 64 KB var hasher = SHA256() try self.file.seek(toOffset: 0) while case let data = file.readData(ofLength: bufferSize), !data.isEmpty { hasher.update(data: data) } let digest = hasher.finalize() try self.file.seek(toOffset: 0) return digest } public func data(offset: UInt64 = 0, length size: Int = 0) throws -> Data? { try file.seek(toOffset: offset) if size == 0 { return try file.readToEnd() } return try file.read(upToCount: size) } public func data() throws -> Data { try Data(contentsOf: self.path) } public func size() throws -> UInt64 { let fileAttrs = try FileManager.default.attributesOfItem(atPath: self.path.absolutePath()) if let size = fileAttrs[FileAttributeKey.size] as? UInt64 { return size } throw ContainerizationError(.internalError, message: "could not determine file size for \(path.absolutePath())") } public func decode() throws -> T where T: Decodable { let json = JSONDecoder() let data = try Data(contentsOf: self.path) return try json.decode(T.self, from: data) } deinit { try? self.file.close() } } ================================================ FILE: Sources/ContainerizationOCI/Content/LocalContentStore.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // swiftlint:disable unused_optional_binding import ContainerizationError import ContainerizationExtras import Crypto import Foundation /// A `ContentStore` implementation that stores content on the local filesystem. public actor LocalContentStore: ContentStore { private static let encoder = JSONEncoder() private let _basePath: URL private let _ingestPath: URL private let _blobPath: URL private let _lock: AsyncLock private var activeIngestSessions: AsyncSet = AsyncSet([]) /// Create a new `LocalContentStore`. /// /// - Parameters: /// - path: The path where content should be written under. public init(path: URL) throws { let ingestPath = path.appendingPathComponent("ingest") let blobPath = path.appendingPathComponent("blobs/sha256") let fileManager = FileManager.default try fileManager.createDirectory(at: ingestPath, withIntermediateDirectories: true) try fileManager.createDirectory(at: blobPath, withIntermediateDirectories: true) self._basePath = path self._ingestPath = ingestPath self._blobPath = blobPath self._lock = AsyncLock() Self.encoder.outputFormatting = .sortedKeys } /// Get a piece of content from the store. Returns nil if not /// found. /// /// - Parameters: /// - digest: The string digest of the content. public func get(digest: String) throws -> Content? { let d = digest.trimmingDigestPrefix let path = self._blobPath.appendingPathComponent(d) do { return try LocalContent(path: path) } catch let err as ContainerizationError { switch err.code { case .notFound: return nil default: throw err } } } /// Get a piece of content from the store and return the decoded version of /// it. /// /// - Parameters: /// - digest: The string digest of the content. public func get(digest: String) throws -> T? { guard let content: Content = try self.get(digest: digest) else { return nil } return try content.decode() } /// Delete all content besides a set provided. /// /// - Parameters: /// - keeping: The set of string digests to keep. public func delete(keeping: [String]) async throws -> ([String], UInt64) { let fileManager = FileManager.default let all = try fileManager.contentsOfDirectory(at: self._blobPath, includingPropertiesForKeys: nil) let allDigests = Set(all.map { $0.lastPathComponent }) let toDelete = allDigests.subtracting(keeping) return try await self.delete(digests: Array(toDelete)) } /// Delete a specific set of content. /// /// - Parameters: /// - digests: Array of strings denoting the digests of the content to delete. @discardableResult public func delete(digests: [String]) async throws -> ([String], UInt64) { let store = AsyncStore<([String], UInt64)>() try await self._lock.withLock { context in let fileManager = FileManager.default var deleted: [String] = [] var deletedBytes: UInt64 = 0 for toDelete in digests { let p = self._blobPath.appendingPathComponent(toDelete) guard let content = try? LocalContent(path: p) else { continue } deletedBytes += try content.size() try fileManager.removeItem(at: p) deleted.append(toDelete) } await store.set((deleted, deletedBytes)) } return await store.get() ?? ([], 0) } /// Creates a transactional write to the content store. /// /// - Parameters: /// - body: Closure that is given a temporary `URL` of the base directory which all contents should be written to. /// This is a transaction write where any failed operation in the closure (caught exception) will result in all contents written /// in the closure to be deleted. If the closure succeeds, then all the content that have been written to the temporary `URL` /// will be moved into the actual blobs path of the content store. @discardableResult public func ingest(_ body: @Sendable @escaping (URL) async throws -> Void) async throws -> [String] { let (id, tempPath) = try await self.newIngestSession() try await body(tempPath) return try await self.completeIngestSession(id) } /// Creates a new ingest session and returns the session ID and temporary ingest directory corresponding to the session. /// The contents from the ingest directory are processed and moved into the content store once the session is marked complete. /// This can be done by invoking the `completeIngestSession` method with the returned session ID. public func newIngestSession() async throws -> (id: String, ingestDir: URL) { let id = UUID().uuidString let temporaryPath = self._ingestPath.appendingPathComponent(id) let fileManager = FileManager.default try fileManager.createDirectory(atPath: temporaryPath.path, withIntermediateDirectories: true) await self.activeIngestSessions.insert(id) return (id, temporaryPath) } /// Completes a previously started ingest session corresponding to `id`. The contents from the ingest /// directory from the session are moved into the content store atomically. Any failure encountered will /// result in a transaction failure causing none of the contents to be ingested into the store. /// - Parameters: /// - id: id of the ingest session to complete. @discardableResult public func completeIngestSession(_ id: String) async throws -> [String] { guard await activeIngestSessions.contains(id) else { throw ContainerizationError(.internalError, message: "invalid session id \(id)") } await activeIngestSessions.remove(id) let temporaryPath = self._ingestPath.appendingPathComponent(id) let fileManager = FileManager.default defer { try? fileManager.removeItem(at: temporaryPath) } let tempDigests: [URL] = try fileManager.contentsOfDirectory(at: temporaryPath, includingPropertiesForKeys: nil) return try await self._lock.withLock { context in var moved: [String] = [] let fileManager = FileManager.default do { try tempDigests.forEach { let digest = $0.lastPathComponent let target = self._blobPath.appendingPathComponent(digest) // only ingest if not exists if !fileManager.fileExists(atPath: target.path) { try fileManager.moveItem(at: $0, to: target) moved.append(digest) } } } catch { moved.forEach { try? fileManager.removeItem(at: self._blobPath.appendingPathComponent($0)) } throw error } return tempDigests.map { $0.lastPathComponent } } } /// Cancels a previously started ingest session corresponding to `id`. /// The contents from the ingest directory corresponding to the session are removed. /// - Parameters: /// - id: id of the ingest session to complete. public func cancelIngestSession(_ id: String) async throws { guard let _ = await self.activeIngestSessions.remove(id) else { return } let temporaryPath = self._ingestPath.appendingPathComponent(id) let fileManager = FileManager.default try? fileManager.removeItem(at: temporaryPath) } } ================================================ FILE: Sources/ContainerizationOCI/Content/SHA256+Extensions.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Crypto import Foundation extension SHA256.Digest { /// Returns the digest as a string. public var digestString: String { let parts = self.description.split(separator: ": ") return "sha256:\(parts[1])" } /// Returns the digest without a 'sha256:' prefix. public var encoded: String { let parts = self.description.split(separator: ": ") return String(parts[1]) } } ================================================ FILE: Sources/ContainerizationOCI/Content/String+Extension.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// extension String { /// Removes any prefix (sha256:) from a digest string. public var trimmingDigestPrefix: String { let split = self.split(separator: ":") if split.count == 2 { return String(split[1]) } return self } } ================================================ FILE: Sources/ContainerizationOCI/Content/URL+Extensions.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation extension URL { /// Returns the unescaped absolutePath of a URL joined by separator. public func absolutePath() -> String { #if os(macOS) return self.path(percentEncoded: false) #else return self.path #endif } /// Returns the domain name of a registry. public var domain: String? { guard let host = self.absoluteString.split(separator: ":").first else { return nil } return String(host) } } ================================================ FILE: Sources/ContainerizationOCI/Descriptor.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // Source: https://github.com/opencontainers/image-spec/blob/main/specs-go/v1/descriptor.go import Foundation /// Descriptor describes the disposition of targeted content. /// This structure provides `application/vnd.oci.descriptor.v1+json` mediatype /// when marshalled to JSON. public struct Descriptor: Codable, Sendable, Equatable { /// mediaType is the media type of the object this schema refers to. public let mediaType: String /// digest is the digest of the targeted content. public let digest: String /// size specifies the size in bytes of the blob. public let size: Int64 /// urls specifies a list of URLs from which this object MAY be downloaded. public let urls: [String]? /// annotations contains arbitrary metadata relating to the targeted content. public var annotations: [String: String]? /// platform describes the platform which the image in the manifest runs on. /// /// This should only be used when referring to a manifest. public var platform: Platform? /// artifactType specifies the IANA media type of the artifact. /// /// Used in referrers API responses to indicate the type of each referring artifact. public let artifactType: String? public init( mediaType: String, digest: String, size: Int64, urls: [String]? = nil, annotations: [String: String]? = nil, platform: Platform? = nil, artifactType: String? = nil ) { self.mediaType = mediaType self.digest = digest self.size = size self.urls = urls self.annotations = annotations self.platform = platform self.artifactType = artifactType } } ================================================ FILE: Sources/ContainerizationOCI/FileManager+Size.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation extension FileManager { func fileSize(atPath path: String) -> Int64? { do { let attributes = try attributesOfItem(atPath: path) guard let fileSize = attributes[.size] as? NSNumber else { return nil } return fileSize.int64Value } catch { return nil } } } ================================================ FILE: Sources/ContainerizationOCI/ImageConfig.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // Source: https://github.com/opencontainers/image-spec/blob/main/specs-go/v1/config.go import Foundation /// ImageConfig defines the execution parameters which should be used as a base when running a container using an image. public struct ImageConfig: Codable, Sendable { enum CodingKeys: String, CodingKey { case user = "User" case env = "Env" case entrypoint = "Entrypoint" case cmd = "Cmd" case workingDir = "WorkingDir" case labels = "Labels" case stopSignal = "StopSignal" } /// user defines the username or UID which the process in the container should run as. public let user: String? /// env is a list of environment variables to be used in a container. public let env: [String]? /// entrypoint defines a list of arguments to use as the command to execute when the container starts. public let entrypoint: [String]? /// cmd defines the default arguments to the entrypoint of the container. public let cmd: [String]? /// workingDir sets the current working directory of the entrypoint process in the container. public let workingDir: String? /// labels contains arbitrary metadata for the container. public let labels: [String: String]? /// stopSignal contains the system call signal that will be sent to the container to exit. public let stopSignal: String? public init( user: String? = nil, env: [String]? = nil, entrypoint: [String]? = nil, cmd: [String]? = nil, workingDir: String? = nil, labels: [String: String]? = nil, stopSignal: String? = nil ) { self.user = user self.env = env self.entrypoint = entrypoint self.cmd = cmd self.workingDir = workingDir self.labels = labels self.stopSignal = stopSignal } } /// RootFS describes a layer content addresses public struct Rootfs: Codable, Sendable { enum CodingKeys: String, CodingKey { case type case diffIDs = "diff_ids" } /// type is the type of the rootfs. public let type: String /// diffIDs is an array of layer content hashes (DiffIDs), in order from bottom-most to top-most. public let diffIDs: [String] public init(type: String, diffIDs: [String]) { self.type = type self.diffIDs = diffIDs } } /// History describes the history of a layer. public struct History: Codable, Sendable { enum CodingKeys: String, CodingKey { case created case createdBy = "created_by" case author case comment case emptyLayer = "empty_layer" } /// created is the combined date and time at which the layer was created, formatted as defined by RFC 3339, section 5.6. public let created: String? /// createdBy is the command which created the layer. public let createdBy: String? /// author is the author of the build point. public let author: String? /// comment is a custom message set when creating the layer. public let comment: String? /// emptyLayer is used to mark if the history item created a filesystem diff. public let emptyLayer: Bool? public init( created: String? = nil, createdBy: String? = nil, author: String? = nil, comment: String? = nil, emptyLayer: Bool? = nil ) { self.created = created self.createdBy = createdBy self.author = author self.comment = comment self.emptyLayer = emptyLayer } } /// Image is the JSON structure which describes some basic information about the image. /// This provides the `application/vnd.oci.image.config.v1+json` mediatype when marshalled to JSON. public struct Image: Codable, Sendable { /// created is the combined date and time at which the image was created, formatted as defined by RFC 3339, section 5.6. public let created: String? /// author defines the name and/or email address of the person or entity which created and is responsible for maintaining the image. public let author: String? /// architecture field specifies the CPU architecture, for example `amd64` or `ppc64`. public let architecture: String /// os specifies the operating system, for example `linux` or `windows`. public let os: String /// osVersion is an optional field specifying the operating system version, for example on Windows `10.0.14393.1066`. public let osVersion: String? /// osFeatures is an optional field specifying an array of strings, each listing a required OS feature (for example on Windows `win32k`). public let osFeatures: [String]? /// variant is an optional field specifying a variant of the CPU, for example `v7` to specify ARMv7 when architecture is `arm`. public let variant: String? /// config defines the execution parameters which should be used as a base when running a container using the image. public let config: ImageConfig? /// rootfs references the layer content addresses used by the image. public let rootfs: Rootfs /// history describes the history of each layer. public let history: [History]? public init( created: String? = nil, author: String? = nil, architecture: String, os: String, osVersion: String? = nil, osFeatures: [String]? = nil, variant: String? = nil, config: ImageConfig? = nil, rootfs: Rootfs, history: [History]? = nil ) { self.created = created self.author = author self.architecture = architecture self.os = os self.osVersion = osVersion self.osFeatures = osFeatures self.variant = variant self.config = config self.rootfs = rootfs self.history = history } } ================================================ FILE: Sources/ContainerizationOCI/Index.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // Source: https://github.com/opencontainers/image-spec/blob/main/specs-go/v1/index.go import Foundation /// Index references manifests for various platforms. /// This structure provides `application/vnd.oci.image.index.v1+json` mediatype when marshalled to JSON. public struct Index: Codable, Sendable { /// schemaVersion is the image manifest schema that this image follows public let schemaVersion: Int /// mediaType specifies the type of this document data structure e.g. `application/vnd.oci.image.index.v1+json` /// This field is optional per the OCI Image Index Specification (omitempty) public let mediaType: String /// manifests references platform specific manifests. public var manifests: [Descriptor] /// annotations contains arbitrary metadata for the image index. public var annotations: [String: String]? /// `subject` references another manifest this index is an artifact of. public let subject: Descriptor? /// `artifactType` specifies the IANA media type of the artifact this index represents. public let artifactType: String? public init( schemaVersion: Int = 2, mediaType: String = MediaTypes.index, manifests: [Descriptor], annotations: [String: String]? = nil, subject: Descriptor? = nil, artifactType: String? = nil ) { self.schemaVersion = schemaVersion self.mediaType = mediaType self.manifests = manifests self.annotations = annotations self.subject = subject self.artifactType = artifactType } public init(from decoder: Decoder) throws { let container = try decoder.container(keyedBy: CodingKeys.self) self.schemaVersion = try container.decode(Int.self, forKey: .schemaVersion) self.mediaType = try container.decodeIfPresent(String.self, forKey: .mediaType) ?? "" self.manifests = try container.decode([Descriptor].self, forKey: .manifests) self.annotations = try container.decodeIfPresent([String: String].self, forKey: .annotations) self.subject = try container.decodeIfPresent(Descriptor.self, forKey: .subject) self.artifactType = try container.decodeIfPresent(String.self, forKey: .artifactType) } } ================================================ FILE: Sources/ContainerizationOCI/Manifest.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // Source: https://github.com/opencontainers/image-spec/blob/main/specs-go/v1/manifest.go import Foundation /// Manifest provides `application/vnd.oci.image.manifest.v1+json` mediatype structure when marshalled to JSON. public struct Manifest: Codable, Sendable { /// `schemaVersion` is the image manifest schema that this image follows. public let schemaVersion: Int /// `mediaType` specifies the type of this document data structure, e.g. `application/vnd.oci.image.manifest.v1+json`. public let mediaType: String? /// `config` references a configuration object for a container, by digest. /// The referenced configuration object is a JSON blob that the runtime uses to set up the container. public let config: Descriptor /// `layers` is an indexed list of layers referenced by the manifest. public let layers: [Descriptor] /// `annotations` contains arbitrary metadata for the image manifest. public let annotations: [String: String]? /// `subject` references another manifest this manifest is an artifact of. public let subject: Descriptor? /// `artifactType` specifies the IANA media type of the artifact this manifest represents. public let artifactType: String? public init( schemaVersion: Int = 2, mediaType: String = MediaTypes.imageManifest, config: Descriptor, layers: [Descriptor], annotations: [String: String]? = nil, subject: Descriptor? = nil, artifactType: String? = nil ) { self.schemaVersion = schemaVersion self.mediaType = mediaType self.config = config self.layers = layers self.annotations = annotations self.subject = subject self.artifactType = artifactType } } ================================================ FILE: Sources/ContainerizationOCI/MediaType.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// MediaTypes represent all supported OCI image content types for both metadata and layer formats. /// Follows all distributable media types in: https://github.com/opencontainers/image-spec/blob/main/specs-go/v1/mediatype.go public struct MediaTypes: Codable, Sendable { /// Specifies the media type for a content descriptor. public static let descriptor = "application/vnd.oci.descriptor.v1+json" /// Specifies the media type for the oci-layout. public static let layoutHeader = "application/vnd.oci.layout.header.v1+json" /// Specifies the media type for an image index. public static let index = "application/vnd.oci.image.index.v1+json" /// Specifies the media type for an image manifest. public static let imageManifest = "application/vnd.oci.image.manifest.v1+json" /// Specifies the media type for the image configuration. public static let imageConfig = "application/vnd.oci.image.config.v1+json" /// Specifies the media type for an unused blob containing the value "{}". public static let emptyJSON = "application/vnd.oci.empty.v1+json" /// Specifies the media type for a Docker image manifest. public static let dockerManifest = "application/vnd.docker.distribution.manifest.v2+json" /// Specifies the media type for a Docker image manifest list. public static let dockerManifestList = "application/vnd.docker.distribution.manifest.list.v2+json" /// The Docker media type used for image configurations. public static let dockerImageConfig = "application/vnd.docker.container.image.v1+json" /// The media type used for layers referenced by the manifest. public static let imageLayer = "application/vnd.oci.image.layer.v1.tar" /// The media type used for gzipped layers referenced by the manifest. public static let imageLayerGzip = "application/vnd.oci.image.layer.v1.tar+gzip" /// The media type used for zstd compressed layers referenced by the manifest. public static let imageLayerZstd = "application/vnd.oci.image.layer.v1.tar+zstd" /// The Docker media type used for uncompressed layers referenced by an image manifest. public static let dockerImageLayer = "application/vnd.docker.image.rootfs.diff.tar" /// The Docker media type used for gzipped layers referenced by an image manifest. public static let dockerImageLayerGzip = "application/vnd.docker.image.rootfs.diff.tar.gzip" /// The Docker media type used for zstd compressed layers referenced by an image manifest. public static let dockerImageLayerZstd = "application/vnd.docker.image.rootfs.diff.tar.zstd" /// The media type used for in-toto attestations blobs. public static let inTotoAttestationBlob = "application/vnd.in-toto+json" } ================================================ FILE: Sources/ContainerizationOCI/Platform.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // Source: https://github.com/opencontainers/image-spec/blob/main/specs-go/v1/config.go import ContainerizationError import Foundation /// Platform describes the platform which the image in the manifest runs on. public struct Platform: Sendable, Equatable { public static var current: Self { var systemInfo = utsname() uname(&systemInfo) let arch = withUnsafePointer(to: &systemInfo.machine) { $0.withMemoryRebound(to: CChar.self, capacity: 1) { String(cString: $0) } } switch arch { case "arm64": return .init(arch: "arm64", os: "linux", variant: "v8") case "x86_64": return .init(arch: "amd64", os: "linux") default: fatalError("unsupported arch \(arch)") } } /// The computed description, for example, `linux/arm64/v8`. public var description: String { let architecture = architecture if let variant = variant { return "\(os)/\(architecture)/\(variant)" } return "\(os)/\(architecture)" } /// The CPU architecture, for example, `amd64` or `ppc64`. public var architecture: String { switch _rawArch { case "arm64", "aarch64": return "arm64" case "x86_64", "x86-64", "amd64": return "amd64" case "386", "ppc64le", "i386", "s390x", "riscv64": return _rawArch default: return _rawArch } } /// The operating system, for example, `linux` or `windows`. public var os: String { _rawOS } /// An optional field specifying the operating system version, for example on Windows `10.0.14393.1066`. public var osVersion: String? /// An optional field specifying an array of strings, each listing a required OS feature (for example on Windows `win32k`). public var osFeatures: [String]? /// An optional field specifying a variant of the CPU, for example `v7` to specify ARMv7 when architecture is `arm`. public var variant: String? /// The operation system of the image (eg. `linux`). private let _rawOS: String /// The CPU architecture (eg. `arm64`). private let _rawArch: String public init(arch: String, os: String, osVersion: String? = nil, osFeatures: [String]? = nil, variant: String? = nil) { self._rawArch = arch self._rawOS = os self.osVersion = osVersion self.osFeatures = osFeatures self.variant = variant } /// Initializes a new platform from a string. /// - Parameters: /// - platform: A `string` value representing the platform. /// ```swift /// // Create a new `ImagePlatform` from string. /// let platform = try Platform(from: "linux/amd64") /// ``` /// ## Throws ## /// - Throws: `Error.missingOS` if input is empty /// - Throws: `Error.invalidOS` if os is not `linux` /// - Throws: `Error.missingArch` if only one `/` is present /// - Throws: `Error.invalidArch` if an unrecognized architecture is provided /// - Throws: `Error.invalidVariant` if a variant is provided, and it does not apply to the specified architecture public init(from platform: String) throws { let items = platform.split(separator: "/", maxSplits: 1) guard let osValue = items.first else { throw ContainerizationError(.invalidArgument, message: "missing OS in \(platform)") } switch osValue { case "linux": _rawOS = osValue.description case "darwin": _rawOS = osValue.description case "windows": _rawOS = osValue.description default: throw ContainerizationError(.invalidArgument, message: "unknown OS in \(osValue)") } guard items.count > 1 else { throw ContainerizationError(.invalidArgument, message: "missing architecture in \(platform)") } guard let archItems = items.last?.split(separator: "/", maxSplits: 1, omittingEmptySubsequences: false) else { throw ContainerizationError(.invalidArgument, message: "missing architecture in \(platform)") } guard let archName = archItems.first else { throw ContainerizationError(.invalidArgument, message: "missing architecture in \(platform)") } switch archName { case "arm", "armhf", "armel": _rawArch = "arm" variant = "v7" case "aarch64", "arm64": variant = "v8" _rawArch = "arm64" case "x86_64", "x86-64", "amd64": _rawArch = "amd64" default: _rawArch = archName.description } if archItems.count == 2 { guard let archVariant = archItems.last else { throw ContainerizationError(.invalidArgument, message: "missing variant in \(platform)") } switch archName { case "arm": switch archVariant { case "v5", "v6", "v7", "v8": variant = archVariant.description default: throw ContainerizationError(.invalidArgument, message: "invalid variant \(archVariant)") } case "armhf": switch archVariant { case "v7": variant = "v7" default: throw ContainerizationError(.invalidArgument, message: "invalid variant \(archVariant)") } case "armel": switch archVariant { case "v6": variant = "v6" default: throw ContainerizationError(.invalidArgument, message: "invalid variant \(archVariant)") } case "aarch64", "arm64": switch archVariant { case "v8", "8": variant = "v8" default: throw ContainerizationError(.invalidArgument, message: "invalid variant \(archVariant)") } case "x86_64", "x86-64", "amd64": switch archVariant { case "v1": variant = nil default: throw ContainerizationError(.invalidArgument, message: "invalid variant \(archVariant)") } case "i386", "386", "ppc64le", "riscv64": throw ContainerizationError(.invalidArgument, message: "invalid variant \(archVariant)") default: throw ContainerizationError(.invalidArgument, message: "invalid variant \(archVariant)") } } } } extension Platform: Hashable { /// `~=` compares two platforms to check if **lhs** platform images are compatible with **rhs** platform /// This operator can be used to check if an image of **lhs** platform can run on **rhs**: /// - `true`: when **rhs**=`arm/v8`, **lhs** is any of `arm/v8`, `arm/v7`, `arm/v6` and `arm/v5` /// - `true`: when **rhs**=`arm/v7`, **lhs** is any of `arm/v7`, `arm/v6` and `arm/v5` /// - `true`: when **rhs**=`arm/v6`, **lhs** is any of `arm/v6` and `arm/v5` /// - `true`: when **rhs**=`amd64`, **lhs** is any of `amd64` and `386` /// - `true`: when **rhs**=**lhs** /// - `false`: otherwise /// - Parameters: /// - lhs: platform whose compatibility is being checked /// - rhs: platform against which compatibility is being checked /// - Returns: `true | false` public static func ~= (lhs: Platform, rhs: Platform) -> Bool { if lhs.os == rhs.os { if lhs._rawArch == rhs._rawArch { switch rhs._rawArch { case "arm": guard let lVariant = lhs.variant else { return lhs == rhs } guard let rVariant = rhs.variant else { return lhs == rhs } switch rVariant { case "v8": switch lVariant { case "v5", "v6", "v7", "v8": return true default: return false } case "v7": switch lVariant { case "v5", "v6", "v7": return true default: return false } case "v6": switch lVariant { case "v5", "v6": return true default: return false } default: return lhs == rhs } default: return lhs == rhs } } if lhs._rawArch == "386" && rhs._rawArch == "amd64" { return true } } return false } /// `==` compares if **lhs** and **rhs** are the exact same platforms. public static func == (lhs: Platform, rhs: Platform) -> Bool { // NOTE: // If the platform struct was created by setting the fields directly and not using (from: String) // then, there is a possibility that for arm64 architecture, the variant may be set to nil // In that case, the variant should be assumed to v8 if lhs.architecture == "arm64" && rhs.architecture == "arm64" { // The following checks effectively verify // that one operand has nil value and other has "v8" if lhs.variant == nil || rhs.variant == nil { if lhs.variant == "v8" || rhs.variant == "v8" { return true } } } let osEqual = lhs.os == rhs.os let archEqual = lhs.architecture == rhs.architecture let variantEqual = lhs.variant == rhs.variant return osEqual && archEqual && variantEqual } public func hash(into hasher: inout Swift.Hasher) { hasher.combine(description) } } extension Platform: Codable { enum CodingKeys: String, CodingKey { case os = "os" case architecture = "architecture" case variant = "variant" } public func encode(to encoder: Encoder) throws { var container = encoder.container(keyedBy: CodingKeys.self) try container.encode(os, forKey: .os) try container.encode(architecture, forKey: .architecture) try container.encodeIfPresent(variant, forKey: .variant) } public init(from decoder: Decoder) throws { let container = try decoder.container(keyedBy: CodingKeys.self) let architecture = try container.decodeIfPresent(String.self, forKey: .architecture) guard let architecture else { throw ContainerizationError(.invalidArgument, message: "missing architecture") } let os = try container.decodeIfPresent(String.self, forKey: .os) guard let os else { throw ContainerizationError(.invalidArgument, message: "missing OS") } let variant = try container.decodeIfPresent(String.self, forKey: .variant) self.init(arch: architecture, os: os, variant: variant) } } public func createPlatformMatcher(for platform: Platform?) -> @Sendable (Platform) -> Bool { if let platform { return { other in platform == other } } return { _ in true } } public func filterPlatforms(matcher: (Platform) -> Bool, _ descriptors: [Descriptor]) throws -> [Descriptor] { var outDescriptors: [Descriptor] = [] for desc in descriptors { guard let p = desc.platform else { // pass along descriptor if the platform is not defined outDescriptors.append(desc) continue } if matcher(p) { outDescriptors.append(desc) } } return outDescriptors } ================================================ FILE: Sources/ContainerizationOCI/Reference.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import Foundation // nameTotalLengthMax matches the OCI distribution spec which allows up to 255 bytes for the // repository name component (domain + "/" + path). private let nameTotalLengthMax = 255 // referenceTotalLengthMax is the upper bound for the full reference string: max name (255) + // separator (1) + max tag length (128) = 384. private let tagLengthMax = 128 private let referenceTotalLengthMax = nameTotalLengthMax + 1 + tagLengthMax private let legacyDockerRegistryHost = "docker.io" private let dockerRegistryHost = "registry-1.docker.io" private let defaultDockerRegistryRepo = "library" private let defaultTag = "latest" /// A Reference is composed of the various parts of an OCI image reference. /// For example: /// let imageReference = "my-registry.com/repository/image:tag2" /// let reference = Reference.parse(imageReference) /// print(reference.domain!) // gives us "my-registry.com" /// print(reference.name) // gives us "my-registry.com/repository/image" /// print(reference.path) // gives us "repository/image" /// print(reference.tag!) // gives us "tag2" /// print(reference.digest) // gives us "nil" public class Reference: CustomStringConvertible { private var _domain: String? public var domain: String? { _domain } public var resolvedDomain: String? { if let d = _domain { return Self.resolveDomain(domain: d) } return nil } private var _path: String public var path: String { _path } private var _tag: String? public var tag: String? { _tag } private var _digest: String? public var digest: String? { _digest } public var name: String { if let domain, !domain.isEmpty { return "\(domain)/\(path)" } return path } public var description: String { if let tag { return "\(name):\(tag)" } if let digest { return "\(name)@\(digest)" } return name } static let identifierPattern = "([a-f0-9]{64})" static let domainPattern = { let domainNameComponent = "(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])" let optionalPort = "(?::[0-9]+)?" let ipv6address = "\\[(?:[a-fA-F0-9:]+)\\]" let domainName = "\(domainNameComponent)(?:\\.\(domainNameComponent))*" let host = "(?:\(domainName)|\(ipv6address))" let domainAndPort = "\(host)\(optionalPort)" return domainAndPort }() static let pathPattern = "(?(?:[a-z0-9]+(?:[._]|__|-|/)?)*[a-z0-9]+)" static let tagPattern = "(?::(?[\\w][\\w.-]{0,127}))?(?:@(?sha256:[0-9a-fA-F]{64}))?" static let pathTagPattern = "\(pathPattern)\(tagPattern)" public init(path: String, domain: String? = nil, tag: String? = nil, digest: String? = nil) throws { if let domain, !domain.isEmpty { self._domain = domain } self._path = path self._tag = tag self._digest = digest } public static func parse(_ s: String) throws -> Reference { if s.count > referenceTotalLengthMax { throw ContainerizationError(.invalidArgument, message: "reference length \(s.count) greater than \(referenceTotalLengthMax)") } let identifierRegex = try Regex(Self.identifierPattern) guard try identifierRegex.wholeMatch(in: s) == nil else { throw ContainerizationError(.invalidArgument, message: "cannot specify 64 byte hex string as reference") } let (domain, remainder) = try Self.parseDomain(from: s) let constructedRawReference: String = remainder if let domain { let domainRegex = try Regex(domainPattern) guard try domainRegex.wholeMatch(in: domain) != nil else { throw ContainerizationError(.invalidArgument, message: "invalid domain \(domain) for reference \(s)") } } let fields = try constructedRawReference.matches(regex: pathTagPattern) guard let path = fields["path"] else { throw ContainerizationError(.invalidArgument, message: "cannot parse path for reference \(s)") } let ref = try Reference(path: path, domain: domain) if ref.name.count > nameTotalLengthMax { throw ContainerizationError(.invalidArgument, message: "repo length \(ref.name.count) greater than \(nameTotalLengthMax)") } // Extract tag and digest let tag = fields["tag"] ?? "" let digest = fields["digest"] ?? "" if !digest.isEmpty { return try ref.withDigest(digest) } else if !tag.isEmpty { return try ref.withTag(tag) } return ref } private static func parseDomain(from s: String) throws -> (domain: String?, remainder: String) { var domain: String? = nil var path: String = s let charset = CharacterSet(charactersIn: ".:") let splits = s.split(separator: "/", maxSplits: 1) guard splits.count == 2 else { if s.starts(with: "localhost") { return (s, "") } return (nil, s) } let _domain = String(splits[0]) let _path = String(splits[1]) if _domain.starts(with: "localhost") || _domain.rangeOfCharacter(from: charset) != nil { domain = _domain path = _path } return (domain, path) } public static func withName(_ name: String) throws -> Reference { if name.count > nameTotalLengthMax { throw ContainerizationError(.invalidArgument, message: "name length \(name.count) greater than \(nameTotalLengthMax)") } let fields = try name.matches(regex: Self.domainPattern) // Extract domain and path let domain = fields["domain"] ?? "" let path = fields["path"] ?? "" if domain.isEmpty || path.isEmpty { throw ContainerizationError(.invalidArgument, message: "image reference domain or path is empty") } return try Reference(path: path, domain: domain) } public func withTag(_ tag: String) throws -> Reference { var tag = tag if !tag.starts(with: ":") { tag = ":" + tag } let fields = try tag.matches(regex: Self.tagPattern) tag = fields["tag"] ?? "" if tag.isEmpty { throw ContainerizationError(.invalidArgument, message: "invalid format for image reference, missing tag") } return try Reference(path: self.path, domain: self.domain, tag: tag) } public func withDigest(_ digest: String) throws -> Reference { var digest = digest if !digest.starts(with: "@") { digest = "@" + digest } let fields = try digest.matches(regex: Self.tagPattern) digest = fields["digest"] ?? "" if digest.isEmpty { throw ContainerizationError(.invalidArgument, message: "invalid format for image reference, missing digest") } return try Reference(path: self.path, domain: self.domain, digest: digest) } private static func splitDomain(_ name: String) -> (domain: String, path: String) { let parts = name.split(separator: "/") guard parts.count == 2 else { return ("", name) } return (String(parts[0]), String(parts[1])) } /// Normalize the reference object. /// Normalization is useful in cases where the reference object is to be used to /// fetch/push an image from/to a remote registry. /// It does the following: /// - Adds a default tag of "latest" if the reference had no tag/digest set. /// - If the domain is "registry-1.docker.io" or "docker.io" and the path has no repository set, /// it adds a default "library/" repository name. public func normalize() { if let domain = self.domain, domain == dockerRegistryHost || domain == legacyDockerRegistryHost { // Check if the image is being referenced by a named tag. // If it is, and a repository is not specified, prefix it with "library/". // This needs to be done only if we are using the Docker registry. if !self.path.contains("/") { self._path = "\(defaultDockerRegistryRepo)/\(self._path)" } } let identifier = self._tag ?? self._digest if identifier == nil { // If the user did not specify a tag or a digest for the reference, set the tag to "latest". self._tag = defaultTag } } public static func resolveDomain(domain: String) -> String { if domain == legacyDockerRegistryHost { return dockerRegistryHost } return domain } } extension String { func matches(regex: String) throws -> [String: String] { do { let regex = try NSRegularExpression(pattern: regex, options: []) let nsRange = NSRange(self.startIndex.. [String] { let pattern = self.pattern let regex = try NSRegularExpression(pattern: "\\(\\?<(\\w+)>", options: []) let nsRange = NSRange(pattern.startIndex.. { let (stream, cont) = AsyncStream.makeStream(of: Int32.self) self.state.withLock { $0.conts.append(cont) } cont.onTermination = { @Sendable _ in self.cancel() } return stream } /// Cancel every AsyncStream of signals, as well as the underlying /// DispatchSignalSource's for each registered signal. public func cancel() { self.state.withLock { if $0.conts.isEmpty { return } for cont in $0.conts { cont.finish() } for source in $0.sources { source.cancel() } $0.conts.removeAll() $0.sources.removeAll() } } struct State: Sendable { var conts: [AsyncStream.Continuation] = [] // `sources` isn't used concurrently. nonisolated(unsafe) var sources: [any DispatchSourceSignal] = [] } // We keep a reference to the continuation object that is created for // our AsyncStream and tell our signal handler to yield a value to it // returning a value to the consumer private func handler(_ sig: Int32) { self.state.withLock { for cont in $0.conts { cont.yield(sig) } } } private let state: Mutex = .init(State()) /// Create a new `AsyncSignalHandler` for the list of given signals `notify`. /// The default signal handlers for these signals are removed and async handlers /// added in their place. The async signal handlers that are installed simply /// yield to a stream if and when a signal is caught. public static func create(notify on: [Int32]) -> AsyncSignalHandler { let out = AsyncSignalHandler() var sources = [any DispatchSourceSignal]() for sig in on { signal(sig, SIG_IGN) let source = DispatchSource.makeSignalSource(signal: sig) source.setEventHandler { out.handler(sig) } source.resume() // Retain a reference to our signal sources so that they // do not go out of scope. sources.append(source) } out.state.withLock { $0.sources = sources } return out } } ================================================ FILE: Sources/ContainerizationOS/BinaryInteger+Extensions.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// extension BinaryInteger { private func toUnsignedMemoryAmount(_ amount: UInt64) -> UInt64 { guard self >= 0 else { fatalError("encountered negative number during conversion to memory amount") } let val = UInt64(self) let (newVal, overflow) = val.multipliedReportingOverflow(by: amount) guard !overflow else { fatalError("UInt64 overflow when converting to memory amount") } return newVal } public func kib() -> UInt64 { self.toUnsignedMemoryAmount(1 << 10) } public func mib() -> UInt64 { self.toUnsignedMemoryAmount(1 << 20) } public func gib() -> UInt64 { self.toUnsignedMemoryAmount(1 << 30) } public func tib() -> UInt64 { self.toUnsignedMemoryAmount(1 << 40) } public func pib() -> UInt64 { self.toUnsignedMemoryAmount(1 << 50) } } ================================================ FILE: Sources/ContainerizationOS/Command.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import CShim import Foundation import Synchronization #if canImport(Darwin) import Darwin private let _kill = Darwin.kill #elseif canImport(Musl) import Musl private let _kill = Musl.kill #elseif canImport(Glibc) import Glibc private let _kill = Glibc.kill #endif /// Use a command to run an executable. public struct Command: Sendable { /// Path to the executable binary. public var executable: String /// Arguments provided to the binary. public var arguments: [String] /// Environment variables for the process. public var environment: [String] /// The directory where the process should execute. public var directory: String? /// Additional files to pass to the process. public var extraFiles: [FileHandle] /// The standard input. public var stdin: FileHandle? /// The standard output. public var stdout: FileHandle? /// The standard error. public var stderr: FileHandle? private let state: State /// System level attributes to set on the process. public struct Attrs: Sendable { /// Set pgroup for the new process. public var setPGroup: Bool /// Make the new process group the foreground process group (requires setPGroup). public var setForegroundPGroup: Bool /// Inherit the real uid/gid of the parent. public var resetIDs: Bool /// Reset the child's signal handlers to the default. public var setSignalDefault: Bool /// The initial signal mask for the process. public var signalMask: UInt32 /// Create a new session for the process. public var setsid: Bool /// Set the controlling terminal for the process to fd 0. public var setctty: Bool /// Set the process user ID. public var uid: UInt32? /// Set the process group ID. public var gid: UInt32? /// Signal to send when parent process dies (Linux only). public var pdeathSignal: Int32? public init( setPGroup: Bool = false, setForegroundPGroup: Bool = false, resetIDs: Bool = false, setSignalDefault: Bool = true, signalMask: UInt32 = 0, setsid: Bool = false, setctty: Bool = false, uid: UInt32? = nil, gid: UInt32? = nil, pdeathSignal: Int32? = nil ) { self.setPGroup = setPGroup self.setForegroundPGroup = setForegroundPGroup self.resetIDs = resetIDs self.setSignalDefault = setSignalDefault self.signalMask = signalMask self.setsid = setsid self.setctty = setctty self.uid = uid self.gid = gid self.pdeathSignal = pdeathSignal } } private final class State: Sendable { let pid: Atomic = Atomic(-1) } /// Attributes to set on the process. public var attrs = Attrs() /// System level process identifier. public var pid: Int32 { self.state.pid.load(ordering: .acquiring) } public init( _ executable: String, arguments: [String] = [], environment: [String] = environment(), directory: String? = nil, extraFiles: [FileHandle] = [] ) { self.executable = executable self.arguments = arguments self.environment = environment self.extraFiles = extraFiles self.directory = directory self.state = State() } public static func environment() -> [String] { ProcessInfo.processInfo.environment .map { "\($0)=\($1)" } } } extension Command { public enum Error: Swift.Error, CustomStringConvertible { case processRunning public var description: String { switch self { case .processRunning: return "the process is already running" } } } } extension Command { @discardableResult public func kill(_ signal: Int32) -> Int32? { let pid = self.pid guard pid > 0 else { return nil } return _kill(pid, signal) } } extension Command { /// Start the process. public func start() throws { guard self.pid == -1 else { throw Error.processRunning } let child = try execute() self.state.pid.store(child, ordering: .releasing) } /// Wait for the process to exit and return the exit status. @discardableResult public func wait() throws -> Int32 { var rus = rusage() var ws = Int32() let pid = self.pid guard pid > 0 else { return -1 } let result = wait4(pid, &ws, 0, &rus) guard result == pid else { throw POSIXError(.init(rawValue: errno)!) } return Self.toExitStatus(ws) } private func execute() throws -> pid_t { var attrs = exec_command_attrs() exec_command_attrs_init(&attrs) let set = try createFileset() defer { for nullHandle in set.nullHandles { try? nullHandle.close() } } var fds = [Int32](repeating: 0, count: set.handles.count) for (i, handle) in set.handles.enumerated() { fds[i] = handle.fileDescriptor } attrs.setsid = self.attrs.setsid ? 1 : 0 attrs.setctty = self.attrs.setctty ? 1 : 0 attrs.setpgid = self.attrs.setPGroup ? 1 : 0 attrs.setfgpgrp = self.attrs.setForegroundPGroup ? 1 : 0 var cwdPath: UnsafeMutablePointer? if let chdir = self.directory { cwdPath = strdup(chdir) } defer { if let cwdPath { free(cwdPath) } } if let uid = self.attrs.uid { attrs.uid = uid } if let gid = self.attrs.gid { attrs.gid = gid } if let pdeathSignal = self.attrs.pdeathSignal { attrs.pdeathSignal = pdeathSignal } var pid: pid_t = 0 var argv = ([executable] + arguments).map { strdup($0) } + [nil] defer { for arg in argv where arg != nil { free(arg) } } let env = environment.map { strdup($0) } + [nil] defer { for e in env where e != nil { free(e) } } let result = fds.withUnsafeBufferPointer { file_handles in exec_command( &pid, argv[0], &argv, env, file_handles.baseAddress!, Int32(file_handles.count), cwdPath ?? nil, &attrs) } guard result == 0 else { throw POSIXError(.init(rawValue: errno)!) } return pid } /// Create a posix_spawn file actions set of fds to pass to the new process private func createFileset() throws -> (nullHandles: [FileHandle], handles: [FileHandle]) { // grab dev null handles for different purposes let nullRead = try openDevNull(flags: O_RDONLY) let nullWrite = try openDevNull(flags: O_WRONLY) var files = [FileHandle]() files.append(stdin ?? nullRead) files.append(stdout ?? nullWrite) files.append(stderr ?? nullWrite) files.append(contentsOf: extraFiles) return (nullHandles: [nullRead, nullWrite], handles: files) } /// Returns a file handle to /dev/null with the specified flags. private func openDevNull(flags: Int32) throws -> FileHandle { let fd = open("/dev/null", flags, 0) guard fd >= 0 else { throw POSIXError(.init(rawValue: errno)!) } return FileHandle(fileDescriptor: fd, closeOnDealloc: false) } } extension Command { private static let signalOffset: Int32 = 128 private static let shift: Int32 = 8 private static let mask: Int32 = 0x7F private static let stopped: Int32 = 0x7F private static let exited: Int32 = 0x00 static func signaled(_ ws: Int32) -> Bool { ws & mask != stopped && ws & mask != exited } static func exited(_ ws: Int32) -> Bool { ws & mask == exited } static func exitStatus(_ ws: Int32) -> Int32 { let r: Int32 #if os(Linux) r = ws >> shift & 0xFF #else r = ws >> shift #endif return r } public static func toExitStatus(_ ws: Int32) -> Int32 { if signaled(ws) { // We use the offset as that is how existing container // runtimes minic bash for the status when signaled. return Int32(Self.signalOffset + ws & mask) } if exited(ws) { return exitStatus(ws) } return ws } } private func WIFEXITED(_ status: Int32) -> Bool { _WSTATUS(status) == 0 } private func _WSTATUS(_ status: Int32) -> Int32 { status & 0x7f } private func WIFSIGNALED(_ status: Int32) -> Bool { (_WSTATUS(status) != 0) && (_WSTATUS(status) != 0x7f) } private func WEXITSTATUS(_ status: Int32) -> Int32 { (status >> 8) & 0xff } private func WTERMSIG(_ status: Int32) -> Int32 { status & 0x7f } ================================================ FILE: Sources/ContainerizationOS/File.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// Trivial type to discover information about a given file (uid, gid, mode...). public struct File: Sendable { /// `File` errors. public enum Error: Swift.Error, CustomStringConvertible { case errno(_ e: Int32) public var description: String { switch self { case .errno(let code): return "errno \(code)" } } } /// Returns a `FileInfo` struct with information about the file. /// - Parameters: /// - url: The path to the file. public static func info(_ url: URL) throws -> FileInfo { try info(url.path) } /// Returns a `FileInfo` struct with information about the file. /// - Parameters: /// - path: The path to the file as a string. public static func info(_ path: String) throws -> FileInfo { var st = stat() guard lstat(path, &st) == 0 else { throw Error.errno(errno) } return FileInfo(path, stat: st) } } /// `FileInfo` holds and provides easy access to stat(2) data /// for a file. public struct FileInfo: Sendable { private let _stat_t: Foundation.stat private let _path: String init(_ path: String, stat: stat) { self._path = path self._stat_t = stat } /// mode_t for the file. public var mode: mode_t { self._stat_t.st_mode } /// The files uid. public var uid: Int { Int(self._stat_t.st_uid) } /// The files gid. public var gid: Int { Int(self._stat_t.st_gid) } /// The filesystem ID the file belongs to. public var dev: Int { Int(self._stat_t.st_dev) } /// The files inode number. public var ino: Int { Int(self._stat_t.st_ino) } /// The size of the file. public var size: Int { Int(self._stat_t.st_size) } /// The path to the file. public var path: String { self._path } /// Returns if the file is a directory. public var isDirectory: Bool { mode & S_IFMT == S_IFDIR } /// Returns if the file is a pipe. public var isPipe: Bool { mode & S_IFMT == S_IFIFO } /// Returns if the file is a socket. public var isSocket: Bool { mode & S_IFMT == S_IFSOCK } /// Returns if the file is a link. public var isLink: Bool { mode & S_IFMT == S_IFLNK } /// Returns if the file is a regular file. public var isRegularFile: Bool { mode & S_IFMT == S_IFREG } /// Returns if the file is a block device. public var isBlock: Bool { mode & S_IFMT == S_IFBLK } /// Returns if the file is a character device. public var isChar: Bool { mode & S_IFMT == S_IFCHR } } ================================================ FILE: Sources/ContainerizationOS/FileDescriptor+SecurePath.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import SystemPackage #if canImport(Darwin) import Darwin let os_dup = Darwin.dup #elseif canImport(Musl) import CSystem import Musl let os_dup = Musl.dup #elseif canImport(Glibc) import Glibc let os_dup = Glibc.dup #endif extension FileDescriptor { /// Creates a directory relative to the FileDescriptor, rejecting /// paths that traverse symlinks. /// /// - Parameters: /// - relativePath: The path to the directory to create, relative to the FileDescriptor /// - permissions: The permissions to give the directory (default is 0o755) /// - makeIntermediates: Create or replace intermediate components as needed /// - completion: A function that operates on the new directory /// - Throws: `SecurePathError` if path validation or system errors occur public func mkdirSecure( _ relativePath: FilePath, permissions: FilePermissions? = nil, makeIntermediates: Bool = false, completion: (FileDescriptor) throws -> Void = { _ in } ) throws { try Self.validateRelativePath(relativePath) try mkdirSecure( relativePath.components, permissions: permissions, makeIntermediates: makeIntermediates, completion: completion ) } /// Recursively removes a direct child of a directory FileDescriptor. /// /// - Parameters: /// - filename: The name of the child file /// - Throws: `SecurePathError` if system errors occur public func unlinkRecursiveSecure(filename: FilePath.Component) throws { guard filename.string != "." && filename.string != ".." else { return } // Try to remove as a file, and continue if the remove fails. guard unlinkat(self.rawValue, filename.string, 0) != 0 else { return } // Return if the file already doesn't exist. guard errno != ENOENT else { return } // If the file is not a directory, then throw a real error. guard errno == EPERM || errno == EISDIR else { throw SecurePathError.systemError("file removal during secure unlink", errno) } // Get the fd for the next path component. let componentFd = openat(self.rawValue, filename.string, O_NOFOLLOW | O_RDONLY | O_DIRECTORY) guard componentFd >= 0 else { throw SecurePathError.systemError("directory open during secure unlink", errno) } let componentFileDescriptor = FileDescriptor(rawValue: componentFd) defer { try? componentFileDescriptor.close() } // Open the directory stream using a duplicate fd that closedir() will close. let ownedFd = os_dup(componentFd) guard let dir = fdopendir(ownedFd) else { throw SecurePathError.systemError("directory opendir during secure unlink", errno) } defer { closedir(dir) } // Recurse into each directory entry. while let entry = readdir(dir) { let childComponent = withUnsafePointer(to: entry.pointee.d_name) { $0.withMemoryRebound(to: UInt8.self, capacity: Int(NAME_MAX) + 1) { let name = String(decodingCString: $0, as: UTF8.self) return FilePath.Component(name) } } guard let childComponent else { throw SecurePathError.systemError("directory entry processing during secure unlink", errno) } try componentFileDescriptor.unlinkRecursiveSecure(filename: childComponent) } // The current directory is empty now, remove it. if unlinkat(self.rawValue, filename.string, AT_REMOVEDIR) != 0 { throw SecurePathError.systemError("directory removal during secure unlink", errno) } } private func mkdirSecure( _ relativeComponents: FilePath.ComponentView, permissions: FilePermissions? = nil, makeIntermediates: Bool, completion: (FileDescriptor) throws -> Void ) throws { // If the relative path is empty, call completion with self (the parent directory) guard let currentComponent = relativeComponents.first else { try completion(self) return } let childComponents = FilePath.ComponentView(relativeComponents.dropFirst()) // Create or replace the directory as needed. let parentFd = self.rawValue var componentFd = openat(parentFd, currentComponent.string, O_NOFOLLOW | O_RDONLY | O_DIRECTORY) if componentFd < 0 { // If the non-directory component should be replaced with a directory, remove the component. guard makeIntermediates || childComponents.isEmpty else { throw SecurePathError.invalidPathComponent } if errno != ENOENT { try self.unlinkRecursiveSecure(filename: currentComponent) } // Create and open an empty directory. guard mkdirat(parentFd, currentComponent.string, permissions?.rawValue ?? 0o755) == 0 else { throw SecurePathError.systemError("directory creation during secure mkdir", errno) } componentFd = openat(parentFd, currentComponent.string, O_NOFOLLOW | O_RDONLY | O_DIRECTORY) guard componentFd >= 0 else { throw SecurePathError.systemError("directory open during secure mkdir", errno) } } let componentFileDescriptor = FileDescriptor(rawValue: componentFd) defer { try? componentFileDescriptor.close() } // Call the completion closure for the last component. guard !childComponents.isEmpty else { try completion(componentFileDescriptor) return } // Create the directory for the remaining components. try componentFileDescriptor.mkdirSecure(childComponents, permissions: permissions, makeIntermediates: makeIntermediates, completion: completion) } private static func validateRelativePath(_ path: FilePath) throws { // Allow absolute paths; only the components will be used during traversal. guard !(path.components.contains { $0 == ".." }) else { throw SecurePathError.invalidRelativePath } } #if canImport(Darwin) public func getCanonicalPath() throws -> FilePath { var buffer = [CChar](repeating: 0, count: Int(PATH_MAX)) guard fcntl(self.rawValue, F_GETPATH, &buffer) != -1 else { throw Errno(rawValue: errno) } let bytes = buffer.prefix { $0 != 0 }.map { UInt8(bitPattern: $0) } let pathname = String(decoding: bytes, as: UTF8.self) return FilePath(pathname) } #elseif canImport(Glibc) || canImport(Musl) public func getCanonicalPath() throws -> FilePath { let fdPath = "/proc/self/fd/\(self.rawValue)" // Use readlink to resolve the symlink var buffer = [CChar](repeating: 0, count: 4096) let len = readlink(fdPath, &buffer, buffer.count - 1) guard len > 0 else { throw SecurePathError.systemError("readlink", errno) } // Convert to bytes without null termination let bytes = buffer.prefix(len).map { UInt8(bitPattern: $0) } let pathname = String(decoding: bytes, as: UTF8.self) return FilePath(pathname) } #endif } public enum SecurePathError: Error, CustomStringConvertible, Equatable { case invalidRelativePath case invalidPathComponent case cannotFollowSymlink case systemError(String, Int32) public var description: String { switch self { case .invalidRelativePath: return "invalid relative path supplied to secure path operation" case .invalidPathComponent: return "an intermediate path component is missing or is not a directory" case .cannotFollowSymlink: return "cannot follow a symlink an a secure path operation" case .systemError(let operation, let err): return "\(operation) returned error: \(err)" } } } ================================================ FILE: Sources/ContainerizationOS/Keychain/KeychainQuery.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(macOS) import Foundation /// Holds the result of a query to the keychain. public struct KeychainQueryResult { public var username: String public var password: String public var modifiedDate: Date public var createdDate: Date } /// Type that facilitates interacting with the macOS keychain. public struct KeychainQuery { public init() {} /// Save a value to the keychain. /// - Parameters: /// - securityDomain: The security domain used to fetch keychain entries. /// - accessGroup: If present, the access group used to fetch keychain entries. /// - hostname: The hostname for the authenticating server. /// - username: The username to present to the server. /// - password: The password to present to the server. /// - Throws: An error if the keychain query fails or returns unexpected data. public func save( securityDomain: String, accessGroup: String? = nil, hostname: String, username: String, password: String ) throws { if try exists(securityDomain: securityDomain, accessGroup: accessGroup, hostname: hostname) { try delete(securityDomain: securityDomain, accessGroup: accessGroup, hostname: hostname) } guard let passwordEncoded = password.data(using: String.Encoding.utf8) else { throw Self.Error.invalidPasswordConversion } var query: [String: Any] = [ kSecClass as String: kSecClassInternetPassword, kSecAttrSecurityDomain as String: securityDomain, kSecAttrServer as String: hostname, kSecAttrAccount as String: username, kSecValueData as String: passwordEncoded, kSecAttrAccessible as String: kSecAttrAccessibleAfterFirstUnlock, kSecAttrSynchronizable as String: false, ] if let accessGroup { query[kSecAttrAccessGroup as String] = accessGroup } let status = SecItemAdd(query as CFDictionary, nil) guard status == errSecSuccess else { throw Self.Error.unhandledError(status: status) } } /// Delete a value from the keychain. /// - Parameters: /// - securityDomain: The security domain used to fetch keychain entries. /// - accessGroup: If present, the access group used to fetch keychain entries. /// - hostname: The hostname for the authenticating server. /// - Throws: An error if the keychain query fails or returns unexpected data. public func delete(securityDomain: String, accessGroup: String? = nil, hostname: String) throws { var query: [String: Any] = [ kSecClass as String: kSecClassInternetPassword, kSecAttrSecurityDomain as String: securityDomain, kSecAttrServer as String: hostname, kSecMatchLimit as String: kSecMatchLimitOne, ] if let accessGroup { query[kSecAttrAccessGroup as String] = accessGroup } let status = SecItemDelete(query as CFDictionary) guard status == errSecSuccess || status == errSecItemNotFound else { throw Self.Error.unhandledError(status: status) } } /// Retrieve a value from the keychain. /// - Parameters: /// - securityDomain: The security domain used to fetch keychain entries. /// - accessGroup: If present, the access group used to fetch keychain entries. /// - hostname: The hostname for the authenticating server. /// - Returns: The keychain entry. /// - Throws: An error if the keychain query fails or returns unexpected data. public func get(securityDomain: String, accessGroup: String? = nil, hostname: String) throws -> KeychainQueryResult? { var query: [String: Any] = [ kSecClass as String: kSecClassInternetPassword, kSecAttrSecurityDomain as String: securityDomain, kSecAttrServer as String: hostname, kSecReturnAttributes as String: true, kSecMatchLimit as String: kSecMatchLimitOne, kSecReturnData as String: true, ] if let accessGroup { query[kSecAttrAccessGroup as String] = accessGroup } var item: CFTypeRef? let status = SecItemCopyMatching(query as CFDictionary, &item) let exists = try isQuerySuccessful(status) if !exists { return nil } guard let fetched = item as? [String: Any] else { throw Self.Error.unexpectedDataFetched } guard let data = fetched[kSecValueData as String] as? Data else { throw Self.Error.keyNotPresent(key: kSecValueData as String) } guard let password = String(data: data, encoding: String.Encoding.utf8) else { throw Self.Error.unexpectedDataFetched } guard let username = fetched[kSecAttrAccount as String] as? String else { throw Self.Error.keyNotPresent(key: kSecAttrAccount as String) } guard let modifiedDate = fetched[kSecAttrModificationDate as String] as? Date else { throw Self.Error.keyNotPresent(key: kSecAttrModificationDate as String) } guard let createdDate = fetched[kSecAttrCreationDate as String] as? Date else { throw Self.Error.keyNotPresent(key: kSecAttrCreationDate as String) } return KeychainQueryResult( username: username, password: password, modifiedDate: modifiedDate, createdDate: createdDate ) } /// List all keychain entries for a domain. /// - Parameters: /// - securityDomain: The security domain used to fetch keychain entries. /// - accessGroup: If present, the access group used to fetch keychain entries. /// - Returns: An array of keychain metadata for each matching entry, or an empty array if none are found. /// - Throws: An error if the keychain query fails or returns unexpected data. public func list(securityDomain: String, accessGroup: String? = nil) throws -> [RegistryInfo] { var query: [String: Any] = [ kSecClass as String: kSecClassInternetPassword, kSecAttrSecurityDomain as String: securityDomain, kSecReturnAttributes as String: true, kSecReturnData as String: false, kSecMatchLimit as String: kSecMatchLimitAll, ] if let accessGroup { query[kSecAttrAccessGroup as String] = accessGroup } var item: CFTypeRef? let status = SecItemCopyMatching(query as CFDictionary, &item) let exists = try isQuerySuccessful(status) if !exists { return [] } guard let fetched = item as? [[String: Any]] else { throw Self.Error.unexpectedDataFetched } return try fetched.map { registry in guard let hostname = registry[kSecAttrServer as String] as? String else { throw Self.Error.keyNotPresent(key: kSecAttrServer as String) } guard let username = registry[kSecAttrAccount as String] as? String else { throw Self.Error.keyNotPresent(key: kSecAttrAccount as String) } guard let modifiedDate = registry[kSecAttrModificationDate as String] as? Date else { throw Self.Error.keyNotPresent(key: kSecAttrModificationDate as String) } guard let createdDate = registry[kSecAttrCreationDate as String] as? Date else { throw Self.Error.keyNotPresent(key: kSecAttrCreationDate as String) } return RegistryInfo( hostname: hostname, username: username, modifiedDate: modifiedDate, createdDate: createdDate ) } } /// Check if a value exists in the keychain. /// - Parameters: /// - securityDomain: The security domain used to fetch keychain entries. /// - accessGroup: If present, the access group used to fetch keychain entries. /// - hostname: The hostname for the authenticating server. /// - Returns: `true` if the entry exists, `false` otherwise. /// - Throws: An error if the keychain query fails. public func exists(securityDomain: String, accessGroup: String? = nil, hostname: String) throws -> Bool { var query: [String: Any] = [ kSecClass as String: kSecClassInternetPassword, kSecAttrSecurityDomain as String: securityDomain, kSecAttrServer as String: hostname, kSecReturnAttributes as String: true, kSecMatchLimit as String: kSecMatchLimitOne, kSecReturnData as String: false, ] if let accessGroup { query[kSecAttrAccessGroup as String] = accessGroup } let status = SecItemCopyMatching(query as CFDictionary, nil) return try isQuerySuccessful(status) } private func isQuerySuccessful(_ status: Int32) throws -> Bool { guard status != errSecItemNotFound else { return false } guard status == errSecSuccess else { throw Self.Error.unhandledError(status: status) } return true } } extension KeychainQuery { public enum Error: Swift.Error { case unhandledError(status: Int32) case unexpectedDataFetched case keyNotPresent(key: String) case invalidPasswordConversion } } #endif ================================================ FILE: Sources/ContainerizationOS/Keychain/RegistryInfo.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// Holds the stored attributes for a registry. public struct RegistryInfo: Sendable { /// The registry host as a domain name with an optional port. public var hostname: String /// The username used to authenticate with the registry. public var username: String /// The date the registry was last modified. public let modifiedDate: Date /// The date the registry was created. public let createdDate: Date } ================================================ FILE: Sources/ContainerizationOS/Linux/Binfmt.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation #if canImport(Musl) import Musl private let _mount = Musl.mount #elseif canImport(Glibc) import Glibc private let _mount = Glibc.mount #endif /// `Binfmt` is a utility type that contains static helpers and types for /// mounting the Linux binfmt_misc filesystem, and creating new binfmt entries. public struct Binfmt: Sendable { /// Default mount path for binfmt_misc. public static let path = "/proc/sys/fs/binfmt_misc" /// Entry models a binfmt_misc entry. /// https://docs.kernel.org/admin-guide/binfmt-misc.html public struct Entry { public var name: String public var type: String public var offset: String public var magic: String public var mask: String public var flags: String public init( name: String, type: String = "M", offset: String = "", magic: String, mask: String, flags: String = "CF" ) { self.name = name self.type = type self.offset = offset self.magic = magic self.mask = mask self.flags = flags } /// Returns a binfmt `Entry` for amd64 ELF binaries. public static func amd64() -> Self { Binfmt.Entry( name: "x86_64", magic: #"\x7fELF\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x3e\x00"#, mask: #"\xff\xff\xff\xff\xff\xfe\xfe\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff"# ) } #if os(Linux) /// Register the passed in `binaryPath` as the interpreter for a new binfmt_misc entry. public func register(binaryPath: String) throws { let registration = ":\(self.name):\(self.type):\(self.offset):\(self.magic):\(self.mask):\(binaryPath):\(self.flags)" try registration.write( to: URL(fileURLWithPath: Binfmt.path).appendingPathComponent("register"), atomically: false, encoding: .ascii ) } /// Deregister the binfmt_misc entry described by the current object. public func deregister() throws { let data = "-1" try data.write( to: URL(fileURLWithPath: Binfmt.path).appendingPathComponent(self.name), atomically: false, encoding: .ascii ) } #endif // os(Linux) } #if os(Linux) /// Crude check to see if /proc/sys/fs/binfmt_misc/register exists. public static func mounted() -> Bool { FileManager.default.fileExists(atPath: "\(Self.path)/register") } /// Mount the binfmt_misc filesystem. public static func mount() throws { guard _mount("binfmt_misc", Self.path, "binfmt_misc", 0, "") == 0 else { throw POSIXError.fromErrno() } } #endif // os(Linux) } ================================================ FILE: Sources/ContainerizationOS/Linux/Capabilities.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import CShim import Foundation // MARK: - Configuration Types public enum CapabilityParsingError: Swift.Error, CustomStringConvertible { case invalidCapabilitySet(String) case invalidCapabilityName(String) public var description: String { switch self { case .invalidCapabilitySet(let value): return "invalid CapabilitySet value '\(value)'" case .invalidCapabilityName(let value): return "invalid CapabilityName '\(value)'" } } } public struct CapabilitySet: Sendable, Hashable { private enum Value: Hashable, Sendable, CaseIterable { case bounding case effective case inheritable case permitted case ambient } private var value: Value private init(_ value: Value) { self.value = value } public init(rawValue: String) throws { let values = Value.allCases.reduce(into: [String: Value]()) { $0[String(describing: $1).lowercased()] = $1 } guard let match = values[rawValue.lowercased()] else { throw CapabilityParsingError.invalidCapabilitySet(rawValue) } self.value = match } public static var bounding: Self { Self(.bounding) } public static var effective: Self { Self(.effective) } public static var inheritable: Self { Self(.inheritable) } public static var permitted: Self { Self(.permitted) } public static var ambient: Self { Self(.ambient) } } extension CapabilitySet: CustomStringConvertible { public var description: String { String(describing: self.value) } } public struct CapabilityName: Sendable, Hashable { private enum Value: Hashable, Sendable, CaseIterable { case chown case dacOverride case dacReadSearch case fowner case fsetid case kill case setgid case setuid case setpcap case linuxImmutable case netBindService case netBroadcast case netAdmin case netRaw case ipcLock case ipcOwner case sysModule case sysRawio case sysChroot case sysPtrace case sysPacct case sysAdmin case sysBoot case sysNice case sysResource case sysTime case sysTtyConfig case mknod case lease case auditWrite case auditControl case setfcap case macOverride case macAdmin case syslog case wakeAlarm case blockSuspend case auditRead case perfmon case bpf case checkpointRestore } private var value: Value private init(_ value: Value) { self.value = value } public init(rawValue: String) throws { let uppercased = rawValue.uppercased() let normalized = uppercased.hasPrefix("CAP_") ? uppercased : "CAP_\(uppercased)" let capNameMap: [String: Value] = [ "CAP_CHOWN": .chown, "CAP_DAC_OVERRIDE": .dacOverride, "CAP_DAC_READ_SEARCH": .dacReadSearch, "CAP_FOWNER": .fowner, "CAP_FSETID": .fsetid, "CAP_KILL": .kill, "CAP_SETGID": .setgid, "CAP_SETUID": .setuid, "CAP_SETPCAP": .setpcap, "CAP_LINUX_IMMUTABLE": .linuxImmutable, "CAP_NET_BIND_SERVICE": .netBindService, "CAP_NET_BROADCAST": .netBroadcast, "CAP_NET_ADMIN": .netAdmin, "CAP_NET_RAW": .netRaw, "CAP_IPC_LOCK": .ipcLock, "CAP_IPC_OWNER": .ipcOwner, "CAP_SYS_MODULE": .sysModule, "CAP_SYS_RAWIO": .sysRawio, "CAP_SYS_CHROOT": .sysChroot, "CAP_SYS_PTRACE": .sysPtrace, "CAP_SYS_PACCT": .sysPacct, "CAP_SYS_ADMIN": .sysAdmin, "CAP_SYS_BOOT": .sysBoot, "CAP_SYS_NICE": .sysNice, "CAP_SYS_RESOURCE": .sysResource, "CAP_SYS_TIME": .sysTime, "CAP_SYS_TTY_CONFIG": .sysTtyConfig, "CAP_MKNOD": .mknod, "CAP_LEASE": .lease, "CAP_AUDIT_WRITE": .auditWrite, "CAP_AUDIT_CONTROL": .auditControl, "CAP_SETFCAP": .setfcap, "CAP_MAC_OVERRIDE": .macOverride, "CAP_MAC_ADMIN": .macAdmin, "CAP_SYSLOG": .syslog, "CAP_WAKE_ALARM": .wakeAlarm, "CAP_BLOCK_SUSPEND": .blockSuspend, "CAP_AUDIT_READ": .auditRead, "CAP_PERFMON": .perfmon, "CAP_BPF": .bpf, "CAP_CHECKPOINT_RESTORE": .checkpointRestore, ] guard let match = capNameMap[normalized] else { throw CapabilityParsingError.invalidCapabilityName(rawValue) } self.value = match } public var capValue: UInt32 { switch self.value { case .chown: return 0 case .dacOverride: return 1 case .dacReadSearch: return 2 case .fowner: return 3 case .fsetid: return 4 case .kill: return 5 case .setgid: return 6 case .setuid: return 7 case .setpcap: return 8 case .linuxImmutable: return 9 case .netBindService: return 10 case .netBroadcast: return 11 case .netAdmin: return 12 case .netRaw: return 13 case .ipcLock: return 14 case .ipcOwner: return 15 case .sysModule: return 16 case .sysRawio: return 17 case .sysChroot: return 18 case .sysPtrace: return 19 case .sysPacct: return 20 case .sysAdmin: return 21 case .sysBoot: return 22 case .sysNice: return 23 case .sysResource: return 24 case .sysTime: return 25 case .sysTtyConfig: return 26 case .mknod: return 27 case .lease: return 28 case .auditWrite: return 29 case .auditControl: return 30 case .setfcap: return 31 case .macOverride: return 32 case .macAdmin: return 33 case .syslog: return 34 case .wakeAlarm: return 35 case .blockSuspend: return 36 case .auditRead: return 37 case .perfmon: return 38 case .bpf: return 39 case .checkpointRestore: return 40 } } public static var chown: Self { Self(.chown) } public static var dacOverride: Self { Self(.dacOverride) } public static var dacReadSearch: Self { Self(.dacReadSearch) } public static var fowner: Self { Self(.fowner) } public static var fsetid: Self { Self(.fsetid) } public static var kill: Self { Self(.kill) } public static var setgid: Self { Self(.setgid) } public static var setuid: Self { Self(.setuid) } public static var setpcap: Self { Self(.setpcap) } public static var linuxImmutable: Self { Self(.linuxImmutable) } public static var netBindService: Self { Self(.netBindService) } public static var netBroadcast: Self { Self(.netBroadcast) } public static var netAdmin: Self { Self(.netAdmin) } public static var netRaw: Self { Self(.netRaw) } public static var ipcLock: Self { Self(.ipcLock) } public static var ipcOwner: Self { Self(.ipcOwner) } public static var sysModule: Self { Self(.sysModule) } public static var sysRawio: Self { Self(.sysRawio) } public static var sysChroot: Self { Self(.sysChroot) } public static var sysPtrace: Self { Self(.sysPtrace) } public static var sysPacct: Self { Self(.sysPacct) } public static var sysAdmin: Self { Self(.sysAdmin) } public static var sysBoot: Self { Self(.sysBoot) } public static var sysNice: Self { Self(.sysNice) } public static var sysResource: Self { Self(.sysResource) } public static var sysTime: Self { Self(.sysTime) } public static var sysTtyConfig: Self { Self(.sysTtyConfig) } public static var mknod: Self { Self(.mknod) } public static var lease: Self { Self(.lease) } public static var auditWrite: Self { Self(.auditWrite) } public static var auditControl: Self { Self(.auditControl) } public static var setfcap: Self { Self(.setfcap) } public static var macOverride: Self { Self(.macOverride) } public static var macAdmin: Self { Self(.macAdmin) } public static var syslog: Self { Self(.syslog) } public static var wakeAlarm: Self { Self(.wakeAlarm) } public static var blockSuspend: Self { Self(.blockSuspend) } public static var auditRead: Self { Self(.auditRead) } public static var perfmon: Self { Self(.perfmon) } public static var bpf: Self { Self(.bpf) } public static var checkpointRestore: Self { Self(.checkpointRestore) } public static var allCases: [CapabilityName] { Value.allCases.map { CapabilityName($0) } } } extension CapabilityName: CustomStringConvertible { public var description: String { switch self.value { case .chown: return "CAP_CHOWN" case .dacOverride: return "CAP_DAC_OVERRIDE" case .dacReadSearch: return "CAP_DAC_READ_SEARCH" case .fowner: return "CAP_FOWNER" case .fsetid: return "CAP_FSETID" case .kill: return "CAP_KILL" case .setgid: return "CAP_SETGID" case .setuid: return "CAP_SETUID" case .setpcap: return "CAP_SETPCAP" case .linuxImmutable: return "CAP_LINUX_IMMUTABLE" case .netBindService: return "CAP_NET_BIND_SERVICE" case .netBroadcast: return "CAP_NET_BROADCAST" case .netAdmin: return "CAP_NET_ADMIN" case .netRaw: return "CAP_NET_RAW" case .ipcLock: return "CAP_IPC_LOCK" case .ipcOwner: return "CAP_IPC_OWNER" case .sysModule: return "CAP_SYS_MODULE" case .sysRawio: return "CAP_SYS_RAWIO" case .sysChroot: return "CAP_SYS_CHROOT" case .sysPtrace: return "CAP_SYS_PTRACE" case .sysPacct: return "CAP_SYS_PACCT" case .sysAdmin: return "CAP_SYS_ADMIN" case .sysBoot: return "CAP_SYS_BOOT" case .sysNice: return "CAP_SYS_NICE" case .sysResource: return "CAP_SYS_RESOURCE" case .sysTime: return "CAP_SYS_TIME" case .sysTtyConfig: return "CAP_SYS_TTY_CONFIG" case .mknod: return "CAP_MKNOD" case .lease: return "CAP_LEASE" case .auditWrite: return "CAP_AUDIT_WRITE" case .auditControl: return "CAP_AUDIT_CONTROL" case .setfcap: return "CAP_SETFCAP" case .macOverride: return "CAP_MAC_OVERRIDE" case .macAdmin: return "CAP_MAC_ADMIN" case .syslog: return "CAP_SYSLOG" case .wakeAlarm: return "CAP_WAKE_ALARM" case .blockSuspend: return "CAP_BLOCK_SUSPEND" case .auditRead: return "CAP_AUDIT_READ" case .perfmon: return "CAP_PERFMON" case .bpf: return "CAP_BPF" case .checkpointRestore: return "CAP_CHECKPOINT_RESTORE" } } } // MARK: - Linux Implementation #if os(Linux) #if canImport(Musl) import Musl #elseif canImport(Glibc) import Glibc #endif import CShim /// Capability type flags public struct CapType: OptionSet, Sendable { public let rawValue: UInt32 public init(rawValue: UInt32) { self.rawValue = rawValue } // Individual capability sets (for Get/Set/Unset/etc) public static let effective = CapType(rawValue: 1 << 0) public static let permitted = CapType(rawValue: 1 << 1) public static let inheritable = CapType(rawValue: 1 << 2) public static let bounding = CapType(rawValue: 1 << 3) public static let ambient = CapType(rawValue: 1 << 4) // Bulk operation flags (for Apply/Fill/Clear) public static let caps = CapType(rawValue: 1 << 8) // CAPS - effective, permitted, inheritable public static let bounds = CapType(rawValue: 1 << 9) // BOUNDS - bounding set public static let ambs = CapType(rawValue: 1 << 10) // AMBS - ambient capabilities } private struct CapabilityHeader { var version: UInt32 var pid: Int32 init(pid: Int32 = 0) { self.version = 0x2008_0522 self.pid = pid } } private struct CapabilityData { var effective1: UInt32 var permitted1: UInt32 var inheritable1: UInt32 var effective2: UInt32 var permitted2: UInt32 var inheritable2: UInt32 init( effective1: UInt32 = 0, permitted1: UInt32 = 0, inheritable1: UInt32 = 0, effective2: UInt32 = 0, permitted2: UInt32 = 0, inheritable2: UInt32 = 0 ) { self.effective1 = effective1 self.permitted1 = permitted1 self.inheritable1 = inheritable1 self.effective2 = effective2 self.permitted2 = permitted2 self.inheritable2 = inheritable2 } } /// Interface with Linux capabilities /// https://linux.die.net/man/7/capabilities public struct LinuxCapabilities: Sendable { private var effectiveSet: UInt64 = 0 private var permittedSet: UInt64 = 0 private var inheritableSet: UInt64 = 0 private var boundingSet: UInt64 = 0 private var ambientSet: UInt64 = 0 public init() {} /// Get the highest supported capability from the kernel public static func getLastSupported() throws -> CapabilityName { guard let data = try? String(contentsOfFile: "/proc/sys/kernel/cap_last_cap", encoding: .ascii), let lastCap = UInt32(data.trimmingCharacters(in: .whitespacesAndNewlines)) else { throw LinuxCapabilities.Error.invalidCapabilitySet("failed to read /proc/sys/kernel/cap_last_cap") } guard let capability = CapabilityName.allCases.first(where: { $0.capValue == lastCap }) else { throw LinuxCapabilities.Error.invalidCapabilitySet("no capability found for kernel max cap \(lastCap)") } return capability } /// Set keep caps public static func setKeepCaps() throws { let result = CZ_prctl_set_keepcaps() if result != 0 { throw LinuxCapabilities.Error.prctlFailed(errno: errno, operation: "PR_SET_KEEPCAPS") } } /// Clear keep caps public static func clearKeepCaps() throws { let result = CZ_prctl_clear_keepcaps() if result != 0 { throw LinuxCapabilities.Error.prctlFailed(errno: errno, operation: "PR_CLEAR_KEEPCAPS") } } /// Load current process capabilities from kernel public mutating func load() throws { let data = try getCurrentCapabilities() self.effectiveSet = UInt64(data.effective1) self.permittedSet = UInt64(data.permitted1) self.inheritableSet = UInt64(data.inheritable1) } /// Check if capability is present in the given set public func get(which: CapType, what: CapabilityName) -> Bool { let bit = UInt64(1) << what.capValue if which.contains(.effective) { return (effectiveSet & bit) != 0 } else if which.contains(.permitted) { return (permittedSet & bit) != 0 } else if which.contains(.inheritable) { return (inheritableSet & bit) != 0 } else if which.contains(.bounding) { return (boundingSet & bit) != 0 } else if which.contains(.ambient) { return (ambientSet & bit) != 0 } return false } /// Set capabilities in the given sets public mutating func set(which: CapType, caps: [CapabilityName]) { let mask = caps.reduce(UInt64(0)) { result, cap in result | (UInt64(1) << cap.capValue) } if which.contains(.effective) { effectiveSet |= mask } if which.contains(.permitted) { permittedSet |= mask } if which.contains(.inheritable) { inheritableSet |= mask } if which.contains(.bounding) { boundingSet |= mask } if which.contains(.ambient) { ambientSet |= mask } } /// Unset capabilities from the given sets public mutating func unset(which: CapType, caps: [CapabilityName]) { let mask = caps.reduce(UInt64(0)) { result, cap in result | (UInt64(1) << cap.capValue) } if which.contains(.effective) { effectiveSet &= ~mask } if which.contains(.permitted) { permittedSet &= ~mask } if which.contains(.inheritable) { inheritableSet &= ~mask } if which.contains(.bounding) { boundingSet &= ~mask } if which.contains(.ambient) { ambientSet &= ~mask } } /// Fill all bits of given capability types public mutating func fill(kind: CapType) { if kind.contains(.caps) { effectiveSet = 0xFFFF_FFFF_FFFF_FFFF permittedSet = 0xFFFF_FFFF_FFFF_FFFF inheritableSet = 0 } if kind.contains(.bounds) { boundingSet = 0xFFFF_FFFF_FFFF_FFFF } if kind.contains(.ambs) { ambientSet = 0xFFFF_FFFF_FFFF_FFFF } } /// Clear all bits of given capability types public mutating func clear(kind: CapType) { if kind.contains(.caps) { effectiveSet = 0 permittedSet = 0 inheritableSet = 0 } if kind.contains(.bounds) { boundingSet = 0 } if kind.contains(.ambs) { ambientSet = 0 } } /// Apply capabilities to current process public func apply(kind: CapType) throws { // Apply bounding set (requires CAP_SETPCAP) if kind.contains(.bounds) { try applyBoundingSet() } // Apply main capabilities (effective, permitted, inheritable) if kind.contains(.caps) { try applyMainCapabilities() } // Apply ambient capabilities if kind.contains(.ambs) { try applyAmbientCapabilities() } } private func applyBoundingSet() throws { let currentData = try getCurrentCapabilities() let hasSetPCap = (currentData.effective1 & (1 << CapabilityName.setpcap.capValue)) != 0 if hasSetPCap { // Get the last supported capability to avoid trying to drop unsupported ones let lastSupported = try Self.getLastSupported() for cap in CapabilityName.allCases { // Skip capabilities higher than what the kernel supports guard cap.capValue <= lastSupported.capValue else { continue } let capBit = UInt64(1) << cap.capValue if (boundingSet & capBit) == 0 { let result = CZ_prctl_capbset_drop(cap.capValue) if result != 0 && errno != EINVAL { throw Error.prctlFailed(errno: errno, operation: "PR_CAPBSET_DROP") } } } } } private func applyMainCapabilities() throws { let data = CapabilityData( effective1: UInt32(effectiveSet & 0xFFFF_FFFF), permitted1: UInt32(permittedSet & 0xFFFF_FFFF), inheritable1: UInt32(inheritableSet & 0xFFFF_FFFF) ) try setCapabilities(data: data) } private func applyAmbientCapabilities() throws { // Clear all ambient capabilities first let clearResult = CZ_prctl_cap_ambient_clear_all() if clearResult != 0 && errno != EINVAL { throw Error.prctlFailed(errno: errno, operation: "PR_CAP_AMBIENT_CLEAR_ALL") } // Get the last supported capability to avoid trying to set unsupported ones let lastSupported = try Self.getLastSupported() // Set each ambient capability for cap in CapabilityName.allCases { // Skip capabilities higher than what the kernel supports guard cap.capValue <= lastSupported.capValue else { continue } let capBit = UInt64(1) << cap.capValue if (ambientSet & capBit) != 0 { let result = CZ_prctl_cap_ambient_raise(cap.capValue) if result != 0 && errno != EINVAL { throw Error.prctlFailed(errno: errno, operation: "PR_CAP_AMBIENT_RAISE") } } } } private func getCurrentCapabilities() throws -> CapabilityData { var header = CapabilityHeader() var data = CapabilityData() let result = withUnsafeMutablePointer(to: &header) { headerPtr in withUnsafeMutablePointer(to: &data) { dataPtr in CZ_capget(headerPtr, dataPtr) } } if result != 0 { throw Error.capgetFailed(errno: errno) } return data } private func setCapabilities(data: CapabilityData) throws { var header = CapabilityHeader() var mutableData = data let result = withUnsafeMutablePointer(to: &header) { headerPtr in withUnsafeMutablePointer(to: &mutableData) { dataPtr in CZ_capset(headerPtr, dataPtr) } } if result != 0 { throw Error.capsetFailed(errno: errno) } } } extension LinuxCapabilities { public enum Error: Swift.Error, CustomStringConvertible { case unsupportedCapability(name: String) case capsetFailed(errno: Int32) case capgetFailed(errno: Int32) case prctlFailed(errno: Int32, operation: String) case invalidCapabilitySet(String) public var description: String { switch self { case .unsupportedCapability(let name): return "unsupported capability: \(name)" case .capsetFailed(let errno): return "capset failed with errno \(errno): \(String(cString: strerror(errno)))" case .capgetFailed(let errno): return "capget failed with errno \(errno): \(String(cString: strerror(errno)))" case .prctlFailed(let errno, let operation): return "prctl(\(operation)) failed with errno \(errno): \(String(cString: strerror(errno)))" case .invalidCapabilitySet(let message): return "invalid capability set configuration: \(message)" } } } } #endif ================================================ FILE: Sources/ContainerizationOS/Linux/Epoll.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if canImport(Musl) import Musl import Foundation import Synchronization /// Register file descriptors to receive events via Linux's /// epoll syscall surface. public final class Epoll: Sendable { public typealias Mask = Int32 public typealias Handler = (@Sendable (Mask) -> Void) private let epollFD: Int32 private let handlers = SafeMap() private let pipe = Pipe() // to wake up a waiting epoll_wait public init() throws { let efd = epoll_create1(EPOLL_CLOEXEC) guard efd > 0 else { throw POSIXError.fromErrno() } self.epollFD = efd try self.add(pipe.fileHandleForReading.fileDescriptor) { _ in } } public func add( _ fd: Int32, mask: Int32 = EPOLLIN | EPOLLOUT, // HUP is always added handler: @escaping Handler ) throws { guard fcntl(fd, F_SETFL, O_NONBLOCK) == 0 else { throw POSIXError.fromErrno() } let events = EPOLLET | UInt32(bitPattern: mask) var event = epoll_event() event.events = events event.data.fd = fd try withUnsafeMutablePointer(to: &event) { ptr in while true { if epoll_ctl(self.epollFD, EPOLL_CTL_ADD, fd, ptr) == -1 { if errno == EAGAIN || errno == EINTR { continue } throw POSIXError.fromErrno() } break } } self.handlers.set(fd, handler) } /// Run the main epoll loop. /// /// max events to return in a single wait /// timeout in ms. /// -1 means block forever. /// 0 means return immediately if no events. public func run(maxEvents: Int = 128, timeout: Int32 = -1) throws { var events: [epoll_event] = .init( repeating: epoll_event(), count: maxEvents ) while true { let n = epoll_wait(self.epollFD, &events, Int32(events.count), timeout) guard n >= 0 else { if errno == EINTR || errno == EAGAIN { continue // go back to epoll_wait } throw POSIXError.fromErrno() } if n == 0 { return // if epoll wait times out, then n will be 0 } for i in 0.. Bool { errno == ENOENT || errno == EBADF || errno == EPERM } /// Shutdown the epoll handler. public func shutdown() throws { // wakes up epoll_wait and triggers a shutdown try self.pipe.fileHandleForWriting.close() } private final class SafeMap: Sendable { let dict = Mutex<[Key: Value]>([:]) func set(_ key: Key, _ value: Value) { dict.withLock { @Sendable in $0[key] = value } } func get(_ key: Key) -> Value? { dict.withLock { @Sendable in $0[key] } } func del(_ key: Key) { dict.withLock { @Sendable in _ = $0.removeValue(forKey: key) } } } } extension Epoll.Mask { public var isHangup: Bool { (self & (EPOLLHUP | EPOLLERR)) != 0 } public var isRhangup: Bool { (self & EPOLLRDHUP) != 0 } public var readyToRead: Bool { (self & EPOLLIN) != 0 } public var readyToWrite: Bool { (self & EPOLLOUT) != 0 } } #endif // canImport(Musl) ================================================ FILE: Sources/ContainerizationOS/Mount/Mount.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import CShim import Foundation #if canImport(Musl) import Musl private let _mount = Musl.mount private let _umount = Musl.umount2 #elseif canImport(Glibc) import Glibc private let _mount = Glibc.mount private let _umount = Glibc.umount2 #endif // Mount package modeled closely from containerd's: https://github.com/containerd/containerd/tree/main/core/mount /// `Mount` models a Linux mount (although potentially could be used on other unix platforms), and /// provides a simple interface to mount what the type describes. public struct Mount: Sendable { // Type specifies the host-specific of the mount. public var type: String // Source specifies where to mount from. Depending on the host system, this // can be a source path or device. public var source: String // Target specifies an optional subdirectory as a mountpoint. public var target: String // Options contains zero or more fstab-style mount options. public var options: [String] public init(type: String, source: String, target: String, options: [String]) { self.type = type self.source = source self.target = target self.options = options } } extension Mount { #if canImport(Glibc) internal typealias Flag = Int #else internal typealias Flag = Int32 #endif internal struct FlagBehavior { let clear: Bool let flag: Flag public init(_ clear: Bool, _ flag: Flag) { self.clear = clear self.flag = flag } } #if os(Linux) internal static let flagsDictionary: [String: FlagBehavior] = [ "async": .init(true, MS_SYNCHRONOUS), "atime": .init(true, MS_NOATIME), "bind": .init(false, MS_BIND), "defaults": .init(false, 0), "dev": .init(true, MS_NODEV), "diratime": .init(true, MS_NODIRATIME), "dirsync": .init(false, MS_DIRSYNC), "exec": .init(true, MS_NOEXEC), "mand": .init(false, MS_MANDLOCK), "noatime": .init(false, MS_NOATIME), "nodev": .init(false, MS_NODEV), "nodiratime": .init(false, MS_NODIRATIME), "noexec": .init(false, MS_NOEXEC), "nomand": .init(true, MS_MANDLOCK), "norelatime": .init(true, MS_RELATIME), "nostrictatime": .init(true, MS_STRICTATIME), "nosuid": .init(false, MS_NOSUID), "rbind": .init(false, MS_BIND | MS_REC), "relatime": .init(false, MS_RELATIME), "remount": .init(false, MS_REMOUNT), "ro": .init(false, MS_RDONLY), "rw": .init(true, MS_RDONLY), "strictatime": .init(false, MS_STRICTATIME), "suid": .init(true, MS_NOSUID), "sync": .init(false, MS_SYNCHRONOUS), ] internal struct MountOptions { var flags: Int32 var data: [String] public init(_ flags: Int32 = 0, data: [String] = []) { self.flags = flags self.data = data } } /// Whether the mount is read only. public var readOnly: Bool { for option in self.options { if option == "ro" { return true } } return false } /// Mount the mount relative to `root` with the current set of data in the object. /// /// Optionally provide `createWithPerms` to set the permissions for the directory that /// it will be mounted at. public func mount(root: String, createWithPerms: Int16? = nil) throws { let fd = try secureResolveInRoot(root: root) defer { close(fd) } let realPath = try readlinkProc(fd: fd) try self.mountToTarget(target: realPath, createWithPerms: createWithPerms, targetResolved: true) } /// Open a path relative to `dirFd` using `openat2(2)` with `RESOLVE_IN_ROOT`. /// /// All symlink resolution is confined to the directory tree beneath `dirFd`. /// Returns the file descriptor on success, or -1 on failure (with errno set). private func openInRoot(dirFd: Int32, path: String, flags: Int32, mode: UInt64 = 0) -> Int32 { path.withCString { cPath in var how = cz_open_how( flags: UInt64(flags), mode: mode, resolve: UInt64(RESOLVE_IN_ROOT) ) return CZ_openat2(dirFd, cPath, &how, MemoryLayout.size) } } private func secureResolveInRoot(root: String) throws -> Int32 { let rootFd = open(root, O_RDONLY | O_DIRECTORY | O_CLOEXEC) guard rootFd >= 0 else { throw Error.errno(errno, "failed to open rootfs '\(root)'") } // Determine if the leaf mount point should be a file or directory. let opts = parseMountOptions() let isBindMount = (opts.flags & Int32(MS_BIND)) != 0 var leafIsFile = false if isBindMount { var sourceStat = stat() if stat(self.source, &sourceStat) == 0 { leafIsFile = (sourceStat.st_mode & S_IFMT) != S_IFDIR } } // Normalize target to a relative path for openat2. let relativePath = self.target .split(separator: "/", omittingEmptySubsequences: true) .joined(separator: "/") guard !relativePath.isEmpty else { return rootFd } // Fast path: try openat2 with RESOLVE_IN_ROOT for the full path. let openFlags: Int32 = leafIsFile ? (O_RDONLY | O_CLOEXEC) : (O_RDONLY | O_DIRECTORY | O_CLOEXEC) let fd = openInRoot(dirFd: rootFd, path: relativePath, flags: openFlags) if fd >= 0 { close(rootFd) return fd } guard errno == ENOENT else { let savedErrno = errno close(rootFd) throw Error.errno(savedErrno, "failed to resolve '\(self.target)' in rootfs") } // Part of the path doesn't exist. Use openat2 to find the deepest // existing ancestor, then create the missing components. return try createMountTarget( rootFd: rootFd, relativePath: relativePath, leafIsFile: leafIsFile ) } private func createMountTarget( rootFd: Int32, relativePath: String, leafIsFile: Bool ) throws -> Int32 { let components = relativePath.split(separator: "/").map(String.init) var currentFd = rootFd var resultFd: Int32 = -1 // Centralized cleanup. On success resultFd holds the fd we return, // so we avoid closing it. On error resultFd is -1 and we close // everything. defer { if currentFd != rootFd && currentFd != resultFd { close(currentFd) } if rootFd != resultFd { close(rootFd) } } func fail(_ savedErrno: Int32, _ message: String) throws -> Never { throw Error.errno(savedErrno, message) } // Find the deepest existing directory using openat2 with RESOLVE_IN_ROOT. var firstMissing = 0 for i in 0..= 0 else { try fail(errno, "failed to re-open mount point file '\(component)'") } resultFd = pathFd return resultFd } guard mkdirat(currentFd, component, 0o755) == 0 else { try fail(errno, "failed to create directory '\(component)'") } let dirFd = openat(currentFd, component, O_RDONLY | O_NOFOLLOW | O_DIRECTORY | O_CLOEXEC) guard dirFd >= 0 else { try fail(errno, "failed to open created directory '\(component)'") } if isLast { resultFd = dirFd return resultFd } if currentFd != rootFd { close(currentFd) } currentFd = dirFd } // All components already existed. resultFd = currentFd return resultFd } /// Resolve the real filesystem path for an open fd via /proc/self/fd. private func readlinkProc(fd: Int32) throws -> String { let procPath = "/proc/self/fd/\(fd)" var buffer = [CChar](repeating: 0, count: Int(PATH_MAX) + 1) let len = readlink(procPath, &buffer, buffer.count - 1) guard len > 0 else { throw Error.errno(errno, "readlink failed for '\(procPath)'") } return buffer.prefix(len).withUnsafeBufferPointer { buf in String(decoding: buf.map { UInt8(bitPattern: $0) }, as: UTF8.self) } } /// Mount the mount with the current set of data in the object. Optionally /// provide `createWithPerms` to set the permissions for the directory that /// it will be mounted at. public func mount(createWithPerms: Int16? = nil) throws { try self.mountToTarget(target: self.target, createWithPerms: createWithPerms) } private func mountToTarget(target: String, createWithPerms: Int16?, targetResolved: Bool = false) throws { let pageSize = sysconf(Int32(_SC_PAGESIZE)) let opts = parseMountOptions() let dataString = opts.data.joined(separator: ",") if dataString.count > pageSize { throw Error.validation("data string exceeds page size (\(dataString.count) > \(pageSize))") } let propagationTypes: Int32 = Int32(MS_SHARED) | Int32(MS_PRIVATE) | Int32(MS_SLAVE) | Int32(MS_UNBINDABLE) // Ensure propagation type change flags aren't included in other calls. let originalFlags = opts.flags & ~(propagationTypes) // When targetResolved is true, the target path has already been securely // resolved and the mount point created by secureResolveInRoot. Skip // directory/file creation to avoid following symlinks in the target path. if !targetResolved { let targetURL = URL(fileURLWithPath: target) let targetParent = targetURL.deletingLastPathComponent().path if let perms = createWithPerms { try mkdirAll(targetParent, perms) } // For bind mounts, check if the source is a file and create the target accordingly. let isBindMount = (originalFlags & Int32(MS_BIND)) != 0 if isBindMount { var sourceIsNonDir = false var sourceStat = stat() if stat(self.source, &sourceStat) == 0 { sourceIsNonDir = (sourceStat.st_mode & S_IFMT) != S_IFDIR } if sourceIsNonDir { // Create parent directories and touch the target file try mkdirAll(targetParent, 0o755) let fd = open(target, O_WRONLY | O_CREAT, 0o644) if fd >= 0 { close(fd) } } else { try mkdirAll(target, 0o755) } } else { try mkdirAll(target, 0o755) } } if opts.flags & Int32(MS_REMOUNT) == 0 || !dataString.isEmpty { guard _mount(self.source, target, self.type, UInt(originalFlags), dataString) == 0 else { throw Error.errno( errno, "failed initial mount source=\(self.source) target=\(target) type=\(self.type) data=\(dataString)" ) } } if opts.flags & propagationTypes != 0 { // Change the propagation type. let pflags = propagationTypes | Int32(MS_REC) | Int32(MS_SILENT) guard _mount("", target, "", UInt(opts.flags & pflags), "") == 0 else { throw Error.errno(errno, "failed propagation change mount") } } let bindReadOnlyFlags = Int32(MS_BIND) | Int32(MS_RDONLY) if originalFlags & bindReadOnlyFlags == bindReadOnlyFlags { guard _mount("", target, "", UInt(originalFlags | Int32(MS_REMOUNT)), "") == 0 else { throw Error.errno(errno, "failed bind mount") } } } private func mkdirAll(_ name: String, _ perm: Int16) throws { try FileManager.default.createDirectory( atPath: name, withIntermediateDirectories: true, attributes: [.posixPermissions: perm] ) } private func parseMountOptions() -> MountOptions { var mountOpts = MountOptions() for option in self.options { if let entry = Self.flagsDictionary[option], entry.flag != 0 { if entry.clear { mountOpts.flags &= ~Int32(entry.flag) } else { mountOpts.flags |= Int32(entry.flag) } } else { mountOpts.data.append(option) } } return mountOpts } /// `Mount` errors public enum Error: Swift.Error, CustomStringConvertible { case errno(Int32, String) case validation(String) public var description: String { switch self { case .errno(let errno, let message): return "mount failed with errno \(errno): \(message)" case .validation(let message): return "failed during validation: \(message)" } } } #endif } ================================================ FILE: Sources/ContainerizationOS/POSIXError+Helpers.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation extension POSIXError { public static func fromErrno() -> POSIXError { guard let errCode = POSIXErrorCode(rawValue: errno) else { fatalError("failed to convert errno to POSIXErrorCode") } return POSIXError(errCode) } } ================================================ FILE: Sources/ContainerizationOS/Path.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// `Path` provides utilities to look for binaries in the current PATH, /// or to return the current PATH. public struct Path { /// lookPath looks up an executable's path from $PATH public static func lookPath(_ name: String) -> URL? { lookup(name, path: getCurrentPath()) } public static func lookPath(_ name: String, path: String) -> URL? { lookup(name, path: path) } // getEnv returns the default environment of the process // with the default $PATH added for the context of a macOS application bundle public static func getEnv() -> [String: String] { var env = ProcessInfo.processInfo.environment env["PATH"] = getCurrentPath() return env } private static func lookup(_ name: String, path: String) -> URL? { // Return nil for empty names if name.isEmpty { return nil } if name.contains("/") { if findExec(name) { return URL(fileURLWithPath: name) } return nil } for var lookdir in path.split(separator: ":") { if lookdir.isEmpty { lookdir = "." } let file = URL(fileURLWithPath: String(lookdir)).appendingPathComponent(name) if findExec(file.path) { return file } } return nil } /// getPath returns $PATH for the current process public static func getCurrentPath() -> String { let env = ProcessInfo.processInfo.environment return env["PATH"] ?? "/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin" } // findPath returns a string containing the 'PATH' environment variable public static func findPath(_ env: [String]?) -> String? { guard let env = env else { return nil } return env.first(where: { $0.hasPrefix("PATH=") }) .map { String($0.dropFirst(5)) } } // findExec returns true if the provided path is an executable private static func findExec(_ path: String) -> Bool { let fm = FileManager.default return fm.isExecutableFile(atPath: path) } } ================================================ FILE: Sources/ContainerizationOS/Pipe+Close.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation extension Pipe { /// Close both sides of the pipe. public func close() throws { var err: Swift.Error? do { try self.fileHandleForReading.close() } catch { err = error } try self.fileHandleForWriting.close() if let err { throw err } } /// Ensure that both sides of the pipe are set with O_CLOEXEC. public func setCloexec() throws { if fcntl(self.fileHandleForWriting.fileDescriptor, F_SETFD, FD_CLOEXEC) == -1 { throw POSIXError(.init(rawValue: errno)!) } if fcntl(self.fileHandleForReading.fileDescriptor, F_SETFD, FD_CLOEXEC) == -1 { throw POSIXError(.init(rawValue: errno)!) } } } ================================================ FILE: Sources/ContainerizationOS/README.md ================================================ ## OS This target contains general useful OS related definitions or wrappers. ================================================ FILE: Sources/ContainerizationOS/Reaper.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// A process reaper that returns exited processes along /// with their exit status. public struct Reaper { /// Process's pid and exit status. typealias Exit = (pid: Int32, status: Int32) /// Reap all pending processes and return the pid and exit status. public static func reap() -> [Int32: Int32] { var reaped = [Int32: Int32]() while true { guard let exit = wait() else { return reaped } reaped[exit.pid] = exit.status } return reaped } /// Returns the exit status of the last process that exited. /// nil is returned when no pending processes exist. private static func wait() -> Exit? { var rus = rusage() var ws = Int32() let pid = wait4(-1, &ws, WNOHANG, &rus) if pid <= 0 { return nil } return (pid: pid, status: Command.toExitStatus(ws)) } } ================================================ FILE: Sources/ContainerizationOS/Signals.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// Helper type with utilities to parse and manipulate unix signals. public struct Signals { /// Returns the numeric values of all known signals. public static func allNumeric() -> [Int32] { Array(Signals.all.values) } /// Parses a string representation of a signal (SIGKILL) and returns // the 32 bit integer representation (9). public static func parseSignal(_ signal: String) throws -> Int32 { if let sig = Int32(signal) { if !Signals.all.values.contains(sig) { throw Error.invalidSignal(signal) } return sig } var signalUpper = signal.uppercased() signalUpper.trimPrefix("SIG") guard let sig = Signals.all[signalUpper] else { throw Error.invalidSignal(signal) } return sig } /// Errors that can be encountered for converting signals. public enum Error: Swift.Error, CustomStringConvertible { case invalidSignal(String) public var description: String { switch self { case .invalidSignal(let sig): return "invalid signal: \(sig)" } } } } #if os(macOS) extension Signals { /// `all` returns all signals for the current platform. public static let all: [String: Int32] = [ "ABRT": SIGABRT, "ALRM": SIGALRM, "BUS": SIGBUS, "CHLD": SIGCHLD, "CONT": SIGCONT, "EMT": SIGEMT, "FPE": SIGFPE, "HUP": SIGHUP, "ILL": SIGILL, "INFO": SIGINFO, "INT": SIGINT, "IO": SIGIO, "IOT": SIGIOT, "KILL": SIGKILL, "PIPE": SIGPIPE, "PROF": SIGPROF, "QUIT": SIGQUIT, "SEGV": SIGSEGV, "STOP": SIGSTOP, "SYS": SIGSYS, "TERM": SIGTERM, "TRAP": SIGTRAP, "TSTP": SIGTSTP, "TTIN": SIGTTIN, "TTOU": SIGTTOU, "URG": SIGURG, "USR1": SIGUSR1, "USR2": SIGUSR2, "VTALRM": SIGVTALRM, "WINCH": SIGWINCH, "XCPU": SIGXCPU, "XFSZ": SIGXFSZ, ] } #endif #if os(Linux) extension Signals { /// `all` returns all signals for the current platform. /// /// For Linux this isn't actually exhaustive as it excludes /// rtmin/rtmax entries. public static let all: [String: Int32] = [ "ABRT": SIGABRT, "ALRM": SIGALRM, "BUS": SIGBUS, "CHLD": SIGCHLD, "CLD": SIGCHLD, "CONT": SIGCONT, "FPE": SIGFPE, "HUP": SIGHUP, "ILL": SIGILL, "INT": SIGINT, "IO": SIGIO, "IOT": SIGIOT, "KILL": SIGKILL, "PIPE": SIGPIPE, "POLL": SIGPOLL, "PROF": SIGPROF, "PWR": SIGPWR, "QUIT": SIGQUIT, "SEGV": SIGSEGV, "STKFLT": SIGSTKFLT, "STOP": SIGSTOP, "SYS": SIGSYS, "TERM": SIGTERM, "TRAP": SIGTRAP, "TSTP": SIGTSTP, "TTIN": SIGTTIN, "TTOU": SIGTTOU, "URG": SIGURG, "USR1": SIGUSR1, "USR2": SIGUSR2, "VTALRM": SIGVTALRM, "WINCH": SIGWINCH, "XCPU": SIGXCPU, "XFSZ": SIGXFSZ, ] } #endif ================================================ FILE: Sources/ContainerizationOS/Socket/BidirectionalRelay.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import Foundation import Logging import Synchronization /// Manages bidirectional data relay between two file descriptors using `DispatchSource`. public final class BidirectionalRelay: Sendable { private let fd1: Int32 private let fd2: Int32 private let log: Logger? private let queue: DispatchQueue // `DispatchSourceRead` is thread-safe. private struct ConnectionSources: @unchecked Sendable { let source1: DispatchSourceRead let source2: DispatchSourceRead } private enum CompletionState { case pending case waiting(CheckedContinuation) case completed } private let state: Mutex private let completionState: Mutex // The buffers aren't used concurrently. private nonisolated(unsafe) let buffer1: UnsafeMutableBufferPointer private nonisolated(unsafe) let buffer2: UnsafeMutableBufferPointer /// Creates a new bidirectional relay between two file descriptors. /// /// - Parameters: /// - fd1: The first file descriptor. /// - fd2: The second file descriptor. /// - queue: The dispatch queue to use for I/O operations. If nil, a new queue is created. /// - log: The optional logger for debugging. public init( fd1: Int32, fd2: Int32, queue: DispatchQueue? = nil, log: Logger? = nil ) { self.fd1 = fd1 self.fd2 = fd2 self.queue = queue ?? DispatchQueue(label: "com.apple.containerization.bidirectional-relay") self.log = log self.state = Mutex(nil) self.completionState = Mutex(.pending) let pageSize = Int(getpagesize()) self.buffer1 = UnsafeMutableBufferPointer.allocate(capacity: pageSize) self.buffer2 = UnsafeMutableBufferPointer.allocate(capacity: pageSize) } deinit { buffer1.deallocate() buffer2.deallocate() } /// Starts the bidirectional relay to copy data from fd1 to fd2 and from fd2 to fd1. public func start() { let source1 = DispatchSource.makeReadSource(fileDescriptor: fd1, queue: queue) let source2 = DispatchSource.makeReadSource(fileDescriptor: fd2, queue: queue) state.withLock { $0 = ConnectionSources(source1: source1, source2: source2) } source1.setEventHandler { [self] in self.fdCopyHandler( buffer: self.buffer1, source: source1, from: self.fd1, to: self.fd2 ) } source2.setEventHandler { [self] in self.fdCopyHandler( buffer: self.buffer2, source: source2, from: self.fd2, to: self.fd1 ) } // Only close underlying fds when both sources are at EOF. // Ensure that one of the cancel handlers will see both sources cancelled. source1.setCancelHandler { [self] in self.log?.debug( "source1 cancel received", metadata: ["fd1": "\(self.fd1)", "fd2": "\(self.fd2)"] ) self.state.withLock { _ in if source2.isCancelled { self.closeBothFds() } } } source2.setCancelHandler { [self] in self.log?.debug( "source2 cancel received", metadata: ["fd1": "\(self.fd1)", "fd2": "\(self.fd2)"] ) self.state.withLock { _ in if source1.isCancelled { self.closeBothFds() } } } source1.activate() source2.activate() } /// Stops the relay and closes both file descriptors. public func stop() { state.withLock { sources in sources?.source1.cancel() sources?.source2.cancel() sources = nil } } /// Waits for the relay to complete. public func waitForCompletion() async { await withCheckedContinuation { c in completionState.withLock { state in switch state { case .pending: state = .waiting(c) case .waiting: fatalError("waitForCompletion called multiple times") case .completed: c.resume() } } } } private func fdCopyHandler( buffer: UnsafeMutableBufferPointer, source: DispatchSourceRead, from sourceFd: Int32, to destinationFd: Int32 ) { if source.data == 0 { log?.debug( "source EOF", metadata: [ "sourceFd": "\(sourceFd)", "destinationFd": "\(destinationFd)", ] ) if !source.isCancelled { log?.debug( "canceling DispatchSourceRead", metadata: [ "sourceFd": "\(sourceFd)", "destinationFd": "\(destinationFd)", ] ) source.cancel() if shutdown(destinationFd, Int32(SHUT_WR)) != 0 { log?.debug( "failed to shut down writes", metadata: [ "errno": "\(errno)", "sourceFd": "\(sourceFd)", "destinationFd": "\(destinationFd)", ] ) } } return } do { log?.trace( "source copy", metadata: [ "sourceFd": "\(sourceFd)", "destinationFd": "\(destinationFd)", "size": "\(source.data)", ] ) try Self.fileDescriptorCopy( buffer: buffer, size: source.data, from: sourceFd, to: destinationFd ) } catch { log?.warning( "file descriptor copy failed", metadata: [ "error": "\(error)", "sourceFd": "\(sourceFd)", "destinationFd": "\(destinationFd)", ] ) if !source.isCancelled { source.cancel() if shutdown(destinationFd, Int32(SHUT_RDWR)) != 0 { log?.warning( "failed to shut down destination after I/O error", metadata: [ "errno": "\(errno)", "sourceFd": "\(sourceFd)", "destinationFd": "\(destinationFd)", ] ) } } } } private static func fileDescriptorCopy( buffer: UnsafeMutableBufferPointer, size: UInt, from sourceFd: Int32, to destinationFd: Int32 ) throws { let bufferSize = buffer.count var readBytesRemaining = min(Int(size), bufferSize) guard let baseAddr = buffer.baseAddress else { throw ContainerizationError( .invalidState, message: "buffer has no base address" ) } while readBytesRemaining > 0 { let readResult = read(sourceFd, baseAddr, min(bufferSize, readBytesRemaining)) if readResult <= 0 { throw ContainerizationError( .internalError, message: "zero byte read or error in socket relay: fd \(sourceFd), result \(readResult)" ) } readBytesRemaining -= readResult var writeBytesRemaining = readResult var writeOffset = 0 while writeBytesRemaining > 0 { let writeResult = write(destinationFd, baseAddr.advanced(by: writeOffset), writeBytesRemaining) if writeResult <= 0 { throw ContainerizationError( .internalError, message: "zero byte write or error in socket relay: fd \(destinationFd), result \(writeResult)" ) } writeBytesRemaining -= writeResult writeOffset += writeResult } } } private func closeBothFds() { log?.debug( "close file descriptors", metadata: ["fd1": "\(fd1)", "fd2": "\(fd2)"] ) close(fd1) close(fd2) completionState.withLock { state in if case .waiting(let c) = state { c.resume() } state = .completed } } } ================================================ FILE: Sources/ContainerizationOS/Socket/Socket.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import CShim import Foundation import Synchronization #if canImport(Musl) import Musl #elseif canImport(Glibc) import Glibc #elseif canImport(Darwin) import Darwin #else #error("Socket not supported on this platform.") #endif #if !os(Windows) let sysFchmod = fchmod let sysRead = read let sysUnlink = unlink let sysSend = send let sysClose = close let sysShutdown = shutdown let sysBind = bind let sysSocket = socket let sysSetsockopt = setsockopt let sysGetsockopt = getsockopt let sysListen = listen let sysAccept = accept let sysConnect = connect let sysIoctl: @convention(c) (CInt, CUnsignedLong, UnsafeMutableRawPointer) -> CInt = ioctl let sysRecvmsg = recvmsg #endif /// Thread-safe socket wrapper. public final class Socket: Sendable { public enum TimeoutOption { case send case receive } public enum ShutdownOption { case read case write case readWrite } private enum SocketState { case created case connected case listening } private struct State { let socketState: SocketState let handle: FileHandle? let type: SocketType let acceptSource: DispatchSourceRead? } private let _closeOnDeinit: Bool private let _queue: DispatchQueue private let state: Mutex public var fileDescriptor: Int32 { guard let handle = state.withLock({ $0.handle }) else { return -1 } return handle.fileDescriptor } public convenience init(type: SocketType, closeOnDeinit: Bool = true) throws { let sockFD = sysSocket(type.domain, type.type, 0) if sockFD < 0 { throw SocketError.withErrno("failed to create socket: \(sockFD)", errno: errno) } self.init(fd: sockFD, type: type, closeOnDeinit: closeOnDeinit) } init(fd: Int32, type: SocketType, closeOnDeinit: Bool) { _queue = DispatchQueue(label: "com.apple.containerization.socket") _closeOnDeinit = closeOnDeinit let state = State( socketState: .created, handle: FileHandle(fileDescriptor: fd, closeOnDealloc: false), type: type, acceptSource: nil ) self.state = Mutex(state) } /// Internal initializer for wrapping already-connected file descriptors (e.g., from socketpair) /// Ideally we just get rid of the state machine in this class. Not sure how much value it provides.. init(fd: Int32, type: SocketType, closeOnDeinit: Bool, connected: Bool) { _queue = DispatchQueue(label: "com.apple.containerization.socket") _closeOnDeinit = closeOnDeinit let state = State( socketState: connected ? .connected : .created, handle: FileHandle(fileDescriptor: fd, closeOnDealloc: false), type: type, acceptSource: nil ) self.state = Mutex(state) } deinit { if _closeOnDeinit { try? close() } } } extension Socket { static func errnoToError(msg: String) -> SocketError { SocketError.withErrno("\(msg) (\(_errnoString(errno)))", errno: errno) } public func connect() throws { try state.withLock { currentState in guard currentState.socketState == .created else { throw SocketError.invalidOperationOnSocket("connect") } guard let handle = currentState.handle else { throw SocketError.closed } var res: Int32 = 0 try currentState.type.withSockAddr { (ptr, length) in res = Syscall.retrying { sysConnect(handle.fileDescriptor, ptr, length) } } if res == -1 { throw Socket.errnoToError(msg: "could not connect to socket \(currentState.type)") } currentState = State( socketState: .connected, handle: handle, type: currentState.type, acceptSource: currentState.acceptSource ) } } public func listen() throws { try state.withLock { currentState in guard currentState.socketState == .created else { throw SocketError.invalidOperationOnSocket("listen") } guard let handle = currentState.handle else { throw SocketError.closed } try currentState.type.beforeBind(fd: handle.fileDescriptor) var rc: Int32 = 0 try currentState.type.withSockAddr { (ptr, length) in rc = sysBind(handle.fileDescriptor, ptr, length) } if rc < 0 { throw Socket.errnoToError(msg: "could not bind to \(currentState.type)") } try currentState.type.beforeListen(fd: handle.fileDescriptor) if sysListen(handle.fileDescriptor, SOMAXCONN) < 0 { throw Socket.errnoToError(msg: "listen failed on \(currentState.type)") } currentState = State( socketState: .listening, handle: handle, type: currentState.type, acceptSource: currentState.acceptSource ) } } public func close() throws { try state.withLock { currentState in guard let handle = currentState.handle else { // Already closed. return } let acceptSource = currentState.acceptSource acceptSource?.cancel() try handle.close() currentState = State( socketState: currentState.socketState, handle: nil, type: currentState.type, acceptSource: nil ) } } public func write(data: any DataProtocol) throws -> Int { let handle = try state.withLock { currentState in guard currentState.socketState == .connected else { throw SocketError.invalidOperationOnSocket("write") } guard let handle = currentState.handle else { throw SocketError.closed } return handle } if data.isEmpty { return 0 } try handle.write(contentsOf: data) return data.count } public func acceptStream(closeOnDeinit: Bool = true) throws -> AsyncThrowingStream { let source = try state.withLock { currentState -> DispatchSourceRead in guard currentState.socketState == .listening else { throw SocketError.invalidOperationOnSocket("accept") } guard let handle = currentState.handle else { throw SocketError.closed } guard currentState.acceptSource == nil else { throw SocketError.acceptStreamExists } let source = DispatchSource.makeReadSource( fileDescriptor: handle.fileDescriptor, queue: _queue ) currentState = State( socketState: currentState.socketState, handle: handle, type: currentState.type, acceptSource: source ) return source } return AsyncThrowingStream { cont in source.setCancelHandler { cont.finish() } source.setEventHandler(handler: { if source.data == 0 { source.cancel() return } do { let connection = try self.accept(closeOnDeinit: closeOnDeinit) cont.yield(connection) } catch SocketError.closed { source.cancel() } catch { cont.yield(with: .failure(error)) source.cancel() } }) source.activate() } } public func accept(closeOnDeinit: Bool = true) throws -> Socket { let (handle, socketType) = try state.withLock { currentState in guard currentState.socketState == .listening else { throw SocketError.invalidOperationOnSocket("accept") } guard let handle = currentState.handle else { throw SocketError.closed } return (handle, currentState.type) } let (clientFD, newSocketType) = try socketType.accept(fd: handle.fileDescriptor) return Socket( fd: clientFD, type: newSocketType, closeOnDeinit: closeOnDeinit, connected: true ) } /// Receive a file descriptor via SCM_RIGHTS control message. /// This is commonly used for passing file descriptors between processes via Unix domain sockets. public func receiveFileDescriptor() throws -> Int32 { let handle = try state.withLock { currentState in guard currentState.socketState == .connected else { throw SocketError.invalidOperationOnSocket("receiveFileDescriptor") } guard let handle = currentState.handle else { throw SocketError.closed } return handle } var msg = msghdr() var iov = iovec() var buf: UInt8 = 0 iov.iov_base = withUnsafeMutablePointer(to: &buf) { UnsafeMutableRawPointer($0) } iov.iov_len = 1 msg.msg_iov = withUnsafeMutablePointer(to: &iov) { $0 } msg.msg_iovlen = 1 var cmsgBuf = [UInt8](repeating: 0, count: Int(CZ_CMSG_SPACE(Int(MemoryLayout.size)))) msg.msg_control = withUnsafeMutablePointer(to: &cmsgBuf[0]) { UnsafeMutableRawPointer($0) } #if canImport(Glibc) msg.msg_controllen = size_t(cmsgBuf.count) #else msg.msg_controllen = socklen_t(cmsgBuf.count) #endif let recvResult = withUnsafeMutablePointer(to: &msg) { msgPtr in sysRecvmsg(handle.fileDescriptor, msgPtr, 0) } guard recvResult >= 0 else { throw Socket.errnoToError(msg: "recvmsg failed") } // Extract file descriptor from control message let cmsgPtr = withUnsafeMutablePointer(to: &msg) { CZ_CMSG_FIRSTHDR($0) } guard let cmsg = cmsgPtr else { throw SocketError.invalidFileDescriptor } guard cmsg.pointee.cmsg_level == SOL_SOCKET, cmsg.pointee.cmsg_type == SCM_RIGHTS else { throw SocketError.invalidFileDescriptor } guard let dataPtr = CZ_CMSG_DATA(cmsg) else { throw SocketError.invalidFileDescriptor } let fdPtr = dataPtr.assumingMemoryBound(to: Int32.self) let fd = fdPtr.pointee guard fd >= 0 else { throw SocketError.invalidFileDescriptor } return fd } public func read(buffer: inout Data) throws -> Int { let handle = try state.withLock { currentState in guard currentState.socketState == .connected else { throw SocketError.invalidOperationOnSocket("read") } guard let handle = currentState.handle else { throw SocketError.closed } return handle } var bytesRead = 0 let bufferSize = buffer.count try buffer.withUnsafeMutableBytes { pointer in guard let baseAddress = pointer.baseAddress else { throw SocketError.missingBaseAddress } bytesRead = Syscall.retrying { sysRead(handle.fileDescriptor, baseAddress, bufferSize) } if bytesRead < 0 { throw Socket.errnoToError(msg: "error reading from connection") } else if bytesRead == 0 { throw SocketError.closed } } return bytesRead } public func shutdown(how: ShutdownOption) throws { let handle = try state.withLock { currentState in guard let handle = currentState.handle else { throw SocketError.closed } return handle } var howOpt: Int32 = 0 switch how { case .read: howOpt = Int32(SHUT_RD) case .write: howOpt = Int32(SHUT_WR) case .readWrite: howOpt = Int32(SHUT_RDWR) } if sysShutdown(handle.fileDescriptor, howOpt) < 0 { throw Socket.errnoToError(msg: "shutdown failed") } } public func setSockOpt(sockOpt: Int32 = 0, ptr: UnsafeRawPointer, stride: UInt32) throws { let handle = try state.withLock { currentState in guard let handle = currentState.handle else { throw SocketError.closed } return handle } if setsockopt(handle.fileDescriptor, SOL_SOCKET, sockOpt, ptr, stride) < 0 { throw Socket.errnoToError(msg: "failed to set sockopt") } } public func setTimeout(option: TimeoutOption, seconds: Int) throws { let handle = try state.withLock { currentState in guard let handle = currentState.handle else { throw SocketError.closed } return handle } var sockOpt: Int32 = 0 switch option { case .receive: sockOpt = SO_RCVTIMEO case .send: sockOpt = SO_SNDTIMEO } var timer = timeval() timer.tv_sec = seconds timer.tv_usec = 0 if setsockopt( handle.fileDescriptor, SOL_SOCKET, sockOpt, &timer, socklen_t(MemoryLayout.size) ) < 0 { throw Socket.errnoToError(msg: "failed to set read timeout") } } static func _errnoString(_ err: Int32?) -> String { String(validatingCString: strerror(errno)) ?? "error: \(errno)" } } public enum SocketError: Error, Equatable, CustomStringConvertible { case closed case acceptStreamExists case invalidOperationOnSocket(String) case missingBaseAddress case withErrno(_ msg: String, errno: Int32) case invalidFileDescriptor public var description: String { switch self { case .closed: return "socket: closed" case .acceptStreamExists: return "accept stream already exists" case .invalidOperationOnSocket(let operation): return "socket: invalid operation on socket '\(operation)'" case .missingBaseAddress: return "socket: missing base address" case .withErrno(let msg, _): return "socket: error \(msg)" case .invalidFileDescriptor: return "socket: invalid file descriptor received" } } } ================================================ FILE: Sources/ContainerizationOS/Socket/SocketType.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if canImport(Musl) import Musl #elseif canImport(Glibc) import Glibc #elseif canImport(Darwin) import Darwin #else #error("SocketType not supported on this platform.") #endif /// Protocol used to describe the family of socket to be created with `Socket`. public protocol SocketType: Sendable, CustomStringConvertible { /// The domain for the socket (AF_UNIX, AF_VSOCK etc.) var domain: Int32 { get } /// The type of socket (SOCK_STREAM). var type: Int32 { get } /// Actions to perform before calling bind(2). func beforeBind(fd: Int32) throws /// Actions to perform before calling listen(2). func beforeListen(fd: Int32) throws /// Handle accept(2) for an implementation of a socket type. func accept(fd: Int32) throws -> (Int32, SocketType) /// Provide a sockaddr pointer (by casting a socket specific type like sockaddr_un for example). func withSockAddr(_ closure: (_ ptr: UnsafePointer, _ len: UInt32) throws -> Void) throws } extension SocketType { public func beforeBind(fd: Int32) {} public func beforeListen(fd: Int32) {} } ================================================ FILE: Sources/ContainerizationOS/Socket/UnixType.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if canImport(Musl) import Musl let _SOCK_STREAM = SOCK_STREAM #elseif canImport(Glibc) import Glibc let _SOCK_STREAM = Int32(SOCK_STREAM.rawValue) #elseif canImport(Darwin) import Darwin let _SOCK_STREAM = SOCK_STREAM #else #error("UnixType not supported on this platform.") #endif /// Unix domain socket variant of `SocketType`. public struct UnixType: SocketType, Sendable, CustomStringConvertible { public var domain: Int32 { AF_UNIX } public var type: Int32 { _SOCK_STREAM } public var description: String { path } public let path: String public let perms: mode_t? private let _addr: sockaddr_un private let _unlinkExisting: Bool private init(sockaddr: sockaddr_un) { let pathname: String = withUnsafePointer(to: sockaddr.sun_path) { ptr in let charPtr = UnsafeRawPointer(ptr).assumingMemoryBound(to: CChar.self) return String(cString: charPtr) } self._addr = sockaddr self.path = pathname self._unlinkExisting = false self.perms = nil } /// Mode and unlinkExisting only used if the socket is going to be a listening socket. public init( path: String, perms: mode_t? = nil, unlinkExisting: Bool = false ) throws { self.path = path self.perms = perms self._unlinkExisting = unlinkExisting var addr = sockaddr_un() addr.sun_family = sa_family_t(AF_UNIX) let socketName = path let nameLength = socketName.utf8.count #if os(macOS) // Funnily enough, this isn't limited by sun path on macOS even though // it's stated as so. let lengthLimit = 253 #elseif os(Linux) let lengthLimit = MemoryLayout.size(ofValue: addr.sun_path) #endif guard nameLength < lengthLimit else { throw Error.nameTooLong(path) } _ = withUnsafeMutablePointer(to: &addr.sun_path.0) { ptr in socketName.withCString { strncpy(ptr, $0, nameLength) } } #if os(macOS) addr.sun_len = UInt8(MemoryLayout.size + MemoryLayout.size + socketName.utf8.count + 1) #endif self._addr = addr } public func accept(fd: Int32) throws -> (Int32, SocketType) { var clientFD: Int32 = -1 var addr = sockaddr_un() clientFD = Syscall.retrying { var size = socklen_t(MemoryLayout.stride) return withUnsafeMutablePointer(to: &addr) { pointer in pointer.withMemoryRebound(to: sockaddr.self, capacity: 1) { pointer in sysAccept(fd, pointer, &size) } } } if clientFD < 0 { throw Socket.errnoToError(msg: "accept failed") } return (clientFD, UnixType(sockaddr: addr)) } public func beforeBind(fd: Int32) throws { #if os(Linux) // Only Linux supports setting the mode of a socket before binding. if let perms = self.perms { guard fchmod(fd, perms) == 0 else { throw Socket.errnoToError(msg: "fchmod failed") } } #endif var rc: Int32 = 0 if self._unlinkExisting { rc = sysUnlink(self.path) if rc != 0 && errno != ENOENT { throw Socket.errnoToError(msg: "failed to remove old socket at \(self.path)") } } } public func beforeListen(fd: Int32) throws { #if os(macOS) if let perms = self.perms { guard chmod(self.path, perms) == 0 else { throw Socket.errnoToError(msg: "chmod failed") } } #endif } public func withSockAddr(_ closure: (UnsafePointer, UInt32) throws -> Void) throws { var addr = self._addr try withUnsafePointer(to: &addr) { let addrBytes = UnsafeRawPointer($0).assumingMemoryBound(to: sockaddr.self) try closure(addrBytes, UInt32(MemoryLayout.stride)) } } } extension UnixType { /// `UnixType` errors. public enum Error: Swift.Error, CustomStringConvertible { case nameTooLong(_: String) public var description: String { switch self { case .nameTooLong(let name): return "\(name) is too long for a Unix Domain Socket path" } } } } ================================================ FILE: Sources/ContainerizationOS/Socket/VsockType.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import CShim #if canImport(Musl) import Musl #elseif canImport(Glibc) import Glibc #elseif canImport(Darwin) import Darwin #else #error("VsockType not supported on this platform.") #endif /// Vsock variant of `SocketType`. public struct VsockType: SocketType, Sendable { public var domain: Int32 { AF_VSOCK } public var type: Int32 { _SOCK_STREAM } public var description: String { "\(cid):\(port)" } public static let anyCID: UInt32 = UInt32(bitPattern: -1) public static let hypervisorCID: UInt32 = 0x0 // Supported on Linux 5.6+; otherwise, will need to use getLocalCID(). public static let localCID: UInt32 = 0x1 public static let hostCID: UInt32 = 0x2 // socketFD is unused on Linux. public static func getLocalCID(socketFD: Int32) throws -> UInt32 { let request = VsockLocalCIDIoctl #if os(Linux) let fd = open("/dev/vsock", O_RDONLY | O_CLOEXEC) if fd == -1 { throw Socket.errnoToError(msg: "failed to open /dev/vsock") } defer { close(fd) } #else let fd = socketFD #endif var cid: UInt32 = 0 guard sysIoctl(fd, numericCast(request), &cid) != -1 else { throw Socket.errnoToError(msg: "failed to get local cid") } return cid } public let port: UInt32 public let cid: UInt32 private let _addr: sockaddr_vm public init(port: UInt32, cid: UInt32) { self.cid = cid self.port = port var sockaddr = sockaddr_vm() sockaddr.svm_family = sa_family_t(AF_VSOCK) sockaddr.svm_cid = cid sockaddr.svm_port = port self._addr = sockaddr } private init(sockaddr: sockaddr_vm) { self._addr = sockaddr self.cid = sockaddr.svm_cid self.port = sockaddr.svm_port } public func accept(fd: Int32) throws -> (Int32, SocketType) { var clientFD: Int32 = -1 var addr = sockaddr_vm() while clientFD < 0 { var size = socklen_t(MemoryLayout.stride) clientFD = withUnsafeMutablePointer(to: &addr) { pointer in pointer.withMemoryRebound(to: sockaddr.self, capacity: 1) { pointer in sysAccept(fd, pointer, &size) } } if clientFD < 0 && errno != EINTR { throw Socket.errnoToError(msg: "accept failed") } } return (clientFD, VsockType(sockaddr: addr)) } public func withSockAddr(_ closure: (UnsafePointer, UInt32) throws -> Void) throws { var addr = self._addr try withUnsafePointer(to: &addr) { let addrBytes = UnsafeRawPointer($0).assumingMemoryBound(to: sockaddr.self) try closure(addrBytes, UInt32(MemoryLayout.stride)) } } } ================================================ FILE: Sources/ContainerizationOS/Syscall.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if canImport(Musl) import Musl #elseif canImport(Glibc) import Glibc #elseif canImport(Darwin) import Darwin #else #error("retryingSyscall not supported on this platform.") #endif /// Helper type to deal with running system calls. public struct Syscall { /// Retry a syscall on EINTR. public static func retrying(_ closure: () -> T) -> T { while true { let res = closure() if res == -1 && errno == EINTR { continue } return res } } } ================================================ FILE: Sources/ContainerizationOS/Sysctl.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// Helper type to deal with system control functionalities. public struct Sysctl { #if os(macOS) /// Simple `sysctlbyname` wrapper. public static func byName(_ name: String) throws -> Int64 { var num: Int64 = 0 var size = MemoryLayout.size if sysctlbyname(name, &num, &size, nil, 0) != 0 { throw POSIXError.fromErrno() } return num } #endif } ================================================ FILE: Sources/ContainerizationOS/Terminal.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// `Terminal` provides a clean interface to deal with terminal interactions on Unix platforms. public struct Terminal: Sendable { private let initState: termios? private var descriptor: Int32 { handle.fileDescriptor } public let handle: FileHandle public init(descriptor: Int32, setInitState: Bool = true) throws { if setInitState { self.initState = try Self.getattr(descriptor) } else { initState = nil } self.handle = .init(fileDescriptor: descriptor, closeOnDealloc: false) } /// Write the provided data to the tty device. public func write(_ data: Data) throws { try handle.write(contentsOf: data) } /// The winsize for a pty. public struct Size: Sendable { let size: winsize /// The width or `col` of the pty. public var width: UInt16 { size.ws_col } /// The height or `rows` of the pty. public var height: UInt16 { size.ws_row } init(_ size: winsize) { self.size = size } /// Set the size for use with a pty. public init(width cols: UInt16, height rows: UInt16) { self.size = winsize(ws_row: rows, ws_col: cols, ws_xpixel: 0, ws_ypixel: 0) } } /// Return the current pty attached to any of the STDIO descriptors. public static var current: Terminal { get throws { for i in [STDERR_FILENO, STDOUT_FILENO, STDIN_FILENO] { do { return try Terminal(descriptor: i) } catch {} } throw Error.notAPty } } /// The current window size for the pty. public var size: Size { get throws { var ws = winsize() try fromSyscall(ioctl(descriptor, UInt(TIOCGWINSZ), &ws)) return Size(ws) } } /// Create a new pty pair. /// - Parameter initialSize: An initial size of the child pty. public static func create(initialSize: Size? = nil) throws -> (parent: Terminal, child: Terminal) { var parent: Int32 = 0 var child: Int32 = 0 let size = initialSize ?? Size(width: 120, height: 40) var ws = size.size try fromSyscall(openpty(&parent, &child, nil, nil, &ws)) return ( parent: try Terminal(descriptor: parent, setInitState: false), child: try Terminal(descriptor: child, setInitState: false) ) } } // MARK: Errors extension Terminal { public enum Error: Swift.Error, CustomStringConvertible { case notAPty public var description: String { switch self { case .notAPty: return "the provided fd is not a pty" } } } } extension Terminal { /// Resize the current pty from the size of the provided pty. /// - Parameter pty: A pty to resize from. public func resize(from pty: Terminal) throws { var ws = try pty.size try fromSyscall(ioctl(descriptor, UInt(TIOCSWINSZ), &ws)) } /// Resize the pty to the provided window size. /// - Parameter size: A window size for a pty. public func resize(size: Size) throws { var ws = size.size try fromSyscall(ioctl(descriptor, UInt(TIOCSWINSZ), &ws)) } /// Resize the pty to the provided window size. /// - Parameter width: A width or cols of the terminal. /// - Parameter height: A height or rows of the terminal. public func resize(width: UInt16, height: UInt16) throws { var ws = Size(width: width, height: height) try fromSyscall(ioctl(descriptor, UInt(TIOCSWINSZ), &ws)) } } extension Terminal { /// Enable raw mode for the pty. public func setraw() throws { var attr = try Self.getattr(descriptor) cfmakeraw(&attr) attr.c_oflag = attr.c_oflag | tcflag_t(OPOST) try fromSyscall(tcsetattr(descriptor, TCSANOW, &attr)) } /// Enable echo support. /// Chars typed will be displayed to the terminal. public func enableEcho() throws { var attr = try Self.getattr(descriptor) attr.c_iflag &= ~tcflag_t(ICRNL) attr.c_lflag &= ~tcflag_t(ICANON | ECHO) try fromSyscall(tcsetattr(descriptor, TCSANOW, &attr)) } /// Disable echo support. /// Chars typed will not be displayed back to the terminal. public func disableEcho() throws { var attr = try Self.getattr(descriptor) attr.c_lflag &= ~tcflag_t(ECHO) try fromSyscall(tcsetattr(descriptor, TCSANOW, &attr)) } private static func getattr(_ fd: Int32) throws -> termios { var attr = termios() try fromSyscall(tcgetattr(fd, &attr)) return attr } } // MARK: Reset extension Terminal { /// Close this pty's file descriptor. public func close() throws { do { // Use FileHandle's close directly as it sets the underlying fd in the object // to -1 for us. try self.handle.close() } catch { if let error = error as NSError?, error.domain == NSPOSIXErrorDomain { throw POSIXError(.init(rawValue: Int32(error.code))!) } throw error } } /// Reset the pty to its initial state. public func reset() throws { if var attr = initState { try fromSyscall(tcsetattr(descriptor, TCSANOW, &attr)) } } /// Reset the pty to its initial state masking any errors. /// This is commonly used in a `defer` body to reset the current pty where the error code is not generally useful. public func tryReset() { try? reset() } } private func fromSyscall(_ status: Int32) throws { guard status == 0 else { throw POSIXError(.init(rawValue: errno)!) } } ================================================ FILE: Sources/ContainerizationOS/URL+Extensions.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation /// The `resolvingSymlinksInPath` method of the `URL` struct does not resolve the symlinks /// for directories under `/private` which include`tmp`, `var` and `etc` /// hence adding a method to build up on the existing `resolvingSymlinksInPath` that prepends `/private` to those paths extension URL { /// returns the unescaped absolutePath of a URL joined by separator func absolutePath(_ separator: String = "/") -> String { self.pathComponents .joined(separator: separator) .dropFirst("/".count) .description } public func resolvingSymlinksInPathWithPrivate() -> URL { let url = self.resolvingSymlinksInPath() #if os(macOS) let parts = url.pathComponents if parts.count > 1 { if (parts.first == "/") && ["tmp", "var", "etc"].contains(parts[1]) { if let resolved = NSURL.fileURL(withPathComponents: ["/", "private"] + parts[1...]) { return resolved } } } #endif return url } public var isDirectory: Bool { (try? resourceValues(forKeys: [.isDirectoryKey]))?.isDirectory == true } public var isSymlink: Bool { (try? resourceValues(forKeys: [.isSymbolicLinkKey]))?.isSymbolicLink == true } } ================================================ FILE: Sources/ContainerizationOS/User.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import Foundation /// `User` provides utilities to ensure that a given username exists in /// /etc/passwd (and /etc/group). Largely inspired by runc (and moby's) /// `user` packages. public enum User { public static let passwdFilePath = URL(filePath: "/etc/passwd") public static let groupFilePath = URL(filePath: "/etc/group") private static let minID: UInt32 = 0 private static let maxID: UInt32 = 2_147_483_647 public struct ExecUser: Sendable { public var uid: UInt32 public var gid: UInt32 public var sgids: [UInt32] public var home: String public var shell: String public init(uid: UInt32, gid: UInt32, sgids: [UInt32], home: String, shell: String) { self.uid = uid self.gid = gid self.sgids = sgids self.home = home self.shell = shell } } public struct User { public var name: String public var password: String public var uid: UInt32 public var gid: UInt32 public var gecos: String public var home: String public var shell: String /// The argument `rawString` must follow the below format. /// Name:Password:Uid:Gid:Gecos:Home:Shell init(rawString: String) throws { let args = rawString.split(separator: ":", omittingEmptySubsequences: false) guard args.count == 7 else { throw Error.parseError("cannot parse User from '\(rawString)'") } guard let uid = UInt32(args[2]) else { throw Error.parseError("cannot parse uid from '\(args[2])'") } guard let gid = UInt32(args[3]) else { throw Error.parseError("cannot parse gid from '\(args[3])'") } self.name = String(args[0]) self.password = String(args[1]) self.uid = uid self.gid = gid self.gecos = String(args[4]) self.home = String(args[5]) self.shell = String(args[6]) } } struct Group { var name: String var password: String var gid: UInt32 var users: [String] /// The argument `rawString` must follow the below format. /// Name:Password:Gid:user1,user2 init(rawString: String) throws { let args = rawString.split(separator: ":", omittingEmptySubsequences: false) guard args.count == 4 else { throw Error.parseError("cannot parse Group from '\(rawString)'") } guard let gid = UInt32(args[2]) else { throw Error.parseError("cannot parse gid from '\(args[2])'") } self.name = String(args[0]) self.password = String(args[1]) self.gid = gid self.users = args[3].split(separator: ",").map { String($0) } } } } // MARK: Private methods extension User { private static func parse(file: URL, handler: (_ line: String) throws -> Void) throws { let fm = FileManager.default guard fm.fileExists(atPath: file.absolutePath()) else { throw Error.missingFile(file.absolutePath()) } let content = try String(contentsOf: file, encoding: .ascii) let lines = content.components(separatedBy: .newlines) for line in lines { guard !line.isEmpty else { continue } try handler(line.trimmingCharacters(in: .whitespaces)) } } /// Parse the contents of the passwd file with a provided filter function. static func parsePasswd(passwdFile: URL, filter: ((User) -> Bool)? = nil) throws -> [User] { var users: [User] = [] try self.parse(file: passwdFile) { line in let user = try User(rawString: line) if let filter { guard filter(user) else { return } } users.append(user) } return users } /// Parse the contents of the group file with a provided filter function. static func parseGroup(groupFile: URL, filter: ((Group) -> Bool)? = nil) throws -> [Group] { var groups: [Group] = [] try self.parse(file: groupFile) { line in let group = try Group(rawString: line) if let filter { guard filter(group) else { return } } groups.append(group) } return groups } } // MARK: Public methods extension User { /// Looks up uid in the password file specified by `passwdPath`. public static func lookupUid(passwdPath: URL = Self.passwdFilePath, uid: UInt32) throws -> User { let users = try parsePasswd( passwdFile: passwdPath, filter: { u in u.uid == uid }) if users.count == 0 { throw Error.noPasswdEntries } return users[0] } /// Parses a user string in any of the following formats: /// "user, uid, user:group, uid:gid, uid:group, user:gid" /// and returns an ExecUser type from the information. public static func getExecUser( userString: String, defaults: ExecUser? = nil, passwdPath: URL = Self.passwdFilePath, groupPath: URL = Self.groupFilePath ) throws -> ExecUser { let defaults = defaults ?? ExecUser(uid: 0, gid: 0, sgids: [], home: "/", shell: "") var user = ExecUser( uid: defaults.uid, gid: defaults.gid, sgids: defaults.sgids, home: defaults.home, shell: defaults.shell ) let parts = userString.split( separator: ":", maxSplits: 1, omittingEmptySubsequences: false ) let userArg = parts.isEmpty ? "" : String(parts[0]) let groupArg = parts.count > 1 ? String(parts[1]) : "" let uidArg = UInt32(userArg) let notUID = uidArg == nil let gidArg = UInt32(groupArg) let notGID = gidArg == nil let users: [User] do { users = try parsePasswd(passwdFile: passwdPath) { u in if userArg.isEmpty { return u.uid == user.uid } if !notUID { return uidArg! == u.uid } return u.name == userArg } } catch Error.missingFile { users = [] } var matchedUserName = "" if !users.isEmpty { let matchedUser = users[0] matchedUserName = matchedUser.name user.uid = matchedUser.uid user.gid = matchedUser.gid user.home = matchedUser.home user.shell = matchedUser.shell } else if !userArg.isEmpty { if notUID { throw Error.noPasswdEntries } user.uid = uidArg! if user.uid < minID || user.uid > maxID { throw Error.range } } if !groupArg.isEmpty || !matchedUserName.isEmpty { let groups: [Group] do { groups = try parseGroup(groupFile: groupPath) { g in if groupArg.isEmpty { return g.users.contains(matchedUserName) } if !notGID { return gidArg! == g.gid } return g.name == groupArg } } catch Error.missingFile { groups = [] } if !groupArg.isEmpty { if !groups.isEmpty { user.gid = groups[0].gid } else { if notGID { throw Error.noGroupEntries } user.gid = gidArg! if user.gid < minID || user.gid > maxID { throw Error.range } } } user.sgids = groups.map { $0.gid } } return user } public enum Error: Swift.Error { case missingFile(String) case range case noPasswdEntries case noGroupEntries case parseError(String) } } ================================================ FILE: Sources/Integration/ContainerTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import Containerization import ContainerizationEXT4 import ContainerizationError import ContainerizationExtras import ContainerizationOCI import ContainerizationOS import Crypto import Foundation import Logging import SystemPackage extension IntegrationSuite { func testProcessTrue() async throws { let id = "test-process-true" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/true"] config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } } func testProcessFalse() async throws { let id = "test-process-false" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/false"] config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 1 else { throw IntegrationError.assert(msg: "process status \(status) != 1") } } final class DiscardingWriter: @unchecked Sendable, Writer { var count: Int = 0 func write(_ data: Data) throws { count += data.count } func close() throws { return } } final class BufferWriter: Writer { // `data` isn't used concurrently. nonisolated(unsafe) var data = Data() func write(_ data: Data) throws { guard data.count > 0 else { return } self.data.append(data) } func close() throws { return } } final class StdinBuffer: ReaderStream { let data: Data init(data: Data) { self.data = data } func stream() -> AsyncStream { let (stream, cont) = AsyncStream.makeStream() cont.yield(self.data) cont.finish() return stream } } final class ChunkedStdinBuffer: ReaderStream { let chunks: [Data] let delayMs: Int init(chunks: [Data], delayMs: Int = 0) { self.chunks = chunks self.delayMs = delayMs } func stream() -> AsyncStream { let chunks = self.chunks let delayMs = self.delayMs return AsyncStream { cont in Task { for chunk in chunks { if delayMs > 0 { try? await Task.sleep(for: .milliseconds(delayMs)) } cont.yield(chunk) } cont.finish() } } } } func testProcessEchoHi() async throws { let id = "test-process-echo-hi" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/echo", "hi"] config.process.stdout = buffer config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 1") } guard String(data: buffer.data, encoding: .utf8) == "hi\n" else { throw IntegrationError.assert( msg: "process should have returned on stdout 'hi' != '\(String(data: buffer.data, encoding: .utf8)!)'") } } catch { try? await container.stop() throw error } } func testProcessNoExecutable() async throws { let id = "test-process-no-executable" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["foobarbaz"] config.process.stdout = buffer config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let _ = try await container.wait() try await container.stop() throw IntegrationError.assert(msg: "process didn't throw 'no executable' error") } catch { try? await container.stop() guard let err = error as? ContainerizationError, err.isCode(.internalError), err.description.contains("failed to find target executable") else { throw error } } } func testMultipleConcurrentProcesses() async throws { let id = "test-concurrent-processes" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/sleep", "1000"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() try await withThrowingTaskGroup(of: Void.self) { group in for i in 0...80 { let exec = try await container.exec("exec-\(i)") { config in config.arguments = ["/bin/true"] } group.addTask { try await exec.start() let status = try await exec.wait() if status.exitCode != 0 { throw IntegrationError.assert(msg: "process status \(status) != 0") } try await exec.delete() } } try await group.waitForAll() try await container.stop() } } catch { throw error } } func testMultipleConcurrentProcessesOutputStress() async throws { let id = "test-concurrent-processes-output-stress" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/sleep", "1000"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let buffer = BufferWriter() let exec = try await container.exec("expected-value") { config in config.arguments = [ "sh", "-c", "dd if=/dev/random of=/tmp/bytes bs=1M count=20 status=none ; sha256sum /tmp/bytes", ] config.stdout = buffer } try await exec.start() let status = try await exec.wait() if status.exitCode != 0 { throw IntegrationError.assert(msg: "process status \(status) != 0") } let output = String(data: buffer.data, encoding: .utf8)! let expected = String(output.split(separator: " ").first!) try await withThrowingTaskGroup(of: Void.self) { group in for i in 0...80 { let idx = i group.addTask { let buffer = BufferWriter() let exec = try await container.exec("exec-\(idx)") { config in config.arguments = ["cat", "/tmp/bytes"] config.stdout = buffer } try await exec.start() let status = try await exec.wait() if status.exitCode != 0 { throw IntegrationError.assert(msg: "process \(idx) status \(status) != 0") } var hasher = SHA256() hasher.update(data: buffer.data) let hash = hasher.finalize().digestString.trimmingDigestPrefix guard hash == expected else { throw IntegrationError.assert( msg: "process \(idx) output \(hash) != expected \(expected)") } try await exec.delete() } } try await group.waitForAll() } try await exec.delete() try await container.kill(SIGKILL) try await container.wait() try await container.stop() } } func testProcessUser() async throws { let id = "test-process-user" let bs = try await bootstrap(id) var buffer = BufferWriter() var container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/usr/bin/id"] config.process.user = .init(uid: 1, gid: 1, additionalGids: [1]) config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() var status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } var expected = "uid=1(bin) gid=1(bin) groups=1(bin)" guard String(data: buffer.data, encoding: .utf8) == "\(expected)\n" else { throw IntegrationError.assert( msg: "process should have returned on stdout '\(expected)' != '\(String(data: buffer.data, encoding: .utf8)!)'") } buffer = BufferWriter() container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/usr/bin/id"] // Try some uid that doesn't exist. This is supported. config.process.user = .init(uid: 40000, gid: 40000) config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } expected = "uid=40000 gid=40000 groups=40000" guard String(data: buffer.data, encoding: .utf8) == "\(expected)\n" else { throw IntegrationError.assert( msg: "process should have returned on stdout '\(expected)' != '\(String(data: buffer.data, encoding: .utf8)!)'") } buffer = BufferWriter() container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/usr/bin/id"] // Try some uid that doesn't exist. This is supported. config.process.user = .init(username: "40000:40000") config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } expected = "uid=40000 gid=40000 groups=40000" guard String(data: buffer.data, encoding: .utf8) == "\(expected)\n" else { throw IntegrationError.assert( msg: "process should have returned on stdout '\(expected)' != '\(String(data: buffer.data, encoding: .utf8)!)'") } buffer = BufferWriter() container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/usr/bin/id"] // Now for our final trick, try and run a username that doesn't exist. config.process.user = .init(username: "thisdoesntexist") config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() do { try await container.start() } catch { return } throw IntegrationError.assert(msg: "container start should have failed") } // Ensure if we ask for a terminal we set TERM. func testProcessTtyEnvvar() async throws { let id = "test-process-tty-envvar" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["env"] config.process.terminal = true config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard let str = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert( msg: "failed to convert standard output to a UTF8 string") } let homeEnvvar = "TERM=xterm" guard str.contains(homeEnvvar) else { throw IntegrationError.assert( msg: "process should have TERM environment variable defined") } } // Make sure we set HOME by default if we can find it in /etc/passwd in the guest. func testProcessHomeEnvvar() async throws { let id = "test-process-home-envvar" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["env"] config.process.user = .init(uid: 0, gid: 0) config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard let str = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert( msg: "failed to convert standard output to a UTF8 string") } let homeEnvvar = "HOME=/root" guard str.contains(homeEnvvar) else { throw IntegrationError.assert( msg: "process should have HOME environment variable defined") } } func testProcessCustomHomeEnvvar() async throws { let id = "test-process-custom-home-envvar" let bs = try await bootstrap(id) let customHomeEnvvar = "HOME=/tmp/custom/home" let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sh", "-c", "echo HOME=$HOME"] config.process.environmentVariables.append(customHomeEnvvar) config.process.user = .init(uid: 0, gid: 0) config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard output.contains(customHomeEnvvar) else { throw IntegrationError.assert(msg: "process should have preserved custom HOME environment variable, expected \(customHomeEnvvar), got: \(output)") } } func testHostname() async throws { let id = "test-container-hostname" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/hostname"] config.hostname = "foo-bar" config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } let expected = "foo-bar" guard String(data: buffer.data, encoding: .utf8) == "\(expected)\n" else { throw IntegrationError.assert( msg: "process should have returned on stdout '\(expected)' != '\(String(data: buffer.data, encoding: .utf8)!)'") } } func testHostnameDefaultsToContainerID() async throws { let id = "test-container-hostname-default" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/hostname"] config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard String(data: buffer.data, encoding: .utf8) == "\(id)\n" else { throw IntegrationError.assert( msg: "hostname should default to container id '\(id)', got '\(String(data: buffer.data, encoding: .utf8)!)'") } } func testHostsFile() async throws { let id = "test-container-hosts-file" let bs = try await bootstrap(id) let entry = Hosts.Entry.localHostIPV4(comment: "Testaroo") let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["cat", "/etc/hosts"] config.hosts = Hosts(entries: [entry]) config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } let expected = entry.rendered guard String(data: buffer.data, encoding: .utf8) == "\(expected)\n" else { throw IntegrationError.assert( msg: "process should have returned on stdout '\(expected)' != '\(String(data: buffer.data, encoding: .utf8)!)'") } } func testProcessStdin() async throws { let id = "test-container-stdin" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["cat"] config.process.stdin = StdinBuffer(data: "Hello from test".data(using: .utf8)!) config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } let expected = "Hello from test" guard String(data: buffer.data, encoding: .utf8) == "\(expected)" else { throw IntegrationError.assert( msg: "process should have returned on stdout '\(expected)' != '\(String(data: buffer.data, encoding: .utf8)!)'") } } func testMounts() async throws { let id = "test-cat-mount" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in let directory = try createMountDirectory() config.process.arguments = ["/bin/cat", "/mnt/hi.txt"] config.mounts.append(.share(source: directory.path, destination: "/mnt")) config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } let value = String(data: buffer.data, encoding: .utf8) guard value == "hello" else { throw IntegrationError.assert( msg: "process should have returned from file 'hello' != '\(String(data: buffer.data, encoding: .utf8)!)") } } func testNestedVirtualizationEnabled() async throws { let id = "test-nested-virt" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/true"] config.virtualization = true config.bootLog = bs.bootLog } do { try await container.create() try await container.start() } catch { if let err = error as? ContainerizationError { if err.code == .unsupported { throw SkipTest(reason: err.message) } } } let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } } func testContainerManagerCreate() async throws { let id = "test-container-manager" let bs = try await bootstrap(id) var manager = try ContainerManager(vmm: bs.vmm) defer { try? manager.delete(id) } let buffer = BufferWriter() let container = try await manager.create( id, image: bs.image, rootfs: bs.rootfs ) { config in config.process.arguments = ["/bin/echo", "ContainerManager test"] config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } let output = String(data: buffer.data, encoding: .utf8) guard output == "ContainerManager test\n" else { throw IntegrationError.assert( msg: "process should have returned 'ContainerManager test' != '\(output ?? "nil")'") } } func testContainerStopIdempotency() async throws { let id = "test-container-stop-idempotency" let bs = try await bootstrap(id) var manager = try ContainerManager(vmm: bs.vmm) defer { try? manager.delete(id) } let buffer = BufferWriter() let container = try await manager.create( id, image: bs.image, rootfs: bs.rootfs ) { config in config.process.arguments = ["/bin/echo", "please stop me"] config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } try await container.stop() try await container.stop() let output = String(data: buffer.data, encoding: .utf8) guard output == "please stop me\n" else { throw IntegrationError.assert( msg: "process should have returned 'ContainerManager test' != '\(output ?? "nil")'") } } func testContainerReuse() async throws { let id = "test-container-reuse" let bs = try await bootstrap(id) var manager = try ContainerManager(vmm: bs.vmm) defer { try? manager.delete(id) } let buffer = BufferWriter() let container = try await manager.create( id, image: bs.image, rootfs: bs.rootfs ) { config in config.process.arguments = ["/bin/echo", "ContainerManager test"] config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() var status = try await container.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } try await container.stop() try await container.create() try await container.start() // Wait for completion.. again. status = try await container.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } let output = String(data: buffer.data, encoding: .utf8) let expected = "ContainerManager test\nContainerManager test\n" guard output == expected else { throw IntegrationError.assert( msg: "process should have returned '\(expected)' != '\(output ?? "nil")'") } } func testContainerDevConsole() async throws { let id = "test-container-devconsole" let bs = try await bootstrap(id) var manager = try ContainerManager(vmm: bs.vmm) defer { try? manager.delete(id) } let buffer = BufferWriter() let container = try await manager.create( id, image: bs.image, rootfs: bs.rootfs ) { config in // We mount devtmpfs by default, and while this includes creating // /dev/console typically that'll be pointing to /dev/hvc0 (the // virtio serial console). This is just a character device, so a trivial // way to check that our bind mounted console setup worked is by just // parsing `mount`'s output and looking for /dev/console as it wouldn't // be there normally without our dance. config.process.arguments = ["mount"] config.process.terminal = true config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard let str = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert( msg: "failed to convert standard output to a UTF8 string") } let devConsole = "/dev/console" guard str.contains(devConsole) else { throw IntegrationError.assert( msg: "process should have \(devConsole) in `mount` output") } } func testContainerStatistics() async throws { let id = "test-container-statistics" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "infinity"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let stats = try await container.statistics() guard stats.id == id else { throw IntegrationError.assert(msg: "stats container ID '\(stats.id)' != '\(id)'") } guard let process = stats.process, process.current > 0 else { throw IntegrationError.assert(msg: "process count should be > 0, got \(stats.process?.current ?? 0)") } guard let memory = stats.memory, memory.usageBytes > 0 else { throw IntegrationError.assert(msg: "memory usage should be > 0, got \(stats.memory?.usageBytes ?? 0)") } guard let cpu = stats.cpu, cpu.usageUsec > 0 else { throw IntegrationError.assert(msg: "CPU usage should be > 0, got \(stats.cpu?.usageUsec ?? 0)") } print("Container statistics:") print(" Processes: \(process.current)") print(" Memory: \(memory.usageBytes) bytes") print(" CPU: \(cpu.usageUsec) usec") print(" Networks: \(stats.networks?.count ?? 0) interfaces") try await container.stop() } catch { try? await container.stop() throw error } } func testCgroupLimits() async throws { let id = "test-cgroup-limits" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "infinity"] config.cpus = 2 config.memoryInBytes = 512.mib() config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Start an exec with sleep infinity let sleepExec = try await container.exec("sleep-exec") { config in config.arguments = ["sleep", "infinity"] } try await sleepExec.start() // Verify we have 3 PIDs in cgroup.procs: init, exec sleep, and cat itself let procsBuffer = BufferWriter() let procsExec = try await container.exec("check-procs") { config in config.arguments = ["cat", "/sys/fs/cgroup/cgroup.procs"] config.stdout = procsBuffer } try await procsExec.start() var status = try await procsExec.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "check-procs status \(status) != 0") } try await procsExec.delete() guard let procsContent = String(data: procsBuffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to parse cgroup.procs") } let pids = procsContent.split(separator: "\n").filter { !$0.isEmpty } guard pids.count == 3 else { throw IntegrationError.assert(msg: "expected 3 PIDs in cgroup.procs, got \(pids.count): \(procsContent)") } // Verify memory limit let memoryBuffer = BufferWriter() let memoryExec = try await container.exec("check-memory") { config in config.arguments = ["cat", "/sys/fs/cgroup/memory.max"] config.stdout = memoryBuffer } try await memoryExec.start() status = try await memoryExec.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "check-memory status \(status) != 0") } try await memoryExec.delete() guard let memoryLimit = String(data: memoryBuffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to parse memory.max") } let expectedMemory = "\(512.mib())" guard memoryLimit == expectedMemory else { throw IntegrationError.assert(msg: "memory.max \(memoryLimit) != expected \(expectedMemory)") } // Verify CPU limit let cpuBuffer = BufferWriter() let cpuExec = try await container.exec("check-cpu") { config in config.arguments = ["cat", "/sys/fs/cgroup/cpu.max"] config.stdout = cpuBuffer } try await cpuExec.start() status = try await cpuExec.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "check-cpu status \(status) != 0") } try await cpuExec.delete() guard let cpuLimit = String(data: cpuBuffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to parse cpu.max") } let expectedCpu = "200000 100000" // 2 CPUs: quota=200000, period=100000 guard cpuLimit == expectedCpu else { throw IntegrationError.assert(msg: "cpu.max '\(cpuLimit)' != expected '\(expectedCpu)'") } try await sleepExec.delete() try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testMemoryEventsOOMKill() async throws { let id = "test-memory-events-oom-kill" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "infinity"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Run a process that will exceed the memory limit and get OOM-killed let exec = try await container.exec("oom-trigger") { config in // First set a 2MB memory limit on the container's cgroup, then allocate more config.arguments = [ "sh", "-c", "echo 2097152 > /sys/fs/cgroup/memory.max && dd if=/dev/zero of=/dev/null bs=100M", ] } try await exec.start() let status = try await exec.wait() if status.exitCode == 0 { throw IntegrationError.assert(msg: "expected exit code > 0") } try await exec.delete() let stats = try await container.statistics(categories: .memoryEvents) guard let events = stats.memoryEvents else { throw IntegrationError.assert(msg: "expected memoryEvents to be present") } print("Memory events for container \(id):") print(" low: \(events.low)") print(" high: \(events.high)") print(" max: \(events.max)") print(" oom: \(events.oom)") print(" oomKill: \(events.oomKill)") guard events.oomKill > 0 else { throw IntegrationError.assert(msg: "expected oomKill > 0, got \(events.oomKill)") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testNoSerialConsole() async throws { let id = "test-no-serial-console" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/true"] } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } } func testUnixSocketIntoGuest() async throws { let id = "test-unixsocket-into-guest" let bs = try await bootstrap(id) let hostSocketPath = try createHostUnixSocket() let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.sockets = [ UnixSocketConfiguration( source: URL(filePath: hostSocketPath), destination: URL(filePath: "/tmp/test.sock"), direction: .into ) ] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Execute ls -l to check the socket exists and is indeed a socket let lsExec = try await container.exec("ls-socket") { config in config.arguments = ["ls", "-l", "/tmp/test.sock"] config.stdout = buffer } try await lsExec.start() let status = try await lsExec.wait() try await lsExec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "ls command failed with status \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert ls output to UTF8") } // Socket files in ls -l output start with 's' guard output.hasPrefix("s") else { throw IntegrationError.assert( msg: "expected socket file (starting with 's'), got: \(output)") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testNonClosureConstructor() async throws { let id = "test-container-non-closure-constructor" let bs = try await bootstrap(id) let config = LinuxContainer.Configuration( process: LinuxProcessConfiguration(arguments: ["/bin/true"]) ) let container = try LinuxContainer( id, rootfs: bs.rootfs, vmm: bs.vmm, configuration: config ) try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } } private func createHostUnixSocket() throws -> String { let dir = FileManager.default.uniqueTemporaryDirectory(create: true) let socketPath = dir.appendingPathComponent("test.sock").path let socket = try Socket(type: UnixType(path: socketPath)) try socket.listen() return socketPath } private func createMountDirectory() throws -> URL { let dir = FileManager.default.uniqueTemporaryDirectory(create: true) try "hello".write(to: dir.appendingPathComponent("hi.txt"), atomically: true, encoding: .utf8) return dir } func testUnixSocketIntoGuestSymlink() async throws { let id = "test-unixsocket-into-guest-symlink" let bs = try await bootstrap(id) let hostSocketPath = try createHostUnixSocket() let buffer = BufferWriter() // Use /var/run/test.sock. Alpine has /var/run -> /run symlink let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.sockets = [ UnixSocketConfiguration( source: URL(filePath: hostSocketPath), destination: URL(filePath: "/var/run/test.sock"), direction: .into ) ] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let lsExec = try await container.exec("ls-socket") { config in config.arguments = ["ls", "-l", "/var/run/test.sock"] config.stdout = buffer } try await lsExec.start() let status = try await lsExec.wait() try await lsExec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "ls command failed with status \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert ls output to UTF8") } // Socket files in ls -l output start with 's' guard output.hasPrefix("s") else { throw IntegrationError.assert( msg: "expected socket file (starting with 's'), got: \(output)") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testBootLogFileHandle() async throws { let id = "test-bootlog-filehandle" let bs = try await bootstrap(id) // Create a pipe to capture boot log data let pipe = Pipe() let bootLog = BootLog.fileHandle(pipe.fileHandleForWriting) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/echo", "test complete"] config.bootLog = bootLog } do { try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } try pipe.fileHandleForWriting.close() let bootLogData = try pipe.fileHandleForReading.readToEnd() guard let bootLogData = bootLogData, bootLogData.count > 0 else { throw IntegrationError.assert( msg: "expected to receive boot log data from pipe, but got no data") } guard let bootLogString = String(data: bootLogData, encoding: .utf8) else { throw IntegrationError.assert( msg: "failed to convert boot log data to UTF8 string") } guard bootLogString.count > 100 else { throw IntegrationError.assert( msg: "boot log output smaller than expected: got \(bootLogString.count)") } } catch { try? await container.stop() throw error } } func testLargeStdioOutput() async throws { let id = "test-large-stdout-stderr-output" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/sleep", "1000"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let stdoutBuffer = DiscardingWriter() let stderrBuffer = DiscardingWriter() let exec = try await container.exec("large-output") { config in config.arguments = [ "sh", "-c", """ dd if=/dev/zero bs=1M count=250 status=none && \ dd if=/dev/zero bs=1M count=250 status=none >&2 """, ] config.stdout = stdoutBuffer config.stderr = stderrBuffer } let started = CFAbsoluteTimeGetCurrent() try await exec.start() let status = try await exec.wait() let lasted = CFAbsoluteTimeGetCurrent() - started print("Test \(id) finished process ingesting stdio in \(lasted)") guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "exec process status \(status) != 0") } try await exec.delete() let expectedSize = 250 * 1024 * 1024 guard stdoutBuffer.count == expectedSize else { throw IntegrationError.assert( msg: "stdout size \(stdoutBuffer.count) != expected \(expectedSize)") } guard stderrBuffer.count == expectedSize else { throw IntegrationError.assert( msg: "stderr size \(stderrBuffer.count) != expected \(expectedSize)") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testProcessDeleteIdempotency() async throws { let id = "test-process-delete-idempotency" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/sleep", "1000"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Create an exec process let exec = try await container.exec("test-exec") { config in config.arguments = ["/bin/true"] } try await exec.start() let status = try await exec.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "exec process status \(status) != 0") } // Call delete twice to verify idempotency try await exec.delete() try await exec.delete() // Should be a no-op try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testMultipleExecsWithoutDelete() async throws { let id = "test-multiple-execs-without-delete" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/sleep", "1000"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Create 3 exec processes without deleting them let exec1 = try await container.exec("exec-1") { config in config.arguments = ["/bin/true"] } try await exec1.start() let status1 = try await exec1.wait() guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "exec1 process status \(status1) != 0") } let exec2 = try await container.exec("exec-2") { config in config.arguments = ["/bin/true"] } try await exec2.start() let status2 = try await exec2.wait() guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "exec2 process status \(status2) != 0") } let exec3 = try await container.exec("exec-3") { config in config.arguments = ["/bin/true"] } try await exec3.start() let status3 = try await exec3.wait() guard status3.exitCode == 0 else { throw IntegrationError.assert(msg: "exec3 process status \(status3) != 0") } // Stop should handle cleanup of all exec processes gracefully try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testNonExistentBinary() async throws { let id = "test-non-existent-binary" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["foo-bar-baz"] config.bootLog = bs.bootLog } try await container.create() do { try await container.start() } catch { return } try await container.stop() throw IntegrationError.assert(msg: "container start should have failed") } // MARK: - Capability Tests func testCapabilitiesSysAdmin() async throws { let id = "test-capabilities-sysadmin" let bs = try await bootstrap(id) // First test: without CAP_SYS_ADMIN (should be denied) let bufferDenied = BufferWriter() let containerWithoutSysAdmin = try LinuxContainer("\(id)-denied", rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.capabilities = LinuxCapabilities() config.process.arguments = ["/bin/sh", "-c", "mount -t tmpfs tmpfs /tmp || echo 'mount failed as expected'"] config.process.stdout = bufferDenied config.bootLog = bs.bootLog } try await containerWithoutSysAdmin.create() try await containerWithoutSysAdmin.start() var status = try await containerWithoutSysAdmin.wait() try await containerWithoutSysAdmin.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "container should have run successfully, got exit code \(status.exitCode)") } guard let outputDenied = String(data: bufferDenied.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard outputDenied.contains("mount failed as expected") else { throw IntegrationError.assert(msg: "expected mount failure message, got: \(outputDenied)") } // Second test: with CAP_SYS_ADMIN (should succeed) let containerWithSysAdmin = try LinuxContainer("\(id)-allowed", rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.capabilities = LinuxCapabilities(capabilities: [.sysAdmin]) config.process.arguments = ["/bin/sh", "-c", "mount -t tmpfs tmpfs /tmp"] config.bootLog = bs.bootLog } try await containerWithSysAdmin.create() try await containerWithSysAdmin.start() status = try await containerWithSysAdmin.wait() try await containerWithSysAdmin.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "container with CAP_SYS_ADMIN should mount successfully, got exit code \(status.exitCode)") } } func testCapabilitiesNetAdmin() async throws { let id = "test-capabilities-netadmin" let bs = try await bootstrap(id) // First test: without CAP_NET_ADMIN (should be denied) let bufferDenied = BufferWriter() let containerWithoutNetAdmin = try LinuxContainer("\(id)-denied", rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.capabilities = LinuxCapabilities() config.process.arguments = ["/bin/sh", "-c", "ip link set lo down 2>/dev/null || echo 'network operation denied as expected'"] config.process.stdout = bufferDenied config.bootLog = bs.bootLog } try await containerWithoutNetAdmin.create() try await containerWithoutNetAdmin.start() var status = try await containerWithoutNetAdmin.wait() try await containerWithoutNetAdmin.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "container should handle network denial gracefully, got exit code \(status.exitCode)") } guard let outputDenied = String(data: bufferDenied.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard outputDenied.contains("network operation denied as expected") else { throw IntegrationError.assert(msg: "expected network denial message, got: \(outputDenied)") } // Second test: with CAP_NET_ADMIN (should succeed) let bufferAllowed = BufferWriter() let containerWithNetAdmin = try LinuxContainer("\(id)-allowed", rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.capabilities = LinuxCapabilities(capabilities: [.netAdmin]) config.process.arguments = ["/bin/sh", "-c", "ip link set lo down && ip link set lo up"] config.process.stdout = bufferAllowed config.bootLog = bs.bootLog } try await containerWithNetAdmin.create() try await containerWithNetAdmin.start() status = try await containerWithNetAdmin.wait() try await containerWithNetAdmin.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "container with CAP_NET_ADMIN should perform network operations, got exit code \(status.exitCode)") } } func testCapabilitiesOCIDefault() async throws { let id = "test-capabilities-OCI-default" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in // Use default capability set config.process.capabilities = .defaultOCICapabilities config.process.arguments = ["/bin/sh", "-c", "echo 'Running with OCI default capabilities'"] config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "container with OCI default capabilities should run, got exit code \(status.exitCode)") } } func testCapabilitiesAllCapabilities() async throws { let id = "test-capabilities-all" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.capabilities = .allCapabilities config.process.arguments = ["/bin/sh", "-c", "mount -t tmpfs tmpfs /tmp && ip link set lo down"] config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "container with all capabilities should perform all operations, got exit code \(status.exitCode)") } } func testCapabilitiesFileOwnership() async throws { let id = "test-capabilities-chown" let bs = try await bootstrap(id) // First test: without CAP_CHOWN let bufferDenied = BufferWriter() let containerWithoutChown = try LinuxContainer("\(id)-denied", rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.capabilities = LinuxCapabilities() config.process.arguments = ["/bin/sh", "-c", "touch /tmp/testfile && chown 1000:1000 /tmp/testfile 2>/dev/null || echo 'chown denied as expected'"] config.process.stdout = bufferDenied config.bootLog = bs.bootLog } try await containerWithoutChown.create() try await containerWithoutChown.start() var status = try await containerWithoutChown.wait() try await containerWithoutChown.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "container should handle chown denial gracefully, got exit code \(status.exitCode)") } guard let outputDenied = String(data: bufferDenied.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard outputDenied.contains("chown denied as expected") else { throw IntegrationError.assert(msg: "expected chown denial message, got: \(outputDenied)") } // Second test: with CAP_CHOWN let bufferAllowed = BufferWriter() let containerWithChown = try LinuxContainer("\(id)-allowed", rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.capabilities = LinuxCapabilities(capabilities: [.chown]) config.process.arguments = ["/bin/sh", "-c", "touch /tmp/testfile && chown 1000:1000 /tmp/testfile"] config.process.stdout = bufferAllowed config.bootLog = bs.bootLog } try await containerWithChown.create() try await containerWithChown.start() status = try await containerWithChown.wait() try await containerWithChown.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "container with CAP_CHOWN should succeed, got exit code \(status.exitCode)") } } func testCopyIn() async throws { let id = "test-copy-in" let bs = try await bootstrap(id) // Create a temp file on the host with known content let testContent = "Hello from the host! This is a copyIn test." let hostFile = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("test-input.txt") try testContent.write(to: hostFile, atomically: true, encoding: .utf8) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Copy the file into the container try await container.copyIn( from: hostFile, to: URL(filePath: "/tmp/copied-file.txt") ) // Verify the file exists and has correct content let exec = try await container.exec("verify-copy") { config in config.arguments = ["cat", "/tmp/copied-file.txt"] config.stdout = buffer } try await exec.start() let status = try await exec.wait() try await exec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "cat command failed with status \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert output to UTF8") } guard output == testContent else { throw IntegrationError.assert( msg: "copied file content mismatch: expected '\(testContent)', got '\(output)'") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testCopyOut() async throws { let id = "test-copy-out" let bs = try await bootstrap(id) let testContent = "Hello from the guest! This is a copyOut test." let hostDestination = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("test-output.txt") let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Create a file inside the container let exec = try await container.exec("create-file") { config in config.arguments = ["sh", "-c", "echo -n '\(testContent)' > /tmp/guest-file.txt"] } try await exec.start() let status = try await exec.wait() try await exec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "failed to create file in guest, status \(status)") } // Copy the file out of the container try await container.copyOut( from: URL(filePath: "/tmp/guest-file.txt"), to: hostDestination ) // Verify the file was copied correctly let copiedContent = try String(contentsOf: hostDestination, encoding: .utf8) guard copiedContent == testContent else { throw IntegrationError.assert( msg: "copied file content mismatch: expected '\(testContent)', got '\(copiedContent)'") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testCopyLargeFile() async throws { let id = "test-copy-large-file" let bs = try await bootstrap(id) // Create a 10MB file on the host with a repeating pattern let fileSize = 10 * 1024 * 1024 let hostFile = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("large-file.bin") // Generate data with a repeating pattern let pattern = Data("ContainerizationCopyTest".utf8) var testData = Data(capacity: fileSize) while testData.count < fileSize { testData.append(pattern) } testData = testData.prefix(fileSize) try testData.write(to: hostFile) let hostDestination = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("large-file-out.bin") let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Copy large file into the container try await container.copyIn( from: hostFile, to: URL(filePath: "/tmp/large-file.bin") ) // Copy it back out try await container.copyOut( from: URL(filePath: "/tmp/large-file.bin"), to: hostDestination ) // Verify the content matches let copiedData = try Data(contentsOf: hostDestination) guard copiedData.count == testData.count else { throw IntegrationError.assert( msg: "file size mismatch: expected \(testData.count), got \(copiedData.count)") } guard copiedData == testData else { throw IntegrationError.assert(msg: "file content mismatch after round-trip copy") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testCopyInDirectory() async throws { let id = "test-copy-in-dir" let bs = try await bootstrap(id) // Create a temp directory with files, a subdirectory, and a symlink. let hostDir = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("test-dir") try FileManager.default.createDirectory(at: hostDir, withIntermediateDirectories: true) try "file1 content".write(to: hostDir.appendingPathComponent("file1.txt"), atomically: true, encoding: .utf8) let subDir = hostDir.appendingPathComponent("subdir") try FileManager.default.createDirectory(at: subDir, withIntermediateDirectories: true) try "file2 content".write(to: subDir.appendingPathComponent("file2.txt"), atomically: true, encoding: .utf8) try FileManager.default.createSymbolicLink( at: hostDir.appendingPathComponent("link.txt"), withDestinationURL: hostDir.appendingPathComponent("file1.txt") ) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Copy the directory into the container. try await container.copyIn( from: hostDir, to: URL(filePath: "/tmp/copied-dir") ) // Verify file1.txt exists with correct content. let buffer1 = BufferWriter() let exec1 = try await container.exec("verify-file1") { config in config.arguments = ["cat", "/tmp/copied-dir/file1.txt"] config.stdout = buffer1 } try await exec1.start() let status1 = try await exec1.wait() try await exec1.delete() guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "cat file1.txt failed with status \(status1)") } guard String(data: buffer1.data, encoding: .utf8) == "file1 content" else { throw IntegrationError.assert(msg: "file1.txt content mismatch") } // Verify subdir/file2.txt exists with correct content. let buffer2 = BufferWriter() let exec2 = try await container.exec("verify-file2") { config in config.arguments = ["cat", "/tmp/copied-dir/subdir/file2.txt"] config.stdout = buffer2 } try await exec2.start() let status2 = try await exec2.wait() try await exec2.delete() guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "cat subdir/file2.txt failed with status \(status2)") } guard String(data: buffer2.data, encoding: .utf8) == "file2 content" else { throw IntegrationError.assert(msg: "subdir/file2.txt content mismatch") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testCopyOutDirectory() async throws { let id = "test-copy-out-dir" let bs = try await bootstrap(id) let hostDestination = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("copied-out-dir") let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Create a directory structure inside the container. let exec = try await container.exec("create-dir") { config in config.arguments = [ "sh", "-c", "mkdir -p /tmp/guest-dir/subdir && echo -n 'guest file1' > /tmp/guest-dir/file1.txt && echo -n 'guest file2' > /tmp/guest-dir/subdir/file2.txt", ] } try await exec.start() let status = try await exec.wait() try await exec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "failed to create directory in guest, status \(status)") } // Copy the directory out of the container. try await container.copyOut( from: URL(filePath: "/tmp/guest-dir"), to: hostDestination ) // Verify file1.txt was copied correctly. let file1Content = try String(contentsOf: hostDestination.appendingPathComponent("file1.txt"), encoding: .utf8) guard file1Content == "guest file1" else { throw IntegrationError.assert( msg: "file1.txt content mismatch: expected 'guest file1', got '\(file1Content)'") } // Verify subdir/file2.txt was copied correctly. let file2Content = try String( contentsOf: hostDestination.appendingPathComponent("subdir").appendingPathComponent("file2.txt"), encoding: .utf8 ) guard file2Content == "guest file2" else { throw IntegrationError.assert( msg: "subdir/file2.txt content mismatch: expected 'guest file2', got '\(file2Content)'") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testCopyEmptyFile() async throws { let id = "test-copy-empty-file" let bs = try await bootstrap(id) let hostFile = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("empty.txt") try Data().write(to: hostFile) let hostDestination = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("empty-out.txt") let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Copy empty file in. try await container.copyIn( from: hostFile, to: URL(filePath: "/tmp/empty.txt") ) // Verify it exists and is empty in the guest. let buffer = BufferWriter() let exec = try await container.exec("verify-empty") { config in config.arguments = ["stat", "-c", "%s", "/tmp/empty.txt"] config.stdout = buffer } try await exec.start() let status = try await exec.wait() try await exec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "stat failed with status \(status)") } let sizeStr = String(data: buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) guard sizeStr == "0" else { throw IntegrationError.assert(msg: "empty file should have size 0, got '\(sizeStr ?? "nil")'") } // Copy it back out. try await container.copyOut( from: URL(filePath: "/tmp/empty.txt"), to: hostDestination ) let copiedData = try Data(contentsOf: hostDestination) guard copiedData.isEmpty else { throw IntegrationError.assert(msg: "round-tripped empty file should be empty, got \(copiedData.count) bytes") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testCopyEmptyDirectory() async throws { let id = "test-copy-empty-dir" let bs = try await bootstrap(id) let hostDir = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("empty-dir") try FileManager.default.createDirectory(at: hostDir, withIntermediateDirectories: true) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Copy empty directory in. try await container.copyIn( from: hostDir, to: URL(filePath: "/tmp/empty-dir") ) // Verify it exists and is a directory. let buffer = BufferWriter() let exec = try await container.exec("verify-empty-dir") { config in config.arguments = ["sh", "-c", "test -d /tmp/empty-dir && ls -a /tmp/empty-dir | wc -l"] config.stdout = buffer } try await exec.start() let status = try await exec.wait() try await exec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "empty dir check failed with status \(status)") } // ls -a shows . and .. so count should be 2 for an empty dir. let countStr = String(data: buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) guard countStr == "2" else { throw IntegrationError.assert(msg: "empty dir should have 2 entries (. and ..), got '\(countStr ?? "nil")'") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testCopyBinaryFile() async throws { let id = "test-copy-binary" let bs = try await bootstrap(id) // Create a file with all 256 byte values to test binary safety. let hostFile = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("binary.bin") var binaryData = Data(count: 256 * 64) for i in 0.. /tmp/custom-bin/mytest && chmod +x /tmp/custom-bin/mytest", ] } try await setup.start() let setupStatus = try await setup.wait() try await setup.delete() guard setupStatus.exitCode == 0 else { throw IntegrationError.assert(msg: "setup failed: \(setupStatus)") } // Exec bare command with custom PATH — this exercises ExecCommand.swift let buffer = BufferWriter() let exec = try await container.exec("custom-path") { config in config.arguments = ["mytest"] config.environmentVariables = ["PATH=/tmp/custom-bin"] config.stdout = buffer } try await exec.start() let status = try await exec.wait() try await exec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "exec with custom PATH failed: \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to read output") } guard output.contains("CUSTOM_PATH_OK") else { throw IntegrationError.assert(msg: "expected CUSTOM_PATH_OK, got: \(output)") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testStdinExplicitClose() async throws { let id = "test-stdin-explicit-close" let bs = try await bootstrap(id) let inputData = "explicit close test\n".data(using: .utf8)! let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let exec = try await container.exec("stdin-close-exec") { config in config.arguments = ["head", "-n", "1"] config.stdin = StdinBuffer(data: inputData) config.stdout = buffer } try await exec.start() let status = try await exec.wait() try await exec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "exec status \(status) != 0") } guard buffer.data == inputData else { throw IntegrationError.assert(msg: "output mismatch") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testStdinBinaryData() async throws { let id = "test-stdin-binary-data" let bs = try await bootstrap(id) var inputData = Data() for i: UInt8 in 0...255 { inputData.append(contentsOf: [UInt8](repeating: i, count: 256)) } let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["cat"] config.process.stdin = StdinBuffer(data: inputData) config.process.stdout = buffer config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard buffer.data == inputData else { throw IntegrationError.assert(msg: "binary data mismatch") } } catch { try? await container.stop() throw error } } func testStdinMultipleChunks() async throws { let id = "test-stdin-multiple-chunks" let bs = try await bootstrap(id) let chunks = (0..<10).map { i in Data(repeating: UInt8(0x30 + i), count: 10 * 1024) } let expectedData = chunks.reduce(Data()) { $0 + $1 } let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["cat"] config.process.stdin = ChunkedStdinBuffer(chunks: chunks, delayMs: 10) config.process.stdout = buffer config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard buffer.data == expectedData else { throw IntegrationError.assert(msg: "chunked data mismatch") } } catch { try? await container.stop() throw error } } func testStdinVeryLarge() async throws { let id = "test-stdin-very-large" let bs = try await bootstrap(id) let inputSize = 10 * 1024 * 1024 let inputData = Data(repeating: 0x58, count: inputSize) let stdout = DiscardingWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["wc", "-c"] config.process.stdin = StdinBuffer(data: inputData) config.process.stdout = stdout config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard stdout.count > 0 else { throw IntegrationError.assert(msg: "no output from wc") } } catch { try? await container.stop() throw error } } @available(macOS 26.0, *) func testInterfaceMTU() async throws { let id = "test-interface-mtu" let bs = try await bootstrap(id) let customMTU: UInt32 = 1400 var network = try VmnetNetwork() defer { try? network.releaseInterface(id) } guard let interface = try network.createInterface(id, mtu: customMTU) else { throw IntegrationError.assert(msg: "failed to create network interface") } let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.interfaces = [interface] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Check the MTU of eth0 let exec = try await container.exec("check-mtu") { config in config.arguments = ["ip", "link", "show", "eth0"] config.stdout = buffer } try await exec.start() let status = try await exec.wait() try await exec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "ip link show failed with status \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert output to UTF8") } // Output should contain "mtu 1400" guard output.contains("mtu \(customMTU)") else { throw IntegrationError.assert( msg: "expected MTU \(customMTU) in output, got: \(output)") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testSingleFileMount() async throws { let id = "test-single-file-mount" let bs = try await bootstrap(id) // Create a temp file with known content let testContent = "Hello from single file mount!" let hostFile = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("config.txt") try testContent.write(to: hostFile, atomically: true, encoding: .utf8) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["cat", "/etc/myconfig.txt"] // Mount a single file using virtiofs share config.mounts.append(.share(source: hostFile.path, destination: "/etc/myconfig.txt")) config.process.stdout = buffer config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert output to UTF8") } guard output == testContent else { throw IntegrationError.assert( msg: "expected '\(testContent)', got '\(output)'") } } catch { try? await container.stop() throw error } } func testSingleFileMountReadOnly() async throws { let id = "test-single-file-mount-readonly" let bs = try await bootstrap(id) // Create a temp file with known content let testContent = "Read-only file content" let hostFile = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("readonly.txt") try testContent.write(to: hostFile, atomically: true, encoding: .utf8) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] // Mount a single file as read-only config.mounts.append(.share(source: hostFile.path, destination: "/etc/readonly.txt", options: ["ro"])) config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // First verify we can read the file let readBuffer = BufferWriter() let readExec = try await container.exec("read-file") { config in config.arguments = ["cat", "/etc/readonly.txt"] config.stdout = readBuffer } try await readExec.start() var status = try await readExec.wait() try await readExec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "read status \(status) != 0") } guard String(data: readBuffer.data, encoding: .utf8) == testContent else { throw IntegrationError.assert(msg: "file content mismatch") } // Now try to write to the file - should fail let writeExec = try await container.exec("write-file") { config in config.arguments = ["sh", "-c", "echo 'modified' > /etc/readonly.txt"] } try await writeExec.start() status = try await writeExec.wait() try await writeExec.delete() // Write should fail on a read-only mount guard status.exitCode != 0 else { throw IntegrationError.assert(msg: "write should have failed on read-only mount") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testSingleFileMountWriteBack() async throws { let id = "test-single-file-mount-write-back" let bs = try await bootstrap(id) // Create a temp file with initial content let initialContent = "initial content" let hostFile = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("writeable.txt") try initialContent.write(to: hostFile, atomically: true, encoding: .utf8) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] // Mount a single file (writable by default) config.mounts.append(.share(source: hostFile.path, destination: "/etc/writeable.txt")) config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Write new content from inside the container let newContent = "modified from container" let writeExec = try await container.exec("write-file") { config in config.arguments = ["sh", "-c", "echo -n '\(newContent)' > /etc/writeable.txt"] } try await writeExec.start() let status = try await writeExec.wait() try await writeExec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "write status \(status) != 0") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() let hostContent = try String(contentsOf: hostFile, encoding: .utf8) guard hostContent == newContent else { throw IntegrationError.assert( msg: "expected '\(newContent)' on host, got '\(hostContent)'") } } catch { try? await container.stop() throw error } } func testSingleFileMountSymlink() async throws { let id = "test-single-file-mount-symlink" let bs = try await bootstrap(id) // Create a temp directory with a real file and a symlink to it let tempDir = FileManager.default.uniqueTemporaryDirectory(create: true) let realFile = tempDir.appendingPathComponent("realfile.txt") let symlinkFile = tempDir.appendingPathComponent("symlink.txt") let initialContent = "content via symlink" try initialContent.write(to: realFile, atomically: true, encoding: .utf8) try FileManager.default.createSymbolicLink(at: symlinkFile, withDestinationURL: realFile) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] // Mount the symlink (should resolve to real file) config.mounts.append(.share(source: symlinkFile.path, destination: "/etc/config.txt")) config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Read the file to verify content let readBuffer = BufferWriter() let readExec = try await container.exec("read-file") { config in config.arguments = ["cat", "/etc/config.txt"] config.stdout = readBuffer } try await readExec.start() var status = try await readExec.wait() try await readExec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "read status \(status) != 0") } guard String(data: readBuffer.data, encoding: .utf8) == initialContent else { throw IntegrationError.assert(msg: "content mismatch on read") } // Write new content from container let newContent = "modified via symlink mount" let writeExec = try await container.exec("write-file") { config in config.arguments = ["sh", "-c", "echo -n '\(newContent)' > /etc/config.txt"] } try await writeExec.start() status = try await writeExec.wait() try await writeExec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "write status \(status) != 0") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() // Verify the REAL file (not symlink) was modified on the host let hostContent = try String(contentsOf: realFile, encoding: .utf8) guard hostContent == newContent else { throw IntegrationError.assert( msg: "expected '\(newContent)' in real file, got '\(hostContent)'") } } catch { try? await container.stop() throw error } } func testRLimitOpenFiles() async throws { let id = "test-rlimit-open-files" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sh", "-c", "ulimit -n"] config.process.rlimits = [ LinuxRLimit(kind: .openFiles, hard: 2048, soft: 1024) ] config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard let output = String(data: buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } // ulimit -n returns the soft limit guard output == "1024" else { throw IntegrationError.assert(msg: "expected soft limit '1024', got '\(output)'") } } func testRLimitMultiple() async throws { let id = "test-rlimit-multiple" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in // Read /proc/self/limits to verify multiple rlimits are set config.process.arguments = ["cat", "/proc/self/limits"] config.process.rlimits = [ LinuxRLimit(kind: .openFiles, hard: 4096, soft: 2048), LinuxRLimit(kind: .stackSize, hard: 16_777_216, soft: 8_388_608), LinuxRLimit(kind: .coreFileSize, hard: 0, soft: 0), ] config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } // Parse /proc/self/limits and verify the values // Format: "Limit Name Soft Limit Hard Limit Units" let lines = output.split(separator: "\n") // Helper to find and verify a limit line func verifyLimit(name: String, expectedSoft: String, expectedHard: String) throws { guard let line = lines.first(where: { $0.contains(name) }) else { throw IntegrationError.assert(msg: "limit '\(name)' not found in output") } let parts = line.split(whereSeparator: { $0.isWhitespace }).map(String.init) // The line format varies, but soft and hard are typically the last numeric values before units guard parts.contains(expectedSoft) && parts.contains(expectedHard) else { throw IntegrationError.assert( msg: "limit '\(name)' expected soft=\(expectedSoft) hard=\(expectedHard), got: \(line)") } } try verifyLimit(name: "Max open files", expectedSoft: "2048", expectedHard: "4096") try verifyLimit(name: "Max stack size", expectedSoft: "8388608", expectedHard: "16777216") try verifyLimit(name: "Max core file size", expectedSoft: "0", expectedHard: "0") } func testRLimitExec() async throws { let id = "test-rlimit-exec" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Exec a process with rlimits set let buffer = BufferWriter() let exec = try await container.exec("rlimit-exec") { config in config.arguments = ["sh", "-c", "ulimit -n"] config.rlimits = [ LinuxRLimit(kind: .openFiles, hard: 512, soft: 256) ] config.stdout = buffer } try await exec.start() let status = try await exec.wait() try await exec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "exec status \(status) != 0") } guard let output = String(data: buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard output == "256" else { throw IntegrationError.assert(msg: "expected soft limit '256', got '\(output)'") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testDuplicateVirtiofsMount() async throws { let id = "test-duplicate-virtiofs-mount" let bs = try await bootstrap(id) // Create a temp directory with a file let sharedDir = FileManager.default.uniqueTemporaryDirectory(create: true) try "shared content".write(to: sharedDir.appendingPathComponent("data.txt"), atomically: true, encoding: .utf8) let buffer1 = BufferWriter() let buffer2 = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] // Mount the same source directory to two different destinations config.mounts.append(.share(source: sharedDir.path, destination: "/mnt1")) config.mounts.append(.share(source: sharedDir.path, destination: "/mnt2")) config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Verify both mounts work. Read from /mnt1, then /mnt2 let exec1 = try await container.exec("read-mnt1") { config in config.arguments = ["cat", "/mnt1/data.txt"] config.stdout = buffer1 } try await exec1.start() var status = try await exec1.wait() try await exec1.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "read from /mnt1 failed with status \(status)") } guard String(data: buffer1.data, encoding: .utf8) == "shared content" else { throw IntegrationError.assert(msg: "unexpected content from /mnt1") } let exec2 = try await container.exec("read-mnt2") { config in config.arguments = ["cat", "/mnt2/data.txt"] config.stdout = buffer2 } try await exec2.start() status = try await exec2.wait() try await exec2.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "read from /mnt2 failed with status \(status)") } guard String(data: buffer2.data, encoding: .utf8) == "shared content" else { throw IntegrationError.assert(msg: "unexpected content from /mnt2") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testDuplicateVirtiofsMountViaSymlink() async throws { let id = "test-duplicate-virtiofs-mount-symlink" let bs = try await bootstrap(id) // Create a temp directory with a file, and a symlink to the same directory let tempDir = FileManager.default.uniqueTemporaryDirectory(create: true) let realDir = tempDir.appendingPathComponent("realdir") let symlinkDir = tempDir.appendingPathComponent("symlinkdir") try FileManager.default.createDirectory(at: realDir, withIntermediateDirectories: true) try "symlink test content".write(to: realDir.appendingPathComponent("file.txt"), atomically: true, encoding: .utf8) try FileManager.default.createSymbolicLink(at: symlinkDir, withDestinationURL: realDir) let buffer1 = BufferWriter() let buffer2 = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.mounts.append(.share(source: realDir.path, destination: "/mnt1")) config.mounts.append(.share(source: symlinkDir.path, destination: "/mnt2")) config.bootLog = bs.bootLog } do { // This should succeed as the symlink should resolve to the same directory try await container.create() try await container.start() let exec1 = try await container.exec("read-mnt1") { config in config.arguments = ["cat", "/mnt1/file.txt"] config.stdout = buffer1 } try await exec1.start() var status = try await exec1.wait() try await exec1.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "read from /mnt1 failed with status \(status)") } guard String(data: buffer1.data, encoding: .utf8) == "symlink test content" else { throw IntegrationError.assert(msg: "unexpected content from /mnt1") } // Verify mount via symlink works now let exec2 = try await container.exec("read-mnt2") { config in config.arguments = ["cat", "/mnt2/file.txt"] config.stdout = buffer2 } try await exec2.start() status = try await exec2.wait() try await exec2.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "read from /mnt2 failed with status \(status)") } guard String(data: buffer2.data, encoding: .utf8) == "symlink test content" else { throw IntegrationError.assert(msg: "unexpected content from /mnt2") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testWritableLayer() async throws { let id = "test-writable-layer" let bs = try await bootstrap(id) let writableLayerPath = Self.testDir.appending(component: "\(id)-writable.ext4") try? FileManager.default.removeItem(at: writableLayerPath) let filesystem = try EXT4.Formatter(FilePath(writableLayerPath.absolutePath()), minDiskSize: 512.mib()) try filesystem.close() let writableLayer = Mount.block( format: "ext4", source: writableLayerPath.absolutePath(), destination: "/", options: [] ) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, writableLayer: writableLayer, vmm: bs.vmm) { config in // Write a file, then read it back to verify writes work config.process.arguments = ["/bin/sh", "-c", "echo 'writable layer test' > /tmp/testfile && cat /tmp/testfile"] config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process failed with status \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard output.trimmingCharacters(in: .whitespacesAndNewlines) == "writable layer test" else { throw IntegrationError.assert(msg: "unexpected output: \(output)") } } func testWritableLayerPreservesLowerLayer() async throws { let id = "test-writable-layer-preserves-lower" let bs = try await bootstrap(id) let writableLayerPath = Self.testDir.appending(component: "\(id)-writable.ext4") try? FileManager.default.removeItem(at: writableLayerPath) let filesystem = try EXT4.Formatter(FilePath(writableLayerPath.absolutePath()), minDiskSize: 512.mib()) try filesystem.close() let writableLayer = Mount.block( format: "ext4", source: writableLayerPath.absolutePath(), destination: "/", options: [] ) // Get the size of /bin/sh before any modifications let buffer1 = BufferWriter() let container1 = try LinuxContainer("\(id)-1", rootfs: bs.rootfs, writableLayer: writableLayer, vmm: bs.vmm) { config in // Modify a file in /bin. This should go in the writable layer. config.process.arguments = ["/bin/sh", "-c", "ls -la /bin/sh && echo 'modified' > /bin/test-file"] config.process.stdout = buffer1 config.bootLog = bs.bootLog } try await container1.create() try await container1.start() let status1 = try await container1.wait() try await container1.stop() guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "first container failed with status \(status1)") } // Now run a second container with the SAME rootfs but without the writable layer // The /bin/test-file should NOT exist because it was written to the writable layer let buffer2 = BufferWriter() let container2 = try LinuxContainer("\(id)-2", rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/sh", "-c", "test -f /bin/test-file && echo 'exists' || echo 'not-exists'"] config.process.stdout = buffer2 config.bootLog = bs.bootLog } try await container2.create() try await container2.start() let status2 = try await container2.wait() try await container2.stop() guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "second container failed with status \(status2)") } guard let output2 = String(data: buffer2.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard output2.trimmingCharacters(in: .whitespacesAndNewlines) == "not-exists" else { throw IntegrationError.assert(msg: "expected 'not-exists' but got: \(output2)") } } func testWritableLayerReadsFromLower() async throws { let id = "test-writable-layer-reads-lower" let bs = try await bootstrap(id) let writableLayerPath = Self.testDir.appending(component: "\(id)-writable.ext4") try? FileManager.default.removeItem(at: writableLayerPath) let filesystem = try EXT4.Formatter(FilePath(writableLayerPath.absolutePath()), minDiskSize: 512.mib()) try filesystem.close() let writableLayer = Mount.block( format: "ext4", source: writableLayerPath.absolutePath(), destination: "/", options: [] ) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, writableLayer: writableLayer, vmm: bs.vmm) { config in config.process.arguments = ["head", "-1", "/etc/passwd"] config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process failed with status \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } // Alpine's first line of /etc/passwd should be root guard output.hasPrefix("root:") else { throw IntegrationError.assert(msg: "expected /etc/passwd to start with 'root:', got: \(output)") } } func testWritableLayerWithReadOnlyLower() async throws { let id = "test-writable-layer-ro-lower" let bs = try await bootstrap(id) var rootfs = bs.rootfs rootfs.options.append("ro") let writableLayerPath = Self.testDir.appending(component: "\(id)-writable.ext4") try? FileManager.default.removeItem(at: writableLayerPath) let filesystem = try EXT4.Formatter(FilePath(writableLayerPath.absolutePath()), minDiskSize: 512.mib()) try filesystem.close() let writableLayer = Mount.block( format: "ext4", source: writableLayerPath.absolutePath(), destination: "/", options: [] ) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: rootfs, writableLayer: writableLayer, vmm: bs.vmm) { config in // Even though lower layer is ro, writes should succeed via overlay config.process.arguments = ["/bin/sh", "-c", "echo 'overlay write test' > /tmp/test && cat /tmp/test"] config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process failed with status \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard output.trimmingCharacters(in: .whitespacesAndNewlines) == "overlay write test" else { throw IntegrationError.assert(msg: "unexpected output: \(output)") } } func testWritableLayerSize() async throws { let id = "test-writable-layer-size" let bs = try await bootstrap(id) // Create a 1 GiB writable layer let expectedSizeBytes: UInt64 = 1.gib() let writableLayerPath = Self.testDir.appending(component: "\(id)-writable.ext4") try? FileManager.default.removeItem(at: writableLayerPath) let filesystem = try EXT4.Formatter(FilePath(writableLayerPath.absolutePath()), minDiskSize: expectedSizeBytes) try filesystem.close() let writableLayer = Mount.block( format: "ext4", source: writableLayerPath.absolutePath(), destination: "/", options: [] ) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, writableLayer: writableLayer, vmm: bs.vmm) { config in // Use df to check the available space on the root filesystem // The overlay will report the size of the upper layer's backing store config.process.arguments = ["/bin/sh", "-c", "df -B1 / | tail -1 | awk '{print $2}'"] config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process failed with status \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard let reportedSize = UInt64(output.trimmingCharacters(in: .whitespacesAndNewlines)) else { throw IntegrationError.assert(msg: "failed to parse df output as UInt64: \(output)") } // The reported size should be close to our expected size (within 10%) let minExpected: UInt64 = (expectedSizeBytes * 90) / 100 let maxExpected: UInt64 = (expectedSizeBytes * 110) / 100 guard reportedSize >= minExpected && reportedSize <= maxExpected else { throw IntegrationError.assert(msg: "expected size ~\(expectedSizeBytes) bytes, but df reported \(reportedSize) bytes") } } func testWritableLayerWithDNSAndHosts() async throws { let id = "test-writable-layer-dns-hosts" let bs = try await bootstrap(id) let writableLayerPath = Self.testDir.appending(component: "\(id)-writable.ext4") try? FileManager.default.removeItem(at: writableLayerPath) let filesystem = try EXT4.Formatter(FilePath(writableLayerPath.absolutePath()), minDiskSize: 512.mib()) try filesystem.close() let writableLayer = Mount.block( format: "ext4", source: writableLayerPath.absolutePath(), destination: "/", options: [] ) let buffer = BufferWriter() let dnsEntry = "8.8.8.8" let hostsEntry = Hosts.Entry.localHostIPV4(comment: "WritableLayerTest") let container = try LinuxContainer(id, rootfs: bs.rootfs, writableLayer: writableLayer, vmm: bs.vmm) { config in config.process.arguments = ["/bin/sh", "-c", "cat /etc/resolv.conf && echo '---' && cat /etc/hosts"] config.process.stdout = buffer config.dns = DNS(nameservers: [dnsEntry]) config.hosts = Hosts(entries: [hostsEntry]) config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process failed with status \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard output.contains(dnsEntry) else { throw IntegrationError.assert(msg: "expected /etc/resolv.conf to contain \(dnsEntry), got: \(output)") } guard output.contains("WritableLayerTest") else { throw IntegrationError.assert(msg: "expected /etc/hosts to contain our entry, got: \(output)") } } func testUseInitBasic() async throws { let id = "test-use-init-basic" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/echo", "hello from init"] config.process.stdout = buffer config.useInit = true config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard String(data: buffer.data, encoding: .utf8) == "hello from init\n" else { throw IntegrationError.assert( msg: "expected 'hello from init', got '\(String(data: buffer.data, encoding: .utf8) ?? "nil")'") } } func testUseInitExitCodePropagation() async throws { let id = "test-use-init-exit-code" let bs = try await bootstrap(id) // Test exit code 0 var container = try LinuxContainer("\(id)-success", rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/true"] config.useInit = true config.bootLog = bs.bootLog } try await container.create() try await container.start() var status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "expected exit code 0, got \(status.exitCode)") } // Test non-zero exit code container = try LinuxContainer("\(id)-failure", rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/false"] config.useInit = true config.bootLog = bs.bootLog } try await container.create() try await container.start() status = try await container.wait() try await container.stop() guard status.exitCode == 1 else { throw IntegrationError.assert(msg: "expected exit code 1, got \(status.exitCode)") } // Test custom exit code container = try LinuxContainer("\(id)-custom", rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sh", "-c", "exit 42"] config.useInit = true config.bootLog = bs.bootLog } try await container.create() try await container.start() status = try await container.wait() try await container.stop() guard status.exitCode == 42 else { throw IntegrationError.assert(msg: "expected exit code 42, got \(status.exitCode)") } } func testUseInitSignalForwarding() async throws { let id = "test-use-init-signal" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "300"] config.useInit = true config.bootLog = bs.bootLog } do { try await container.create() try await container.start() try await Task.sleep(for: .milliseconds(100)) try await container.kill(SIGTERM) let status = try await container.wait(timeoutInSeconds: 5) try await container.stop() // SIGTERM should result in exit code 128 + 15 = 143 guard status.exitCode == 143 else { throw IntegrationError.assert(msg: "expected exit code 143 (SIGTERM), got \(status.exitCode)") } } catch { try? await container.stop() throw error } } func testUseInitZombieReaping() async throws { let id = "test-use-init-zombie-reaping" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in // This script creates an orphaned process that init must reap. // The subshell exits immediately, orphaning the sleep process. // Init should reap it when it exits. config.process.arguments = [ "/bin/sh", "-c", """ # Create orphans: subshell exits before its children (/bin/sleep 0.1 &) (/bin/sleep 0.1 &) # Wait for orphans to complete /bin/sleep 0.3 # Check for zombie processes (Z state) zombies=$(ps -eo stat 2>/dev/null | grep -c '^Z' || echo 0) echo "zombie_count:$zombies" """, ] config.process.stdout = buffer config.useInit = true config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert output to UTF8") } // Should report 0 zombies guard output.contains("zombie_count:0") else { throw IntegrationError.assert(msg: "expected zero zombies, got: \(output)") } } catch { try? await container.stop() throw error } } func testUseInitWithTerminal() async throws { let id = "test-use-init-terminal" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/sh", "-c", "tty && echo 'has tty'"] config.process.terminal = true config.process.stdout = buffer config.useInit = true config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert output to UTF8") } guard output.contains("has tty") else { throw IntegrationError.assert(msg: "expected 'has tty' in output, got: \(output)") } } func testUseInitWithStdin() async throws { let id = "test-use-init-stdin" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["cat"] config.process.stdin = StdinBuffer(data: "input through init\n".data(using: .utf8)!) config.process.stdout = buffer config.useInit = true config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard String(data: buffer.data, encoding: .utf8) == "input through init\n" else { throw IntegrationError.assert( msg: "expected 'input through init', got '\(String(data: buffer.data, encoding: .utf8) ?? "nil")'") } } @available(macOS 26.0, *) func testNetworkingDisabled() async throws { let id = "test-networking-disabled" let bs = try await bootstrap(id) let network = try VmnetNetwork() var manager = try ContainerManager(vmm: bs.vmm, network: network) defer { try? manager.delete(id) } let buffer = BufferWriter() let container = try await manager.create( id, image: bs.image, rootfs: bs.rootfs, networking: false ) { config in config.process.arguments = ["ls", "-1", "/sys/class/net/"] config.process.stdout = buffer config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "ls /sys/class/net/ failed with status \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert output to UTF8") } // With networking disabled check we don't have an eth0. let interfaces = output.trimmingCharacters(in: .whitespacesAndNewlines) .split(separator: "\n") .map { $0.trimmingCharacters(in: .whitespaces) } guard !interfaces.contains("eth0") else { throw IntegrationError.assert( msg: "expected no 'eth0' interface") } } catch { try? await container.stop() throw error } } @available(macOS 26.0, *) func testNetworkingEnabled() async throws { let id = "test-networking-enabled" let bs = try await bootstrap(id) let network = try VmnetNetwork() var manager = try ContainerManager(vmm: bs.vmm, network: network) defer { try? manager.delete(id) } let buffer = BufferWriter() let container = try await manager.create( id, image: bs.image, rootfs: bs.rootfs ) { config in config.process.arguments = ["ls", "-1", "/sys/class/net/"] config.process.stdout = buffer config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "ls /sys/class/net/ failed with status \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert output to UTF8") } // With networking enabled (default), eth0 should be present alongside lo let interfaces = Set( output.trimmingCharacters(in: .whitespacesAndNewlines) .split(separator: "\n") .map { $0.trimmingCharacters(in: .whitespaces) } ) guard interfaces.contains("lo") else { throw IntegrationError.assert(msg: "expected 'lo' interface, got: \(interfaces)") } guard interfaces.contains("eth0") else { throw IntegrationError.assert(msg: "expected 'eth0' interface, got: \(interfaces)") } } catch { try? await container.stop() throw error } } func testSysctl() async throws { let id = "test-container-sysctl" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.sysctl = [ "net.core.somaxconn": "4096" ] config.process.arguments = ["cat", "/proc/sys/net/core/somaxconn"] config.process.stdout = buffer config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } let output = String(data: buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) guard output == "4096" else { throw IntegrationError.assert( msg: "sysctl net.core.somaxconn should be '4096', got '\(output ?? "nil")'") } } catch { try? await container.stop() throw error } } func testSysctlMultiple() async throws { let id = "test-container-sysctl-multiple" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.sysctl = [ "net.core.somaxconn": "2048", "net.ipv4.ip_forward": "1", ] config.process.arguments = [ "/bin/sh", "-c", "cat /proc/sys/net/core/somaxconn && cat /proc/sys/net/ipv4/ip_forward", ] config.process.stdout = buffer config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } let output = String(data: buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) let lines = output?.split(separator: "\n").map { $0.trimmingCharacters(in: .whitespaces) } guard lines == ["2048", "1"] else { throw IntegrationError.assert( msg: "expected sysctls ['2048', '1'], got '\(output ?? "nil")'") } } catch { try? await container.stop() throw error } } func testNoNewPrivileges() async throws { let id = "test-no-new-privileges" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["cat", "/proc/self/status"] config.process.noNewPrivileges = true config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } // /proc/self/status contains "NoNewPrivs:\t1" when the bit is set guard output.contains("NoNewPrivs:\t1") else { throw IntegrationError.assert(msg: "expected NoNewPrivs to be 1, got: \(output)") } } func testNoNewPrivilegesDisabled() async throws { let id = "test-no-new-privileges-disabled" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["cat", "/proc/self/status"] // noNewPrivileges defaults to false config.process.stdout = buffer config.bootLog = bs.bootLog } try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } // When noNewPrivileges is not set, NoNewPrivs should be 0 guard output.contains("NoNewPrivs:\t0") else { throw IntegrationError.assert(msg: "expected NoNewPrivs to be 0, got: \(output)") } } func testWorkingDirCreated() async throws { let id = "test-working-dir-created" let bs = try await bootstrap(id) let buffer = BufferWriter() let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/pwd"] config.process.workingDirectory = "/does/not/exist" config.process.stdout = buffer config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let status = try await container.wait() try await container.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process with non-existent workingDir failed: \(status)") } guard let output = String(data: buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to read stdout") } guard output == "/does/not/exist" else { throw IntegrationError.assert(msg: "expected cwd '/does/not/exist', got '\(output)'") } } catch { try? await container.stop() throw error } } func testWorkingDirExecCreated() async throws { let id = "test-working-dir-exec-created" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["/bin/sleep", "1000"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() let buffer = BufferWriter() let exec = try await container.exec("cwd-exec") { config in config.arguments = ["/bin/pwd"] config.workingDirectory = "/a/b/c/d" config.stdout = buffer } try await exec.start() let status = try await exec.wait() try await exec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "exec with non-existent workingDir failed: \(status)") } guard let output = String(data: buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to read stdout") } guard output == "/a/b/c/d" else { throw IntegrationError.assert(msg: "expected cwd '/a/b/c/d', got '\(output)'") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } func testNoNewPrivilegesExec() async throws { let id = "test-no-new-privileges-exec" let bs = try await bootstrap(id) let container = try LinuxContainer(id, rootfs: bs.rootfs, vmm: bs.vmm) { config in config.process.arguments = ["sleep", "100"] config.bootLog = bs.bootLog } do { try await container.create() try await container.start() // Exec a process with noNewPrivileges set let buffer = BufferWriter() let exec = try await container.exec("nnp-exec") { config in config.arguments = ["cat", "/proc/self/status"] config.noNewPrivileges = true config.stdout = buffer } try await exec.start() let status = try await exec.wait() try await exec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "exec status \(status) != 0") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard output.contains("NoNewPrivs:\t1") else { throw IntegrationError.assert(msg: "expected NoNewPrivs to be 1 in exec, got: \(output)") } try await container.kill(SIGKILL) try await container.wait() try await container.stop() } catch { try? await container.stop() throw error } } } ================================================ FILE: Sources/Integration/PodTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import Containerization import ContainerizationError import ContainerizationOCI import ContainerizationOS import Foundation import Logging extension IntegrationSuite { /// Clone a rootfs mount to a new location for use by a container in a pod private func cloneRootfs(_ rootfs: Containerization.Mount, testID: String, containerID: String) throws -> Containerization.Mount { let clonePath = Self.testDir.appending(component: "\(testID)-\(containerID).ext4").absolutePath() try? FileManager.default.removeItem(atPath: clonePath) return try rootfs.clone(to: clonePath) } func testPodSingleContainer() async throws { let id = "test-pod-single-container" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["/bin/true"] } try await pod.create() try await pod.startContainer("container1") let status = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } } func testPodMultipleContainers() async throws { let id = "test-pod-multiple-containers" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["/bin/true"] } try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["/bin/echo", "hello"] } try await pod.create() try await pod.startContainer("container1") let status1 = try await pod.waitContainer("container1") try await pod.startContainer("container2") let status2 = try await pod.waitContainer("container2") try await pod.stop() guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "container1 status \(status1) != 0") } guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "container2 status \(status2) != 0") } } func testPodContainerOutput() async throws { let id = "test-pod-container-output" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } let buffer = BufferWriter() try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["/bin/echo", "hello from pod"] config.process.stdout = buffer } try await pod.create() try await pod.startContainer("container1") let status = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard String(data: buffer.data, encoding: .utf8) == "hello from pod\n" else { throw IntegrationError.assert( msg: "process should have returned on stdout 'hello from pod' != '\(String(data: buffer.data, encoding: .utf8)!)'") } } func testPodConcurrentContainers() async throws { let id = "test-pod-concurrent-containers" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } // Add 5 containers for i in 0..<5 { try await pod.addContainer("container\(i)", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container\(i)")) { config in config.process.arguments = ["/bin/sleep", "1"] } } try await pod.create() // Start all containers concurrently try await withThrowingTaskGroup(of: Void.self) { group in for i in 0..<5 { group.addTask { try await pod.startContainer("container\(i)") } } try await group.waitForAll() } // Wait for all containers concurrently try await withThrowingTaskGroup(of: Void.self) { group in for i in 0..<5 { group.addTask { let status = try await pod.waitContainer("container\(i)") if status.exitCode != 0 { throw IntegrationError.assert(msg: "container\(i) status \(status) != 0") } } } try await group.waitForAll() } try await pod.stop() } func testPodExecInContainer() async throws { let id = "test-pod-exec-in-container" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["/bin/sleep", "100"] } try await pod.create() try await pod.startContainer("container1") let buffer = BufferWriter() let exec = try await pod.execInContainer("container1", processID: "exec1") { config in config.arguments = ["/bin/echo", "exec test"] config.stdout = buffer } try await exec.start() let status = try await exec.wait() try await exec.delete() try await pod.killContainer("container1", signal: SIGKILL) try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "exec status \(status) != 0") } guard String(data: buffer.data, encoding: .utf8) == "exec test\n" else { throw IntegrationError.assert( msg: "exec should have returned 'exec test' != '\(String(data: buffer.data, encoding: .utf8)!)'") } } func testPodExecInContainerEnv() async throws { let id = "test-pod-exec-in-container-env" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["/bin/sleep", "100"] config.process.environmentVariables.append("MY_VAR=hello_from_container") } try await pod.create() try await pod.startContainer("container1") let buffer = BufferWriter() let exec = try await pod.execInContainer("container1", processID: "exec1") { config in config.arguments = ["/bin/sh", "-c", "printenv MY_VAR"] config.stdout = buffer } try await exec.start() let status = try await exec.wait() try await exec.delete() try await pod.killContainer("container1", signal: SIGKILL) try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "exec env status \(status) != 0") } guard String(data: buffer.data, encoding: .utf8) == "hello_from_container\n" else { throw IntegrationError.assert( msg: "exec should have inherited container env MY_VAR=hello_from_container, got '\(String(data: buffer.data, encoding: .utf8) ?? "nil")'") } } func testPodContainerHostname() async throws { let id = "test-pod-container-hostname" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } let buffer = BufferWriter() try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["/bin/hostname"] config.hostname = "my-pod-container" config.process.stdout = buffer } try await pod.create() try await pod.startContainer("container1") let status = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard String(data: buffer.data, encoding: .utf8) == "my-pod-container\n" else { throw IntegrationError.assert( msg: "hostname should be 'my-pod-container' != '\(String(data: buffer.data, encoding: .utf8)!)'") } } func testPodContainerHostnameDefaultsToContainerID() async throws { let id = "test-pod-container-hostname-default" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } let buffer = BufferWriter() try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["/bin/hostname"] config.process.stdout = buffer } try await pod.create() try await pod.startContainer("container1") let status = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard String(data: buffer.data, encoding: .utf8) == "container1\n" else { throw IntegrationError.assert( msg: "hostname should default to container id 'container1', got '\(String(data: buffer.data, encoding: .utf8)!)'") } } func testPodStopContainerIdempotency() async throws { let id = "test-pod-stop-container-idempotency" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["/bin/true"] } try await pod.create() try await pod.startContainer("container1") let status = try await pod.waitContainer("container1") guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } // Stop container twice - should not fail try await pod.stopContainer("container1") try await pod.stopContainer("container1") try await pod.stop() } func testPodListContainers() async throws { let id = "test-pod-list-containers" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } let containerIDs = ["container1", "container2", "container3"] for containerID in containerIDs { try await pod.addContainer(containerID, rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: containerID)) { config in config.process.arguments = ["/bin/true"] } } let listedContainers = await pod.listContainers() guard Set(listedContainers) == Set(containerIDs) else { throw IntegrationError.assert( msg: "listed containers \(listedContainers) != expected \(containerIDs)") } try await pod.create() try await pod.stop() } func testPodContainerStatistics() async throws { let id = "test-pod-container-statistics" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["/bin/sleep", "infinity"] } try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["/bin/sleep", "infinity"] } do { try await pod.create() try await pod.startContainer("container1") try await pod.startContainer("container2") let stats = try await pod.statistics() guard stats.count == 2 else { throw IntegrationError.assert(msg: "expected 2 container stats, got \(stats.count)") } let containerIDs = Set(stats.map { $0.id }) guard containerIDs == Set(["container1", "container2"]) else { throw IntegrationError.assert(msg: "unexpected container IDs in stats: \(containerIDs)") } for stat in stats { guard let process = stat.process, process.current > 0 else { throw IntegrationError.assert(msg: "container \(stat.id) process count should be > 0") } guard let memory = stat.memory, memory.usageBytes > 0 else { throw IntegrationError.assert(msg: "container \(stat.id) memory usage should be > 0") } print("Container \(stat.id) statistics:") print(" Processes: \(process.current)") print(" Memory: \(memory.usageBytes) bytes") print(" CPU: \(stat.cpu?.usageUsec ?? 0) usec") } try await pod.stop() } catch { try? await pod.stop() throw error } } func testPodMemoryEventsOOMKill() async throws { let id = "test-pod-memory-events-oom-kill" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["/bin/sleep", "infinity"] } do { try await pod.create() try await pod.startContainer("container1") let exec = try await pod.execInContainer("container1", processID: "oom-trigger") { config in config.arguments = [ "sh", "-c", "echo 2097152 > /sys/fs/cgroup/memory.max && dd if=/dev/zero of=/dev/null bs=100M", ] } try await exec.start() let status = try await exec.wait() if status.exitCode == 0 { throw IntegrationError.assert(msg: "expected exit code > 0") } try await exec.delete() let stats = try await pod.statistics(containerIDs: ["container1"], categories: .memoryEvents) guard let containerStats = stats.first, let events = containerStats.memoryEvents else { throw IntegrationError.assert(msg: "expected memoryEvents to be present") } print("Memory events for pod container container1:") print(" low: \(events.low)") print(" high: \(events.high)") print(" max: \(events.max)") print(" oom: \(events.oom)") print(" oomKill: \(events.oomKill)") guard events.oomKill > 0 else { throw IntegrationError.assert(msg: "expected oomKill > 0, got \(events.oomKill)") } try await pod.killContainer("container1", signal: SIGKILL) try await pod.waitContainer("container1") try await pod.stop() } catch { try? await pod.stop() throw error } } func testPodContainerResourceLimits() async throws { let id = "test-pod-container-resource-limits" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["/bin/sleep", "infinity"] config.cpus = 2 config.memoryInBytes = 256.mib() } do { try await pod.create() try await pod.startContainer("container1") // Verify memory limit let memoryBuffer = BufferWriter() let memoryExec = try await pod.execInContainer("container1", processID: "check-memory") { config in config.arguments = ["cat", "/sys/fs/cgroup/memory.max"] config.stdout = memoryBuffer } try await memoryExec.start() var status = try await memoryExec.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "check-memory status \(status) != 0") } try await memoryExec.delete() guard let memoryLimit = String(data: memoryBuffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to parse memory.max") } let expectedMemory = "\(256.mib())" guard memoryLimit == expectedMemory else { throw IntegrationError.assert(msg: "memory.max \(memoryLimit) != expected \(expectedMemory)") } // Verify CPU limit let cpuBuffer = BufferWriter() let cpuExec = try await pod.execInContainer("container1", processID: "check-cpu") { config in config.arguments = ["cat", "/sys/fs/cgroup/cpu.max"] config.stdout = cpuBuffer } try await cpuExec.start() status = try await cpuExec.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "check-cpu status \(status) != 0") } try await cpuExec.delete() guard let cpuLimit = String(data: cpuBuffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to parse cpu.max") } let expectedCpu = "200000 100000" // 2 CPUs: quota=200000, period=100000 guard cpuLimit == expectedCpu else { throw IntegrationError.assert(msg: "cpu.max '\(cpuLimit)' != expected '\(expectedCpu)'") } try await pod.killContainer("container1", signal: SIGKILL) try await pod.waitContainer("container1") try await pod.stop() } catch { try? await pod.stop() throw error } } func testPodContainerFilesystemIsolation() async throws { let id = "test-pod-container-filesystem-isolation" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["/bin/sleep", "infinity"] } try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["/bin/sleep", "infinity"] } do { try await pod.create() try await pod.startContainer("container1") try await pod.startContainer("container2") // Write a file in container1 let writeExec = try await pod.execInContainer("container1", processID: "write-file") { config in config.arguments = ["sh", "-c", "echo 'secret data' > /tmp/container1-secret.txt"] } try await writeExec.start() var status = try await writeExec.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "write-file status \(status) != 0") } try await writeExec.delete() // Verify the file exists in container1 let readBuffer1 = BufferWriter() let readExec1 = try await pod.execInContainer("container1", processID: "read-file-1") { config in config.arguments = ["cat", "/tmp/container1-secret.txt"] config.stdout = readBuffer1 } try await readExec1.start() status = try await readExec1.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "read-file-1 status \(status) != 0") } try await readExec1.delete() guard String(data: readBuffer1.data, encoding: .utf8) == "secret data\n" else { throw IntegrationError.assert(msg: "file content in container1 should be 'secret data'") } // Try to read the file from container2 - should fail let readExec2 = try await pod.execInContainer("container2", processID: "read-file-2") { config in config.arguments = ["cat", "/tmp/container1-secret.txt"] } try await readExec2.start() status = try await readExec2.wait() try await readExec2.delete() // File should NOT exist in container2, so cat should fail guard status.exitCode != 0 else { throw IntegrationError.assert(msg: "file should NOT be accessible from container2") } try await pod.stop() } catch { try? await pod.stop() throw error } } func testPodContainerPIDNamespaceIsolation() async throws { let id = "test-pod-container-pid-isolation" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["/bin/sleep", "infinity"] } try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["/bin/sleep", "infinity"] } do { try await pod.create() try await pod.startContainer("container1") try await pod.startContainer("container2") // Start a unique process in container1 let sleepExec1 = try await pod.execInContainer("container1", processID: "unique-sleep-1") { config in config.arguments = ["/bin/sleep", "9999"] } try await sleepExec1.start() // List processes in container1 - should see sleep 9999 let ps1Buffer = BufferWriter() let psExec1 = try await pod.execInContainer("container1", processID: "ps-1") { config in config.arguments = ["ps", "aux"] config.stdout = ps1Buffer } try await psExec1.start() var status = try await psExec1.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "ps-1 status \(status) != 0") } try await psExec1.delete() guard let ps1Output = String(data: ps1Buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to parse ps output from container1") } // Verify sleep 9999 is visible in container1 guard ps1Output.contains("sleep 9999") else { throw IntegrationError.assert(msg: "sleep 9999 should be visible in container1") } // List processes in container2 - should NOT see sleep 9999 let ps2Buffer = BufferWriter() let psExec2 = try await pod.execInContainer("container2", processID: "ps-2") { config in config.arguments = ["ps", "aux"] config.stdout = ps2Buffer } try await psExec2.start() status = try await psExec2.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "ps-2 status \(status) != 0") } try await psExec2.delete() guard let ps2Output = String(data: ps2Buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to parse ps output from container2") } // Verify sleep 9999 is NOT visible in container2 guard !ps2Output.contains("sleep 9999") else { throw IntegrationError.assert(msg: "sleep 9999 should NOT be visible in container2 (PID namespace isolation failed)") } try await sleepExec1.delete() try await pod.stop() } catch { try? await pod.stop() throw error } } func testPodContainerIndependentResourceLimits() async throws { let id = "test-pod-container-independent-limits" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } // Container1 with 1 CPU and 128 MiB memory try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["/bin/sleep", "infinity"] config.cpus = 1 config.memoryInBytes = 128.mib() } // Container2 with 2 CPUs and 256 MiB memory try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["/bin/sleep", "infinity"] config.cpus = 2 config.memoryInBytes = 256.mib() } do { try await pod.create() try await pod.startContainer("container1") try await pod.startContainer("container2") // Verify container1 memory limit let mem1Buffer = BufferWriter() let memExec1 = try await pod.execInContainer("container1", processID: "check-mem-1") { config in config.arguments = ["cat", "/sys/fs/cgroup/memory.max"] config.stdout = mem1Buffer } try await memExec1.start() var status = try await memExec1.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "check-mem-1 status \(status) != 0") } try await memExec1.delete() guard let mem1Limit = String(data: mem1Buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to parse memory.max from container1") } let expectedMem1 = "\(128.mib())" guard mem1Limit == expectedMem1 else { throw IntegrationError.assert(msg: "container1 memory.max \(mem1Limit) != expected \(expectedMem1)") } // Verify container1 CPU limit let cpu1Buffer = BufferWriter() let cpuExec1 = try await pod.execInContainer("container1", processID: "check-cpu-1") { config in config.arguments = ["cat", "/sys/fs/cgroup/cpu.max"] config.stdout = cpu1Buffer } try await cpuExec1.start() status = try await cpuExec1.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "check-cpu-1 status \(status) != 0") } try await cpuExec1.delete() guard let cpu1Limit = String(data: cpu1Buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to parse cpu.max from container1") } let expectedCpu1 = "100000 100000" // 1 CPU guard cpu1Limit == expectedCpu1 else { throw IntegrationError.assert(msg: "container1 cpu.max '\(cpu1Limit)' != expected '\(expectedCpu1)'") } // Verify container2 memory limit let mem2Buffer = BufferWriter() let memExec2 = try await pod.execInContainer("container2", processID: "check-mem-2") { config in config.arguments = ["cat", "/sys/fs/cgroup/memory.max"] config.stdout = mem2Buffer } try await memExec2.start() status = try await memExec2.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "check-mem-2 status \(status) != 0") } try await memExec2.delete() guard let mem2Limit = String(data: mem2Buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to parse memory.max from container2") } let expectedMem2 = "\(256.mib())" guard mem2Limit == expectedMem2 else { throw IntegrationError.assert(msg: "container2 memory.max \(mem2Limit) != expected \(expectedMem2)") } // Verify container2 CPU limit let cpu2Buffer = BufferWriter() let cpuExec2 = try await pod.execInContainer("container2", processID: "check-cpu-2") { config in config.arguments = ["cat", "/sys/fs/cgroup/cpu.max"] config.stdout = cpu2Buffer } try await cpuExec2.start() status = try await cpuExec2.wait() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "check-cpu-2 status \(status) != 0") } try await cpuExec2.delete() guard let cpu2Limit = String(data: cpu2Buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to parse cpu.max from container2") } let expectedCpu2 = "200000 100000" // 2 CPUs guard cpu2Limit == expectedCpu2 else { throw IntegrationError.assert(msg: "container2 cpu.max '\(cpu2Limit)' != expected '\(expectedCpu2)'") } try await pod.stop() } catch { try? await pod.stop() throw error } } func testPodSharedPIDNamespace() async throws { let id = "test-pod-shared-pid-namespace" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog config.shareProcessNamespace = true } // First container runs a long-running process try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["/bin/sleep", "300"] } // Second container checks if it can see container1's sleep process let psBuffer = BufferWriter() try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["/bin/sh", "-c", "ps aux | grep 'sleep 300' | grep -v grep"] config.process.stdout = psBuffer } try await pod.create() try await pod.startContainer("container1") try await Task.sleep(for: .milliseconds(100)) try await pod.startContainer("container2") let status = try await pod.waitContainer("container2") try await pod.killContainer("container1", signal: SIGKILL) _ = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "container2 should have found the sleep process (status: \(status))") } let output = String(data: psBuffer.data, encoding: .utf8) ?? "" guard output.contains("sleep 300") else { throw IntegrationError.assert(msg: "ps output should contain 'sleep 300', got: '\(output)'") } } func testPodReadOnlyRootfs() async throws { let id = "test-pod-readonly-rootfs" let bs = try await bootstrap(id) var rootfs = bs.rootfs rootfs.options.append("ro") let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: rootfs) { config in config.process.arguments = ["touch", "/testfile"] } try await pod.create() try await pod.startContainer("container1") let status = try await pod.waitContainer("container1") try await pod.stop() // touch should fail on a read-only rootfs guard status.exitCode != 0 else { throw IntegrationError.assert(msg: "touch should have failed on read-only rootfs") } } func testPodReadOnlyRootfsDNSConfigured() async throws { let id = "test-pod-readonly-rootfs-dns" let bs = try await bootstrap(id) var rootfs = bs.rootfs rootfs.options.append("ro") let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } let buffer = BufferWriter() try await pod.addContainer("container1", rootfs: rootfs) { config in // Verify /etc/resolv.conf was written before rootfs was remounted read-only config.process.arguments = ["cat", "/etc/resolv.conf"] config.process.stdout = buffer config.dns = DNS(nameservers: ["8.8.8.8", "8.8.4.4"]) } try await pod.create() try await pod.startContainer("container1") let status = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "cat /etc/resolv.conf failed with status \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard output.contains("8.8.8.8") && output.contains("8.8.4.4") else { throw IntegrationError.assert(msg: "expected /etc/resolv.conf to contain DNS servers, got: \(output)") } } func testPodSingleFileMount() async throws { let id = "test-pod-single-file-mount" let bs = try await bootstrap(id) // Create a temp file with known content let testContent = "Hello from pod single file mount!" let hostFile = FileManager.default.uniqueTemporaryDirectory(create: true) .appendingPathComponent("pod-config.txt") try testContent.write(to: hostFile, atomically: true, encoding: .utf8) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } let buffer = BufferWriter() try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["cat", "/etc/myconfig.txt"] // Mount a single file using virtiofs share config.mounts.append(.share(source: hostFile.path, destination: "/etc/myconfig.txt")) config.process.stdout = buffer } do { try await pod.create() try await pod.startContainer("container1") let status = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert output to UTF8") } guard output == testContent else { throw IntegrationError.assert( msg: "expected '\(testContent)', got '\(output)'") } } catch { try? await pod.stop() throw error } } func testPodContainerHostsConfig() async throws { let id = "test-pod-container-hosts" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } let buffer = BufferWriter() try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["cat", "/etc/hosts"] config.process.stdout = buffer config.hosts = Hosts(entries: [ Hosts.Entry.localHostIPV4(), Hosts.Entry.localHostIPV6(), Hosts.Entry(ipAddress: "10.0.0.50", hostnames: ["myservice.local", "myservice"]), ]) } try await pod.create() try await pod.startContainer("container1") let status = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "cat /etc/hosts failed with status \(status)") } guard let output = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard output.contains("10.0.0.50") && output.contains("myservice.local") else { throw IntegrationError.assert(msg: "expected /etc/hosts to contain custom entry, got: \(output)") } } func testPodMultipleContainersDifferentDNS() async throws { let id = "test-pod-multi-dns" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } let buffer1 = BufferWriter() let buffer2 = BufferWriter() try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["cat", "/etc/resolv.conf"] config.process.stdout = buffer1 config.dns = DNS(nameservers: ["1.1.1.1"]) } try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["cat", "/etc/resolv.conf"] config.process.stdout = buffer2 config.dns = DNS(nameservers: ["8.8.8.8"]) } try await pod.create() try await pod.startContainer("container1") let status1 = try await pod.waitContainer("container1") try await pod.startContainer("container2") let status2 = try await pod.waitContainer("container2") try await pod.stop() guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "container1 cat failed with status \(status1)") } guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "container2 cat failed with status \(status2)") } guard let output1 = String(data: buffer1.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert container1 stdout to UTF8") } guard let output2 = String(data: buffer2.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert container2 stdout to UTF8") } guard output1.contains("1.1.1.1") && !output1.contains("8.8.8.8") else { throw IntegrationError.assert(msg: "container1 should have 1.1.1.1 DNS, got: \(output1)") } guard output2.contains("8.8.8.8") && !output2.contains("1.1.1.1") else { throw IntegrationError.assert(msg: "container2 should have 8.8.8.8 DNS, got: \(output2)") } } func testPodMultipleContainersDifferentHosts() async throws { let id = "test-pod-multi-hosts" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } let buffer1 = BufferWriter() let buffer2 = BufferWriter() try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["cat", "/etc/hosts"] config.process.stdout = buffer1 config.hosts = Hosts(entries: [ Hosts.Entry.localHostIPV4(), Hosts.Entry(ipAddress: "10.0.0.1", hostnames: ["service-a.local", "service-a"]), ]) } try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["cat", "/etc/hosts"] config.process.stdout = buffer2 config.hosts = Hosts(entries: [ Hosts.Entry.localHostIPV4(), Hosts.Entry(ipAddress: "10.0.0.2", hostnames: ["service-b.local", "service-b"]), ]) } try await pod.create() try await pod.startContainer("container1") let status1 = try await pod.waitContainer("container1") try await pod.startContainer("container2") let status2 = try await pod.waitContainer("container2") try await pod.stop() guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "container1 cat failed with status \(status1)") } guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "container2 cat failed with status \(status2)") } guard let output1 = String(data: buffer1.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert container1 stdout to UTF8") } guard let output2 = String(data: buffer2.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert container2 stdout to UTF8") } guard output1.contains("10.0.0.1") && output1.contains("service-a.local") else { throw IntegrationError.assert(msg: "container1 should have service-a entry, got: \(output1)") } guard !output1.contains("10.0.0.2") && !output1.contains("service-b") else { throw IntegrationError.assert(msg: "container1 should NOT have service-b entry, got: \(output1)") } guard output2.contains("10.0.0.2") && output2.contains("service-b.local") else { throw IntegrationError.assert(msg: "container2 should have service-b entry, got: \(output2)") } guard !output2.contains("10.0.0.1") && !output2.contains("service-a") else { throw IntegrationError.assert(msg: "container2 should NOT have service-a entry, got: \(output2)") } } func testPodLevelDNS() async throws { let id = "test-pod-level-dns" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog // Set DNS at the pod level config.dns = DNS(nameservers: ["9.9.9.9", "149.112.112.112"]) } let buffer1 = BufferWriter() let buffer2 = BufferWriter() // Neither container specifies DNS. We should inherit from pod try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["cat", "/etc/resolv.conf"] config.process.stdout = buffer1 } try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["cat", "/etc/resolv.conf"] config.process.stdout = buffer2 } try await pod.create() try await pod.startContainer("container1") let status1 = try await pod.waitContainer("container1") try await pod.startContainer("container2") let status2 = try await pod.waitContainer("container2") try await pod.stop() guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "container1 cat failed with status \(status1)") } guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "container2 cat failed with status \(status2)") } guard let output1 = String(data: buffer1.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert container1 stdout to UTF8") } guard let output2 = String(data: buffer2.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert container2 stdout to UTF8") } // Both containers should have the pod-level DNS guard output1.contains("9.9.9.9") && output1.contains("149.112.112.112") else { throw IntegrationError.assert(msg: "container1 should have pod-level DNS (9.9.9.9), got: \(output1)") } guard output2.contains("9.9.9.9") && output2.contains("149.112.112.112") else { throw IntegrationError.assert(msg: "container2 should have pod-level DNS (9.9.9.9), got: \(output2)") } } func testPodLevelDNSWithContainerOverride() async throws { let id = "test-pod-level-dns-override" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog // Set DNS at the pod level config.dns = DNS(nameservers: ["9.9.9.9"]) } let buffer1 = BufferWriter() let buffer2 = BufferWriter() // Container1 does NOT specify DNS. It should inherit from pod try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["cat", "/etc/resolv.conf"] config.process.stdout = buffer1 } // Container2 specifies its own DNS. It should override pod-level try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["cat", "/etc/resolv.conf"] config.process.stdout = buffer2 config.dns = DNS(nameservers: ["8.8.8.8"]) } try await pod.create() try await pod.startContainer("container1") let status1 = try await pod.waitContainer("container1") try await pod.startContainer("container2") let status2 = try await pod.waitContainer("container2") try await pod.stop() guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "container1 cat failed with status \(status1)") } guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "container2 cat failed with status \(status2)") } guard let output1 = String(data: buffer1.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert container1 stdout to UTF8") } guard let output2 = String(data: buffer2.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert container2 stdout to UTF8") } // Container1 should have pod-level DNS guard output1.contains("9.9.9.9") && !output1.contains("8.8.8.8") else { throw IntegrationError.assert(msg: "container1 should have pod-level DNS (9.9.9.9), got: \(output1)") } // Container2 should have its own DNS, not pod-level guard output2.contains("8.8.8.8") && !output2.contains("9.9.9.9") else { throw IntegrationError.assert(msg: "container2 should have container-level DNS (8.8.8.8), got: \(output2)") } } func testPodLevelHosts() async throws { let id = "test-pod-level-hosts" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog // Set hosts at the pod level config.hosts = Hosts(entries: [ Hosts.Entry.localHostIPV4(), Hosts.Entry(ipAddress: "10.0.0.100", hostnames: ["shared-service.local"]), ]) } let buffer1 = BufferWriter() let buffer2 = BufferWriter() // Neither container specifies hosts. It should inherit from pod try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["cat", "/etc/hosts"] config.process.stdout = buffer1 } try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["cat", "/etc/hosts"] config.process.stdout = buffer2 } try await pod.create() try await pod.startContainer("container1") let status1 = try await pod.waitContainer("container1") try await pod.startContainer("container2") let status2 = try await pod.waitContainer("container2") try await pod.stop() guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "container1 cat failed with status \(status1)") } guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "container2 cat failed with status \(status2)") } guard let output1 = String(data: buffer1.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert container1 stdout to UTF8") } guard let output2 = String(data: buffer2.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert container2 stdout to UTF8") } // Both containers should have the pod-level hosts entry guard output1.contains("10.0.0.100") && output1.contains("shared-service.local") else { throw IntegrationError.assert(msg: "container1 should have pod-level hosts entry, got: \(output1)") } guard output2.contains("10.0.0.100") && output2.contains("shared-service.local") else { throw IntegrationError.assert(msg: "container2 should have pod-level hosts entry, got: \(output2)") } } func testPodLevelHostsWithContainerOverride() async throws { let id = "test-pod-level-hosts-override" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog // Set hosts at the pod level config.hosts = Hosts(entries: [ Hosts.Entry.localHostIPV4(), Hosts.Entry(ipAddress: "10.0.0.100", hostnames: ["shared-service.local"]), ]) } let buffer1 = BufferWriter() let buffer2 = BufferWriter() // Container1 does NOT specify hosts. It should inherit from pod try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["cat", "/etc/hosts"] config.process.stdout = buffer1 } // Container2 specifies its own hosts. It should override pod-level try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["cat", "/etc/hosts"] config.process.stdout = buffer2 config.hosts = Hosts(entries: [ Hosts.Entry.localHostIPV4(), Hosts.Entry(ipAddress: "10.0.0.200", hostnames: ["container-specific.local"]), ]) } try await pod.create() try await pod.startContainer("container1") let status1 = try await pod.waitContainer("container1") try await pod.startContainer("container2") let status2 = try await pod.waitContainer("container2") try await pod.stop() guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "container1 cat failed with status \(status1)") } guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "container2 cat failed with status \(status2)") } guard let output1 = String(data: buffer1.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert container1 stdout to UTF8") } guard let output2 = String(data: buffer2.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert container2 stdout to UTF8") } // Container1 should have pod-level hosts entry guard output1.contains("10.0.0.100") && output1.contains("shared-service.local") else { throw IntegrationError.assert(msg: "container1 should have pod-level hosts entry, got: \(output1)") } guard !output1.contains("10.0.0.200") && !output1.contains("container-specific.local") else { throw IntegrationError.assert(msg: "container1 should NOT have container2's hosts entry, got: \(output1)") } // Container2 should have its own hosts entry, not pod-level guard output2.contains("10.0.0.200") && output2.contains("container-specific.local") else { throw IntegrationError.assert(msg: "container2 should have container-level hosts entry, got: \(output2)") } guard !output2.contains("10.0.0.100") && !output2.contains("shared-service.local") else { throw IntegrationError.assert(msg: "container2 should NOT have pod-level hosts entry, got: \(output2)") } } func testPodLevelHostname() async throws { let id = "test-pod-level-hostname" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog // Set hostname at the pod level config.hostname = "pod-host" } let buffer1 = BufferWriter() let buffer2 = BufferWriter() // Neither container specifies a hostname. Both should inherit from pod. try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["/bin/hostname"] config.process.stdout = buffer1 } try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["/bin/hostname"] config.process.stdout = buffer2 } try await pod.create() try await pod.startContainer("container1") let status1 = try await pod.waitContainer("container1") try await pod.startContainer("container2") let status2 = try await pod.waitContainer("container2") try await pod.stop() guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "container1 hostname failed with status \(status1)") } guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "container2 hostname failed with status \(status2)") } guard String(data: buffer1.data, encoding: .utf8) == "pod-host\n" else { throw IntegrationError.assert(msg: "container1 should have pod-level hostname 'pod-host', got: '\(String(data: buffer1.data, encoding: .utf8) ?? "nil")'") } guard String(data: buffer2.data, encoding: .utf8) == "pod-host\n" else { throw IntegrationError.assert(msg: "container2 should have pod-level hostname 'pod-host', got: '\(String(data: buffer2.data, encoding: .utf8) ?? "nil")'") } } func testPodLevelHostnameWithContainerOverride() async throws { let id = "test-pod-level-hostname-override" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog // Set hostname at the pod level config.hostname = "pod-host" } let buffer1 = BufferWriter() let buffer2 = BufferWriter() // Container1 does NOT specify a hostname. It should inherit from pod. try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["/bin/hostname"] config.process.stdout = buffer1 } // Container2 specifies its own hostname. It should override the pod-level value. try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["/bin/hostname"] config.process.stdout = buffer2 config.hostname = "container-host" } try await pod.create() try await pod.startContainer("container1") let status1 = try await pod.waitContainer("container1") try await pod.startContainer("container2") let status2 = try await pod.waitContainer("container2") try await pod.stop() guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "container1 hostname failed with status \(status1)") } guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "container2 hostname failed with status \(status2)") } // Container1 should have the pod-level hostname guard String(data: buffer1.data, encoding: .utf8) == "pod-host\n" else { throw IntegrationError.assert(msg: "container1 should have pod-level hostname 'pod-host', got: '\(String(data: buffer1.data, encoding: .utf8) ?? "nil")'") } // Container2 should have its own hostname, not the pod-level one guard String(data: buffer2.data, encoding: .utf8) == "container-host\n" else { throw IntegrationError.assert(msg: "container2 should have container-level hostname 'container-host', got: '\(String(data: buffer2.data, encoding: .utf8) ?? "nil")'") } } func testPodRLimitOpenFiles() async throws { let id = "test-pod-rlimit-open-files" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } let buffer = BufferWriter() try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["sh", "-c", "ulimit -n"] config.process.rlimits = [ LinuxRLimit(kind: .openFiles, hard: 2048, soft: 1024) ] config.process.stdout = buffer } try await pod.create() try await pod.startContainer("container1") let status = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard let output = String(data: buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } // ulimit -n returns the soft limit guard output == "1024" else { throw IntegrationError.assert(msg: "expected soft limit '1024', got '\(output)'") } } func testPodRLimitExec() async throws { let id = "test-pod-rlimit-exec" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["sleep", "100"] } do { try await pod.create() try await pod.startContainer("container1") // Exec a process with rlimits set let buffer = BufferWriter() let exec = try await pod.execInContainer("container1", processID: "rlimit-exec") { config in config.arguments = ["sh", "-c", "ulimit -n"] config.rlimits = [ LinuxRLimit(kind: .openFiles, hard: 512, soft: 256) ] config.stdout = buffer } try await exec.start() let status = try await exec.wait() try await exec.delete() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "exec status \(status) != 0") } guard let output = String(data: buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) else { throw IntegrationError.assert(msg: "failed to convert stdout to UTF8") } guard output == "256" else { throw IntegrationError.assert(msg: "expected soft limit '256', got '\(output)'") } try await pod.killContainer("container1", signal: SIGKILL) try await pod.waitContainer("container1") try await pod.stop() } catch { try? await pod.stop() throw error } } func testPodUseInitBasic() async throws { let id = "test-pod-use-init-basic" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } let buffer = BufferWriter() try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["/bin/echo", "hello from pod init"] config.process.stdout = buffer config.useInit = true } try await pod.create() try await pod.startContainer("container1") let status = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } guard String(data: buffer.data, encoding: .utf8) == "hello from pod init\n" else { throw IntegrationError.assert( msg: "expected 'hello from pod init', got '\(String(data: buffer.data, encoding: .utf8) ?? "nil")'") } } func testPodUseInitExitCodePropagation() async throws { let id = "test-pod-use-init-exit-code" let bs = try await bootstrap(id) // Test exit code 0 var pod = try LinuxPod("\(id)-success", vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "success")) { config in config.process.arguments = ["/bin/true"] config.useInit = true } try await pod.create() try await pod.startContainer("container1") var status = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "expected exit code 0, got \(status.exitCode)") } // Test non-zero exit code pod = try LinuxPod("\(id)-failure", vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "failure")) { config in config.process.arguments = ["/bin/false"] config.useInit = true } try await pod.create() try await pod.startContainer("container1") status = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 1 else { throw IntegrationError.assert(msg: "expected exit code 1, got \(status.exitCode)") } // Test custom exit code pod = try LinuxPod("\(id)-custom", vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "custom")) { config in config.process.arguments = ["sh", "-c", "exit 42"] config.useInit = true } try await pod.create() try await pod.startContainer("container1") status = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 42 else { throw IntegrationError.assert(msg: "expected exit code 42, got \(status.exitCode)") } } func testPodUseInitSignalForwarding() async throws { let id = "test-pod-use-init-signal" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["sleep", "300"] config.useInit = true } do { try await pod.create() try await pod.startContainer("container1") try await Task.sleep(for: .milliseconds(100)) // Send SIGTERM, should be forwarded to the child and cause exit try await pod.killContainer("container1", signal: SIGTERM) let status = try await pod.waitContainer("container1", timeoutInSeconds: 5) try await pod.stop() // SIGTERM should result in exit code 128 + 15 = 143 guard status.exitCode == 143 else { throw IntegrationError.assert(msg: "expected exit code 143 (SIGTERM), got \(status.exitCode)") } } catch { try? await pod.stop() throw error } } func testPodUseInitMultipleContainers() async throws { let id = "test-pod-use-init-multiple" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } let buffer1 = BufferWriter() let buffer2 = BufferWriter() // Container1 with useInit try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["/bin/echo", "container1 with init"] config.process.stdout = buffer1 config.useInit = true } // Container2 without useInit try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.process.arguments = ["/bin/echo", "container2 without init"] config.process.stdout = buffer2 config.useInit = false } try await pod.create() try await pod.startContainer("container1") let status1 = try await pod.waitContainer("container1") try await pod.startContainer("container2") let status2 = try await pod.waitContainer("container2") try await pod.stop() guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "container1 exit code \(status1.exitCode) != 0") } guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "container2 exit code \(status2.exitCode) != 0") } guard String(data: buffer1.data, encoding: .utf8) == "container1 with init\n" else { throw IntegrationError.assert( msg: "container1 output mismatch: '\(String(data: buffer1.data, encoding: .utf8) ?? "nil")'") } guard String(data: buffer2.data, encoding: .utf8) == "container2 without init\n" else { throw IntegrationError.assert( msg: "container2 output mismatch: '\(String(data: buffer2.data, encoding: .utf8) ?? "nil")'") } } func testPodUseInitWithSharedPIDNamespace() async throws { let id = "test-pod-use-init-shared-pid" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog config.shareProcessNamespace = true } try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.process.arguments = ["sleep", "300"] config.useInit = true } let psBuffer = BufferWriter() try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in // Check if we can see container1's sleep process through the shared PID namespace config.process.arguments = ["sh", "-c", "ps aux | grep 'sleep 300' | grep -v grep"] config.process.stdout = psBuffer } try await pod.create() try await pod.startContainer("container1") try await Task.sleep(for: .milliseconds(100)) try await pod.startContainer("container2") let status = try await pod.waitContainer("container2") try await pod.killContainer("container1", signal: SIGKILL) _ = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "container2 should have found the sleep process (status: \(status))") } let output = String(data: psBuffer.data, encoding: .utf8) ?? "" guard output.contains("sleep 300") else { throw IntegrationError.assert(msg: "ps output should contain 'sleep 300', got: '\(output)'") } } func testPodUnixSocketIntoGuestSymlink() async throws { let id = "test-pod-unixsocket-into-guest-symlink" let bs = try await bootstrap(id) let hostSocketPath = try createPodHostUnixSocket() let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } // Use /var/run/test.sock. Alpine has /var/run -> /run symlink try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.process.arguments = ["sleep", "100"] config.sockets = [ UnixSocketConfiguration( source: URL(filePath: hostSocketPath), destination: URL(filePath: "/var/run/test.sock"), direction: .into ) ] } do { try await pod.create() try await pod.startContainer("container1") let buffer = BufferWriter() let lsExec = try await pod.execInContainer("container1", processID: "ls-socket") { config in config.arguments = ["ls", "-l", "/var/run/test.sock"] config.stdout = buffer } try await lsExec.start() let status2 = try await lsExec.wait() try await lsExec.delete() guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "ls command failed with status \(status2)") } guard let lsOutput = String(data: buffer.data, encoding: .utf8) else { throw IntegrationError.assert(msg: "failed to convert ls output to UTF8") } guard lsOutput.hasPrefix("s") else { throw IntegrationError.assert( msg: "expected socket file (starting with 's'), got: \(lsOutput)") } try await pod.killContainer("container1", signal: SIGKILL) _ = try await pod.waitContainer("container1") try await pod.stop() } catch { try? await pod.stop() throw error } } private func createPodHostUnixSocket() throws -> String { let dir = FileManager.default.uniqueTemporaryDirectory(create: true) let socketPath = dir.appendingPathComponent("test.sock").path let socket = try Socket(type: UnixType(path: socketPath)) try socket.listen() return socketPath } func testPodSysctl() async throws { let id = "test-pod-sysctl" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } let buffer = BufferWriter() try await pod.addContainer("container1", rootfs: bs.rootfs) { config in config.sysctl = [ "net.core.somaxconn": "4096" ] config.process.arguments = ["cat", "/proc/sys/net/core/somaxconn"] config.process.stdout = buffer } do { try await pod.create() try await pod.startContainer("container1") let status = try await pod.waitContainer("container1") try await pod.stop() guard status.exitCode == 0 else { throw IntegrationError.assert(msg: "process status \(status) != 0") } let output = String(data: buffer.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) guard output == "4096" else { throw IntegrationError.assert( msg: "sysctl net.core.somaxconn should be '4096', got '\(output ?? "nil")'") } } catch { try? await pod.stop() throw error } } func testPodSysctlMultipleContainers() async throws { let id = "test-pod-sysctl-multi" let bs = try await bootstrap(id) let pod = try LinuxPod(id, vmm: bs.vmm) { config in config.cpus = 4 config.memoryInBytes = 1024.mib() config.bootLog = bs.bootLog } // Containers in a pod share a network namespace, so use different // sysctls per container to avoid clobbering. let buffer1 = BufferWriter() try await pod.addContainer("container1", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container1")) { config in config.sysctl = [ "net.core.somaxconn": "2048" ] config.process.arguments = ["cat", "/proc/sys/net/core/somaxconn"] config.process.stdout = buffer1 } let buffer2 = BufferWriter() try await pod.addContainer("container2", rootfs: try cloneRootfs(bs.rootfs, testID: id, containerID: "container2")) { config in config.sysctl = [ "net.core.netdev_max_backlog": "5000" ] config.process.arguments = ["cat", "/proc/sys/net/core/netdev_max_backlog"] config.process.stdout = buffer2 } do { try await pod.create() try await pod.startContainer("container1") let status1 = try await pod.waitContainer("container1") guard status1.exitCode == 0 else { throw IntegrationError.assert(msg: "container1 status \(status1) != 0") } let output1 = String(data: buffer1.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) guard output1 == "2048" else { throw IntegrationError.assert( msg: "container1 sysctl net.core.somaxconn should be '2048', got '\(output1 ?? "nil")'") } try await pod.startContainer("container2") let status2 = try await pod.waitContainer("container2") guard status2.exitCode == 0 else { throw IntegrationError.assert(msg: "container2 status \(status2) != 0") } let output2 = String(data: buffer2.data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines) guard output2 == "5000" else { throw IntegrationError.assert( msg: "container2 sysctl net.core.netdev_max_backlog should be '5000', got '\(output2 ?? "nil")'") } try await pod.stop() } catch { try? await pod.stop() throw error } } } ================================================ FILE: Sources/Integration/Suite.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import Containerization import ContainerizationError import ContainerizationExtras import ContainerizationOCI import ContainerizationOS import Foundation import Logging import NIOCore import NIOPosix import Synchronization actor UnpackCoordinator { private var inFlight: [String: Task] = [:] func unpack( key: String, operation: @escaping @Sendable () async throws -> Containerization.Mount ) async throws -> Containerization.Mount { if let existing = inFlight[key] { return try await existing.value } let task = Task { try await operation() } inFlight[key] = task defer { inFlight.removeValue(forKey: key) } return try await task.value } } struct Test: Sendable { var name: String var work: @Sendable () async throws -> Void init(_ name: String, _ work: @escaping @Sendable () async throws -> Void) { self.name = name self.work = work } } final class JobQueue: Sendable where T: Sendable { struct State: Sendable { var next = 0 var jobs: [T] } private let lock: Mutex init(_ jobs: [T]) { self.lock = Mutex(State(jobs: jobs)) } func pop() -> T? { self.lock.withLock { state in guard state.next < state.jobs.count else { return nil } defer { state.next += 1 } return state.jobs[state.next] } } } let log = { LoggingSystem.bootstrap(StreamLogHandler.standardError) var log = Logger(label: "com.apple.containerization") log.logLevel = .debug return log }() enum IntegrationError: Swift.Error { case assert(msg: String) case noOutput } struct SkipTest: Swift.Error, CustomStringConvertible { let reason: String var description: String { reason } } @main struct IntegrationSuite: AsyncParsableCommand { static let appRoot: URL = { FileManager.default.urls( for: .applicationSupportDirectory, in: .userDomainMask ).first! .appendingPathComponent("com.apple.containerization") }() private static let _contentStore: ContentStore = { try! LocalContentStore(path: appRoot.appending(path: "content")) }() private static let _imageStore: ImageStore = { try! ImageStore( path: appRoot, contentStore: contentStore ) }() static let _testDir: URL = { FileManager.default.uniqueTemporaryDirectory(create: true) }() static var testDir: URL { _testDir } static var imageStore: ImageStore { _imageStore } static var contentStore: ContentStore { _contentStore } static let initImage = "vminit:latest" private static let unpackCoordinator = UnpackCoordinator() @Option(name: .shortAndLong, help: "Path to a directory for boot logs") var bootlogDir: String = "./bin/integration-bootlogs" @Option(name: .shortAndLong, help: "Path to a kernel binary") var kernel: String = "./bin/vmlinux" @Option(name: .shortAndLong, help: "Maximum number of concurrent tests") var maxConcurrency: Int = 4 @Option(name: .shortAndLong, help: "Only run tests whose names contain this string") var filter: String? static func binPath(name: String) -> URL { URL(fileURLWithPath: FileManager.default.currentDirectoryPath) .appendingPathComponent("bin") .appendingPathComponent(name) } static let eventLoop = MultiThreadedEventLoopGroup(numberOfThreads: System.coreCount) func bootstrap(_ testID: String) async throws -> (rootfs: Containerization.Mount, vmm: VirtualMachineManager, image: Containerization.Image, bootLog: BootLog) { let reference = "ghcr.io/linuxcontainers/alpine:3.20" let store = Self.imageStore let initImage = try await store.getInitImage(reference: Self.initImage) let initfs = try await { let p = Self.binPath(name: "init.block") do { return try await initImage.initBlock(at: p, for: .linuxArm) } catch let err as ContainerizationError { guard err.code == .exists else { throw err } return .block( format: "ext4", source: p.absolutePath(), destination: "/", options: ["ro"] ) } }() var testKernel = Kernel(path: .init(filePath: kernel), platform: .linuxArm) testKernel.commandLine.addDebug() let image = try await Self.fetchImage(reference: reference, store: store) let platform = Platform(arch: "arm64", os: "linux", variant: "v8") // Unpack to shared location with coordination to prevent concurrent unpacks let fsPath = Self.testDir.appending(component: image.digest) let fs = try await Self.unpackCoordinator.unpack(key: fsPath.absolutePath()) { do { let unpacker = EXT4Unpacker(blockSizeInBytes: 2.gib()) return try await unpacker.unpack(image, for: platform, at: fsPath) } catch let err as ContainerizationError { if err.code == .exists { return .block( format: "ext4", source: fsPath.absolutePath(), destination: "/", options: [] ) } throw err } } // Clone to test-specific path let clPath = Self.testDir.appending(component: "\(testID).ext4").absolutePath() try? FileManager.default.removeItem(atPath: clPath) let cl = try fs.clone(to: clPath) // Create bootLog directory and per-container bootLog path let bootlogDirURL = URL(filePath: bootlogDir) try? FileManager.default.createDirectory(at: bootlogDirURL, withIntermediateDirectories: true) let bootlogURL = bootlogDirURL.appendingPathComponent("\(testID).log") return ( cl, VZVirtualMachineManager( kernel: testKernel, initialFilesystem: initfs, group: Self.eventLoop ), image, BootLog.file(path: bootlogURL) ) } static func fetchImage(reference: String, store: ImageStore) async throws -> Containerization.Image { do { return try await store.get(reference: reference) } catch let error as ContainerizationError { if error.code == .notFound { return try await store.pull(reference: reference) } throw error } } static func adjustLimits() throws { var limits = rlimit() guard getrlimit(RLIMIT_NOFILE, &limits) == 0 else { throw POSIXError(.init(rawValue: errno)!) } limits.rlim_cur = 65536 limits.rlim_max = 65536 guard setrlimit(RLIMIT_NOFILE, &limits) == 0 else { throw POSIXError(.init(rawValue: errno)!) } } private func macOS26Tests() -> [Test] { if #available(macOS 26.0, *) { return [ Test("container interface custom MTU", testInterfaceMTU), Test("container networking disabled", testNetworkingDisabled), Test("container networking enabled", testNetworkingEnabled), ] } return [] } // Why does this exist? // // We need the virtualization entitlement to execute these tests. // There currently does not exist a straightforward way to do this // in a pure swift package. // // In order to not have a dependency on xcode, we create an executable // for our integration tests that can be signed then ran. // // We also can't import Testing as it expects to be run from a runner. // Hopefully this improves over time. func run() async throws { try Self.adjustLimits() let suiteStarted = CFAbsoluteTimeGetCurrent() log.info("starting integration suite\n") let tests: [Test] = [ // Containers Test("process true", testProcessTrue), Test("process false", testProcessFalse), Test("process echo hi", testProcessEchoHi), Test("process no executable", testProcessNoExecutable), Test("process user", testProcessUser), Test("process stdin", testProcessStdin), Test("process home envvar", testProcessHomeEnvvar), Test("process custom home envvar", testProcessCustomHomeEnvvar), Test("process tty ensure TERM", testProcessTtyEnvvar), Test("multiple concurrent processes", testMultipleConcurrentProcesses), Test("multiple concurrent processes with output stress", testMultipleConcurrentProcessesOutputStress), Test("container hostname", testHostname), Test("container hostname defaults to container id", testHostnameDefaultsToContainerID), Test("container hosts", testHostsFile), Test("container mount", testMounts), Test("container stop idempotency", testContainerStopIdempotency), Test("nested virt", testNestedVirtualizationEnabled), Test("container manager", testContainerManagerCreate), Test("container reuse", testContainerReuse), Test("container /dev/console", testContainerDevConsole), Test("container statistics", testContainerStatistics), Test("container cgroup limits", testCgroupLimits), Test("container memory events OOM kill", testMemoryEventsOOMKill), Test("container no serial console", testNoSerialConsole), Test("unix socket into guest", testUnixSocketIntoGuest), Test("unix socket into guest symlink", testUnixSocketIntoGuestSymlink), Test("container non-closure constructor", testNonClosureConstructor), Test("container test large stdio ingest", testLargeStdioOutput), Test("process delete idempotency", testProcessDeleteIdempotency), Test("multiple execs without delete", testMultipleExecsWithoutDelete), Test("container bootlog using filehandle", testBootLogFileHandle), Test("container capabilities sys admin", testCapabilitiesSysAdmin), Test("container capabilities net admin", testCapabilitiesNetAdmin), Test("container capabilities OCI default", testCapabilitiesOCIDefault), Test("container capabilities all capabilities", testCapabilitiesAllCapabilities), Test("container capabilities file ownership", testCapabilitiesFileOwnership), Test("container copy in", testCopyIn), Test("container copy out", testCopyOut), Test("container copy large file", testCopyLargeFile), Test("container copy in directory", testCopyInDirectory), Test("container copy out directory", testCopyOutDirectory), Test("container copy empty file", testCopyEmptyFile), Test("container copy empty directory", testCopyEmptyDirectory), Test("container copy binary file", testCopyBinaryFile), Test("container copy multiple files", testCopyMultipleFiles), Test("container copy directory round trip", testCopyDirectoryRoundTrip), Test("container copy in create parents", testCopyInCreateParents), Test("container copy file permissions", testCopyFilePermissions), Test("container copy large directory", testCopyLargeDirectory), Test("container read-only rootfs", testReadOnlyRootfs), Test("container read-only rootfs hosts file", testReadOnlyRootfsHostsFileWritten), Test("container read-only rootfs DNS", testReadOnlyRootfsDNSConfigured), Test("container writable layer", testWritableLayer), Test("container writable layer preserves lower", testWritableLayerPreservesLowerLayer), Test("container writable layer reads from lower", testWritableLayerReadsFromLower), Test("container writable layer with ro lower", testWritableLayerWithReadOnlyLower), Test("container writable layer size", testWritableLayerSize), Test("container writable layer DNS and hosts", testWritableLayerWithDNSAndHosts), Test("large stdin input", testLargeStdinInput), Test("exec large stdin input", testExecLargeStdinInput), Test("exec custom path resolution", testExecCustomPathResolution), Test("stdin explicit close", testStdinExplicitClose), Test("stdin binary data", testStdinBinaryData), Test("stdin multiple chunks", testStdinMultipleChunks), Test("stdin very large", testStdinVeryLarge), // FIXME: reenable when single file mount issues resolved //Test("container single file mount", testSingleFileMount), //Test("container single file mount read-only", testSingleFileMountReadOnly), //Test("container single file mount write-back", testSingleFileMountWriteBack), //Test("container single file mount symlink", testSingleFileMountSymlink), Test("container rlimit open files", testRLimitOpenFiles), Test("container rlimit multiple", testRLimitMultiple), Test("container rlimit exec", testRLimitExec), Test("container duplicate virtiofs mount", testDuplicateVirtiofsMount), Test("container duplicate virtiofs mount via symlink", testDuplicateVirtiofsMountViaSymlink), Test("container useInit basic", testUseInitBasic), Test("container useInit exit code propagation", testUseInitExitCodePropagation), Test("container useInit signal forwarding", testUseInitSignalForwarding), Test("container useInit zombie reaping", testUseInitZombieReaping), Test("container useInit with terminal", testUseInitWithTerminal), Test("container useInit with stdin", testUseInitWithStdin), Test("container sysctl", testSysctl), Test("container sysctl multiple", testSysctlMultiple), Test("container noNewPrivileges", testNoNewPrivileges), Test("container noNewPrivileges disabled", testNoNewPrivilegesDisabled), Test("container noNewPrivileges exec", testNoNewPrivilegesExec), Test("container workingDir created", testWorkingDirCreated), Test("container workingDir exec created", testWorkingDirExecCreated), // Pods Test("pod single container", testPodSingleContainer), Test("pod multiple containers", testPodMultipleContainers), Test("pod container output", testPodContainerOutput), Test("pod concurrent containers", testPodConcurrentContainers), Test("pod exec in container", testPodExecInContainer), Test("pod exec in container env", testPodExecInContainerEnv), Test("pod container hostname", testPodContainerHostname), Test("pod container hostname defaults to container id", testPodContainerHostnameDefaultsToContainerID), Test("pod stop container idempotency", testPodStopContainerIdempotency), Test("pod list containers", testPodListContainers), Test("pod container statistics", testPodContainerStatistics), Test("pod memory events OOM kill", testPodMemoryEventsOOMKill), Test("pod container resource limits", testPodContainerResourceLimits), Test("pod container filesystem isolation", testPodContainerFilesystemIsolation), Test("pod container PID namespace isolation", testPodContainerPIDNamespaceIsolation), Test("pod container independent resource limits", testPodContainerIndependentResourceLimits), Test("pod shared PID namespace", testPodSharedPIDNamespace), Test("pod read-only rootfs", testPodReadOnlyRootfs), Test("pod read-only rootfs DNS", testPodReadOnlyRootfsDNSConfigured), //Test("pod single file mount", testPodSingleFileMount), Test("pod container hosts config", testPodContainerHostsConfig), Test("pod multiple containers different DNS", testPodMultipleContainersDifferentDNS), Test("pod multiple containers different hosts", testPodMultipleContainersDifferentHosts), Test("pod level DNS", testPodLevelDNS), Test("pod level DNS with container override", testPodLevelDNSWithContainerOverride), Test("pod level hosts", testPodLevelHosts), Test("pod level hosts with container override", testPodLevelHostsWithContainerOverride), Test("pod level hostname", testPodLevelHostname), Test("pod level hostname with container override", testPodLevelHostnameWithContainerOverride), Test("pod rlimit open files", testPodRLimitOpenFiles), Test("pod rlimit exec", testPodRLimitExec), Test("pod useInit basic", testPodUseInitBasic), Test("pod useInit exit code propagation", testPodUseInitExitCodePropagation), Test("pod useInit signal forwarding", testPodUseInitSignalForwarding), Test("pod useInit multiple containers", testPodUseInitMultipleContainers), Test("pod useInit with shared PID namespace", testPodUseInitWithSharedPIDNamespace), Test("pod unix socket into guest symlink", testPodUnixSocketIntoGuestSymlink), Test("pod sysctl", testPodSysctl), Test("pod sysctl multiple containers", testPodSysctlMultipleContainers), ] + macOS26Tests() let filteredTests: [Test] if let filter { filteredTests = tests.filter { $0.name.contains(filter) } log.info("filter '\(filter)' matched \(filteredTests.count)/\(tests.count) tests") } else { filteredTests = tests } let passed: Atomic = Atomic(0) let skipped: Atomic = Atomic(0) await withTaskGroup(of: Void.self) { group in let jobQueue = JobQueue(filteredTests) for _ in 0.. 0 { finishingText += " and \(skippedCount)/\(filteredTests.count) skipped" } finishingText += "!" log.info("\(finishingText)") try? FileManager.default.removeItem(at: Self.testDir) if passedCount + skippedCount < filteredTests.count { log.error("❌") throw ExitCode(1) } } } ================================================ FILE: Sources/cctl/ImageCommand.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import Containerization import ContainerizationArchive import ContainerizationError import ContainerizationExtras import ContainerizationOCI import Foundation extension Application { struct Images: AsyncParsableCommand { static let configuration = CommandConfiguration( commandName: "images", abstract: "Manage images", subcommands: [ Get.self, Delete.self, Pull.self, Tag.self, Push.self, Save.self, Load.self, ] ) func run() async throws { let store = Application.imageStore let images = try await store.list() print("REFERENCE\tMEDIA TYPE\tDIGEST") for image in images { print("\(image.reference)\t\(image.mediaType)\t\(image.digest)") } } struct Delete: AsyncParsableCommand { @Argument var reference: String func run() async throws { let store = Application.imageStore try await store.delete(reference: reference) } } struct Tag: AsyncParsableCommand { @Argument var old: String @Argument var new: String func run() async throws { let store = Application.imageStore _ = try await store.tag(existing: old, new: new) } } struct Get: AsyncParsableCommand { @Argument var reference: String func run() async throws { let store = Application.imageStore let image = try await store.get(reference: reference) let index = try await image.index() let enc = JSONEncoder() enc.outputFormatting = .prettyPrinted let data = try enc.encode(ImageDisplay(reference: image.reference, index: index)) print(String(data: data, encoding: .utf8)!) } } struct ImageDisplay: Codable { let reference: String let index: Index } struct Pull: AsyncParsableCommand { static let configuration = CommandConfiguration( commandName: "pull", abstract: "Pull an image's contents into a content store" ) @Argument var ref: String @Option(name: .customLong("platform"), help: "Platform string in the form 'os/arch/variant'. Example 'linux/arm64/v8', 'linux/amd64'") var platformString: String? @Option( name: .customLong("unpack-path"), help: "Path to a new directory to unpack the image into", transform: { str in URL(fileURLWithPath: str, relativeTo: .currentDirectory()).absoluteURL.path(percentEncoded: false) }) var unpackPath: String? @Flag(help: "Pull via plain text http") var http: Bool = false func run() async throws { let imageStore = Application.imageStore let platform: Platform? = try { if let platformString { return try Platform(from: platformString) } return nil }() let reference = try Reference.parse(ref) reference.normalize() let normalizedReference = reference.description if normalizedReference != ref { print("Reference resolved to \(reference.description)") } var startTime = ContinuousClock.now let image = try await Images.withAuthentication(ref: normalizedReference) { auth in try await imageStore.pull(reference: normalizedReference, platform: platform, insecure: http, auth: auth) } guard let image else { print("image pull failed") Application.exit(withError: POSIXError(.EACCES)) } var duration = ContinuousClock.now - startTime print("Image pull took: \(duration)\n") guard let unpackPath else { return } guard !FileManager.default.fileExists(atPath: unpackPath) else { throw ContainerizationError(.exists, message: "directory already exists at \(unpackPath)") } let unpackUrl = URL(filePath: unpackPath) try FileManager.default.createDirectory(at: unpackUrl, withIntermediateDirectories: true) let unpacker = EXT4Unpacker.init(blockSizeInBytes: 2.gib()) startTime = ContinuousClock.now if let platform { let name = platform.description.replacingOccurrences(of: "/", with: "-") let _ = try await unpacker.unpack(image, for: platform, at: unpackUrl.appending(component: name)) } else { for descriptor in try await image.index().manifests { if let referenceType = descriptor.annotations?["vnd.docker.reference.type"], referenceType == "attestation-manifest" { continue } guard let descPlatform = descriptor.platform else { continue } let name = descPlatform.description.replacingOccurrences(of: "/", with: "-") let _ = try await unpacker.unpack(image, for: descPlatform, at: unpackUrl.appending(component: name)) print("created snapshot for platform \(descPlatform.description)") } } duration = ContinuousClock.now - startTime print("\nUnpacking took: \(duration)") } } struct Push: AsyncParsableCommand { static let configuration = CommandConfiguration( commandName: "push", abstract: "Push an image to a remote registry" ) @Option(help: "Platform string in the form 'os/arch/variant'. Example 'linux/arm64/v8', 'linux/amd64'") var platformString: String? @Flag(help: "Push via plain text http") var http: Bool = false @Argument var ref: String func run() async throws { let imageStore = Application.imageStore let platform: Platform? = try { if let platformString { return try Platform(from: platformString) } return nil }() let reference = try Reference.parse(ref) reference.normalize() let normalizedReference = reference.description if normalizedReference != ref { print("Reference resolved to \(reference.description)") } try await Images.withAuthentication(ref: normalizedReference) { auth in try await imageStore.push(reference: normalizedReference, platform: platform, insecure: http, auth: auth) } print("image pushed") } } struct Save: AsyncParsableCommand { static let configuration = CommandConfiguration( commandName: "save", abstract: "Save one or more images to a tar archive" ) @Option(help: "Platform string in the form 'os/arch/variant'. Example 'linux/arm64/v8', 'linux/amd64'") var platform: String? @Option(name: .shortAndLong, help: "Path to tar archive") var output: String @Argument var reference: [String] func run() async throws { var p: Platform? = nil if let platform { p = try Platform(from: platform) } let store = Application.imageStore let tempDir = FileManager.default.uniqueTemporaryDirectory() defer { try? FileManager.default.removeItem(at: tempDir) } try await store.save(references: reference, out: tempDir, platform: p) let writer = try ArchiveWriter(format: .pax, filter: .none, file: URL(filePath: output)) try writer.archiveDirectory(tempDir) try writer.finishEncoding() print("image exported") } } struct Load: AsyncParsableCommand { static let configuration = CommandConfiguration( commandName: "load", abstract: "Load one or more images from a tar archive" ) @Option(name: .shortAndLong, help: "Path to tar archive") var input: String func run() async throws { let store = Application.imageStore let tarFile = URL(fileURLWithPath: input) let reader = try ArchiveReader(file: tarFile.absoluteURL) let tempDir = FileManager.default.uniqueTemporaryDirectory() defer { try? FileManager.default.removeItem(at: tempDir) } let rejectedPaths = try reader.extractContents(to: tempDir) let imported = try await store.load(from: tempDir) for image in imported { print("imported \(image.reference)") } for rejectedPath in rejectedPaths { print("warning: skipped image archive member \(rejectedPath)") } } } private static func withAuthentication( ref: String, _ body: @Sendable @escaping (_ auth: Authentication?) async throws -> T? ) async throws -> T? { var authentication: Authentication? let ref = try Reference.parse(ref) guard let host = ref.resolvedDomain else { throw ContainerizationError(.invalidArgument, message: "no host specified in image reference") } authentication = Self.authenticationFromEnv(host: host) if let authentication { return try await body(authentication) } let keychain = KeychainHelper(securityDomain: Application.keychainID) authentication = try? keychain.lookup(hostname: host) return try await body(authentication) } private static func authenticationFromEnv(host: String) -> Authentication? { let env = ProcessInfo.processInfo.environment guard env["REGISTRY_HOST"] == host else { return nil } guard let user = env["REGISTRY_USERNAME"], let password = env["REGISTRY_TOKEN"] else { return nil } return BasicAuthentication(username: user, password: password) } } } ================================================ FILE: Sources/cctl/KernelCommand.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import Containerization import Foundation extension Application { struct KernelCommand: AsyncParsableCommand { static let configuration = CommandConfiguration( commandName: "kernel", abstract: "Manage kernel images", subcommands: [ Create.self ] ) struct Create: AsyncParsableCommand { @Option(name: .shortAndLong, help: "Name for the kernel image") var name: String @Option(name: .long, help: "Labels to add to the built image of the form =, [=,...]") var labels: [String] = [] @Argument var kernels: [String] func run() async throws { let imageStore = Application.imageStore let contentStore = Application.contentStore let labels = Application.parseKeyValuePairs(from: labels) let binaries = try parseBinaries() _ = try await KernelImage.create( reference: name, binaries: binaries, labels: labels, imageStore: imageStore, contentStore: contentStore ) } func parseBinaries() throws -> [Kernel] { var binaries = [Kernel]() for rawBinary in kernels { let parts = rawBinary.split(separator: ":") guard parts.count == 2 else { throw "invalid binary format: \(rawBinary)" } let platform: SystemPlatform switch parts[1] { case "arm64": platform = .linuxArm case "amd64": platform = .linuxAmd default: fatalError("unsupported platform \(parts[1])") } binaries.append( .init( path: URL(fileURLWithPath: String(parts[0])), platform: platform ) ) } return binaries } } } } ================================================ FILE: Sources/cctl/LoginCommand.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import Containerization import ContainerizationError import ContainerizationExtras import ContainerizationOCI import Foundation extension Application { struct Login: AsyncParsableCommand { static let configuration = CommandConfiguration( commandName: "login", abstract: "Login to a registry" ) @OptionGroup() var application: Application @Option(name: .shortAndLong, help: "Username") var username: String = "" @Flag(help: "Take the password from stdin") var passwordStdin: Bool = false @Argument(help: "Registry server name") var server: String @Flag(help: "Use plain text http to authenticate") var http: Bool = false func run() async throws { var username = self.username var password = "" if passwordStdin { if username == "" { throw ContainerizationError(.invalidArgument, message: "must provide --username with --password-stdin") } guard let passwordData = try FileHandle.standardInput.readToEnd() else { throw ContainerizationError(.invalidArgument, message: "failed to read password from stdin") } password = String(decoding: passwordData, as: UTF8.self).trimmingCharacters(in: .whitespacesAndNewlines) } let keychain = KeychainHelper(securityDomain: Application.keychainID) if username == "" { username = try keychain.userPrompt(hostname: server) } if password == "" { password = try keychain.passwordPrompt() print() } let server = Reference.resolveDomain(domain: self.server) let scheme = http ? "http" : "https" let client = RegistryClient( host: server, scheme: scheme, authentication: BasicAuthentication(username: username, password: password), retryOptions: .init( maxRetries: 10, retryInterval: 300_000_000, shouldRetry: ({ response in response.status.code >= 500 }) ), tlsConfiguration: TLSUtils.makeEnvironmentAwareTLSConfiguration(), ) try await client.ping() try keychain.save(hostname: server, username: username, password: password) print("Login succeeded") } } } ================================================ FILE: Sources/cctl/RootfsCommand.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import Containerization import ContainerizationArchive import ContainerizationEXT4 import ContainerizationError import ContainerizationOCI import ContainerizationOS import Foundation extension Application { struct Rootfs: AsyncParsableCommand { static let configuration = CommandConfiguration( commandName: "rootfs", abstract: "Manage the root filesystem for a container", subcommands: [ Create.self ] ) struct Create: AsyncParsableCommand { @Option(name: [.short, .customLong("add-file")], help: "Additional file to add (format src-path:dst-path)") var addFiles: [String] = [] @Option(name: .customLong("ext4"), help: "The path to an ext4 image to create.") var ext4File: String? @Option(name: .customLong("image"), help: "The name of the image to produce.") var imageName: String? @Option(name: .customLong("label"), help: "Label to add to the image (format: key=value)") var labels: [String] = [] @Option(name: .long, help: "Platform of the built binaries being packaged into the block") var platformString: String = Platform.current.description @Option(name: .long, help: "Path to vmexec") var vmexec: String @Option(name: .long, help: "Path to vminitd") var vminitd: String @Option(name: .long, help: "Path to OCI runtime") var ociRuntime: String? // The path where the intermediate tar archive is created. @Argument var tarPath: String private static let directories = [ "bin", "sbin", "dev", "sys", "proc/self", // hack for swift init's booting "run", "tmp", "mnt", "var", ] func run() async throws { let path = URL(filePath: self.tarPath) try await writeArchive(path: path) if let image = self.imageName { print("creating initfs image \(image)...") try await outputImage( path: path, reference: image ) } if let ext4Path = self.ext4File { print("creating initfs ext4 image at \(ext4Path)...") try await outputExt4( archive: path, to: URL(filePath: ext4Path) ) } } private func outputExt4(archive: URL, to path: URL) async throws { let unpacker = EXT4Unpacker(blockSizeInBytes: 256.mib()) try unpacker.unpack(archive: archive, compression: .gzip, at: path) } private func outputImage(path: URL, reference: String) async throws { let p = try Platform(from: platformString) let parsedLabels = Application.parseKeyValuePairs(from: labels) _ = try await InitImage.create( reference: reference, rootfs: path, platform: p, labels: parsedLabels, imageStore: Application.imageStore, contentStore: Application.contentStore ) } private func writeArchive(path: URL) async throws { let writer = try ArchiveWriter( format: .pax, filter: .gzip, file: path, ) let ts = Date() let entry = WriteEntry() entry.permissions = 0o755 entry.modificationDate = ts entry.creationDate = ts entry.group = 0 entry.owner = 0 entry.fileType = .directory // create the initial directory structure. for dir in Self.directories { entry.path = dir try writer.writeEntry(entry: entry, data: nil) } entry.fileType = .regular entry.path = "sbin/vminitd" var src = URL(fileURLWithPath: vminitd) var data = try Data(contentsOf: src) entry.size = Int64(data.count) try writer.writeEntry(entry: entry, data: data) src = URL(fileURLWithPath: vmexec) data = try Data(contentsOf: src) entry.path = "sbin/vmexec" entry.size = Int64(data.count) try writer.writeEntry(entry: entry, data: data) if let ociRuntimePath = self.ociRuntime { src = URL(fileURLWithPath: ociRuntimePath) let fileName = src.lastPathComponent data = try Data(contentsOf: src) entry.path = "sbin/\(fileName)" entry.size = Int64(data.count) try writer.writeEntry(entry: entry, data: data) } for addFile in addFiles { let paths = addFile.components(separatedBy: ":") guard paths.count == 2 else { throw ContainerizationError(.invalidArgument, message: "use src-path:dst-path for --add-file") } src = URL(fileURLWithPath: paths[0]) data = try Data(contentsOf: src) entry.path = paths[1] entry.size = Int64(data.count) try writer.writeEntry(entry: entry, data: data) } entry.fileType = .symbolicLink entry.path = "proc/self/exe" entry.symlinkTarget = "sbin/vminitd" entry.size = nil try writer.writeEntry(entry: entry, data: nil) try writer.finishEncoding() } } } } ================================================ FILE: Sources/cctl/RunCommand.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import Containerization import ContainerizationError import ContainerizationExtras import ContainerizationOCI import ContainerizationOS import Foundation extension Application { struct Run: AsyncParsableCommand { static let configuration = CommandConfiguration( commandName: "run", abstract: "Run a container" ) @Option(name: [.customLong("image"), .customShort("i")], help: "Image reference to base the container on") var imageReference: String = "docker.io/library/alpine:3.16" @Option(name: .long, help: "id for the container") var id: String = "cctl" @Option(name: [.customLong("cpus"), .customShort("c")], help: "Number of CPUs to allocate to the container") var cpus: Int = 2 @Option(name: [.customLong("memory"), .customShort("m")], help: "Amount of memory in megabytes") var memory: UInt64 = 1024 @Option(name: .customLong("fs-size"), help: "The size to create the block filesystem as") var fsSizeInMB: UInt64 = 2048 @Flag(name: .customLong("rosetta"), help: "Enable rosetta x64 emulation") var rosetta = false @Option(name: .customLong("mount"), help: "Directory to share into the container (Example: /foo:/bar)") var mounts: [String] = [] @Option(name: .customLong("ns"), help: "Nameserver addresses") var nameservers: [String] = [] @Option(name: .long, help: "Path to OCI runtime to use for spawning the container") var ociRuntimePath: String? @Flag(name: .long, help: "Make rootfs readonly") var readOnly: Bool = false @Flag(name: .long, help: "Run with an init process for signal forwarding and zombie reaping") var `init`: Bool = false @Option( name: [.customLong("kernel"), .customShort("k")], help: "Kernel binary path", completion: .file(), transform: { str in URL(fileURLWithPath: str, relativeTo: .currentDirectory()).absoluteURL.path(percentEncoded: false) }) public var kernel: String @Option(name: .long, help: "Current working directory") var cwd: String = "/" @Argument(parsing: .captureForPassthrough) var arguments: [String] = ["/bin/sh"] func run() async throws { let kernel = Kernel( path: URL(fileURLWithPath: kernel), platform: .linuxArm ) // Choose network implementation based on macOS version let network: Network? if #available(macOS 26, *) { network = try VmnetNetwork() } else { network = nil } var manager = try await ContainerManager( kernel: kernel, initfsReference: "vminit:latest", network: network, rosetta: rosetta ) let sigwinchStream = AsyncSignalHandler.create(notify: [SIGWINCH]) let current = try Terminal.current try current.setraw() defer { current.tryReset() } let container = try await manager.create( id, reference: imageReference, rootfsSizeInBytes: fsSizeInMB.mib(), readOnly: readOnly ) { config in config.cpus = cpus config.memoryInBytes = memory.mib() config.process.setTerminalIO(terminal: current) config.process.arguments = arguments config.process.workingDirectory = cwd config.process.capabilities = .allCapabilities for mount in self.mounts { let paths = mount.split(separator: ":") if paths.count != 2 { throw ContainerizationError( .invalidArgument, message: "incorrect mount format detected: \(mount)" ) } let host = String(paths[0]) let guest = String(paths[1]) let czMount = Containerization.Mount.share( source: host, destination: guest ) config.mounts.append(czMount) } var hosts = Hosts.default if !nameservers.isEmpty { if #available(macOS 26, *) { config.dns = DNS(nameservers: nameservers) } else { print("Warning: Networking not supported on macOS < 26, ignoring DNS configuration") } } // Add host entry for the container using just the IP (not CIDR) if #available(macOS 26, *), !config.interfaces.isEmpty { let interface = config.interfaces[0] hosts.entries.append( Hosts.Entry( ipAddress: interface.ipv4Address.address.description, hostnames: [id] )) } config.hosts = hosts if let ociRuntimePath { config.ociRuntimePath = ociRuntimePath config.mounts = LinuxContainer.defaultOCIMounts() } config.useInit = self.`init` } defer { try? manager.delete(id) } try await container.create() try await container.start() // Resize the containers pty to the current terminal window. try? await container.resize(to: try current.size) try await withThrowingTaskGroup(of: Void.self) { group in group.addTask { for await _ in sigwinchStream.signals { try await container.resize(to: try current.size) } } try await container.wait() group.cancelAll() try await container.stop() } } private static let appRoot: URL = { FileManager.default.urls( for: .applicationSupportDirectory, in: .userDomainMask ).first! .appendingPathComponent("com.apple.containerization") }() } } ================================================ FILE: Sources/cctl/cctl+Utils.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Containerization import ContainerizationError import ContainerizationOCI import Foundation extension Application { static func fetchImage(reference: String, store: ImageStore) async throws -> Containerization.Image { do { return try await store.get(reference: reference) } catch let error as ContainerizationError { if error.code == .notFound { return try await store.pull(reference: reference) } throw error } } static func parseKeyValuePairs(from items: [String]) -> [String: String] { var parsedLabels: [String: String] = [:] for item in items { let parts = item.split(separator: "=", maxSplits: 1) guard parts.count == 2 else { continue } let key = String(parts[0]) let val = String(parts[1]) parsedLabels[key] = val } return parsedLabels } } extension ContainerizationOCI.Platform { static var arm64: ContainerizationOCI.Platform { .init(arch: "arm64", os: "linux", variant: "v8") } } ================================================ FILE: Sources/cctl/cctl.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import Containerization import ContainerizationOCI import Foundation import Logging let log = { LoggingSystem.bootstrap(StreamLogHandler.standardError) var log = Logger(label: "com.apple.containerization") log.logLevel = .debug return log }() @main struct Application: AsyncParsableCommand { static let keychainID = "com.apple.containerization" static let appRoot: URL = { FileManager.default.urls( for: .applicationSupportDirectory, in: .userDomainMask ).first! .appendingPathComponent("com.apple.containerization") }() private static let _contentStore: ContentStore = { try! LocalContentStore(path: appRoot.appendingPathComponent("content")) }() private static let _imageStore: ImageStore = { try! ImageStore( path: appRoot, contentStore: contentStore ) }() static var imageStore: ImageStore { _imageStore } static var contentStore: ContentStore { _contentStore } static let configuration = CommandConfiguration( commandName: "cctl", abstract: "Utility CLI for Containerization", version: "2.0.0", subcommands: [ Images.self, Login.self, Rootfs.self, Run.self, ] ) } extension String { var absoluteURL: URL { URL(fileURLWithPath: self).absoluteURL } } extension String: Swift.Error { } ================================================ FILE: Tests/ContainerizationArchiveTests/ArchiveReaderTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import SystemPackage import Testing @testable import ContainerizationArchive struct ArchiveReaderTests { // MARK: - Helper Methods func createTestArchive(name: String, entries: [(path: String, type: EntryType, target: String?)]) throws -> URL { let testDirectory = createTemporaryDirectory(baseName: "ArchiveReaderTests")! let archiveURL = testDirectory.appendingPathComponent("\(name).tar") let archiver = try ArchiveWriter(format: .paxRestricted, filter: .none, file: archiveURL) for entry in entries { let writeEntry = WriteEntry() writeEntry.path = entry.path writeEntry.permissions = 0o644 writeEntry.owner = 1000 writeEntry.group = 1000 switch entry.type { case .regular(let content): writeEntry.fileType = .regular let data = content.data(using: .utf8)! writeEntry.size = numericCast(data.count) try archiver.writeEntry(entry: writeEntry, data: data) case .directory: writeEntry.fileType = .directory writeEntry.permissions = 0o755 writeEntry.size = 0 try archiver.writeEntry(entry: writeEntry, data: nil) case .symlink: guard let target = entry.target else { throw ArchiveError.failedToExtractArchive("symlink requires target") } writeEntry.fileType = .symbolicLink writeEntry.symlinkTarget = target writeEntry.size = 0 try archiver.writeEntry(entry: writeEntry, data: nil) } } try archiver.finishEncoding() return archiveURL } func createExtractionDirectory(name: String) throws -> URL { let testDirectory = createTemporaryDirectory(baseName: "ArchiveReaderTests.\(name)")! return testDirectory.appendingPathComponent("extract") } enum EntryType { case regular(String) // Content case directory case symlink } // MARK: - Benign Archive Tests @Test func extractBenignArchive() throws { let archiveURL = try createTestArchive( name: "benign", entries: [ ("dir/", .directory, nil), ("dir/file.txt", .regular("test content"), nil), ("dir/subdir/", .directory, nil), ("dir/subdir/file2.txt", .regular("more content"), nil), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "benign") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) #expect(rejectedPaths.isEmpty, "Benign archive should not reject any entries") // Verify files were extracted #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("dir/file.txt").path)) #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("dir/subdir/file2.txt").path)) // Verify content let content1 = try String(contentsOf: extractDir.appendingPathComponent("dir/file.txt"), encoding: .utf8) #expect(content1 == "test content") let content2 = try String(contentsOf: extractDir.appendingPathComponent("dir/subdir/file2.txt"), encoding: .utf8) #expect(content2 == "more content") } @Test func extractRootLevelFile() throws { let archiveURL = try createTestArchive( name: "root-level", entries: [ ("file.txt", .regular("root file"), nil) ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "root-level") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) #expect(rejectedPaths.isEmpty) #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("file.txt").path)) let content = try String(contentsOf: extractDir.appendingPathComponent("file.txt"), encoding: .utf8) #expect(content == "root file") } // MARK: - Absolute Path Tests @Test func convertAbsolutePathToRelative() throws { let filename1: String = "/tmp/\(UUID())" let filename2: String = "//tmp//\(UUID())" let archiveURL = try createTestArchive( name: "benign-absolute", entries: [ ("/tmp/\(filename1)", .regular("hello"), nil), ("//tmp//\(filename2)", .regular("world"), nil), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "benign-absolute") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) // Absolute paths should be rejected #expect( rejectedPaths.isEmpty, "Expected absolute paths allowed, but got rejected paths \(rejectedPaths)") // Verify nothing was extracted to /tmp or /etc #expect(!FileManager.default.fileExists(atPath: filename1)) #expect(!FileManager.default.fileExists(atPath: filename2)) #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("tmp/\(filename1)").path)) #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("tmp/\(filename2)").path)) } // MARK: - Path Traversal Attack Tests @Test func rejectPathTraversal() throws { let archiveURL = try createTestArchive( name: "evil-traversal", entries: [ ("../etc/pwned", .regular("evil"), nil), ("foo/../../etc/pwned", .regular("evil"), nil), ("dir/../../../etc/pwned", .regular("evil"), nil), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "evil-traversal") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) // Path traversal entries should be rejected #expect( Set(rejectedPaths) == Set(["../etc/pwned", "foo/../../etc/pwned", "dir/../../../etc/pwned"]), "Expected path traversal entries to be rejected, got \(rejectedPaths)") // Verify nothing escaped let parentDir = extractDir.deletingLastPathComponent() #expect(!FileManager.default.fileExists(atPath: parentDir.appendingPathComponent("etc/pwned").path)) } @Test func rejectPathTraversalWithValidEntries() throws { let archiveURL = try createTestArchive( name: "mixed-traversal", entries: [ ("safe.txt", .regular("safe content"), nil), ("dir/", .directory, nil), ("dir/file.txt", .regular("also safe"), nil), ("../etc/pwned", .regular("evil"), nil), ("more/safe.txt", .regular("still safe"), nil), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "mixed-traversal") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) // Only the path traversal entry should be rejected #expect( rejectedPaths == ["../etc/pwned"], "Expected only path traversal entry to be rejected, got \(rejectedPaths)") // Valid entries should have been extracted #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("safe.txt").path)) #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("dir/file.txt").path)) #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("more/safe.txt").path)) // Verify nothing escaped let parentDir = extractDir.deletingLastPathComponent() #expect(!FileManager.default.fileExists(atPath: parentDir.appendingPathComponent("etc/pwned").path)) } @Test func rejectDotDotInMiddle() throws { let archiveURL = try createTestArchive( name: "evil-dotdot-middle", entries: [ ("safe/../pwned.txt", .regular("evil"), nil) ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "evil-dotdot-middle") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) #expect(rejectedPaths == ["safe/../pwned.txt"]) #expect(!FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("pwned.txt").path)) } // MARK: - Symlink Attack Tests @Test func allowValidSymlink() throws { let archiveURL = try createTestArchive( name: "safe-symlink", entries: [ ("dir/", .directory, nil), ("dir/target.txt", .regular("target content"), nil), ("dir/link", .symlink, "target.txt"), ("link2", .symlink, "dir/target.txt"), ("dir/passwd", .symlink, "/etc/passwd"), ("dir2/passwd", .symlink, "../../../../etc/passwd"), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "safe-symlink") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) #expect(rejectedPaths.isEmpty, "Valid symlinks should be allowed") // Verify symlinks were created let linkPath = extractDir.appendingPathComponent("dir/link").path #expect(FileManager.default.fileExists(atPath: linkPath)) let link2Path = extractDir.appendingPathComponent("link2").path #expect(FileManager.default.fileExists(atPath: link2Path)) // Verify symlinks point to correct targets let linkTarget = try FileManager.default.destinationOfSymbolicLink(atPath: linkPath) #expect(linkTarget == "target.txt") let link2Target = try FileManager.default.destinationOfSymbolicLink(atPath: link2Path) #expect(link2Target == "dir/target.txt") } @Test func allowSymlinkWithDotDot() throws { let archiveURL = try createTestArchive( name: "safe-symlink-dotdot", entries: [ ("dir/", .directory, nil), ("dir/subdir/", .directory, nil), ("target.txt", .regular("target"), nil), ("dir/subdir/link", .symlink, "../../target.txt"), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "safe-symlink-dotdot") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) #expect(rejectedPaths.isEmpty, "Symlink with .. that stays in root should be allowed") let linkPath = extractDir.appendingPathComponent("dir/subdir/link").path #expect(FileManager.default.fileExists(atPath: linkPath)) let linkTarget = try FileManager.default.destinationOfSymbolicLink(atPath: linkPath) #expect(linkTarget == "../../target.txt") } // MARK: - Deep Nesting Tests @Test func extractDeepNesting() throws { var entries: [(String, EntryType, String?)] = [] // Create 50 levels deep var path = "" for i in 0..<50 { if i > 0 { path += "/" } path += "level\(i)" entries.append((path + "/", .directory, nil)) } entries.append((path + "/deep.txt", .regular("deep file"), nil)) let archiveURL = try createTestArchive(name: "deep-nesting", entries: entries) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "deep-nesting") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) #expect(rejectedPaths.isEmpty) // Verify deep file exists let deepFilePath = extractDir.appendingPathComponent(path + "/deep.txt").path #expect(FileManager.default.fileExists(atPath: deepFilePath)) let content = try String(contentsOfFile: deepFilePath, encoding: .utf8) #expect(content == "deep file") } // MARK: - Normalization Tests @Test func handleDotSlashPrefix() throws { let archiveURL = try createTestArchive( name: "dot-slash", entries: [ ("./safe.txt", .regular("content"), nil), ("./dir/", .directory, nil), ("./dir/file.txt", .regular("more content"), nil), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "dot-slash") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) #expect(rejectedPaths.isEmpty, "./ prefix should be normalized and allowed") #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("safe.txt").path)) #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("dir/file.txt").path)) } @Test func handleDoubleSlashes() throws { let archiveURL = try createTestArchive( name: "double-slash", entries: [ ("dir//subdir/", .directory, nil), ("dir//subdir//file.txt", .regular("content"), nil), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "double-slash") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) #expect(rejectedPaths.isEmpty, "Double slashes should be normalized") // Verify file exists at normalized path let normalizedPath = "dir/subdir/file.txt" #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent(normalizedPath).path)) } // MARK: - File Permissions Tests @Test func preserveFilePermissions() throws { let archiveURL = try createTestArchive( name: "permissions", entries: [ ("executable.sh", .regular("#!/bin/bash\necho test"), nil) ]) // Manually set executable permissions let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) for (entry, _) in reader { if entry.path == "executable.sh" { entry.permissions = 0o755 } } // Re-create archive with proper permissions let testDirectory = createTemporaryDirectory(baseName: "ArchiveReaderTests")! let archiveURL2 = testDirectory.appendingPathComponent("permissions2.tar") let archiver = try ArchiveWriter(format: .paxRestricted, filter: .none, file: archiveURL2) let writeEntry = WriteEntry() writeEntry.path = "executable.sh" writeEntry.fileType = .regular writeEntry.permissions = 0o755 let data = "#!/bin/bash\necho test".data(using: .utf8)! writeEntry.size = numericCast(data.count) try archiver.writeEntry(entry: writeEntry, data: data) try archiver.finishEncoding() defer { try? FileManager.default.removeItem(at: testDirectory) } let extractDir = try createExtractionDirectory(name: "permissions") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader2 = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL2) let rejectedPaths = try reader2.extractContents(to: extractDir) #expect(rejectedPaths.isEmpty) // Verify permissions were preserved let filePath = extractDir.appendingPathComponent("executable.sh").path let attrs = try FileManager.default.attributesOfItem(atPath: filePath) let perms = (attrs[.posixPermissions] as? NSNumber)?.uint16Value ?? 0 let permMask: UInt16 = 0o777 #expect((perms & permMask) == 0o755, "Permissions should be preserved") } // MARK: - Duplicate Entry Tests @Test func duplicateRegularFiles() throws { let archiveURL = try createTestArchive( name: "duplicate-regular", entries: [ ("file.txt", .regular("first content"), nil), ("file.txt", .regular("second content"), nil), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "duplicate-regular") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) // Last entry wins - second file should replace first #expect(rejectedPaths.isEmpty, "Duplicate files follow last-entry-wins") #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("file.txt").path)) let content = try String(contentsOf: extractDir.appendingPathComponent("file.txt"), encoding: .utf8) #expect(content == "second content", "Last entry should win") } @Test func duplicateDirectories() throws { let archiveURL = try createTestArchive( name: "duplicate-dirs", entries: [ ("dir/", .directory, nil), ("dir/", .directory, nil), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "duplicate-dirs") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) // Both directories should be accepted (merged) #expect(rejectedPaths.isEmpty, "Duplicate directories should be merged") #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("dir").path)) } @Test func regularFileToDirectory() throws { let archiveURL = try createTestArchive( name: "file-to-dir", entries: [ ("path", .regular("content"), nil), ("path/", .directory, nil), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "file-to-dir") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) // Directory should replace the file #expect(rejectedPaths.isEmpty, "Directory should replace regular file") let attrs = try FileManager.default.attributesOfItem(atPath: extractDir.appendingPathComponent("path").path) let fileType = attrs[.type] as? FileAttributeType #expect(fileType == .typeDirectory, "Path should be a directory") } @Test func directoryToRegularFile() throws { let archiveURL = try createTestArchive( name: "dir-to-file", entries: [ ("path/", .directory, nil), ("path", .regular("content"), nil), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "dir-to-file") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) // Last entry wins - file should replace directory #expect(rejectedPaths.isEmpty, "Regular file should replace directory") // Should now be a regular file #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("path").path)) let content = try String(contentsOf: extractDir.appendingPathComponent("path"), encoding: .utf8) #expect(content == "content", "Should have file content") } @Test func regularFileToSymlink() throws { let archiveURL = try createTestArchive( name: "file-to-symlink", entries: [ ("target.txt", .regular("target"), nil), ("path", .regular("content"), nil), ("path", .symlink, "target.txt"), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "file-to-symlink") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) // Last entry wins - symlink should replace file #expect(rejectedPaths.isEmpty, "Symlink should replace regular file") // Should now be a symlink #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("path").path)) let linkTarget = try FileManager.default.destinationOfSymbolicLink(atPath: extractDir.appendingPathComponent("path").path) #expect(linkTarget == "target.txt") } @Test func symlinkToRegularFile() throws { let archiveURL = try createTestArchive( name: "symlink-to-file", entries: [ ("target.txt", .regular("target"), nil), ("path", .symlink, "target.txt"), ("path", .regular("new content"), nil), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "symlink-to-file") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) // Last entry wins - file should replace symlink #expect(rejectedPaths.isEmpty, "Regular file should replace symlink") // Should now be a regular file #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("path").path)) let content = try String(contentsOf: extractDir.appendingPathComponent("path"), encoding: .utf8) #expect(content == "new content") } @Test func symlinkToDirectory() throws { let archiveURL = try createTestArchive( name: "symlink-to-dir", entries: [ ("target/", .directory, nil), ("path", .symlink, "target"), ("path/", .directory, nil), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "symlink-to-dir") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) // Directory should replace symlink #expect(rejectedPaths.isEmpty, "Directory should replace symlink") // Path should now be a directory let attrs = try FileManager.default.attributesOfItem(atPath: extractDir.appendingPathComponent("path").path) let fileType = attrs[.type] as? FileAttributeType #expect(fileType == .typeDirectory, "Path should be a directory") } @Test func duplicateSymlinks() throws { let archiveURL = try createTestArchive( name: "duplicate-symlinks", entries: [ ("target1.txt", .regular("target1"), nil), ("target2.txt", .regular("target2"), nil), ("link", .symlink, "target1.txt"), ("link", .symlink, "target2.txt"), ]) defer { try? FileManager.default.removeItem(at: archiveURL.deletingLastPathComponent()) } let extractDir = try createExtractionDirectory(name: "duplicate-symlinks") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) let rejectedPaths = try reader.extractContents(to: extractDir) // Last entry wins - second symlink should replace first #expect(rejectedPaths.isEmpty, "Second symlink should replace first") let linkTarget = try FileManager.default.destinationOfSymbolicLink(atPath: extractDir.appendingPathComponent("link").path) #expect(linkTarget == "target2.txt", "Last symlink should win") } // MARK: - Empty Archive Tests @Test func rejectEmptyArchive() throws { let testDirectory = createTemporaryDirectory(baseName: "ArchiveReaderTests")! let archiveURL = testDirectory.appendingPathComponent("empty.tar") let archiver = try ArchiveWriter(format: .paxRestricted, filter: .none, file: archiveURL) try archiver.finishEncoding() defer { try? FileManager.default.removeItem(at: testDirectory) } let extractDir = try createExtractionDirectory(name: "empty") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } let reader = try ArchiveReader(format: .paxRestricted, filter: .none, file: archiveURL) #expect(throws: ArchiveError.self) { _ = try reader.extractContents(to: extractDir) } } // MARK: - Zstd Compression Tests @Test func readZstdCompressedArchive() throws { guard let resourceURL = Bundle.module.url(forResource: "test", withExtension: "tar.zst") else { Issue.record("Test resource test.tar.zst not found") return } let extractDir = try createExtractionDirectory(name: "zstd-test") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } // Test with explicit filter let reader = try ArchiveReader(format: .paxRestricted, filter: .zstd, file: resourceURL) let rejectedPaths = try reader.extractContents(to: extractDir) #expect(rejectedPaths.isEmpty, "No paths should be rejected") // Check extracted files let testFile = extractDir.appendingPathComponent("test.txt") let file2 = extractDir.appendingPathComponent("file2.txt") #expect(FileManager.default.fileExists(atPath: testFile.path), "test.txt should exist") #expect(FileManager.default.fileExists(atPath: file2.path), "file2.txt should exist") let testContent = try String(contentsOf: testFile, encoding: .utf8) #expect(testContent == "Hello from zstd compressed archive", "Content should match") let file2Content = try String(contentsOf: file2, encoding: .utf8) #expect(file2Content == "Another file", "Content should match") } @Test func readZstdCompressedArchiveAutoDetect() throws { guard let resourceURL = Bundle.module.url(forResource: "test", withExtension: "tar.zst") else { Issue.record("Test resource test.tar.zst not found") return } let extractDir = try createExtractionDirectory(name: "zstd-auto-test") defer { try? FileManager.default.removeItem(at: extractDir.deletingLastPathComponent()) } // Test with auto-detect let reader = try ArchiveReader(file: resourceURL) let rejectedPaths = try reader.extractContents(to: extractDir) #expect(rejectedPaths.isEmpty, "No paths should be rejected") // Check extracted files let testFile = extractDir.appendingPathComponent("test.txt") #expect(FileManager.default.fileExists(atPath: testFile.path), "test.txt should exist") let testContent = try String(contentsOf: testFile, encoding: .utf8) #expect(testContent == "Hello from zstd compressed archive", "Content should match") } } ================================================ FILE: Tests/ContainerizationArchiveTests/ArchiveTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // import Foundation import Testing @testable import ContainerizationArchive struct ArchiveTests { func helperEntry(path: String, data: Data) -> WriteEntry { let entry = WriteEntry() entry.permissions = 0o644 entry.fileType = .regular entry.path = path entry.size = numericCast(data.count) entry.owner = 1 entry.group = 2 entry.xattrs = ["user.data": Data([1, 2, 3])] return entry } @Test func createTemporaryDirectorySuccess() throws { // Test that createTemporaryDirectory creates a directory with randomized suffix let baseName = "ArchiveTests.testTempDir" guard let tempDir = createTemporaryDirectory(baseName: baseName) else { Issue.record("createTemporaryDirectory returned nil") return } defer { let fileManager = FileManager.default try? fileManager.removeItem(at: tempDir) } // Verify the directory exists var isDirectory: ObjCBool = false let fileManager = FileManager.default let exists = fileManager.fileExists(atPath: tempDir.path, isDirectory: &isDirectory) #expect(exists) #expect(isDirectory.boolValue) // Verify the directory name starts with the base name let lastComponent = tempDir.lastPathComponent #expect(lastComponent.starts(with: baseName)) // Verify that mkdtemp replaced the X's with random characters // (should be 6 random alphanumeric characters after the base name and dot) let suffix = String(lastComponent.dropFirst(baseName.count + 1)) // +1 for the dot #expect(suffix.count == 6, "Expected 6 character suffix, got \(suffix.count)") #expect(suffix != "XXXXXX", "mkdtemp did not replace X's with random characters") // Verify we can write to the directory let testFile = tempDir.appendingPathComponent("test.txt") try "test content".write(toFile: testFile.path, atomically: true, encoding: .utf8) #expect(fileManager.fileExists(atPath: testFile.path)) } @Test func tarUTF8() throws { let testDirectory = createTemporaryDirectory(baseName: "ArchiveTests.testTarUTF8")! let archiveURL = testDirectory.appendingPathComponent("test.tgz") defer { let fileManager = FileManager.default try? fileManager.removeItem(at: testDirectory) } // this test would failed with ArchiveWriterConfiguration.locale was not set to "en_US.UTF-8" let archiver = try ArchiveWriter(format: .paxRestricted, filter: .gzip, file: archiveURL) let data = "blablabla".data(using: .utf8)! let normalPathEntry = helperEntry(path: "r", data: data) #expect(throws: Never.self) { try archiver.writeEntry(entry: normalPathEntry, data: data) } let weirdPathEntry = helperEntry(path: "ʀ", data: data) #expect(throws: Never.self) { try archiver.writeEntry(entry: weirdPathEntry, data: data) } } @Test func tarGzipWithOpenfile() throws { let testDirectory = createTemporaryDirectory(baseName: "ArchiveTests.testTarGzipWithOpenfile")! let archiveURL = testDirectory.appendingPathComponent("test.tgz") defer { let fileManager = FileManager.default try? fileManager.removeItem(at: testDirectory) } let configuration = ArchiveWriterConfiguration( format: .paxRestricted, filter: .gzip ) let archiver = try ArchiveWriter(configuration: configuration) try archiver.open(file: archiveURL) let data = "foo".data(using: .utf8)! let normalPathEntry = helperEntry(path: "bar", data: data) #expect(throws: Never.self) { try archiver.writeEntry(entry: normalPathEntry, data: data) } try archiver.finishEncoding() } @Test func writingZip() throws { let testDirectory = createTemporaryDirectory(baseName: "ArchiveTests.testWritingZip")! let archiveURL = testDirectory.appendingPathComponent("test.zip") defer { let fileManager = FileManager.default try? fileManager.removeItem(at: testDirectory) } // When let archiver = try ArchiveWriter(format: .zip, filter: .none, file: archiveURL) var data = "foo".data(using: .utf8)! var entry = helperEntry(path: "foo.txt", data: data) try archiver.writeEntry(entry: entry, data: data) data = "bar".data(using: .utf8)! entry = helperEntry(path: "bar.txt", data: data) try archiver.writeEntry(entry: entry, data: data) data = Data() entry = helperEntry(path: "empty", data: data) try archiver.writeEntry(entry: entry, data: data) try archiver.finishEncoding() // Then let unarchiver = try ArchiveReader(format: .zip, filter: .none, file: archiveURL) for (index, (entry, data)) in unarchiver.enumerated() { #expect(entry.owner == 1) #expect(entry.group == 2) switch index { case 0: #expect(entry.path == "foo.txt") #expect(String(data: data, encoding: .utf8) == "foo") case 1: #expect(entry.path == "bar.txt") #expect(String(data: data, encoding: .utf8) == "bar") case 2: #expect(entry.path == "empty") #expect(data.isEmpty) default: Issue.record() } } } @Test func unarchiving_0bytesEntry() throws { let data = Data(base64Encoded: surveyBundleBase64Encoded)! let unarchiver = try ArchiveReader(name: "survey.zip", bundle: data) for (index, (entry, data)) in unarchiver.enumerated() { switch index { case 0: #expect(entry.path == "healthinvolvement.js") #expect(!data.isEmpty) case 1: #expect(entry.path == "__MACOSX/") #expect(data.isEmpty) case 2: #expect(entry.path == "__MACOSX/._healthinvolvement.js") #expect(!data.isEmpty) default: Issue.record() } } } @Test func writingReadingTar() throws { let testDirectory = createTemporaryDirectory(baseName: "ArchiveTests.testWritingReadingTar")! let archiveURL = testDirectory.appendingPathComponent("test.tar.gz") defer { let fileManager = FileManager.default try? fileManager.removeItem(at: testDirectory) } let archiver = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) let data = "foo".data(using: .utf8)! let entry = helperEntry(path: "foo.txt", data: data) try archiver.writeEntry(entry: entry, data: data) try archiver.finishEncoding() let unarchiver = try ArchiveReader(format: .pax, filter: .gzip, file: archiveURL) for (entry, _) in unarchiver { let attrs = entry.xattrs guard let val = attrs["user.data"] else { Issue.record("missing extended attribute [user.data] in file") return } #expect([UInt8](val) == [1, 2, 3]) } } // MARK: - archiveDirectory round-trip tests @Test func archiveDirectoryBasic() throws { let testDir = createTemporaryDirectory(baseName: "ArchiveTests.archiveDirBasic")! defer { try? FileManager.default.removeItem(at: testDir) } let sourceDir = testDir.appendingPathComponent("source") try FileManager.default.createDirectory(at: sourceDir, withIntermediateDirectories: true) try "hello".write(to: sourceDir.appendingPathComponent("file1.txt"), atomically: true, encoding: .utf8) let subDir = sourceDir.appendingPathComponent("subdir") try FileManager.default.createDirectory(at: subDir, withIntermediateDirectories: true) try "world".write(to: subDir.appendingPathComponent("file2.txt"), atomically: true, encoding: .utf8) let archiveURL = testDir.appendingPathComponent("test.tar.gz") let writer = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) try writer.archiveDirectory(sourceDir) try writer.finishEncoding() let extractDir = testDir.appendingPathComponent("extract") let reader = try ArchiveReader(file: archiveURL) let rejected = try reader.extractContents(to: extractDir) #expect(rejected.isEmpty) #expect(try String(contentsOf: extractDir.appendingPathComponent("file1.txt"), encoding: .utf8) == "hello") #expect(try String(contentsOf: extractDir.appendingPathComponent("subdir/file2.txt"), encoding: .utf8) == "world") } @Test func archiveDirectoryEmpty() throws { let testDir = createTemporaryDirectory(baseName: "ArchiveTests.archiveDirEmpty")! defer { try? FileManager.default.removeItem(at: testDir) } let sourceDir = testDir.appendingPathComponent("empty") try FileManager.default.createDirectory(at: sourceDir, withIntermediateDirectories: true) let archiveURL = testDir.appendingPathComponent("test.tar.gz") let writer = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) try writer.archiveDirectory(sourceDir) try writer.finishEncoding() let extractDir = testDir.appendingPathComponent("extract") let reader = try ArchiveReader(file: archiveURL) // Empty directory archive should succeed with the leading "./" entry. let rejected = try reader.extractContents(to: extractDir) #expect(rejected.isEmpty) #expect(FileManager.default.fileExists(atPath: extractDir.path)) } @Test func archiveDirectoryNestedEmpty() throws { let testDir = createTemporaryDirectory(baseName: "ArchiveTests.archiveDirNestedEmpty")! defer { try? FileManager.default.removeItem(at: testDir) } let sourceDir = testDir.appendingPathComponent("source") try FileManager.default.createDirectory(at: sourceDir, withIntermediateDirectories: true) try FileManager.default.createDirectory( at: sourceDir.appendingPathComponent("a/b/c"), withIntermediateDirectories: true) try FileManager.default.createDirectory( at: sourceDir.appendingPathComponent("empty"), withIntermediateDirectories: true) try "data".write(to: sourceDir.appendingPathComponent("a/file.txt"), atomically: true, encoding: .utf8) let archiveURL = testDir.appendingPathComponent("test.tar.gz") let writer = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) try writer.archiveDirectory(sourceDir) try writer.finishEncoding() let extractDir = testDir.appendingPathComponent("extract") let reader = try ArchiveReader(file: archiveURL) let rejected = try reader.extractContents(to: extractDir) #expect(rejected.isEmpty) #expect(try String(contentsOf: extractDir.appendingPathComponent("a/file.txt"), encoding: .utf8) == "data") var isDir: ObjCBool = false #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("a/b/c").path, isDirectory: &isDir)) #expect(isDir.boolValue) #expect(FileManager.default.fileExists(atPath: extractDir.appendingPathComponent("empty").path, isDirectory: &isDir)) #expect(isDir.boolValue) } @Test func archiveDirectoryDeepNesting() throws { let testDir = createTemporaryDirectory(baseName: "ArchiveTests.archiveDirDeep")! defer { try? FileManager.default.removeItem(at: testDir) } let sourceDir = testDir.appendingPathComponent("source") var deepPath = sourceDir for i in 0..<20 { deepPath = deepPath.appendingPathComponent("level\(i)") } try FileManager.default.createDirectory(at: deepPath, withIntermediateDirectories: true) try "deep content".write(to: deepPath.appendingPathComponent("deep.txt"), atomically: true, encoding: .utf8) let archiveURL = testDir.appendingPathComponent("test.tar.gz") let writer = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) try writer.archiveDirectory(sourceDir) try writer.finishEncoding() let extractDir = testDir.appendingPathComponent("extract") let reader = try ArchiveReader(file: archiveURL) let rejected = try reader.extractContents(to: extractDir) #expect(rejected.isEmpty) var expectedPath = extractDir for i in 0..<20 { expectedPath = expectedPath.appendingPathComponent("level\(i)") } #expect(try String(contentsOf: expectedPath.appendingPathComponent("deep.txt"), encoding: .utf8) == "deep content") } @Test func archiveDirectorySymlinkInside() throws { let testDir = createTemporaryDirectory(baseName: "ArchiveTests.archiveDirSymlinkInside")! defer { try? FileManager.default.removeItem(at: testDir) } let sourceDir = testDir.appendingPathComponent("source") try FileManager.default.createDirectory(at: sourceDir, withIntermediateDirectories: true) try "target content".write(to: sourceDir.appendingPathComponent("target.txt"), atomically: true, encoding: .utf8) try FileManager.default.createSymbolicLink( atPath: sourceDir.appendingPathComponent("link.txt").path, withDestinationPath: "target.txt" ) let archiveURL = testDir.appendingPathComponent("test.tar.gz") let writer = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) try writer.archiveDirectory(sourceDir) try writer.finishEncoding() let extractDir = testDir.appendingPathComponent("extract") let reader = try ArchiveReader(file: archiveURL) let rejected = try reader.extractContents(to: extractDir) #expect(rejected.isEmpty) #expect(try String(contentsOf: extractDir.appendingPathComponent("target.txt"), encoding: .utf8) == "target content") let linkDest = try FileManager.default.destinationOfSymbolicLink(atPath: extractDir.appendingPathComponent("link.txt").path) #expect(linkDest == "target.txt") } @Test func archiveDirectorySymlinkOutsideExcluded() throws { let testDir = createTemporaryDirectory(baseName: "ArchiveTests.archiveDirSymlinkOutside")! defer { try? FileManager.default.removeItem(at: testDir) } let sourceDir = testDir.appendingPathComponent("source") try FileManager.default.createDirectory(at: sourceDir, withIntermediateDirectories: true) try "inside".write(to: sourceDir.appendingPathComponent("file.txt"), atomically: true, encoding: .utf8) // Create a file outside the source directory try "outside".write(to: testDir.appendingPathComponent("outside.txt"), atomically: true, encoding: .utf8) // Symlink pointing outside the source directory try FileManager.default.createSymbolicLink( atPath: sourceDir.appendingPathComponent("escape.txt").path, withDestinationPath: "../outside.txt" ) let archiveURL = testDir.appendingPathComponent("test.tar.gz") let writer = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) try writer.archiveDirectory(sourceDir) try writer.finishEncoding() // Verify the archive doesn't contain the escaping symlink let reader = try ArchiveReader(file: archiveURL) var paths: [String] = [] for (entry, _) in reader { if let path = entry.path { paths.append(path) } } #expect(!paths.contains("escape.txt"), "Symlink pointing outside should be excluded from archive") #expect(paths.contains("file.txt"), "Regular file should be included") } @Test func archiveDirectorySpecialCharacters() throws { let testDir = createTemporaryDirectory(baseName: "ArchiveTests.archiveDirSpecialChars")! defer { try? FileManager.default.removeItem(at: testDir) } let sourceDir = testDir.appendingPathComponent("source") try FileManager.default.createDirectory(at: sourceDir, withIntermediateDirectories: true) try "spaces".write(to: sourceDir.appendingPathComponent("file with spaces.txt"), atomically: true, encoding: .utf8) try "unicode".write(to: sourceDir.appendingPathComponent("日本語.txt"), atomically: true, encoding: .utf8) try "dashes".write(to: sourceDir.appendingPathComponent("file-name_v2.0.txt"), atomically: true, encoding: .utf8) let archiveURL = testDir.appendingPathComponent("test.tar.gz") let writer = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) try writer.archiveDirectory(sourceDir) try writer.finishEncoding() let extractDir = testDir.appendingPathComponent("extract") let reader = try ArchiveReader(file: archiveURL) let rejected = try reader.extractContents(to: extractDir) #expect(rejected.isEmpty) #expect(try String(contentsOf: extractDir.appendingPathComponent("file with spaces.txt"), encoding: .utf8) == "spaces") #expect(try String(contentsOf: extractDir.appendingPathComponent("日本語.txt"), encoding: .utf8) == "unicode") #expect(try String(contentsOf: extractDir.appendingPathComponent("file-name_v2.0.txt"), encoding: .utf8) == "dashes") } @Test func archiveDirectoryDotfiles() throws { let testDir = createTemporaryDirectory(baseName: "ArchiveTests.archiveDirDotfiles")! defer { try? FileManager.default.removeItem(at: testDir) } let sourceDir = testDir.appendingPathComponent("source") try FileManager.default.createDirectory(at: sourceDir, withIntermediateDirectories: true) try "hidden".write(to: sourceDir.appendingPathComponent(".hidden"), atomically: true, encoding: .utf8) try "gitignore".write(to: sourceDir.appendingPathComponent(".gitignore"), atomically: true, encoding: .utf8) try "visible".write(to: sourceDir.appendingPathComponent("visible.txt"), atomically: true, encoding: .utf8) let hiddenDir = sourceDir.appendingPathComponent(".config") try FileManager.default.createDirectory(at: hiddenDir, withIntermediateDirectories: true) try "config".write(to: hiddenDir.appendingPathComponent("settings.json"), atomically: true, encoding: .utf8) let archiveURL = testDir.appendingPathComponent("test.tar.gz") let writer = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) try writer.archiveDirectory(sourceDir) try writer.finishEncoding() let extractDir = testDir.appendingPathComponent("extract") let reader = try ArchiveReader(file: archiveURL) let rejected = try reader.extractContents(to: extractDir) #expect(rejected.isEmpty) #expect(try String(contentsOf: extractDir.appendingPathComponent(".hidden"), encoding: .utf8) == "hidden") #expect(try String(contentsOf: extractDir.appendingPathComponent(".gitignore"), encoding: .utf8) == "gitignore") #expect(try String(contentsOf: extractDir.appendingPathComponent("visible.txt"), encoding: .utf8) == "visible") #expect(try String(contentsOf: extractDir.appendingPathComponent(".config/settings.json"), encoding: .utf8) == "config") } @Test func archiveDirectoryPreservesPermissions() throws { let testDir = createTemporaryDirectory(baseName: "ArchiveTests.archiveDirPerms")! defer { try? FileManager.default.removeItem(at: testDir) } let sourceDir = testDir.appendingPathComponent("source") try FileManager.default.createDirectory(at: sourceDir, withIntermediateDirectories: true) let execFile = sourceDir.appendingPathComponent("script.sh") try "#!/bin/sh\necho hi".write(to: execFile, atomically: true, encoding: .utf8) try FileManager.default.setAttributes([.posixPermissions: 0o755], ofItemAtPath: execFile.path) let readOnly = sourceDir.appendingPathComponent("readonly.txt") try "secret".write(to: readOnly, atomically: true, encoding: .utf8) try FileManager.default.setAttributes([.posixPermissions: 0o444], ofItemAtPath: readOnly.path) let archiveURL = testDir.appendingPathComponent("test.tar.gz") let writer = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) try writer.archiveDirectory(sourceDir) try writer.finishEncoding() let extractDir = testDir.appendingPathComponent("extract") let reader = try ArchiveReader(file: archiveURL) let rejected = try reader.extractContents(to: extractDir) #expect(rejected.isEmpty) let execAttrs = try FileManager.default.attributesOfItem(atPath: extractDir.appendingPathComponent("script.sh").path) let execPerms = (execAttrs[.posixPermissions] as? NSNumber)?.uint16Value ?? 0 #expect((execPerms & 0o777) == 0o755, "Executable permissions should be preserved") let roAttrs = try FileManager.default.attributesOfItem(atPath: extractDir.appendingPathComponent("readonly.txt").path) let roPerms = (roAttrs[.posixPermissions] as? NSNumber)?.uint16Value ?? 0 #expect((roPerms & 0o777) == 0o444, "Read-only permissions should be preserved") } @Test func archiveDirectoryLargeFile() throws { let testDir = createTemporaryDirectory(baseName: "ArchiveTests.archiveDirLargeFile")! defer { try? FileManager.default.removeItem(at: testDir) } let sourceDir = testDir.appendingPathComponent("source") try FileManager.default.createDirectory(at: sourceDir, withIntermediateDirectories: true) // 2MB file with repeating pattern let pattern = Data("ContainerizationArchiveTestPattern\n".utf8) var largeData = Data(capacity: 2 * 1024 * 1024) while largeData.count < 2 * 1024 * 1024 { largeData.append(pattern) } largeData = largeData.prefix(2 * 1024 * 1024) try largeData.write(to: sourceDir.appendingPathComponent("large.bin")) let archiveURL = testDir.appendingPathComponent("test.tar.gz") let writer = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) try writer.archiveDirectory(sourceDir) try writer.finishEncoding() let extractDir = testDir.appendingPathComponent("extract") let reader = try ArchiveReader(file: archiveURL) let rejected = try reader.extractContents(to: extractDir) #expect(rejected.isEmpty) let extracted = try Data(contentsOf: extractDir.appendingPathComponent("large.bin")) #expect(extracted == largeData, "Large file content should match after round-trip") } @Test func archiveDirectoryManyFiles() throws { let testDir = createTemporaryDirectory(baseName: "ArchiveTests.archiveDirManyFiles")! defer { try? FileManager.default.removeItem(at: testDir) } let sourceDir = testDir.appendingPathComponent("source") try FileManager.default.createDirectory(at: sourceDir, withIntermediateDirectories: true) // Create 100 files for i in 0..<100 { try "content \(i)".write( to: sourceDir.appendingPathComponent("file_\(String(format: "%03d", i)).txt"), atomically: true, encoding: .utf8) } let archiveURL = testDir.appendingPathComponent("test.tar.gz") let writer = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) try writer.archiveDirectory(sourceDir) try writer.finishEncoding() let extractDir = testDir.appendingPathComponent("extract") let reader = try ArchiveReader(file: archiveURL) let rejected = try reader.extractContents(to: extractDir) #expect(rejected.isEmpty) for i in 0..<100 { let content = try String( contentsOf: extractDir.appendingPathComponent("file_\(String(format: "%03d", i)).txt"), encoding: .utf8) #expect(content == "content \(i)") } } @Test func archiveDirectorySingleFile() throws { let testDir = createTemporaryDirectory(baseName: "ArchiveTests.archiveDirSingle")! defer { try? FileManager.default.removeItem(at: testDir) } let sourceDir = testDir.appendingPathComponent("source") try FileManager.default.createDirectory(at: sourceDir, withIntermediateDirectories: true) try "only file".write(to: sourceDir.appendingPathComponent("only.txt"), atomically: true, encoding: .utf8) let archiveURL = testDir.appendingPathComponent("test.tar.gz") let writer = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) try writer.archiveDirectory(sourceDir) try writer.finishEncoding() let extractDir = testDir.appendingPathComponent("extract") let reader = try ArchiveReader(file: archiveURL) let rejected = try reader.extractContents(to: extractDir) #expect(rejected.isEmpty) #expect(try String(contentsOf: extractDir.appendingPathComponent("only.txt"), encoding: .utf8) == "only file") } @Test func archiveDirectorySymlinkRelativeSubdir() throws { let testDir = createTemporaryDirectory(baseName: "ArchiveTests.archiveDirSymlinkRelSubdir")! defer { try? FileManager.default.removeItem(at: testDir) } let sourceDir = testDir.appendingPathComponent("source") let subA = sourceDir.appendingPathComponent("a") let subB = sourceDir.appendingPathComponent("b") try FileManager.default.createDirectory(at: subA, withIntermediateDirectories: true) try FileManager.default.createDirectory(at: subB, withIntermediateDirectories: true) try "in a".write(to: subA.appendingPathComponent("file.txt"), atomically: true, encoding: .utf8) // Symlink from b/link.txt -> ../a/file.txt (relative, stays inside) try FileManager.default.createSymbolicLink( atPath: subB.appendingPathComponent("link.txt").path, withDestinationPath: "../a/file.txt" ) let archiveURL = testDir.appendingPathComponent("test.tar.gz") let writer = try ArchiveWriter(format: .pax, filter: .gzip, file: archiveURL) try writer.archiveDirectory(sourceDir) try writer.finishEncoding() let extractDir = testDir.appendingPathComponent("extract") let reader = try ArchiveReader(file: archiveURL) let rejected = try reader.extractContents(to: extractDir) #expect(rejected.isEmpty) let linkDest = try FileManager.default.destinationOfSymbolicLink( atPath: extractDir.appendingPathComponent("b/link.txt").path) #expect(linkDest == "../a/file.txt") // Verify the symlink resolves correctly let content = try String(contentsOf: extractDir.appendingPathComponent("b/link.txt"), encoding: .utf8) #expect(content == "in a") } } private let surveyBundleBase64Encoded = """ UEsDBBQACAAIAA17o04AAAAAAAAAAAAAAAAUABAAaGVhbHRoaW52b2x2ZW1lbnQuanNVWAwAQ8XMXJm/zFz1ARQAnVVRa9swEH73rzjylMLwmu3NJexhDLqxroPAYIxRFPsca5UlT5LteSH/fSdZdu02LqMiEEl3uvv06e5zwzRwyS1n4q4qmEHYwjECGn6VwKrSXGluu9Urv50rXSbBxWBquZImgR9+/Wgcz226IVTKBP+L2We2R0E5rlULrapFBp2qYY/GQoYm1XyPbsdBbJRosERpaQ7cmBoNaBTMYgZW9V4FMmGLdwBfBbqrpIVS9KckxgH9mXGPHSGYJFh2ZdK0qJPli9mucpTtuDwIfF8onuJytNTbl8ibj+NTzr4oC4x+QgzsZDHcdIGElGmESquGZ6gh45qeykDpyAgeI3s9mcQQNEzUhP8STougn4W0UyW2BbMTQB8h9e9KD5kpogVKRcDowUom2QGhHABP8m9emv8b6m6W29KacrVK3wMzwMAiK6HldPvyPFPPI3vzUmQf/lhNxSXm8FQrH9JQdWVA6JgEljUUwKJrNnIwKPIJiLf/BeLnksvyYW5uK9fPjBDnTBg853h6vNknOkWnKMpr6QUB0EGlC6yxoYa6CA3TkNYMGuMNsV9dRd7Kc1gH63brGtKL0upi0m0aba3lXK9C9mhiP47alVHrrxaw3Wk0FYkXmvU4G5KFQOP+LADVyoEsZn65cOR2/4s6LSZRCfb4IXgsUB7ooV/DxgV0dPymznNBJaMOHaWXKlFannOnNatUlTFLWxRCUtJ4diLuS+epeFluhSPgxtWya7vvTh+vvXdw6QXWP7hTYG/q4BP5SexgV+sGB81vUJvebRNfDt+BQEcyEtrvh5XSyRmme5eBwGScOTqi2c2uon9QSwcIxOijbWkCAACaBgAAUEsDBAoAAAAAAFV+o04AAAAAAAAAAAAAAAAJABAAX19NQUNPU1gvVVgMAMHFzFzBxcxc9QEUAFBLAwQUAAgACAANe6NOAAAAAAAAAAAAAAAAHwAQAF9fTUFDT1NYLy5faGVhbHRoaW52b2x2ZW1lbnQuanNVWAwAQ8XMXJm/zFz1ARQAjY/NSsNAEMcnRfHjVBA9eLGiHjy0m5qkDa2XtGlrwVKxAUUUWZMpiW4+mmzrxZtP4pOINw8efQXx6BMIbmigUBAd2P/MDr8/MwOLG0uQA+hRu9AfFM4LWaQ9WBHvAED6Eln8c9vwrzAs63RapQ5pVxTfc8hC1s8DbNqhX6JRxLDEaMLHCToO5bhzMpiikipEA9ifcT5yKhhau+uZXY6+Gd4HLKQOOqZwph5PyAPA3u+eMxdjbMehn6T8h5BDgPUZPxrTmAbcCxDen98u002cz9dymm8i5iVclp8kxXghV7j1eLO8mi0rZQfm5g5em5mu8z2X8yipERJhFGFsu5RnU8V8MvQYJqRMNLVK/LDV71iMWW583OyY5Agp4243mIRsgj4GvHSb/Dn7YkRkWVfqmk1RV3RaH9Ahjb16y6hUKxVNK8rtcqOo6kIastooNlXT1IyWoTYVA34AUEsHCAK+cV1ZAQAAIQIAAFBLAQIVAxQACAAIAA17o07E6KNtaQIAAJoGAAAUAAwAAAAAAAAAAECkgQAAAABoZWFsdGhpbnZvbHZlbWVudC5qc1VYCABDxcxcmb/MXFBLAQIVAwoAAAAAAFV+o04AAAAAAAAAAAAAAAAJAAwAAAAAAAAAAED9QbsCAABfX01BQ09TWC9VWAgAwcXMXMHFzFxQSwECFQMUAAgACAANe6NOAr5xXVkBAAAhAgAAHwAMAAAAAAAAAABApIHyAgAAX19NQUNPU1gvLl9oZWFsdGhpbnZvbHZlbWVudC5qc1VYCABDxcxcmb/MXFBLBQYAAAAAAwADAOoAAACoBAAAAAA= """ ================================================ FILE: Tests/ContainerizationEXT4Tests/Resources/content/blobs/sha256/48a06049d3738991b011ca8b12473d712b7c40666a1462118dae3c403676afc2 ================================================ { "schemaVersion": 2, "mediaType": "application/vnd.oci.image.manifest.v1+json", "config": { "mediaType": "application/vnd.oci.image.config.v1+json", "digest": "sha256:8e2eb240a6cd7be1a0d308125afe0060b020e89275ced2e729eda7d4eeff62a2", "size": 824 }, "layers": [ { "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", "digest": "sha256:c6b39de5b33961661dc939b997cc1d30cda01e38005a6c6625fd9c7e748bab44", "size": 3333361 }, { "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", "digest": "sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1", "size": 32 } ] } ================================================ FILE: Tests/ContainerizationEXT4Tests/Resources/content/blobs/sha256/8e2eb240a6cd7be1a0d308125afe0060b020e89275ced2e729eda7d4eeff62a2 ================================================ {"architecture":"arm64","config":{"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/bin/sh"],"OnBuild":null},"created":"2024-03-16T00:09:03.929767682Z","history":[{"created":"2024-01-26T23:44:55.650290626Z","created_by":"/bin/sh -c #(nop) ADD file:6dc287a22d6cc7723b0576dd3a9a644468d133c54d42c8a8eda403e3117648f7 in / "},{"created":"2024-01-26T23:44:55.750082605Z","created_by":"/bin/sh -c #(nop) CMD [\"/bin/sh\"]","empty_layer":true},{"created":"2024-03-16T00:09:03.929767682Z","created_by":"RUN /bin/sh -c echo \"test\" # buildkit","comment":"buildkit.dockerfile.v0"}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:7c504f21be85c8ade51b7ade32a39a4269bcbcf0e593352923f1b8ea6278e5ef","sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef"]},"variant":"v8"} ================================================ FILE: Tests/ContainerizationEXT4Tests/Resources/content/blobs/sha256/ad59e9f71edceca7b1ac7c642410858489b743c97233b0a26a5e2098b1443762 ================================================ {"schemaVersion":2,"mediaType":"application/vnd.oci.image.index.v1+json","manifests":[{"mediaType":"application/vnd.oci.image.manifest.v1+json","digest":"sha256:48a06049d3738991b011ca8b12473d712b7c40666a1462118dae3c403676afc2","size":667,"annotations":{"com.apple.container.sign.v1.certificate/ptr":"mac-Q5W6919KP6:41FB3AB2-E9B9-45CE-8252-8C17C8038670:wlan0","com.apple.container.sign.v1.signature":"MEUCIEX3psgFczBpby6sMdzBk5FF5ID5UbqM4nOpqfiVbkseAiEAlDLBr9ajHiswl8/rOyVmYdN98lakuK+dKyABEBXRXeQ="},"platform":{"architecture":"arm64","os":"linux"}}],"annotations":{"com.apple.container.info.v1.dockerfile-sha256sum":"d95983c2a8acbd4cf861c7d3b9117d3e722aebc3768ca682ddf2a427e2fd6583","com.apple.container.sign.v1.certificate/mac-Q5W6919KP6:41FB3AB2-E9B9-45CE-8252-8C17C8038670:wlan0":"LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURjekNDQXhpZ0F3SUJBZ0lJRW9tR0duRkFGTnd3Q2dZSUtvWkl6ajBFQXdJd2FqRWtNQ0lHQTFVRUF3d2INClFYQndiR1VnUTI5eWNHOXlZWFJsSUZCTFNVNUpWQ0JEUVNBeU1TQXdIZ1lEVlFRTERCZERaWEowYVdacFkyRjANCmFXOXVJRUYxZEdodmNtbDBlVEVUTUJFR0ExVUVDZ3dLUVhCd2JHVWdTVzVqTGpFTE1Ba0dBMVVFQmhNQ1ZWTXcNCkhoY05Nakl4TWpJd01Ua3hOREl3V2hjTk1qVXdNVEU0TVRreE5ERTVXakNCcGpFYU1CZ0dDZ21TSm9tVDhpeGsNCkFRRU1DakkzTURFd09UVTRPVFV4UWpCQUJnTlZCQU1NT1cxaFl5MVJOVmMyT1RFNVMxQTJPalF4UmtJelFVSXkNCkxVVTVRamt0TkRWRFJTMDRNalV5TFRoRE1UZERPREF6T0RZM01EcDNiR0Z1TURFVk1CTUdBMVVFQ3d3TVFYQncNCmJHVkRiMjV1WldOME1STXdFUVlEVlFRS0RBcEJjSEJzWlNCSmJtTXVNUmd3RmdZS0NaSW1pWlB5TEdRQkdSWUkNClNVUk5VeTFUVTA4d1dUQVRCZ2NxaGtqT1BRSUJCZ2dxaGtqT1BRTUJCd05DQUFTcW5tSjZ3cFluWWlKRkdRaDENCjlOcGkyVnp3M1I3UFlMOXY3MnNiUDZsNy83VUt3YXV4aVk1ZkdEL29yTnhwbWNScFdPRk5mNW1JUWpFcHByMDMNCkpYUXpvNElCYVRDQ0FXVXdEQVlEVlIwVEFRSC9CQUl3QURBZkJnTlZIU01FR0RBV2dCVEx3K0x0QUcxai8rV1QNCkpsLzJJVDVVMEJ6WEZUQkVCZ2dyQmdFRkJRY0JBUVE0TURZd05BWUlLd1lCQlFVSE1BR0dLR2gwZEhBNkx5OXYNClkzTndMbUZ3Y0d4bExtTnZiUzl2WTNOd01ETXRjR3RwYm1sMFkyRXlNREV3VGdZRFZSMFJCRWN3UmFCREJnWXINCkJnRUZBZ0tnT1RBM29CZ2JGa0ZRVUV4RlEwOU9Ua1ZEVkM1QlVGQk1SUzVEVDAyaEd6QVpvQU1DQVFDaEVqQVENCkd3NXphV1JvWVhKMGFHRmZiV0Z1YVRBb0JnTlZIU1VFSVRBZkJnZ3JCZ0VGQlFjREFnWUtLd1lCQkFHQ054UUMNCkFnWUhLd1lCQlFJREJEQXpCZ05WSFI4RUxEQXFNQ2lnSnFBa2hpSm9kSFJ3T2k4dlkzSnNMbUZ3Y0d4bExtTnYNCmJTOXdhMmx1YVhSallUSXVZM0pzTUIwR0ExVWREZ1FXQkJTRlIxOExjWkgxY1laNHlEajVyWXkwMmZNeTREQU8NCkJnTlZIUThCQWY4RUJBTUNCNEF3RUFZSktvWklodmRqWkFZcEJBTU1BVEl3Q2dZSUtvWkl6ajBFQXdJRFNRQXcNClJnSWhBSk9YTnBEWE43QjhHZFZIVE1WdmEzSForeXlCTDlMcm1hZTJkeFpUUUVoekFpRUF4b25CRjhnMTNQeXYNCkhCRFVSY0p0ZURUYVdQdnJyUW9HUi9KZXQzb3B5R1U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K"}} ================================================ FILE: Tests/ContainerizationEXT4Tests/TestEXT4ExtendedAttributes.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // swiftlint:disable force_try import Foundation import Testing @testable import ContainerizationEXT4 struct TestEXT4ExtendedAttribute { @Test func compressName() { struct TestCase { let input: String let expectedId: UInt8 let expectedStr: String init(_ input: String, _ expectedId: UInt8, _ expectedStr: String) { self.input = input self.expectedId = expectedId self.expectedStr = expectedStr } } let tests: [TestCase] = [ .init("my.test.xattr", 0, "my.test.xattr"), .init("user.fubar", 1, "fubar"), .init("system.posix_acl_access.denied_su", 2, ".denied_su"), .init("system.posix_acl_default_failed", 3, "_failed"), .init("trusted.user", 4, "user"), .init("trusted_user", 0, "trusted_user"), .init("security.auth", 6, "auth"), .init("system.admin", 7, "admin"), .init("system.richacl.denied", 8, ".denied"), ] for test in tests { let ret = EXT4.ExtendedAttribute.compressName(test.input) #expect(ret.0 == test.expectedId) #expect(ret.1 == test.expectedStr) } } @Test func encodeDecodeAttributes() { let xattrs: [String: Data] = [ "foo.bar": Data([1, 2, 3]), "bar": Data([0, 0, 0]), "system.richacl.bar": Data([99, 1, 9, 1]), "foobar.user": Data([71, 2, 45]), "test.xattr.cap": Data([1, 32, 3]), "testing123": Data([12, 24, 45]), "sys.admin": Data([16, 23, 13]), "test.123": Data([15, 26, 54]), "extendedattribute.test": Data([15, 26, 54, 1, 2, 4, 6, 7, 7]), ] let blockSize = 4096 var state = EXT4.FileXattrsState( inode: 1, inodeXattrCapacity: EXT4.InodeExtraSize, blockCapacity: UInt32(blockSize)) for (s, d) in xattrs { let attribute = EXT4.ExtendedAttribute(name: s, value: [UInt8](d)) try! state.add(attribute) } var inlineAttrBuffer: [UInt8] = .init(repeating: 0, count: Int(EXT4.InodeExtraSize)) var blockAttrBuffer: [UInt8] = .init(repeating: 0, count: blockSize) try! state.writeInlineAttributes(buffer: &inlineAttrBuffer) try! state.writeBlockAttributes(buffer: &blockAttrBuffer) let gotInlineXattrs = try! EXT4.EXT4Reader.readInlineExtendedAttributes(from: inlineAttrBuffer) let gotBlockXattrs = try! EXT4.EXT4Reader.readBlockExtendedAttributes(from: blockAttrBuffer) var gotXattrs: [String: Data] = [:] for attr in gotBlockXattrs + gotInlineXattrs { gotXattrs[attr.fullName] = Data(attr.value) } #expect(gotXattrs == xattrs) } } ================================================ FILE: Tests/ContainerizationEXT4Tests/TestEXT4Format+Create.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // import Foundation import SystemPackage import Testing @testable import ContainerizationEXT4 struct Ext4FormatCreateTests { @Test func fileReplace() throws { let fsPath = FilePath( FileManager.default.temporaryDirectory .appendingPathComponent(UUID().uuidString, isDirectory: false)) defer { try? FileManager.default.removeItem(at: fsPath.url) } let formatter = try EXT4.Formatter(fsPath, minDiskSize: 32.kib()) defer { try? formatter.close() } try formatter.create(path: FilePath("/file"), mode: EXT4.Inode.Mode(.S_IFREG, 0o755), buf: nil) // create a regular file #expect(throws: Never.self) { try formatter.create(path: FilePath("/file"), mode: EXT4.Inode.Mode(.S_IFREG, 0o755), buf: nil) } // overwrite it with a regular file #expect(throws: Error.self) { try formatter.create(path: FilePath("/file"), mode: EXT4.Inode.Mode(.S_IFDIR, 0o700)) } // overwrite it with a directory } @Test func dirReplace() throws { let fsPath = FilePath( FileManager.default.temporaryDirectory .appendingPathComponent(UUID().uuidString, isDirectory: false)) defer { try? FileManager.default.removeItem(at: fsPath.url) } let formatter = try EXT4.Formatter(fsPath, minDiskSize: 32.kib()) defer { try? formatter.close() } try formatter.create(path: FilePath("/dir"), mode: EXT4.Inode.Mode(.S_IFDIR, 0o700)) // create a directory #expect(throws: Never.self) { try formatter.create(path: FilePath("/dir"), mode: EXT4.Inode.Mode(.S_IFDIR, 0o700)) } // overwrite it with a directory #expect(throws: Error.self) { try formatter.create(path: FilePath("/dir"), mode: EXT4.Inode.Mode(.S_IFREG, 0o755)) } // overwrite it with a file } @Test func fileParentFails() throws { let fsPath = FilePath( FileManager.default.temporaryDirectory .appendingPathComponent(UUID().uuidString, isDirectory: false)) defer { try? FileManager.default.removeItem(at: fsPath.url) } let formatter = try EXT4.Formatter(fsPath, minDiskSize: 32.kib()) defer { try? formatter.close() } try formatter.create(path: FilePath("/file"), mode: EXT4.Inode.Mode(.S_IFREG, 0o755), buf: nil) // create a regular file #expect(throws: Error.self) { try formatter.create(path: FilePath("/file/dir"), mode: EXT4.Inode.Mode(.S_IFDIR, 0o700)) } // create a subdir in a file? } @Test func createParentAutomatically() throws { let fsPath = FilePath( FileManager.default.temporaryDirectory .appendingPathComponent(UUID().uuidString, isDirectory: false)) defer { try? FileManager.default.removeItem(at: fsPath.url) } let formatter = try EXT4.Formatter(fsPath, minDiskSize: 32.kib()) defer { try? formatter.close() } #expect(throws: Never.self) { try formatter.create(path: FilePath("/parent/file"), mode: EXT4.Inode.Mode(.S_IFREG, 0o755), buf: nil) } // should create /parent automatically } } ================================================ FILE: Tests/ContainerizationEXT4Tests/TestEXT4Format.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // swiftlint: disable force_try shorthand_operator static_over_final_class import Foundation import SystemPackage import Testing @testable import ContainerizationEXT4 struct Ext4FormatTests: ~Copyable { let fsPath = FilePath( FileManager.default.uniqueTemporaryDirectory() .appendingPathComponent("ext4.img.delme.format", isDirectory: false)) // This test creates a file named "ext4.img.delme" // Since there are no tools yet in osx/swift to test the created filesystem, // the tests below perform the same checks as the following manual commands // // From project root // $> backpack run -it -v SwiftExt4/Tests/SwiftExt4Tests/:/test -w test ubuntu:latest // $> ls -lrth ext4.img.delme # should be only 44K // $> e2fsck ext4.img.delme # should return 0 // $> dumpe2fs ext4.img.delme # should print info and return 0 // $> debugfs ext4.img.delme # should open the fs // debugfs 1.46.5 (30-Dec-2021) // debugfs: ls // 2 (12) . 2 (12) .. 15 (12) x 11 (20) lost+found 12 (12) ase // 16 (12) y 0 (4016) // // # check directory // // debugfs: stat /test // Inode: 12 Type: directory Mode: 01274 Flags: 0xc0000 // Generation: 0 Version: 0x00000000:00000000 // User: 0 Group: 0 Size: 4096 // File ACL: 0 // Links: 3 Blockcount: 1 // Fragment: Address: 0 Number: 0 Size: 0 // ctime: 0x6614b59f:8cdf6a34 -- Tue Apr 9 03:27:27 2024 // atime: 0x6614b59f:8cdf6a34 -- Tue Apr 9 03:27:27 2024 // mtime: 0x6614b59f:8cdf6a34 -- Tue Apr 9 03:27:27 2024 // crtime: 0x6614b59f:8cdf6a34 -- Tue Apr 9 03:27:27 2024 // Size of extra inode fields: 24 // EXTENTS: // (0):5 // // # check regular file // // debugfs: stat /test/foo/bar/x // Inode: 15 Type: regular Mode: 01363 Flags: 0xc0000 // Generation: 0 Version: 0x00000000:00000000 // User: 0 Group: 0 Size: 4 // File ACL: 0 // Links: 2 Blockcount: 1 // Fragment: Address: 0 Number: 0 Size: 0 // ctime: 0x6614b59f:8ce91ef8 -- Tue Apr 9 03:27:27 2024 // atime: 0x6614b59f:8ce91ef8 -- Tue Apr 9 03:27:27 2024 // mtime: 0x6614b59f:8ce91ef8 -- Tue Apr 9 03:27:27 2024 // crtime: 0x6614b59f:8ce91ef8 -- Tue Apr 9 03:27:27 2024 // Size of extra inode fields: 24 // EXTENTS: // (0):2 // // # check symlink // // debugfs: stat /y // Inode: 16 Type: symlink Mode: 01675 Flags: 0x0 // Generation: 0 Version: 0x00000000:00000000 // User: 0 Group: 0 Size: 19 // File ACL: 0 // Links: 1 Blockcount: 0 // Fragment: Address: 0 Number: 0 Size: 0 // ctime: 0x6614b59f:8cf052fc -- Tue Apr 9 03:27:27 2024 // atime: 0x6614b59f:8cf052fc -- Tue Apr 9 03:27:27 2024 // mtime: 0x6614b59f:8cf052fc -- Tue Apr 9 03:27:27 2024 // crtime: 0x6614b59f:8cf052fc -- Tue Apr 9 03:27:27 2024 // Size of extra inode fields: 24 // Fast link dest: "test/foo" // // # check hard link // // debugfs: stat x // Inode: 15 Type: regular Mode: 01363 Flags: 0xc0000 // Generation: 0 Version: 0x00000000:00000000 // User: 0 Group: 0 Size: 4 // File ACL: 0 // Links: 2 Blockcount: 1 // Fragment: Address: 0 Number: 0 Size: 0 // ctime: 0x6614b59f:8ce91ef8 -- Tue Apr 9 03:27:27 2024 // atime: 0x6614b59f:8ce91ef8 -- Tue Apr 9 03:27:27 2024 // mtime: 0x6614b59f:8ce91ef8 -- Tue Apr 9 03:27:27 2024 // crtime: 0x6614b59f:8ce91ef8 -- Tue Apr 9 03:27:27 2024 // Size of extra inode fields: 24 // EXTENTS: // (0):2 // // Mount and check // // $> mkdir -p mntpnt // $> mount -t ext4 ext4.img.delme mntpnt // $> # explore file tree init() throws { let formatter = try EXT4.Formatter(fsPath, minDiskSize: 32.kib()) try formatter.create(path: FilePath("/test"), mode: EXT4.Inode.Mode(.S_IFDIR, 0o700)) try formatter.create(path: FilePath("/test/foo"), mode: EXT4.Inode.Mode(.S_IFDIR, 0o700)) try formatter.create(path: FilePath("/test/foo/bar"), mode: EXT4.Inode.Mode(.S_IFDIR, 0o700)) let inputStream = InputStream(data: "test".data(using: .utf8)!) inputStream.open() try formatter.create( path: FilePath("/test/foo/bar/x"), mode: EXT4.Inode.Mode(.S_IFREG, 0o755), buf: inputStream) // create a regular file inputStream.close() try formatter.link(link: FilePath("/x"), target: FilePath("/test/foo/bar/x")) try formatter.create( path: FilePath("/y"), link: FilePath("test/foo"), mode: EXT4.Inode.Mode(.S_IFLNK, 0o700)) // create a symlink try formatter.close() } deinit { try? FileManager.default.removeItem(at: fsPath.url) } /// This test checks that the size of the FS at fsPath is the minimum possible /// for its data + metadata. It should be 44 kib or 11 blocks, expanded to accommodate /// data requiring > 32KiB of space @Test func fileSize() throws { let f = try FileHandle(forReadingFrom: fsPath.url) let size = try f.seekToEnd() #expect(size == 128.mib()) } /// This test checks that the superblock was created correctly @Test func superblock() throws { let f = try EXT4.EXT4Reader(blockDevice: fsPath) #expect(f.superBlock.blocksCountLow == 32768) #expect(f.superBlock.freeBlocksCountLow == 32246) // total - 512 inode blocks } /// This test checks that the group descriptor has been set correctly @Test func groupDescriptors() throws { let f = try EXT4.EXT4Reader(blockDevice: fsPath) let gd = try f.getGroupDescriptor(0) #expect(gd.blockBitmapLow == 551) // move over by 512 blocks (for inodes) #expect(gd.inodeBitmapLow == 552) // move over by 512 blocks (for inodes) #expect(gd.inodeTableLow == 39) #expect(gd.freeBlocksCountLow == 32246) // 512 block used by larger inode table per block group #expect(gd.freeInodesCountLow == 8176) // 512 times the inodes #expect(gd.usedDirsCountLow == 5) } /// This test checks that the block bitmap has been set correctly @Test func blockBitmap() throws { let ext4 = try EXT4.EXT4Reader(blockDevice: fsPath) let gd = try ext4.getGroupDescriptor(1) let blockBitmapOffset = gd.blockBitmapLow let f = try #require(FileHandle(forReadingFrom: fsPath)) try f.seek(toOffset: ext4.blockSize * blockBitmapOffset) let bitmapSize = ext4.superBlock.blocksPerGroup / 8 #expect(bitmapSize == 4096) let _ = try f.read( upToCount: Int(ext4.superBlock.blocksCountLow - ext4.superBlock.freeBlocksCountLow - 1) / 8 + 1) } /// This test checks that the inode bitmap has been set correctly @Test func inodeBitmap() throws { let ext4 = try EXT4.EXT4Reader(blockDevice: fsPath) let gd = try ext4.getGroupDescriptor(1) let inodeBitmapOffset = gd.inodeBitmapLow let f = try #require(FileHandle(forReadingFrom: fsPath)) try f.seek(toOffset: ext4.blockSize * inodeBitmapOffset) let bitmapSize = ext4.superBlock.inodesPerGroup / 8 #expect(bitmapSize == 1024) } /// This test checks that the inode table has been set correctly @Test func inodeTable() throws { let ext4 = try EXT4.EXT4Reader(blockDevice: fsPath) let gd = try ext4.getGroupDescriptor(0) let inodeTableOffset = gd.inodeTableLow let f = try #require(FileHandle(forReadingFrom: fsPath)) try f.seek(toOffset: ext4.blockSize * inodeTableOffset) let inodeTableSize = ext4.superBlock.inodesPerGroup * UInt32(ext4.superBlock.inodeSize) #expect(inodeTableSize == 2_097_152) let inodeTableData = try #require(try f.read(upToCount: Int(inodeTableSize))) let inodeAt: (Int) -> EXT4.Inode = { inodeNum in var inodeBytes: [UInt8] = .init(repeating: 0, count: Int(ext4.superBlock.inodeSize)) let inodeStart = Int(ext4.superBlock.inodeSize) * (inodeNum - 1) var j: Int = 0 for i in inodeStart.. URL { FileManager.default.temporaryDirectory.appendingPathComponent("ext4-\(name).img") } /// Build a fresh ext4 image, populate content, close, and return its URL. /// Usage: /// let url = try buildFS { fmt in /// try createFile(fmt, "/etc/hostname", "myhost\n") /// try createSymlink(fmt, "/bin/sh", "/usr/bin/busybox") // fast link /// } private func buildFS( minDiskSize: UInt64 = 4 * 1024 * 1024, // 4 MiB is enough for these tests blockSize: UInt32 = 4096, populate: (EXT4.Formatter) throws -> Void ) throws -> URL { let url = makeTempImageURL() let path = FilePath(url.path) // 1) Format image let formatter = try EXT4.Formatter(path, blockSize: blockSize, minDiskSize: minDiskSize) // 2) Populate contents try populate(formatter) // 3) Finalize filesystem try formatter.close() return url } /// Convenience to create a directory (recursively). private func createDir(_ fmt: EXT4.Formatter, _ path: String, mode: UInt16 = EXT4.Inode.Mode(.S_IFDIR, 0o755)) throws { try fmt.create(path: FilePath(path), mode: mode) } /// Convenience to create a regular file with UTF-8 content. private func createFile(_ fmt: EXT4.Formatter, _ path: String, _ contents: String, mode: UInt16 = EXT4.Inode.Mode(.S_IFREG, 0o644)) throws { let data = Data(contents.utf8) let stream = InputStream(data: data) stream.open() defer { stream.close() } try fmt.create(path: FilePath(path), mode: mode, buf: stream) } /// Convenience to create a (fast or long) symlink. Pass absolute target. private func createSymlink(_ fmt: EXT4.Formatter, _ linkPath: String, _ target: String, mode: UInt16 = EXT4.Inode.Mode(.S_IFLNK, 0o777)) throws { try fmt.create(path: FilePath(linkPath), link: FilePath(target), mode: mode) } /// Open reader for a given image URL. private func openReader(_ url: URL) throws -> EXT4.EXT4Reader { try EXT4.EXT4Reader(blockDevice: FilePath(url.path)) } // MARK: - Tests @Test func existsAndStatRootAndLostFound() throws { let url = try buildFS { _ in /* nothing extra */ } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) #expect(r.exists(FilePath("/"))) let (inoNum, ino) = try r.stat(FilePath("/")) #expect(inoNum == 2) #expect(ino.mode.isDir()) // lost+found is created by the formatter let names = try r.listDirectory(FilePath("/")) #expect(names.contains("lost+found")) } @Test func createAndReadRegularFilesWithOffsetsAndEOF() throws { let url = try buildFS { fmt in try self.createDir(fmt, "/etc") try self.createFile(fmt, "/etc/hostname", "myhost\n") try self.createDir(fmt, "/usr/bin") try self.createFile(fmt, "/usr/bin/hello", "Hello EXT4!\n") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) // exists/stat #expect(r.exists(FilePath("/etc/hostname"))) let (_, ino) = try r.stat(FilePath("/usr/bin/hello")) #expect(ino.mode.isReg()) // listDirectory excludes "." and ".." and is sorted let usrChildren = try r.listDirectory(FilePath("/usr")) #expect(usrChildren == ["bin"]) // full read to EOF let hello = try r.readFile(at: FilePath("/usr/bin/hello")) #expect(String(decoding: hello, as: UTF8.self) == "Hello EXT4!\n") // offset + count semantics let data = try r.readFile(at: FilePath("/usr/bin/hello"), offset: 6, count: 5) #expect(String(decoding: data, as: UTF8.self) == "EXT4!") // offset == size => empty; offset > size => empty let hostname = try r.readFile(at: FilePath("/etc/hostname")) let size = hostname.count #expect(try r.readFile(at: FilePath("/etc/hostname"), offset: UInt64(size)).count == 0) #expect(try r.readFile(at: FilePath("/etc/hostname"), offset: UInt64(size + 100)).count == 0) } @Test func readFileIntoBufferMatchesData() throws { let url = try buildFS { fmt in try self.createDir(fmt, "/etc") try self.createFile(fmt, "/etc/hostname", "myhost\n") } defer { try? FileManager.default.removeItem(at: url) } let reader = try openReader(url) let path = FilePath("/etc/hostname") let data = try reader.readFile(at: path, offset: 0, count: 4096) var buffer = [UInt8](repeating: 0, count: data.count) let wrote = try buffer.withUnsafeMutableBytes { ptr in try reader.readFile(at: path, into: ptr, offset: 0) } #expect(wrote == data.count) if wrote < buffer.count { buffer.removeSubrange(wrote.. /usr/bin/busybox let url = try buildFS { fmt in try self.createDir(fmt, "/usr/bin") try self.createFile(fmt, "/usr/bin/busybox", "BB\n") try self.createDir(fmt, "/bin") try self.createSymlink(fmt, "/bin/sh", "/usr/bin/busybox") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) // Reading through the link should hit the target bytes. let sh = try r.readFile(at: FilePath("/bin/sh")) #expect(String(decoding: sh, as: UTF8.self) == "BB\n") // stat(followSymlinks: false) should show symlink inode let (_, lnkIno) = try r.stat(FilePath("/bin/sh"), followSymlinks: false) #expect(lnkIno.mode.isLink()) // stat(default) follows let (_, tgtIno) = try r.stat(FilePath("/bin/sh")) #expect(tgtIno.mode.isReg()) } @Test func longSymlinkResolutionAndRead() throws { // Long symlink: target > 60 bytes triggers extent-backed storage (Formatter behavior). // Build a very long absolute path to exceed 60 chars. let deepDir = "/a/very/long/path/that/exceeds/sixty/bytes/for/symlink/target" #expect(deepDir.utf8.count > 60) let url = try buildFS { fmt in // Create deep directory structure and file try self.createDir(fmt, deepDir) try self.createFile(fmt, "\(deepDir)/payload.txt", "LONGLINK\n") // Link at a short path -> long absolute target try self.createSymlink(fmt, "/ll", "\(deepDir)/payload.txt") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) let bytes = try r.readFile(at: FilePath("/ll")) #expect(String(decoding: bytes, as: UTF8.self) == "LONGLINK\n") } @Test func symlinkLoopDetection() throws { let url = try buildFS { fmt in // /a -> /b and /b -> /a try self.createSymlink(fmt, "/a", "/b") try self.createSymlink(fmt, "/b", "/a") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) do { _ = try r.stat(FilePath("/a")) Issue.record("Expected symlinkLoop error") } catch let error as EXT4.PathIOError { guard case .symlinkLoop = error else { Issue.record("Expected symlinkLoop, got \(error)") return } } catch { Issue.record("Expected EXT4.PathIOError, got \(error)") } } @Test func complexSymlinkLoopDetection() throws { let url = try buildFS { fmt in // Create a longer chain that eventually loops: /a -> /b -> /c -> /d -> /b try self.createSymlink(fmt, "/a", "/b") try self.createSymlink(fmt, "/b", "/c") try self.createSymlink(fmt, "/c", "/d") try self.createSymlink(fmt, "/d", "/b") // Loop back to /b } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) do { _ = try r.stat(FilePath("/a")) Issue.record("Expected symlinkLoop error") } catch let error as EXT4.PathIOError { guard case .symlinkLoop = error else { Issue.record("Expected symlinkLoop for complex loop, got \(error)") return } } catch { Issue.record("Expected EXT4.PathIOError, got \(error)") } } @Test func selfReferencingSymlink() throws { let url = try buildFS { fmt in // Self-referencing symlink: /self -> /self try self.createSymlink(fmt, "/self", "/self") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) do { _ = try r.stat(FilePath("/self")) Issue.record("Expected symlinkLoop error") } catch let error as EXT4.PathIOError { guard case .symlinkLoop = error else { Issue.record("Expected symlinkLoop for self-reference, got \(error)") return } } catch { Issue.record("Expected EXT4.PathIOError, got \(error)") } } @Test func longSymlinkChainWithoutLoop() throws { let url = try buildFS { fmt in // Create a long chain without loops (should succeed) try self.createDir(fmt, "/target") try self.createFile(fmt, "/target/file.txt", "SUCCESS\n") // Create chain: /link1 -> /link2 -> /link3 -> /link4 -> /target/file.txt try self.createSymlink(fmt, "/link4", "/target/file.txt") try self.createSymlink(fmt, "/link3", "/link4") try self.createSymlink(fmt, "/link2", "/link3") try self.createSymlink(fmt, "/link1", "/link2") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) // Should successfully resolve without hitting loop detection let data = try r.readFile(at: FilePath("/link1")) #expect(String(decoding: data, as: UTF8.self) == "SUCCESS\n") } @Test func symlinkLoopThroughDirectory() throws { let url = try buildFS { fmt in // Create directory structure with symlink loop through paths try self.createDir(fmt, "/dir1") try self.createDir(fmt, "/dir2") try self.createSymlink(fmt, "/dir1/link", "/dir2/link") try self.createSymlink(fmt, "/dir2/link", "/dir1/link") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) do { _ = try r.stat(FilePath("/dir1/link")) Issue.record("Expected symlinkLoop error") } catch let error as EXT4.PathIOError { guard case .symlinkLoop = error else { Issue.record("Expected symlinkLoop for directory loop, got \(error)") return } } catch { Issue.record("Expected EXT4.PathIOError, got \(error)") } } @Test func pathWalkWithDotAndDotDot() throws { let url = try buildFS { fmt in try self.createDir(fmt, "/a/b") try self.createFile(fmt, "/a/b/c.txt", "OK\n") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) // /a/./b/../b/c.txt should resolve to /a/b/c.txt let p = FilePath("/a/./b/../b/c.txt") let data = try r.readFile(at: p) #expect(String(decoding: data, as: UTF8.self) == "OK\n") } @Test func parentDirectoryTraversal() throws { let url = try buildFS { fmt in try self.createDir(fmt, "/a/b/c/d") try self.createFile(fmt, "/a/file1.txt", "A\n") try self.createFile(fmt, "/a/b/file2.txt", "B\n") try self.createFile(fmt, "/a/b/c/file3.txt", "C\n") try self.createFile(fmt, "/a/b/c/d/file4.txt", "D\n") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) // Test multiple levels of parent traversal // /a/b/c/d/../../../../a/file1.txt should resolve to /a/file1.txt let p1 = FilePath("/a/b/c/d/../../../../a/file1.txt") let data1 = try r.readFile(at: p1) #expect(String(decoding: data1, as: UTF8.self) == "A\n") // /a/b/c/../file2.txt should resolve to /a/b/file2.txt let p2 = FilePath("/a/b/c/../file2.txt") let data2 = try r.readFile(at: p2) #expect(String(decoding: data2, as: UTF8.self) == "B\n") // /a/b/c/d/../file3.txt should resolve to /a/b/c/file3.txt let p3 = FilePath("/a/b/c/d/../file3.txt") let data3 = try r.readFile(at: p3) #expect(String(decoding: data3, as: UTF8.self) == "C\n") } @Test func parentDirectoryAtRoot() throws { let url = try buildFS { fmt in try self.createFile(fmt, "/root.txt", "ROOT\n") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) // Test that ".." at root stays at root // /../root.txt should resolve to /root.txt let p1 = FilePath("/../root.txt") let data1 = try r.readFile(at: p1) #expect(String(decoding: data1, as: UTF8.self) == "ROOT\n") // /../../root.txt should also resolve to /root.txt let p2 = FilePath("/../../root.txt") let data2 = try r.readFile(at: p2) #expect(String(decoding: data2, as: UTF8.self) == "ROOT\n") } @Test func complexParentWithSymlinks() throws { let url = try buildFS { fmt in try self.createDir(fmt, "/real/path") try self.createFile(fmt, "/real/path/target.txt", "TARGET\n") try self.createFile(fmt, "/real/other.txt", "OTHER\n") try self.createDir(fmt, "/links") // Create symlink: /links/link -> /real/path try self.createSymlink(fmt, "/links/link", "/real/path") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) // Test parent directory traversal through symlinks // When we follow /links/link (which points to /real/path), we're now at /real/path // Then ".." takes us to /real, and "other.txt" gives us /real/other.txt let p = FilePath("/links/link/../other.txt") let data = try r.readFile(at: p) #expect(String(decoding: data, as: UTF8.self) == "OTHER\n") // Also test direct access through the symlink let p2 = FilePath("/links/link/target.txt") let data2 = try r.readFile(at: p2) #expect(String(decoding: data2, as: UTF8.self) == "TARGET\n") } @Test func relativeSymlinkWithParentTraversal() throws { let url = try buildFS { fmt in try self.createDir(fmt, "/a/b") try self.createFile(fmt, "/a/target.txt", "REL_TARGET\n") // Create relative symlink: /a/b/link -> ../target.txt try self.createSymlink(fmt, "/a/b/link", "../target.txt") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) // The relative symlink should properly resolve through parent let data = try r.readFile(at: FilePath("/a/b/link")) #expect(String(decoding: data, as: UTF8.self) == "REL_TARGET\n") } @Test func readOnSymlinkWithFollowFalseThrows() throws { let url = try buildFS { fmt in try self.createFile(fmt, "/tgt", "X\n") try self.createSymlink(fmt, "/lnk", "/tgt") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) do { _ = try r.readFile(at: FilePath("/lnk"), followSymlinks: false) Issue.record("Expected notAFile error") } catch let error as EXT4.PathIOError { guard case .notAFile = error else { Issue.record("Expected notAFile for symlink read without following, got \(error)") return } } catch { Issue.record("Expected EXT4.PathIOError, got \(error)") } } @Test func nonExistentPathExistsAndReadErrors() throws { let url = try buildFS { _ in } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) #expect(!r.exists(FilePath("/nope"))) do { _ = try r.stat(FilePath("/nope")) Issue.record("Expected notFound error") } catch let error as EXT4.PathIOError { guard case .notFound = error else { Issue.record("Expected notFound, got \(error)") return } } catch { Issue.record("Expected EXT4.PathIOError, got \(error)") } #expect(throws: (any Error).self) { try r.readFile(at: FilePath("/nope")) } } @Test func boundsCheckingForInvalidExtents() throws { // This test verifies that the reader properly validates extent addresses // Note: We can't easily create an image with invalid extents using the Formatter, // so this test documents the expected behavior rather than testing it directly. // The bounds checking is tested implicitly by all other tests that read files. let url = try buildFS { fmt in try self.createFile(fmt, "/test.txt", "Valid file\n") } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) // Reading a valid file should work without bounds errors let data = try r.readFile(at: FilePath("/test.txt")) #expect(String(decoding: data, as: UTF8.self) == "Valid file\n") // The bounds checking happens internally when reading extents // If an extent pointed outside device bounds, it would throw an error } @Test func partialReadRecovery() throws { // Test that partial reads return successfully read data // even if later parts fail let url = try buildFS(minDiskSize: 8 * 1024 * 1024) { fmt in // Create a moderately sized file let content = String(repeating: "A", count: 100_000) try self.createFile(fmt, "/partial.txt", content) } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) // Read the full file to ensure it works let fullData = try r.readFile(at: FilePath("/partial.txt")) #expect(fullData.count == 100_000) // Read with offset and count let partialData = try r.readFile(at: FilePath("/partial.txt"), offset: 1000, count: 5000) #expect(partialData.count == 5000) // Verify content is correct let expectedContent = String(repeating: "A", count: 5000) #expect(String(decoding: partialData, as: UTF8.self) == expectedContent) } @Test func largeFileReadAcrossBlocks() throws { // Keep this modest to avoid slow CI while still crossing multiple blocks. let bigSize = 2 * 1024 * 1024 + 123 // ~2 MiB + tail let url = try buildFS(minDiskSize: 16 * 1024 * 1024) { fmt in try self.createDir(fmt, "/big") // Generate deterministic content without holding huge Data in memory at once // by assembling in chunks. let chunk = Data("0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ\n".utf8) var buf = Data(capacity: bigSize) while buf.count + chunk.count <= bigSize { buf.append(chunk) } if buf.count < bigSize { buf.append(contentsOf: [UInt8](repeating: 0x5A, count: bigSize - buf.count)) // 'Z' } let stream = InputStream(data: buf) stream.open() defer { stream.close() } try fmt.create(path: FilePath("/big/file.bin"), mode: EXT4.Inode.Mode(.S_IFREG, 0o644), buf: stream) } defer { try? FileManager.default.removeItem(at: url) } let r = try openReader(url) // Sample reads near the end and across likely block boundaries. let tail = try r.readFile(at: FilePath("/big/file.bin"), offset: UInt64(bigSize - 64), count: 64) #expect(tail.count == 64) let middle = try r.readFile(at: FilePath("/big/file.bin"), offset: 64, count: 128) #expect(middle.count == 128) // Read to EOF without count let all = try r.readFile(at: FilePath("/big/file.bin")) #expect(all.count == bigSize) } } ================================================ FILE: Tests/ContainerizationEXT4Tests/TestEXT4Unpacker.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import SystemPackage import Testing @testable import ContainerizationEXT4 struct Ext4UnpackerTests { // alpine image let indexSHA: String = "ad59e9f71edceca7b1ac7c642410858489b743c97233b0a26a5e2098b1443762" let fsPath = FilePath( FileManager.default.uniqueTemporaryDirectory() .appendingPathComponent("ext4.unpacked.oci.img.delme", isDirectory: false)) final class MockEXT4Unpacker { static func Unpack(index: String, fsPath: FilePath) throws { let fs = try EXT4.Formatter(fsPath) let bundle = Bundle.module guard let indexPath = bundle.url(forResource: index, withExtension: nil) else { throw NSError(domain: "indexPath not found", code: 1) } let indexData = try Data(contentsOf: indexPath) guard let indexDict = try JSONSerialization.jsonObject(with: indexData, options: []) as? [String: Any] else { throw NSError(domain: "indexDict could not be loaded as json", code: 1) } guard let manifests = indexDict["manifests"] as? [[String: Any]] else { throw NSError(domain: "manifests field in index not found", code: 1) } guard let digest = manifests[0]["digest"] as? String else { throw NSError(domain: "digest field not found in index", code: 1) } guard let manifestPath = bundle.url( forResource: String(digest.dropFirst("sha256:".count)), withExtension: nil) else { throw NSError(domain: "manifestPath not found", code: 1) } let manifestData = try Data(contentsOf: manifestPath) guard let manifestDict = try JSONSerialization.jsonObject(with: manifestData, options: []) as? [String: Any] else { throw NSError(domain: "manifestDict could not be loaded as json", code: 1) } guard let layers = manifestDict["layers"] as? [[String: Any]] else { throw NSError(domain: "layers field in manifests not found", code: 1) } for layer in layers { guard let layerDigestWithSHA = layer["digest"] as? String else { throw NSError(domain: "digest field not found in layer", code: 1) } let layerDigest = String(layerDigestWithSHA.dropFirst("sha256:".count)) guard let layerPath = bundle.url(forResource: layerDigest, withExtension: nil) else { throw NSError(domain: "layer \(layerDigest) not found", code: 1) } try fs.unpack(source: layerPath) } try fs.close() } } @Test func eXT4Unpacker() throws { try MockEXT4Unpacker.Unpack(index: self.indexSHA, fsPath: self.fsPath) let ext4 = try EXT4.EXT4Reader(blockDevice: self.fsPath) let children = try ext4.children(of: EXT4.RootInode) #expect( Set(children.map { $0.0 }) == Set([ ".", "..", "media", "var", "opt", "lost+found", "tmp", "mnt", "sys", "usr", "srv", "root", "etc", "dev", "proc", "run", "home", "bin", "lib", "sbin", ])) } } ================================================ FILE: Tests/ContainerizationEXT4Tests/TestFormatterUnpack.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // swiftlint:disable force_try static_over_final_class #if os(macOS) import ContainerizationArchive import Foundation import Testing import SystemPackage @testable import ContainerizationEXT4 struct Tar2EXT4Test: ~Copyable { let fsPath = FilePath( FileManager.default.uniqueTemporaryDirectory() .appendingPathComponent("ext4.tar.img.delme", isDirectory: false)) let xattrs: [String: Data] = [ "foo.bar": Data([1, 2, 3]), "bar": Data([0, 0, 0]), "system.richacl.bar": Data([99, 1, 9, 1]), "foobar.user": Data([71, 2, 45]), "test.xattr.cap": Data([1, 32, 3]), "testing123": Data([12, 24, 45]), "sys.admin": Data([16, 23, 13]), "test.123": Data([15, 26, 54]), "extendedattribute.test": Data([15, 26, 54, 1, 2, 4, 6, 7, 7]), ] init() throws { // create layer1 let layer1Path = FileManager.default.uniqueTemporaryDirectory() .appendingPathComponent("layer1.tar.gz", isDirectory: false) let layer1Archiver = try ArchiveWriter( configuration: ArchiveWriterConfiguration(format: .paxRestricted, filter: .gzip)) try layer1Archiver.open(file: layer1Path) // create 2 directories and fill them with files try layer1Archiver.writeEntry(entry: WriteEntry.dir(path: "/dir1", permissions: 0o755), data: nil) try layer1Archiver.writeEntry(entry: WriteEntry.file(path: "/dir1/file1", permissions: 0o644), data: nil) try layer1Archiver.writeEntry(entry: WriteEntry.dir(path: "/dir2", permissions: 0o755), data: nil) try layer1Archiver.writeEntry(entry: WriteEntry.file(path: "/dir2/file1", permissions: 0o644), data: nil) try layer1Archiver.finishEncoding() // create layer2 let layer2Path = FileManager.default.uniqueTemporaryDirectory() .appendingPathComponent("layer2.tar.gz", isDirectory: false) let layer2Archiver = try ArchiveWriter( configuration: ArchiveWriterConfiguration(format: .paxRestricted, filter: .gzip)) try layer2Archiver.open(file: layer2Path) // create 3 directories and fill them with files and whiteouts try layer2Archiver.writeEntry(entry: WriteEntry.dir(path: "/dir1", permissions: 0o755), data: nil) try layer2Archiver.writeEntry( entry: WriteEntry.file(path: "/dir1/.wh.file1", permissions: 0o644), data: nil) try layer2Archiver.writeEntry(entry: WriteEntry.dir(path: "/dir2", permissions: 0o755), data: nil) try layer2Archiver.writeEntry( entry: WriteEntry.file(path: "/dir2/.wh..wh..opq", permissions: 0o644), data: nil) try layer2Archiver.writeEntry(entry: WriteEntry.dir(path: "/dir3", permissions: 0o755), data: nil) try layer2Archiver.writeEntry( entry: WriteEntry.file(path: "/dir3/file1", permissions: 0o644, xattrs: xattrs), data: nil) try layer2Archiver.writeEntry(entry: WriteEntry.dir(path: "/dir4", permissions: 0o755), data: nil) try layer2Archiver.writeEntry( entry: WriteEntry.file(path: "/dir4/special_ĩ", permissions: 0o644), data: nil) try layer2Archiver.writeEntry( entry: WriteEntry.link(path: "/dir4/specialcharacters", permissions: 0o644, target: "special_ĩ"), data: nil) // a new layer overwriting over an existing layer try layer2Archiver.writeEntry(entry: WriteEntry.file(path: "/dir2/file1", permissions: 0o644), data: nil) try layer2Archiver.finishEncoding() let unpacker = try EXT4.Formatter(fsPath) try unpacker.unpack(source: layer1Path) try unpacker.unpack(source: layer2Path) try unpacker.close() } deinit { try? FileManager.default.removeItem(at: fsPath.url) } @Test func testUnpackBasic() throws { let ext4 = try EXT4.EXT4Reader(blockDevice: fsPath) // just a directory let dir1Inode = try ext4.getInode(number: 12) #expect(dir1Inode.mode.isDir()) // white out file /dir1/file1 let dir1File1Inode = try ext4.getInode(number: 13) #expect(dir1File1Inode.dtime != 0) #expect(dir1File1Inode.linksCount == 0) // deleted // white out dir /dir2 let dir2Inode = try ext4.getInode(number: 14) #expect(dir2Inode.dtime == 0) #expect(dir2Inode.linksCount == 2) // children deleted // new dir /dir3 let dir3Inode = try ext4.getInode(number: 16) #expect(dir3Inode.mode.isDir()) #expect(dir3Inode.linksCount == 2) // new file /dir3/file1 let dir3File1Inode = try ext4.getInode(number: 17) #expect(dir3File1Inode.mode.isReg()) #expect(dir3File1Inode.linksCount == 1) #expect(try ext4.getXattrsForInode(inode: dir3File1Inode) == xattrs) // overwritten dir /dir2 let dir2OverwriteInode = try ext4.getInode(number: 18) #expect(dir2OverwriteInode.mode.isDir()) #expect(dir2OverwriteInode.linksCount == 2) // /dir4/special_ĩ let dir2File1OverwriteInode = try ext4.getInode(number: 19) #expect(dir2File1OverwriteInode.mode.isReg()) #expect(dir2File1OverwriteInode.linksCount == 1) let specialFileInode = try ext4.getInode(number: 20) let bytes = Data(Mirror(reflecting: specialFileInode.block).children.compactMap { $0.value as? UInt8 }) let specialFileTarget = try #require(FilePath(bytes), "Could not parse special file path") #expect(specialFileTarget.description.hasPrefix("special_ĩ")) } } extension ContainerizationArchive.WriteEntry { static func dir(path: String, permissions: UInt16) -> WriteEntry { let entry = WriteEntry() entry.path = path entry.fileType = .directory entry.permissions = permissions return entry } static func file(path: String, permissions: UInt16, size: Int64? = nil, xattrs: [String: Data]? = nil) -> WriteEntry { let entry = WriteEntry() entry.path = path entry.fileType = .regular entry.permissions = permissions entry.size = size if let xattrs { entry.xattrs = xattrs } return entry } static func link(path: String, permissions: UInt16, target: String) -> WriteEntry { let entry = WriteEntry() entry.path = path entry.fileType = .symbolicLink entry.symlinkTarget = target return entry } } extension EXT4.EXT4Reader { fileprivate func getXattrsForInode(inode: EXT4.Inode) throws -> [String: Data] { var attributes: [EXT4.ExtendedAttribute] = [] let buffer: [UInt8] = EXT4.tupleToArray(inode.inlineXattrs) try attributes.append(contentsOf: Self.readInlineExtendedAttributes(from: buffer)) let block = inode.xattrBlockLow try self.seek(block: block) let buf = try self.handle.read(upToCount: Int(self.blockSize))! try attributes.append(contentsOf: Self.readBlockExtendedAttributes(from: [UInt8](buf))) var xattrs: [String: Data] = [:] for attribute in attributes { guard attribute.fullName != "system.data" else { continue } xattrs[attribute.fullName] = Data(attribute.value) } return xattrs } } #endif ================================================ FILE: Tests/ContainerizationExtrasTests/AsyncMutexTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import ContainerizationExtras final class AsyncMutexTests { @Test func testBasicModification() async throws { let mutex = AsyncMutex(0) let result = await mutex.withLock { value in value += 1 return value } #expect(result == 1) } @Test func testMultipleModifications() async throws { let mutex = AsyncMutex(0) await mutex.withLock { value in value += 5 } let result = await mutex.withLock { value in value += 10 return value } #expect(result == 15) } @Test func testConcurrentAccess() async throws { let mutex = AsyncMutex(0) let iterations = 100 await withTaskGroup(of: Void.self) { group in for _ in 0.. /26 let lower1 = try IPAddress("192.168.1.64") let upper1 = try IPAddress("192.168.1.127") let cidr1 = try CIDR(lower: lower1, upper: upper1) #expect(cidr1.prefix.length == 26) #expect(cidr1.contains(lower1)) #expect(cidr1.contains(upper1)) } @Test func testRangeConstructorValidatesIPv6Containment() throws { // Test IPv6 range containment validation let lower = try IPAddress("2001:db8::1000") let upper = try IPAddress("2001:db8::1fff") let cidr = try CIDR(lower: lower, upper: upper) #expect(cidr.contains(lower)) #expect(cidr.contains(upper)) } // MARK: - Version-Specific Range Constructors @Test func testV4RangeConstructor() throws { let lower = try IPAddress("192.168.1.0") let upper = try IPAddress("192.168.1.255") let cidr = try CIDR(lower: lower, upper: upper) #expect(cidr.prefix.length == 24) #expect(cidr.address.description == "192.168.1.0") } @Test func testV4RangeSingleAddress() throws { let addr = try IPAddress("192.168.1.100") let cidr = try CIDR(lower: addr, upper: addr) #expect(cidr.prefix.length == 32) #expect(cidr.address.description == "192.168.1.100") } @Test func testV6RangeConstructor() throws { let lower = try IPAddress("2001:db8::") let upper = try IPAddress("2001:db8::ffff:ffff:ffff:ffff") let cidr = try CIDR(lower: lower, upper: upper) #expect(cidr.prefix.length == 64) #expect(cidr.address.description == "2001:db8::") } @Test func testV6RangeSingleAddress() throws { let addr = try IPAddress("2001:db8::1") let cidr = try CIDR(lower: addr, upper: addr) #expect(cidr.prefix.length == 128) #expect(cidr.address.description == "2001:db8::1") } @Test func testV4RangeRejectsInvalidOrder() throws { let lower = try IPAddress("192.168.1.255") let upper = try IPAddress("192.168.1.0") #expect(throws: CIDR.Error.self) { _ = try CIDR(lower: lower, upper: upper) } } @Test func testV6RangeRejectsInvalidOrder() throws { let lower = try IPAddress("2001:db8::ffff") let upper = try IPAddress("2001:db8::1") #expect(throws: CIDR.Error.self) { _ = try CIDR(lower: lower, upper: upper) } } @Test func testV6RangeRejectsDifferentZones() throws { let lower = try IPAddress("fe80::1%eth0") let upper = try IPAddress("fe80::2%eth1") #expect(throws: CIDR.Error.self) { _ = try CIDR(lower: lower, upper: upper) } } // MARK: - Description Tests @Test func testDescriptionFormat() throws { let cidr = try CIDR("10.0.0.0/8") #expect(cidr.description == "10.0.0.0/8") } @Test func testPreservesAddress() throws { let cidr = try CIDR("192.168.1.100/24") #expect(cidr.description == "192.168.1.100/24") } @Test( "CIDRv4 Codable encodes to string representation", arguments: [ "192.168.1.0/24", "10.0.0.0/8", "172.16.0.0/12", ] ) func testCIDRv4CodableEncode(cidr: String) throws { let original = try CIDRv4(cidr) let encoded = try JSONEncoder().encode(original) let jsonString = String(data: encoded, encoding: .utf8)! #expect(jsonString.contains(original.address.description)) #expect(jsonString.contains("\(original.prefix.length)")) } @Test( "CIDRv4 Codable decodes from string representation", arguments: [ "192.168.1.0/24", "10.0.0.0/8", "172.16.0.0/12", ] ) func testCIDRv4CodableDecode(cidr: String) throws { let json = Data("\"\(cidr)\"".utf8) let decoded = try JSONDecoder().decode(CIDRv4.self, from: json) let expected = try CIDRv4(cidr) #expect(decoded == expected) } @Test( "CIDRv6 Codable encodes to string representation", arguments: [ ("2001:db8::/32", "2001:db8::", 32), ("fe80::/10", "fe80::", 10), ("::1/128", "::1", 128), ] ) func testCIDRv6CodableEncode(cidr: String, expectedAddr: String, expectedPrefix: UInt8) throws { let original = try CIDRv6(cidr) let encoded = try JSONEncoder().encode(original) let jsonString = String(data: encoded, encoding: .utf8)! #expect(jsonString.contains(expectedAddr)) #expect(jsonString.contains("\(expectedPrefix)")) } @Test( "CIDRv6 Codable decodes from string representation", arguments: [ "2001:db8::/32", "fe80::/10", "::1/128", ] ) func testCIDRv6CodableDecode(cidr: String) throws { let json = Data("\"\(cidr)\"".utf8) let decoded = try JSONDecoder().decode(CIDRv6.self, from: json) let expected = try CIDRv6(cidr) #expect(decoded == expected) } } ================================================ FILE: Tests/ContainerizationExtrasTests/TestIPAddress.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import ContainerizationExtras @Suite("Unified IPAddress Tests") struct IPAddressTests { @Test( "Parse IPv4 addresses", arguments: [ "192.168.1.1", "127.0.0.1", "0.0.0.0", "255.255.255.255", ] ) func testParseIPv4(input: String) throws { let ip = try IPAddress(input) #expect(ip.isV4, "Should be IPv4: \(input)") #expect(!ip.isV6, "Should not be IPv6: \(input)") #expect(ip.ipv4 != nil, "Should have IPv4 value: \(input)") #expect(ip.ipv6 == nil, "Should not have IPv6 value: \(input)") } @Test( "Parse IPv6 addresses", arguments: [ "2001:db8::1", "::1", "::", "fe80::1", "2001:db8:0:0:0:0:0:1", ] ) func testParseIPv6(input: String) throws { let ip = try IPAddress(input) #expect(ip.isV6, "Should be IPv6: \(input)") #expect(!ip.isV4, "Should not be IPv4: \(input)") #expect(ip.ipv6 != nil, "Should have IPv6 value: \(input)") #expect(ip.ipv4 == nil, "Should not have IPv4 value: \(input)") } @Test( "Loopback detection", arguments: [ // Loopback addresses ("127.0.0.1", true, "IPv4 loopback"), ("127.0.0.255", true, "IPv4 loopback variant"), ("127.255.255.255", true, "Any 127.x.x.x"), ("::1", true, "IPv6 loopback"), // Non-loopback addresses ("192.168.1.1", false, "Private IPv4"), ("2001:db8::1", false, "IPv6 documentation"), ("0.0.0.0", false, "IPv4 unspecified"), ("::", false, "IPv6 unspecified"), ] ) func testLoopback(input: String, expected: Bool, description: String) throws { let ip = try IPAddress(input) #expect(ip.isLoopback == expected, "\(description): \(input) should\(expected ? "" : " not") be loopback") } @Test( "Multicast detection", arguments: [ // Multicast addresses ("224.0.0.1", true, "IPv4 multicast start"), ("239.255.255.255", true, "IPv4 multicast end (224.0.0.0/4)"), ("ff02::1", true, "IPv6 link-local multicast"), ("ff00::1", true, "IPv6 multicast"), // Non-multicast addresses ("192.168.1.1", false, "Private IPv4"), ("2001:db8::1", false, "IPv6 documentation"), ("223.255.255.255", false, "Just before multicast range"), ] ) func testMulticast(input: String, expected: Bool, description: String) throws { let ip = try IPAddress(input) #expect(ip.isMulticast == expected, "\(description): \(input) should\(expected ? "" : " not") be multicast") } @Test( "Unspecified detection", arguments: [ // Unspecified addresses ("0.0.0.0", true, "IPv4 unspecified"), ("::", true, "IPv6 unspecified"), // Specified addresses ("0.0.0.1", false, "Not unspecified IPv4"), ("192.168.1.1", false, "Private IPv4"), ("::1", false, "IPv6 loopback"), ("2001:db8::1", false, "IPv6 documentation"), ] ) func testUnspecified(input: String, expected: Bool, description: String) throws { let ip = try IPAddress(input) #expect(ip.isUnspecified == expected, "\(description): \(input) should\(expected ? "" : " not") be unspecified") } @Test("Comparable - IPv4 ordering") func testIPv4Ordering() throws { let ip1 = try IPv4Address("192.168.1.1") let ip2 = try IPv4Address("192.168.1.2") let ip3 = try IPv4Address("192.168.2.1") #expect(ip1 < ip2) #expect(ip2 < ip3) #expect(ip1 < ip3) #expect(!(ip2 < ip1)) } @Test("Comparable - IPv6 ordering") func testIPv6Ordering() throws { let ip1 = try IPv6Address("2001:db8::1") let ip2 = try IPv6Address("2001:db8::2") let ip3 = try IPv6Address("2001:db9::1") #expect(ip1 < ip2) #expect(ip2 < ip3) #expect(ip1 < ip3) #expect(!(ip2 < ip1)) } @Test( "Equality", arguments: [ ("192.168.1.1", "192.168.1.1", true, "Same IPv4"), ("192.168.1.1", "192.168.1.2", false, "Different IPv4"), ("2001:db8::1", "2001:0db8:0000:0000:0000:0000:0000:0001", true, "Same IPv6, different format"), ("2001:db8::1", "2001:db8::2", false, "Different IPv6"), ] ) func testEquality(addr1: String, addr2: String, shouldBeEqual: Bool, description: String) throws { let ip1 = try IPAddress(addr1) let ip2 = try IPAddress(addr2) if shouldBeEqual { #expect(ip1 == ip2, "\(description): \(addr1) should equal \(addr2)") } else { #expect(ip1 != ip2, "\(description): \(addr1) should not equal \(addr2)") } } @Test("Hashable") func testHashable() throws { var dict: [IPAddress: String] = [:] let ip1 = try IPAddress("192.168.1.1") let ip2 = try IPAddress("2001:db8::1") dict[ip1] = "IPv4" dict[ip2] = "IPv6" #expect(dict[ip1] == "IPv4") #expect(dict[ip2] == "IPv6") #expect(dict.count == 2) } @Test( "Codable encodes to string representation", arguments: [ "127.0.0.1", "192.168.1.1", "0.0.0.0", "255.255.255.255", ] ) func testCodableEncodeIPv4(address: String) throws { let original = try IPAddress(address) let encoded = try JSONEncoder().encode(original) #expect(String(data: encoded, encoding: .utf8) == "\"\(address)\"") } @Test( "Codable decodes from string representation", arguments: [ "127.0.0.1", "192.168.1.1", "0.0.0.0", "255.255.255.255", ] ) func testCodableDecodeIPv4(address: String) throws { let json = Data("\"\(address)\"".utf8) let decoded = try JSONDecoder().decode(IPAddress.self, from: json) let expected = try IPAddress(address) #expect(decoded == expected) } @Test( "Codable encodes to string representation", arguments: [ ("::1", "::1"), ("2001:db8::1", "2001:db8::1"), ("::", "::"), ("fe80::1", "fe80::1"), ] ) func testCodableEncodeIPv6(input: String, expected: String) throws { let original = try IPAddress(input) let encoded = try JSONEncoder().encode(original) #expect(String(data: encoded, encoding: .utf8) == "\"\(expected)\"") } @Test( "Codable decodes from string representation", arguments: [ "::1", "2001:db8::1", "::", "fe80::1", ] ) func testCodableDecodeIPv6(address: String) throws { let json = Data("\"\(address)\"".utf8) let decoded = try JSONDecoder().decode(IPAddress.self, from: json) let expected = try IPAddress(address) #expect(decoded == expected) } } ================================================ FILE: Tests/ContainerizationExtrasTests/TestIPv4Address.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import ContainerizationExtras @Suite("IPv4Address Tests") struct IPv4AddressTests { // MARK: - Initializer Tests @Suite("Initializers") struct InitializerTests { @Test( "UInt32 initializer", arguments: [ (0x7F00_0001, "127.0.0.1"), // localhost (0x0000_0000, "0.0.0.0"), // zero address (0xFFFF_FFFF, "255.255.255.255"), // max address (0xC0A8_0101, "192.168.1.1"), // private network (0x0808_0808, "8.8.8.8"), // Google DNS ] ) func testUInt32Initializer(inputValue: UInt32, description: String) { let address = IPv4Address(inputValue) #expect(address.value == inputValue) } @Test( "String initializer - valid addresses", arguments: [ ("127.0.0.1", 0x7F00_0001), // localhost ("0.0.0.0", 0x0000_0000), // zero address ("255.255.255.255", 0xFFFF_FFFF), // broadcast ("10.0.0.1", 0x0A00_0001), // private network 10.x ("192.168.1.1", 0xC0A8_0101), // private network 192.168.x ("172.16.0.1", 0xAC10_0001), // private network 172.16.x ("1.2.3.4", 0x0102_0304), // single digits ("192.168.100.254", 0xC0A8_64FE), // mixed digits ] ) func testStringInitializerValid(addressString: String, expectedValue: UInt32) throws { let address = try IPv4Address(addressString) #expect(address.value == expectedValue) } @Test( "String initializer - invalid addresses", arguments: [ "", // empty string "1.2.3", // too short "1.2.3.4.5", // too many octets "192.168.1.256", // octet out of range "192.168.001.1", // leading zeros "01.2.3.4", // leading zero first octet " 192.168.1.1", // leading whitespace "192.168.1.1 ", // trailing whitespace "192. 168.1.1", // internal whitespace "192.168.1.a", // invalid character "192.168.1.-1", // negative number "192..1.1", // missing octet ".168.1.1", // missing first octet "192.168.1.", // missing last octet "192.168.1.1.extra", // too long ] ) func testStringInitializerInvalid(invalidAddress: String) { #expect(throws: AddressError.self) { try IPv4Address(invalidAddress) } } } // MARK: - Property Tests @Suite("Properties") struct PropertyTests { @Test( "bytes property", arguments: [ (UInt32(0x7F00_0001), [UInt8(127), UInt8(0), UInt8(0), UInt8(1)]), // localhost (UInt32(0x0000_0000), [UInt8(0), UInt8(0), UInt8(0), UInt8(0)]), // zero (UInt32(0xFFFF_FFFF), [UInt8(255), UInt8(255), UInt8(255), UInt8(255)]), // broadcast (UInt32(0xC0A8_0101), [UInt8(192), UInt8(168), UInt8(1), UInt8(1)]), // private network (UInt32(0x1234_5678), [UInt8(0x12), UInt8(0x34), UInt8(0x56), UInt8(0x78)]), // byte order test ] ) func testBytesProperty(inputValue: UInt32, expectedBytes: [UInt8]) { let address = IPv4Address(inputValue) #expect(address.bytes == expectedBytes) } @Test( "description property", arguments: [ (0x7F00_0001, "127.0.0.1"), // localhost (0x0000_0000, "0.0.0.0"), // zero (0xFFFF_FFFF, "255.255.255.255"), // broadcast (0xC0A8_0101, "192.168.1.1"), // private network (0x0102_0304, "1.2.3.4"), // single digits ] ) func testDescriptionProperty(inputValue: UInt32, expectedDescription: String) { let address = IPv4Address(inputValue) #expect(address.description == expectedDescription) } @Test( "round-trip string conversion", arguments: [ "0.0.0.0", "127.0.0.1", "192.168.1.1", "10.0.0.1", "172.16.0.1", "255.255.255.255", "1.2.3.4", "8.8.8.8", "1.1.1.1", ] ) func testRoundTripStringConversion(addressString: String) throws { let address = try IPv4Address(addressString) #expect(address.description == addressString) } } // MARK: - Protocol Conformance Tests @Suite("Protocol Conformances") struct ProtocolConformanceTests { @Test("Equatable conformance") func testEquatableConformance() { let addr1 = IPv4Address(0x7F00_0001) let addr2 = IPv4Address(0x7F00_0001) let addr3 = IPv4Address(0xC0A8_0101) #expect(addr1 == addr2) #expect(addr1 != addr3) #expect(addr2 != addr3) } @Test("Hashable conformance") func testHashableConformance() { let addr1 = IPv4Address(0x7F00_0001) let addr2 = IPv4Address(0x7F00_0001) let addr3 = IPv4Address(0xC0A8_0101) // Equal objects should have equal hash values #expect(addr1.hashValue == addr2.hashValue) // Different objects should ideally have different hash values // (though this is not guaranteed, it's very likely for these values) #expect(addr1.hashValue != addr3.hashValue) // Test that addresses can be used in Sets and Dictionaries let addressSet: Set = [addr1, addr2, addr3] #expect(addressSet.count == 2) // addr1 and addr2 are equal let addressDict = [addr1: "localhost", addr3: "private"] #expect(addressDict[addr2] == "localhost") // addr2 equals addr1 } @Test("CustomStringConvertible conformance") func testCustomStringConvertibleConformance() { let address = IPv4Address(0x7F00_0001) let stringRepresentation = String(describing: address) #expect(stringRepresentation == "127.0.0.1") } @Test("Sendable conformance") func testSendableConformance() { // This test verifies that IPv4Address can be safely passed across concurrency boundaries let address = IPv4Address(0x7F00_0001) Task { let taskAddress = address #expect(taskAddress.value == 0x7F00_0001) } } @Test( "Codable encodes to string representation", arguments: [ "127.0.0.1", "192.168.1.1", "0.0.0.0", "255.255.255.255", ] ) func testCodableEncode(address: String) throws { let original = try IPv4Address(address) let encoded = try JSONEncoder().encode(original) #expect(String(data: encoded, encoding: .utf8) == "\"\(address)\"") } @Test( "Codable decodes from string representation", arguments: [ "127.0.0.1", "192.168.1.1", "0.0.0.0", "255.255.255.255", ] ) func testCodableDecode(address: String) throws { let json = Data("\"\(address)\"".utf8) let decoded = try JSONDecoder().decode(IPv4Address.self, from: json) let expected = try IPv4Address(address) #expect(decoded == expected) } } // MARK: - Edge Cases and Error Conditions @Suite("Edge Cases") struct EdgeCaseTests { @Test( "boundary values", arguments: [ ("0.0.0.0", 0x0000_0000), // minimum ("255.255.255.255", 0xFFFF_FFFF), // maximum ("255.0.0.0", 0xFF00_0000), // max first octet ("0.255.0.0", 0x00FF_0000), // max second octet ("0.0.255.0", 0x0000_FF00), // max third octet ("0.0.0.255", 0x0000_00FF), // max fourth octet ] ) func testBoundaryValues(addressString: String, expectedValue: UInt32) throws { let address = try IPv4Address(addressString) #expect(address.value == expectedValue) } @Test( "special addresses", arguments: [ "127.0.0.1", // loopback "255.255.255.255", // broadcast "0.0.0.0", // network address "8.8.8.8", // Google DNS "1.1.1.1", // Cloudflare DNS ] ) func testSpecialAddresses(addressString: String) throws { let address = try IPv4Address(addressString) #expect(address.description == addressString) } @Test( "leading zero validation - invalid", arguments: [ "01.0.0.0", "0.01.0.0", "0.0.01.0", "0.0.0.01", "192.168.001.1", "010.0.0.1", "00.0.0.1", ] ) func testLeadingZeroValidationInvalid(invalidAddress: String) { #expect(throws: AddressError.self) { try IPv4Address(invalidAddress) } } @Test("leading zero validation - valid single zeros") func testLeadingZeroValidationValid() { // Single "0" should be valid #expect(throws: Never.self) { try IPv4Address("0.0.0.0") } } @Test( "string length validation - too short", arguments: [ "", "1", "1.2", "1.2.3", "1.2.3.", ] ) func testStringLengthValidationTooShort(shortString: String) { #expect(throws: AddressError.self) { try IPv4Address(shortString) } } @Test( "string length validation - too long", arguments: [ "255.255.255.255.1", "1234.168.1.1", "192.1234.1.1", "192.168.1234.1", "192.168.1.1234", ] ) func testStringLengthValidationTooLong(longString: String) { #expect(throws: AddressError.self) { try IPv4Address(longString) } } } // MARK: - Performance Tests @Suite("Performance") struct PerformanceTests { @Test("parsing performance") func testParsingPerformance() throws { let testAddresses = [ "192.168.1.1", "10.0.0.1", "172.16.0.1", "127.0.0.1", "8.8.8.8", "1.1.1.1", "255.255.255.255", "0.0.0.0", ] // Warm up for _ in 0..<100 { for address in testAddresses { _ = try IPv4Address(address) } } // Measure performance let iterations = 10000 let startTime = Date() for _ in 0.. String let addressFromUInt32 = IPv4Address(expectedValue) #expect(addressFromUInt32.description == expectedString) // Test String -> UInt32 let addressFromString = try IPv4Address(expectedString) #expect(addressFromString.value == expectedValue) // Test equality #expect(addressFromUInt32 == addressFromString) } @Test( "error message consistency", arguments: [ "", "256.1.1.1", "1.2.3", "1.2.3.4.5", "192.168.001.1", " 192.168.1.1", "192.168.1.1 ", "192.168.1.a", ] ) func testErrorMessageConsistency(invalidInput: String) { do { _ = try IPv4Address(invalidInput) #expect(Bool(false), "Should have thrown for input: \(invalidInput)") } catch let error as AddressError { #expect(error == AddressError.unableToParse) } catch { #expect(Bool(false), "Should have thrown AddressError, got: \(error)") } } } } ================================================ FILE: Tests/ContainerizationExtrasTests/TestIPv6Address+Parse.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import ContainerizationExtras @Suite("IPv6Address Parsing Tests") struct IPv6AddressParseTests { // MARK: - Valid Hexadecimal Group Tests @Test( "Parsing valid hexadecimal groups", arguments: [ ("0", 0x0), ("1", 0x1), ("F", 0xF), ("FF", 0xFF), ("FFF", 0xFFF), ("FFFF", 0xFFFF), ("1234", 0x1234), ("abcd", 0xABCD), ("ABCD", 0xABCD), ("0000", 0x0000), ] ) func testParseValidHexadecimalGroups(input: String, expectedValue: UInt16) throws { let utf8 = input.utf8 let (parsedValue, nextIndex) = try IPv6Address.parseHexadecimal( from: utf8, startingAt: utf8.startIndex ) #expect( parsedValue == expectedValue, "For input '\(input)': expected \(expectedValue) but got \(parsedValue)" ) #expect(nextIndex == input.endIndex, "Parser should consume entire input") } @Test( "Parsing hexadecimal groups with trailing characters", arguments: [ ("FF:1234", 0xFF, ":1234"), ("1234G", 0x1234, "G"), ("AB::CD", 0xAB, "::CD"), ("0Z", 0x0, "Z"), ] ) func testParseHexadecimalGroupWithTrailingCharacters( input: String, expectedValue: UInt16, expectedRemainder: String ) throws { let utf8 = input.utf8 let (parsedValue, nextIndex) = try IPv6Address.parseHexadecimal( from: utf8, startingAt: utf8.startIndex ) let remainder = String(input[String.Index(nextIndex, within: input)!...]) #expect( parsedValue == expectedValue, "For input '\(input)': expected \(expectedValue) but got \(parsedValue)" ) #expect( remainder == expectedRemainder, "For input '\(input)': expected remainder '\(expectedRemainder)' but got '\(remainder)'" ) } // MARK: - Error Handling Tests @Test( "Parsing invalid hexadecimal groups should throw", arguments: [ "", // Empty string - no hex digits found "G", // Invalid hex character - no hex digits found "GGGG", // All invalid hex characters - no hex digits found ] ) func testParseInvalidHexadecimalGroup(invalidInput: String) { #expect(throws: AddressError.self) { let utf8 = invalidInput.utf8 _ = try IPv6Address.parseHexadecimal( from: utf8, startingAt: utf8.startIndex ) } } @Test( "Parsing hexadecimal groups with overflow behavior", arguments: [ ("12345", 0x1234, "5"), // 5 digits -> takes first 4 ("10000", 0x1000, "0"), // 5 digits -> takes first 4 ("FFFFF", 0xFFFF, "F"), // 5 digits -> takes first 4 ("123456789", 0x1234, "56789"), // Many digits -> takes first 4 ] ) func testParseHexadecimalGroupOverflow( input: String, expectedValue: UInt16, expectedRemainder: String ) throws { let utf8 = input.utf8 let (parsedValue, nextIndex) = try IPv6Address.parseHexadecimal( from: utf8, startingAt: utf8.startIndex ) let remainder = String(input[String.Index(nextIndex, within: input)!...]) #expect( parsedValue == expectedValue, "For input '\(input)': expected \(expectedValue) but got \(parsedValue)" ) #expect( remainder == expectedRemainder, "For input '\(input)': expected remainder '\(expectedRemainder)' but got '\(remainder)'" ) } @Test("Parsing from middle of string") func testParseHexadecimalGroupFromMiddle() throws { let input = "prefix1234suffix" let utf8 = input.utf8 let startIndex = utf8.index(utf8.startIndex, offsetBy: 6) // Start at "1234" let (parsedValue, nextIndex) = try IPv6Address.parseHexadecimal( from: utf8, startingAt: startIndex ) #expect(parsedValue == 0x1234) let remainder = String(input[String.Index(nextIndex, within: input)!...]) #expect(remainder == "suffix") } // MARK: - Performance Tests @Test("Performance with maximum length hex groups") func testParsePerformance() throws { let testInput = "FFFF" // Measure performance of parsing operation let startTime = CFAbsoluteTimeGetCurrent() let count = 10000 for _ in 0.. CD3"), ("2001:0DB8::", "2001:DB8::", "Can drop leading zeros 0DB8 -> DB8"), ("0001:0002:0003::", "1:2:3::", "Can drop leading zeros in multiple groups"), ] ) func testRFC4291Section23LeadingZeroRules(form1: String, form2: String, description: String) throws { let bytes1 = try IPv6Address.parse(form1).bytes let bytes2 = try IPv6Address.parse(form2).bytes #expect(bytes1 == bytes2, "\(description)") } @Test( "RFC 4291 Section 2.3 - cannot drop trailing zeros", arguments: [ ("2001:DB8:0:CD30::", "2001:DB8:0:CD3::", "Cannot drop trailing zeros in CD30 -> CD3"), ("2001:DB80::", "2001:DB8::", "Cannot drop trailing zero DB80 -> DB8"), ("ABCD:EF00::", "ABCD:EF::", "Cannot drop trailing zeros EF00 -> EF"), ] ) func testRFC4291Section23CannotDropTrailingZeros(full: String, truncated: String, description: String) throws { let fullBytes = try IPv6Address.parse(full).bytes let truncatedBytes = try IPv6Address.parse(truncated).bytes #expect(fullBytes != truncatedBytes, "\(description)") } @Test("RFC 4291 Section 2.3 - Node address and subnet prefix combination") func testRFC4291Section23NodeAddressSubnetCombination() throws { // RFC example: node address 2001:0DB8:0:CD30:123:4567:89AB:CDEF // and its subnet number 2001:0DB8:0:CD30::/60 // can be abbreviated as 2001:0DB8:0:CD30:123:4567:89AB:CDEF/60 let nodeAddress = "2001:0DB8:0:CD30:123:4567:89AB:CDEF" let subnetPrefix = "2001:0DB8:0:CD30::" // Both should parse successfully #expect(throws: Never.self, "Node address should parse successfully") { _ = try IPv6Address.parse(nodeAddress) } #expect(throws: Never.self, "Subnet prefix should parse successfully") { _ = try IPv6Address.parse(subnetPrefix) } // Verify that the subnet prefix is indeed a prefix of the node address let nodeBytes = try IPv6Address.parse(nodeAddress).bytes let subnetBytes = try IPv6Address.parse(subnetPrefix).bytes // Validate that node address has the subnet as a prefix (60-bit prefix = 7.5 bytes) let prefixLength = 60 let hasValidPrefix = nodeBytes.hasPrefix(subnetBytes, upToBits: prefixLength) #expect( hasValidPrefix, "Node address should have subnet as a \(prefixLength)-bit prefix" ) } // MARK: - RFC 4291 Section 2.2 Comprehensive Text Representation Tests @Test( "RFC 4291 Section 2.2 - Preferred form with all groups", arguments: [ "2001:0db8:0000:0042:0000:8a2e:0370:7334", "ABCD:EF01:2345:6789:ABCD:EF01:2345:6789", "0000:0000:0000:0000:0000:0000:0000:0000", "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", ] ) func testRFC4291Section22PreferredForm(testCase: String) throws { #expect(throws: Never.self, "Should parse preferred form: \(testCase)") { _ = try IPv6Address.parse(testCase) } } @Test( "RFC 4291 Section 2.2 - Leading zero omission in all positions", arguments: [ ("2001:0db8:0000:0042:0000:8a2e:0370:7334", "2001:db8:0:42:0:8a2e:370:7334"), ("0001:0002:0003:0004:0005:0006:0007:0008", "1:2:3:4:5:6:7:8"), ("0000:0001:0002:0003:0004:0005:0006:0007", "0:1:2:3:4:5:6:7"), ("1000:0100:0010:0001:1000:0100:0010:0001", "1000:100:10:1:1000:100:10:1"), ] ) func testRFC4291Section22LeadingZeroOmission(full: String, compressed: String) throws { let fullBytes = try IPv6Address.parse(full).bytes let compressedBytes = try IPv6Address.parse(compressed).bytes #expect(fullBytes == compressedBytes, "'\(full)' should equal '\(compressed)'") } @Test( "RFC 4291 Section 2.2 - Zero compression at beginning", arguments: [ ("::", [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]), ("::1", [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1]), ("::8a2e:370:7334", [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x8a, 0x2e, 0x03, 0x70, 0x73, 0x34]), ] ) func testRFC4291Section22ZeroCompressionAtBeginning(compressed: String, expected: [UInt8]) throws { let parsed = try IPv6Address.parse(compressed) #expect(parsed.bytes == expected, "'\(compressed)' should parse correctly") } @Test( "RFC 4291 Section 2.2 - Zero compression in middle", arguments: [ ("2001:db8::8a2e:370:7334", "2001:db8:0:0:0:8a2e:370:7334"), ("2001:db8::1", "2001:db8:0:0:0:0:0:1"), ("fe80::1", "fe80:0:0:0:0:0:0:1"), ("2001:0db8:0:0::1", "2001:db8:0:0:0:0:0:1"), ] ) func testRFC4291Section22ZeroCompressionInMiddle(compressed: String, full: String) throws { let compressedBytes = try IPv6Address.parse(compressed).bytes let fullBytes = try IPv6Address.parse(full).bytes #expect(compressedBytes == fullBytes, "'\(compressed)' should equal '\(full)'") } @Test( "RFC 4291 Section 2.2 - Zero compression at end", arguments: [ ("2001:db8::", "2001:db8:0:0:0:0:0:0"), ("2001:db8:0:0:1::", "2001:db8:0:0:1:0:0:0"), ("fe80::", "fe80:0:0:0:0:0:0:0"), ("1::", "1:0:0:0:0:0:0:0"), ] ) func testRFC4291Section22ZeroCompressionAtEnd(compressed: String, full: String) throws { let compressedBytes = try IPv6Address.parse(compressed).bytes let fullBytes = try IPv6Address.parse(full).bytes #expect(compressedBytes == fullBytes, "'\(compressed)' should equal '\(full)'") } @Test( "RFC 4291 Section 2.2 - Multiple :: should fail", arguments: [ "2001::db8::1", "::1::2", "fe80::1::2::3", "::1::", ] ) func testRFC4291Section22MultipleDoubleColonsShouldFail(invalid: String) { #expect(throws: AddressError.self, "Multiple '::' should fail: \(invalid)") { _ = try IPv6Address.parse(invalid) } } @Test( "RFC 4291 Section 2.2 - Case insensitivity", arguments: [ ("2001:db8::1", "2001:DB8::1", "2001:Db8::1"), ("dead:beef::cafe", "DEAD:BEEF::CAFE", "DeAd:BeEf::CaFe"), ("fe80::1", "FE80::1", "Fe80::1"), ("abcd:ef01:2345:6789::1", "ABCD:EF01:2345:6789::1", "AbCd:Ef01:2345:6789::1"), ] ) func testRFC4291Section22CaseInsensitivity(lower: String, upper: String, mixed: String) throws { let lowerBytes = try IPv6Address.parse(lower).bytes let upperBytes = try IPv6Address.parse(upper).bytes let mixedBytes = try IPv6Address.parse(mixed).bytes #expect(lowerBytes == upperBytes, "Case should not matter: '\(lower)' vs '\(upper)'") #expect(lowerBytes == mixedBytes, "Case should not matter: '\(lower)' vs '\(mixed)'") } @Test("RFC 4291 Section 2.2 - Special addresses") func testRFC4291Section22SpecialAddresses() throws { // Unspecified address let unspecified = try IPv6Address.parse("::") #expect(unspecified.bytes.allSatisfy { $0 == 0 }, ":: should be all zeros") // Loopback address let loopback = try IPv6Address.parse("::1") let expectedLoopback: [UInt8] = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1] #expect(loopback.bytes == expectedLoopback, "::1 should be loopback address") // IPv4-compatible (deprecated but valid syntax) let ipv4Compat = try IPv6Address.parse("::c000:0201") let expectedCompat: [UInt8] = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xc0, 0x00, 0x02, 0x01] #expect(ipv4Compat.bytes == expectedCompat, "::c000:0201 should parse correctly") } @Test( "RFC 4291 Section 2.2 - Invalid formats should fail", arguments: [ "2001:db8", // Too few groups without :: "2001:db8:1:2:3:4:5:6:7", // Too many groups "2001:db8:1:2:3:4:5:6:7:8:9", // Too many groups "2001:db8:::1", // Triple colon "2001:db8::1::2", // Multiple :: "gggg::1", // Invalid hex character "2001:db8:xyz::1", // Invalid hex character "::ffff:", // Trailing colon ":2001:db8::1", // Leading single colon "2001:db8::1:", // Trailing single colon ] ) func testRFC4291Section22InvalidFormatsShouldFail(invalid: String) { #expect(throws: AddressError.self, "Invalid format should fail: \(invalid)") { _ = try IPv6Address.parse(invalid) } } @Test("RFC 4291 Section 2.2 - Maximum values") func testRFC4291Section22MaximumValues() throws { // All FFs - maximum value let maxAddress = try IPv6Address.parse("ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff") #expect(maxAddress.bytes.allSatisfy { $0 == 0xFF }, "All groups should be 0xFFFF") // Mix of max and min values let mixedMax = try IPv6Address.parse("ffff:0:ffff:0:ffff:0:ffff:0") let expectedMixed: [UInt8] = [0xff, 0xff, 0, 0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0, 0, 0xff, 0xff, 0, 0] #expect(mixedMax.bytes == expectedMixed, "Should alternate between max and zero") } @Test( "RFC 4291 Section 2.2 - Single zero groups", arguments: [ ("2001:db8:0:1:2:3:4:5", "2001:db8:0:1:2:3:4:5"), // Single 0, no compression needed ("2001:db8:0:0:1:2:3:4", "2001:db8::1:2:3:4"), // Two zeros can be compressed ("0:0:0:0:0:0:0:1", "::1"), // All zeros except last ] ) func testRFC4291Section22SingleZeroGroups(withZero: String, withCompression: String) throws { let zeroBytes = try IPv6Address.parse(withZero).bytes let compressedBytes = try IPv6Address.parse(withCompression).bytes #expect(zeroBytes == compressedBytes, "'\(withZero)' should equal '\(withCompression)'") } @Test("RFC 4291 Section 2.2 - Boundary conditions") func testRFC4291Section22BoundaryConditions() throws { // Single non-zero value in each position for position in 0..<8 { var groups = [String](repeating: "0", count: 8) groups[position] = "1" let address = groups.joined(separator: ":") #expect(throws: Never.self, "Single non-zero at position \(position) should parse") { _ = try IPv6Address.parse(address) } } // Verify the bytes are correct let firstPosition = try IPv6Address.parse("1:0:0:0:0:0:0:0") #expect(firstPosition.bytes[0] == 0 && firstPosition.bytes[1] == 1, "First group should be 0x0001") let lastPosition = try IPv6Address.parse("0:0:0:0:0:0:0:1") #expect(lastPosition.bytes[14] == 0 && lastPosition.bytes[15] == 1, "Last group should be 0x0001") } @Test( "RFC 4291 Section 2.2 - Hex digit limits", arguments: [ ("1:2:3:4:5:6:7:8", "1-digit groups"), ("12:34:56:78:9a:bc:de:f0", "2-digit groups"), ("123:456:789:abc:def:123:456:789", "3-digit groups"), ("1234:5678:9abc:def0:1234:5678:9abc:def0", "4-digit groups"), ("1:12:123:1234:1:12:123:1234", "Mixed digit counts"), ] ) func testRFC4291Section22HexDigitLimits(address: String, description: String) throws { #expect(throws: Never.self, "Should parse \(description): \(address)") { _ = try IPv6Address.parse(address) } } @Test("RFC 4291 Section 2.2 - Equivalence of different representations") func testRFC4291Section22EquivalenceOfRepresentations() throws { let equivalentGroups: [[String]] = [ // Same address, different representations [ "2001:0db8:0000:0000:0000:0000:0000:0001", "2001:db8:0:0:0:0:0:1", "2001:db8::1", "2001:0DB8::1", "2001:0DB8:0000:0000:0000:0000:0000:0001", ], [ "fe80:0000:0000:0000:0000:0000:0000:0001", "fe80::1", "FE80::1", "fe80:0:0:0:0:0:0:1", ], [ "0000:0000:0000:0000:0000:0000:0000:0000", "::", "0:0:0:0:0:0:0:0", ], ] for group in equivalentGroups { let bytesArray = try group.map { try IPv6Address.parse($0).bytes } let firstBytes = bytesArray[0] for (index, bytes) in bytesArray.enumerated() { #expect(bytes == firstBytes, "All forms should be equivalent: \(group[index])") } } } @Test( "RFC 4291 Section 2.2 - Zero compression selection (longest run)", arguments: [ ("2001:db8:0:0:1:0:0:1", "Two runs of 2 zeros each"), ("2001:0:0:0:db8:0:0:1", "Run of 3 and run of 2"), ("2001:db8:0:0:0:0:1:1", "Run of 4 zeros in middle"), ] ) func testRFC4291Section22ZeroCompressionLongestRun(address: String, description: String) throws { #expect(throws: Never.self, "Should parse \(description): \(address)") { _ = try IPv6Address.parse(address) } } @Test( "RFC 4291 Section 2.2 - Edge case with :: at different positions", arguments: [ ("::1", "0:0:0:0:0:0:0:1"), ("1::", "1:0:0:0:0:0:0:0"), ("1::1", "1:0:0:0:0:0:0:1"), ("1:2::1", "1:2:0:0:0:0:0:1"), ("1::2:3", "1:0:0:0:0:0:2:3"), ("1:2:3::4:5:6", "1:2:3:0:0:4:5:6"), ] ) func testRFC4291Section22DoubleColonAtDifferentPositions(compressed: String, expanded: String) throws { let compressedBytes = try IPv6Address.parse(compressed).bytes let expandedBytes = try IPv6Address.parse(expanded).bytes #expect(compressedBytes == expandedBytes, "'\(compressed)' should equal '\(expanded)'") } // MARK: - RFC 4291 Section 2.2 IPv4 Mixed Notation Tests @Test( "RFC 4291 Section 2.2 - IPv4 mixed notation basic formats", arguments: [ // RFC 4291 examples ("0:0:0:0:0:0:13.1.68.3", [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 13, 1, 68, 3]), ("::13.1.68.3", [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 13, 1, 68, 3]), // IPv4-mapped IPv6 address (::ffff:x.x.x.x) ("::ffff:129.144.52.38", [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xff, 0xff, 129, 144, 52, 38]), ("0:0:0:0:0:ffff:129.144.52.38", [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xff, 0xff, 129, 144, 52, 38]), // IPv4-compatible IPv6 address (deprecated but valid syntax) ("::192.168.1.1", [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 192, 168, 1, 1]), ("::0.0.0.1", [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1]), // Various valid positions ("2001:db8::192.0.2.1", [0x20, 0x01, 0x0d, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, 192, 0, 2, 1]), ("fe80::192.168.1.1", [0xfe, 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 192, 168, 1, 1]), ] ) func testRFC4291Section22IPv4MixedNotation(address: String, expected: [UInt8]) throws { let parsed = try IPv6Address.parse(address) #expect(parsed.bytes == expected, "IPv4 mixed notation '\(address)' should parse correctly") } @Test( "RFC 4291 Section 2.2 - IPv4 mixed notation with full IPv6 prefix", arguments: [ ("0:0:0:0:0:0:192.168.1.1", [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 192, 168, 1, 1]), ("2001:db8:0:0:0:0:192.0.2.1", [0x20, 0x01, 0x0d, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, 192, 0, 2, 1]), ("64:ff9b::192.0.2.33", [0, 0x64, 0xff, 0x9b, 0, 0, 0, 0, 0, 0, 0, 0, 192, 0, 2, 33]), ] ) func testRFC4291Section22IPv4MixedNotationFullPrefix(address: String, expected: [UInt8]) throws { let parsed = try IPv6Address.parse(address) #expect(parsed.bytes == expected, "Full prefix with IPv4 '\(address)' should parse correctly") } @Test("RFC 4291 Section 2.2 - IPv4 mixed notation edge cases") func testRFC4291Section22IPv4MixedNotationEdgeCases() throws { // Maximum values let maxIPv4 = try IPv6Address.parse("::255.255.255.255") let expectedMax: [UInt8] = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 255, 255, 255, 255] #expect(maxIPv4.bytes == expectedMax, "Maximum IPv4 values should work") // Minimum values let minIPv4 = try IPv6Address.parse("::0.0.0.0") let expectedMin: [UInt8] = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] #expect(minIPv4.bytes == expectedMin, "Minimum IPv4 values should work") // With non-zero prefix let withPrefix = try IPv6Address.parse("2001:db8:85a3::8a2e:255.255.255.255") let expectedPrefix: [UInt8] = [0x20, 0x01, 0x0d, 0xb8, 0x85, 0xa3, 0, 0, 0, 0, 0x8a, 0x2e, 255, 255, 255, 255] #expect(withPrefix.bytes == expectedPrefix, "IPv4 with hex prefix should work") } @Test( "RFC 4291 Section 2.2 - IPv4 mixed notation invalid formats", arguments: [ "::192.168.1", // Incomplete IPv4 "::192.168.1.1.1", // Too many IPv4 octets "::256.1.1.1", // IPv4 octet out of range "::192.168.001.1", // Leading zeros in IPv4 "::192.168.-1.1", // Negative in IPv4 "::192.168.1.a", // Non-numeric in IPv4 "2001:db8:1:2:3:4:5:192.168.1.1", // Too many hex groups before IPv4 "::192.168.1.1:1234", // Extra hex after IPv4 ] ) func testRFC4291Section22IPv4MixedNotationInvalid(invalid: String) { #expect(throws: AddressError.self, "Invalid IPv4 mixed notation should fail: \(invalid)") { _ = try IPv6Address.parse(invalid) } } @Test("RFC 4291 Section 2.2 - IPv4 mixed notation equivalence") func testRFC4291Section22IPv4MixedNotationEquivalence() throws { // These should all represent the same address let equivalentForms = [ "0:0:0:0:0:0:192.0.2.1", "::192.0.2.1", "::c000:201", // Same as 192.0.2.1 in hex ] let bytesArray = try equivalentForms.map { try IPv6Address.parse($0).bytes } let firstBytes = bytesArray[0] for (index, bytes) in bytesArray.enumerated() { #expect(bytes == firstBytes, "All forms should be equivalent: \(equivalentForms[index])") } } @Test( "RFC 4291 Section 2.2 - IPv4-mapped IPv6 addresses", arguments: [ ("127.0.0.1", "::ffff:127.0.0.1"), ("192.168.1.1", "::ffff:192.168.1.1"), ("8.8.8.8", "::ffff:8.8.8.8"), ("0.0.0.0", "::ffff:0.0.0.0"), ("255.255.255.255", "::ffff:255.255.255.255"), ] ) func testRFC4291Section22IPv4MappedAddresses(ipv4: String, ipv6: String) throws { let parsed = try IPv6Address.parse(ipv6) // First 10 bytes should be 0 #expect(parsed.bytes[0..<10].allSatisfy { $0 == 0 }, "First 10 bytes should be zero") // Next 2 bytes should be 0xff #expect(parsed.bytes[10] == 0xff && parsed.bytes[11] == 0xff, "Bytes 10-11 should be 0xffff") // Last 4 bytes should match IPv4 address let ipv4Parsed = try IPv4Address.parse(ipv4) let ipv4Bytes = [ UInt8((ipv4Parsed >> 24) & 0xFF), UInt8((ipv4Parsed >> 16) & 0xFF), UInt8((ipv4Parsed >> 8) & 0xFF), UInt8(ipv4Parsed & 0xFF), ] #expect(Array(parsed.bytes[12..<16]) == ipv4Bytes, "Last 4 bytes should match IPv4") } @Test( "RFC 4291 Section 2.2 - IPv4 mixed notation with zone identifier", arguments: [ "::ffff:192.168.1.1%eth0", "fe80::192.168.1.1%lo0", ] ) func testRFC4291Section22IPv4MixedNotationWithZone(testCase: String) throws { #expect(throws: Never.self, "IPv4 mixed notation with zone should parse: \(testCase)") { let parsed = try IPv6Address.parse(testCase) #expect(parsed.zone != nil, "Zone should be preserved") } } } // MARK: - Array Extension for Prefix Validation extension Array where Element == UInt8 { /// Checks if this byte array has another array as a prefix up to the specified number of bits /// - Parameters: /// - prefix: The potential prefix array /// - bits: Number of bits to compare (0-128 for IPv6) /// - Returns: true if the prefix matches for the specified number of bits func hasPrefix(_ prefix: [UInt8], upToBits bits: Int) -> Bool { guard self.count >= 16 && prefix.count >= 16 else { return false } guard bits >= 0 && bits <= 128 else { return false } let fullBytes = bits / 8 let remainingBits = bits % 8 // Compare full bytes for i in 0.. 0 && fullBytes < 16 { let shiftAmount = 8 - remainingBits let mask: UInt8 = shiftAmount >= 8 ? 0 : (0xFF << shiftAmount) return (self[fullBytes] & mask) == (prefix[fullBytes] & mask) } return true } } ================================================ FILE: Tests/ContainerizationExtrasTests/TestIPv6Address.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import ContainerizationExtras @Suite("IPv6 Address Tests") struct IPv6AddressTests { // MARK: - String Representation Tests (RFC 5952) @Test( "IPv6 address string representation - RFC 5952", arguments: [ // Zero compression algorithm tests ("0:0:0:0:0:0:0:0", "::", "all zeros - unspecified address"), ("0:0:0:0:0:0:0:1", "::1", "leading zeros - loopback"), ("2001:0db8:0:0:0:0:0:0", "2001:db8::", "trailing zeros"), ("2001:0:0:0:0:0:0db8:1", "2001::db8:1", "middle zeros - longest run"), ("2001:0:0:0:0:0db8:0:1", "2001::db8:0:1", "multiple runs - prefer longest"), ("2001:0:0db8:0:1:0:0:2", "2001:0:db8:0:1::2", "tie-breaking - first occurrence wins"), ("2001:0:0db8:1:2:3:4:5", "2001:0:db8:1:2:3:4:5", "single zero - no compression (min 2 required)"), ("2001:0db8:0:0:1:2:3:4", "2001:db8::1:2:3:4", "exactly 2 zeros - minimum for compression"), ("0:0:0:0:1234:0:0:0", "::1234:0:0:0", "tie-breaking - first run wins (4 vs 3 zeros)"), // RFC 5952 formatting rules ( "ABCD:EF01:2345:6789:9ABC:DEF0:1122:3344", "abcd:ef01:2345:6789:9abc:def0:1122:3344", "lowercase hex (Section 4.3)" ), ("0001:0002:0003:0004:0005:0006:0007:0008", "1:2:3:4:5:6:7:8", "no leading zeros (Section 4.1)"), // Edge cases ("2001:a:a:a:0:0db8:0:1", "2001:a:a:a:0:db8:0:1", "only single zeros scattered - no compression"), ] ) func testIPv6StringRepresentation(input: String, expected: String, description: String) throws { let addr = try IPv6Address.parse(input) #expect( addr.description == expected, "Expected '\(expected)' but got '\(addr.description)' for input: '\(input)' (\(description))" ) } // MARK: - isUnspecified Tests @Test( "isUnspecified - RFC 4291 Section 2.5.2", arguments: [ ("::", true, "unspecified address (short form)"), ("0:0:0:0:0:0:0:0", true, "unspecified address (full form)"), (IPv6Address.unspecified.description, true, "unspecified"), ("::1", false, "loopback"), ("0:0:0:0:0:0:0:1", false, "loopback (full form)"), ("fe80::1", false, "link-local"), ("2001:db8::1", false, "global unicast"), ] ) func testIsUnspecified(address: String, expected: Bool, description: String) throws { let addr = try IPv6Address.parse(address) #expect( addr.isUnspecified == expected, "Address \(address) (\(description)) should\(expected ? "" : " not") be unspecified" ) } // MARK: - isLoopback Tests @Test( "isLoopback - RFC 4291 Section 2.5.3", arguments: [ ("::1", true, "loopback (short form)"), ("0:0:0:0:0:0:0:1", true, "loopback (full form)"), (IPv6Address.loopback.description, true, "loopback var"), ("::", false, "unspecified"), ("::2", false, "not loopback"), ("0:0:0:0:0:0:0:2", false, "not loopback (full form)"), ("fe80::1", false, "link-local"), ("2001:db8::1", false, "global unicast"), ] ) func testIsLoopback(addressString: String, expected: Bool, description: String) throws { let addr = try IPv6Address.parse(addressString) #expect( addr.isLoopback == expected, "Address \(addressString) (\(description)) should\(expected ? "" : " not") be loopback" ) } // MARK: - isMulticast Tests @Test( "isMulticast - RFC 4291 Section 2.7", arguments: [ // Positive cases - all multicast addresses start with ff ("ff00::1", true, "Reserved multicast"), ("ff01::1", true, "Interface-local multicast"), ("ff02::1", true, "Link-local multicast (all nodes)"), ("ff02::2", true, "Link-local multicast (all routers)"), ("ff05::1", true, "Site-local multicast"), ("ff0e::1", true, "Global multicast"), ("ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff", true, "Max multicast"), // Negative cases ("::", false, "unspecified"), ("::1", false, "loopback"), ("fe80::1", false, "link-local unicast"), ("2001:db8::1", false, "global unicast"), ("fd00::1", false, "unique local"), ] ) func testIsMulticast(addressString: String, expected: Bool, description: String) throws { let addr = try IPv6Address.parse(addressString) #expect( addr.isMulticast == expected, "Address \(addressString) (\(description)) should\(expected ? "" : " not") be multicast" ) } // MARK: - isLinkLocal Tests @Test( "isLinkLocal - RFC 4291 Section 2.5.6", arguments: [ // Positive cases - fe80::/10 ("fe80::1", true, "basic link-local"), ("fe80::dead:beef", true, "link-local with hex"), ("fe80:0:0:0:0:0:0:1", true, "link-local (full form)"), ("fe80::1234:5678:90ab:cdef", true, "link-local with interface ID"), ("febf:ffff:ffff:ffff:ffff:ffff:ffff:ffff", true, "Last address in fe80::/10"), // Negative cases ("::", false, "unspecified"), ("::1", false, "loopback"), ("fec0::1", false, "site-local (deprecated)"), ("ff02::1", false, "multicast"), ("2001:db8::1", false, "global unicast"), ("fd00::1", false, "unique local"), ] ) func testIsLinkLocal(addressString: String, expected: Bool, description: String) throws { let addr = try IPv6Address.parse(addressString) #expect( addr.isLinkLocal == expected, "Address \(addressString) (\(description)) should\(expected ? "" : " not") be link-local" ) } // MARK: - isUniqueLocal Tests @Test( "isUniqueLocal - RFC 4193", arguments: [ // Positive cases - fc00::/7 (fc00::/8 and fd00::/8) ("fc00::1", true, "fc00 unique local"), ("fc00:dead:beef::1", true, "fc00 with hex"), ("fd00::1", true, "fd00 unique local"), ("fd12:3456:789a::1", true, "fd00 with prefix"), ("fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff", true, "max unique local"), // Negative cases ("::", false, "unspecified"), ("::1", false, "loopback"), ("fe80::1", false, "link-local"), ("ff02::1", false, "multicast"), ("2001:db8::1", false, "global unicast"), ] ) func testIsUniqueLocal(addressString: String, expected: Bool, description: String) throws { let addr = try IPv6Address.parse(addressString) #expect( addr.isUniqueLocal == expected, "Address \(addressString) (\(description)) should\(expected ? "" : " not") be unique local" ) } // MARK: - isGlobalUnicast Tests @Test( "isGlobalUnicast - RFC 4291 Section 2.5.4", arguments: [ // Positive cases - routable on the global internet ("2001:db8::1", true, "Documentation (but still global unicast format)"), ("2001:4860:4860::8888", true, "Google DNS"), ("2606:4700:4700::1111", true, "Cloudflare DNS"), ("2001:500::1", true, "Root DNS server"), ("2a00:1450:4001::1", true, "Google"), // Negative cases - special addresses ("::", false, "unspecified"), ("::1", false, "loopback"), ("fe80::1", false, "link-local"), ("ff02::1", false, "multicast"), ("fc00::1", false, "unique local"), ("fd00::1", false, "unique local"), ] ) func testIsGlobalUnicast(addressString: String, expected: Bool, description: String) throws { let addr = try IPv6Address.parse(addressString) #expect( addr.isGlobalUnicast == expected, "Address \(addressString) (\(description)) should\(expected ? "" : " not") be global unicast" ) } // MARK: - isDocumentation Tests @Test( "isDocumentation - RFC 3849", arguments: [ // Positive cases - 2001:db8::/32 ("2001:db8::1", true, "basic documentation address"), ("2001:db8::", true, "documentation prefix"), ("2001:db8:0:0:0:0:0:1", true, "documentation (full form)"), ("2001:db8:1234:5678:90ab:cdef:1234:5678", true, "documentation with all fields"), ("2001:db8:ffff:ffff:ffff:ffff:ffff:ffff", true, "max documentation address"), // Negative cases ("2001:db7::1", false, "Just before documentation range"), ("2001:db9::1", false, "Just after documentation range"), ("2001:4860:4860::8888", false, "Google DNS"), ("::", false, "unspecified"), ("::1", false, "loopback"), ] ) func testIsDocumentation(addressString: String, expected: Bool, description: String) throws { let addr = try IPv6Address.parse(addressString) #expect( addr.isDocumentation == expected, "Address \(addressString) (\(description)) should\(expected ? "" : " not") be documentation" ) } @Test( "Codable encodes to string representation", arguments: [ ("::1", "::1"), ("2001:db8::1", "2001:db8::1"), ("::", "::"), ("fe80::1", "fe80::1"), ] ) func testCodableEncode(input: String, expected: String) throws { let original = try IPv6Address(input) let encoded = try JSONEncoder().encode(original) #expect(String(data: encoded, encoding: .utf8) == "\"\(expected)\"") } @Test( "Codable decodes from string representation", arguments: [ "::1", "2001:db8::1", "::", "fe80::1", ] ) func testCodableDecode(address: String) throws { let json = Data("\"\(address)\"".utf8) let decoded = try JSONDecoder().decode(IPv6Address.self, from: json) let expected = try IPv6Address(address) #expect(decoded == expected) } } ================================================ FILE: Tests/ContainerizationExtrasTests/TestIPv6IPv4Parsing.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import ContainerizationExtras @Suite("IPv6 Mixed IPv4 Notation Tests") struct IPv6IPv4ParsingTests { @Test( "Extract IPv4 suffix from various IPv6 formats", arguments: [ ("::192.168.1.1", "::", [UInt8(192), UInt8(168), UInt8(1), UInt8(1)]), ("::ffff:192.0.2.1", "::ffff", [UInt8(192), UInt8(0), UInt8(2), UInt8(1)]), ("fe80::192.168.1.1", "fe80::", [UInt8(192), UInt8(168), UInt8(1), UInt8(1)]), ("2001:db8::192.0.2.1", "2001:db8::", [UInt8(192), UInt8(0), UInt8(2), UInt8(1)]), ("0:0:0:0:0:0:192.168.1.1", "0:0:0:0:0:0", [UInt8(192), UInt8(168), UInt8(1), UInt8(1)]), ] ) func testIPv4SuffixExtraction(input: String, expectedIPv6: String, expectedIPv4: [UInt8]) throws { let result = try #require(try IPv6Address.extractIPv4Suffix(from: input)) #expect(result.0 == expectedIPv6) #expect(result.1 == expectedIPv4) } @Test( "No IPv4 suffix for pure IPv6 addresses", arguments: [ "2001:db8::1", "fe80::1", "::", "::1", ] ) func testPureIPv6ReturnsNil(address: String) throws { #expect(try IPv6Address.extractIPv4Suffix(from: address) == nil) } @Test( "Invalid IPv4 suffix throws error", arguments: [ "::256.1.1.1", "::192.168.1", "::192.168.001.1", ] ) func testInvalidIPv4Throws(invalid: String) { #expect(throws: AddressError.self) { _ = try IPv6Address.extractIPv4Suffix(from: invalid) } } @Test( "IPv4 bytes always at positions 12-15", arguments: [ "::192.168.1.1", "::ffff:127.0.0.1", "fe80::10.0.0.1", ] ) func testIPv4BytePlacement(address: String) throws { let parsed = try IPv6Address.parse(address) let ipv4String = String(address.split(separator: ":").last!) let ipv4 = try IPv4Address.parse(ipv4String) #expect(parsed.bytes[12] == UInt8((ipv4 >> 24) & 0xFF)) #expect(parsed.bytes[13] == UInt8((ipv4 >> 16) & 0xFF)) #expect(parsed.bytes[14] == UInt8((ipv4 >> 8) & 0xFF)) #expect(parsed.bytes[15] == UInt8(ipv4 & 0xFF)) } @Test( "Unspecified address with IPv4 suffix", arguments: [ ("::192.168.1.1", [UInt8(192), UInt8(168), UInt8(1), UInt8(1)]), ("::0.0.0.1", [UInt8(0), UInt8(0), UInt8(0), UInt8(1)]), ("::255.255.255.255", [UInt8(255), UInt8(255), UInt8(255), UInt8(255)]), ] ) func testUnspecifiedWithIPv4(address: String, ipv4: [UInt8]) throws { let parsed = try IPv6Address.parse(address) #expect(parsed.bytes[0..<12].allSatisfy { $0 == 0 }) #expect(Array(parsed.bytes[12..<16]) == ipv4) } @Test("IPv4 with zone identifier") func testIPv4WithZone() throws { let parsed = try IPv6Address.parse("::192.168.1.1%lo0") #expect(parsed.zone == "lo0") #expect(Array(parsed.bytes[12..<16]) == [192, 168, 1, 1]) } @Test( "IPv4-mapped addresses (::ffff:x.x.x.x)", arguments: [ "::ffff:127.0.0.1", "::ffff:192.168.1.1", ] ) func testIPv4MappedAddresses(address: String) throws { let parsed = try IPv6Address.parse(address) #expect(parsed.bytes[0..<10].allSatisfy { $0 == 0 }) #expect(parsed.bytes[10] == 0xff && parsed.bytes[11] == 0xff) } @Test("Complex ellipsis with IPv4") func testComplexEllipsisWithIPv4() throws { let address = "2001:db8:85a3::8a2e:192.168.1.1" let parsed = try IPv6Address.parse(address) #expect(parsed.bytes[10] == 0x8a && parsed.bytes[11] == 0x2e) #expect(Array(parsed.bytes[12..<16]) == [192, 168, 1, 1]) } } ================================================ FILE: Tests/ContainerizationExtrasTests/TestMACAddress.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import ContainerizationExtras @Suite("MACAddress Tests") struct MACAddressTests { // MARK: - Initializer Tests @Suite("Initializers") struct InitializerTests { @Test( "UInt64 initializer - valid addresses", arguments: [ //(0x0123_4567_89ab, "01:23:45:67:89:ab"), // a valid address //(0x0000_0000_0000, "00:00:00:00:00:00"), // zero address //(0xFFFF_FFFF_FFFF, "ff:ff:ff:ff:ff:ff"), // max address (0xffff_0123_4567_89ab, "01:23:45:67:89:ab") // drops the most significant 16 bits ] ) func testUInt64InitializerValid(inputValue: UInt64, description: String) { let address = MACAddress(inputValue) #expect(address.value == inputValue & 0x0000_ffff_ffff_ffff) } @Test( "String initializer - valid addresses", arguments: [ ("01:23:45:67:89:ab", 0x0123_4567_89ab), // colon separators ("01-23-45-67-89-ab", 0x0123_4567_89ab), // dash separators ("ab:cd:ef:AB:CD:EF", 0xabcd_efab_cdef), // mixed case ("00:00:00:00:00:00", 0x0000_0000_0000), // zero address ("ff:ff:ff:ff:ff:ff", 0xffff_ffff_ffff), // max address ] ) func testStringInitializerValid(addressString: String, expectedValue: UInt64) throws { let address = try MACAddress(addressString) #expect(address.value == expectedValue) } @Test( "String initializer - invalid addresses", arguments: [ "", // empty string "01:23:45:67:89", // too few octets "01:23:45:67:89:ab:cd", // too many octets "01:23:45:67:89:", // empty octet ":23:45:67:89:ab", // empty octet "01::45:67:89:ab", // empty octet "01:23:45:67:89:a", // short octet "1:23:45:67:89:ab", // short octet "01:2:45:67:89:ab", // short octet "01:23:45:67:89:abc", // long octet "012:23:45:67:89:ab", // long octet "01:234:45:67:89:ab", // long octet "01:23:45:67:89:@G", // invalid content 0x40, 0x47 "`g:23:45:67:89:ab", // invalid content 0x60, 0x67 "01:hi:45:67:89:ab", // invalid content " 01:23:45:67:89:ab", // leading whitespace "01:23:45:67:89:ab ", // trailing whitespace "01: 23:45:67:89:ab", // internal whitespace ] ) func testStringInitializerInvalid(invalidAddress: String) { #expect(throws: AddressError.self) { try MACAddress(invalidAddress) } } } // MARK: - Property Tests @Suite("Properties") struct PropertyTests { @Test( "bytes property", arguments: [ ( UInt64(0x0123_4567_89ab), [UInt8(0x01), UInt8(0x23), UInt8(0x45), UInt8(0x67), UInt8(0x89), UInt8(0xab)] ), ( UInt64(0x0000_0000_0000), [UInt8(0x00), UInt8(0x00), UInt8(0x00), UInt8(0x00), UInt8(0x00), UInt8(0x00)] ), ( UInt64(0xffff_ffff_ffff), [UInt8(0xff), UInt8(0xff), UInt8(0xff), UInt8(0xff), UInt8(0xff), UInt8(0xff)] ), ( UInt64(0xffff_0123_4567_89ab), [UInt8(0x01), UInt8(0x23), UInt8(0x45), UInt8(0x67), UInt8(0x89), UInt8(0xab)] ), ] ) func testBytesProperty(inputValue: UInt64, expectedBytes: [UInt8]) { let address = MACAddress(inputValue) #expect(address.bytes == expectedBytes) } @Test( "description property", arguments: [ (0x0123_4567_89ab, "01:23:45:67:89:ab"), (0x0000_0000_0000, "00:00:00:00:00:00"), (0xffff_ffff_ffff, "ff:ff:ff:ff:ff:ff"), (0xffff_0123_4567_89ab, "01:23:45:67:89:ab"), ] ) func testDescriptionProperty(inputValue: UInt64, expectedDescription: String) { let address = MACAddress(inputValue) #expect(address.description == expectedDescription) } @Test( "isLocallyAdministered property", arguments: [ (0x0000_1234_5678, false), (0x0200_1234_5678, true), ] ) func testIsLocallyAdministeredProperty(inputValue: UInt64, expectedValue: Bool) { let address = MACAddress(inputValue) #expect(address.isLocallyAdministered == expectedValue) } @Test( "isMulticast property", arguments: [ (0x0000_1234_5678, false), (0x0100_1234_5678, true), ] ) func testIsMulticastProperty(inputValue: UInt64, expectedValue: Bool) { let address = MACAddress(inputValue) #expect(address.isMulticast == expectedValue) } @Test( "round-trip string conversion", arguments: [ "01:23:45:67:89:ab", "00:00:00:00:00:00", "ff:ff:ff:ff:ff:ff", "01-23-45-67-89-AB", ] ) func testRoundTripStringConversion(addressString: String) throws { let address = try MACAddress(addressString) #expect(address.description == addressString.lowercased().replacingOccurrences(of: "-", with: ":")) } } // MARK: - Link Local Address Tests @Suite("Link Local Addresses") struct LinkLocalAddressTests { @Test( "Link local address", arguments: [ (0x39a7_9407_cbd0, 0xfd97_7b15_d62e_75ac_3ba7_94ff_fe07_cbd0), (0x5e3b_68d7_e510, 0xfd97_7b15_d62e_75ac_5c3b_68ff_fed7_e510), ] ) func testLinkLocalAddress(mac: UInt64, ipv6: UInt128) throws { let mac = MACAddress(mac) let ipv6Prefix = IPv6Address(ipv6 & 0xffff_ffff_ffff_ffff_0000_0000_0000_0000) let ipv6Address = try mac.ipv6Address(network: ipv6Prefix) #expect(ipv6Address == IPv6Address(ipv6)) } } // MARK: - Protocol Conformance Tests @Suite("Protocol Conformances") struct ProtocolConformanceTests { @Test("Equatable conformance") func testEquatableConformance() { let addr1 = MACAddress(0x0123_4567_89ab) let addr2 = MACAddress(0x0123_4567_89ab) let addr3 = MACAddress(0x0123_4567_89ac) #expect(addr1 == addr2) #expect(addr1 != addr3) #expect(addr2 != addr3) } @Test("Hashable conformance") func testHashableConformance() { let addr1 = MACAddress(0x0123_4567_89ab) let addr2 = MACAddress(0x0123_4567_89ab) let addr3 = MACAddress(0x0123_4567_89ac) // Equal objects should have equal hash values #expect(addr1.hashValue == addr2.hashValue) // Different objects should ideally have different hash values // (though this is not guaranteed, it's very likely for these values) #expect(addr1.hashValue != addr3.hashValue) // Test that addresses can be used in Sets and Dictionaries let addressSet: Set = [addr1, addr2, addr3] #expect(addressSet.count == 2) // addr1 and addr2 are equal let addressDict = [addr1: "localhost", addr3: "private"] #expect(addressDict[addr2] == "localhost") // addr2 equals addr1 } @Test("CustomStringConvertible conformance") func testCustomStringConvertibleConformance() { let address = MACAddress(0x0123_4567_89ab) let stringRepresentation = String(describing: address) #expect(stringRepresentation == "01:23:45:67:89:ab") } @Test("Sendable conformance") func testSendableConformance() { // This test verifies that MACAddress can be safely passed across concurrency boundaries let address = MACAddress(0x0123_4567_89ab) Task { let taskAddress = address #expect(taskAddress.value == 0x0123_4567_89ab) } } } // MARK: - Performance Tests @Suite("Performance") struct PerformanceTests { @Test("parsing performance") func testParsingPerformance() throws { let testAddresses = [ "01:23:45:67:89:ab", "01-23-45-67-89-ab", "01-23-45-67-89-a", "01-23-45-67-89-abc", ] // Warm up for _ in 0..<100 { for address in testAddresses { _ = try? MACAddress(address) } } // Measure performance let iterations = 10000 let startTime = Date() for _ in 0.. String let addressFromUInt32 = MACAddress(expectedValue) #expect(addressFromUInt32.description == expectedString) // Test String -> UInt32 let addressFromString = try MACAddress(expectedString) #expect(addressFromString.value == expectedValue) // Test equality #expect(addressFromUInt32 == addressFromString) } @Test( "error message consistency", arguments: [ "", "hi:00:00:00:00:00", "01:23:45:67:89", "01:23:45:67:89:ab:cd", "001:23:45:67:89:ab:cd", " 01:23:45:67:89:ab:cd", "01:23:45:67:89:ab:cd ", ] ) func testErrorMessageConsistency(invalidInput: String) { do { _ = try MACAddress(invalidInput) #expect(Bool(false), "Should have thrown for input: \(invalidInput)") } catch let error as AddressError { #expect(error == AddressError.unableToParse) } catch { #expect(Bool(false), "Should have thrown AddressError, got: \(error)") } } @Test( "Codable encodes to string representation", arguments: [ "01:23:45:67:89:ab", "00:00:00:00:00:00", "ff:ff:ff:ff:ff:ff", ] ) func testCodableEncode(address: String) throws { let original = try MACAddress(address) let encoded = try JSONEncoder().encode(original) #expect(String(data: encoded, encoding: .utf8) == "\"\(address)\"") } @Test( "Codable decodes from string representation", arguments: [ "01:23:45:67:89:ab", "00:00:00:00:00:00", "ff:ff:ff:ff:ff:ff", ] ) func testCodableDecode(address: String) throws { let json = Data("\"\(address)\"".utf8) let decoded = try JSONDecoder().decode(MACAddress.self, from: json) let expected = try MACAddress(address) #expect(decoded == expected) } } } ================================================ FILE: Tests/ContainerizationExtrasTests/TestNetworkAddress+Allocator.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // import ContainerizationExtras import Testing @testable import ContainerizationExtras final class TestAddressAllocators { @Test func testIPv4AddressAllocatorZeroSize() throws { _ = try IPv4Address.allocator(lower: 0xffff_ffff, size: 1) do { _ = try IPv4Address.allocator(lower: 0xffff_ffff, size: 0) #expect(Bool(false), "Expected AllocatorError.rangeExceeded to be thrown") } catch { #expect(error as? AllocatorError == .rangeExceeded, "Unexpected error thrown: \(error)") } } @Test func testIPv4AddressAllocatorOverflow() throws { _ = try IPv4Address.allocator(lower: 0xffff_ff00, size: 256) do { _ = try IPv4Address.allocator(lower: 0xffff_ff00, size: 257) #expect(Bool(false), "Expected AllocatorError.rangeExceeded to be thrown") } catch { #expect(error as? AllocatorError == .rangeExceeded, "Unexpected error thrown: \(error)") } } @Test func testUInt16AllocatorOverflow() throws { _ = try UInt16.allocator(lower: 0xfff0, size: 16) do { _ = try UInt16.allocator(lower: 0xfff0, size: 17) #expect(Bool(false), "Expected AllocatorError.rangeExceeded to be thrown") } catch { #expect(error as? AllocatorError == .rangeExceeded, "Unexpected error thrown: \(error)") } } @Test func testUInt32AllocatorOverflow() throws { _ = try UInt32.allocator(lower: 0xffff_fff0, size: 16) do { _ = try UInt32.allocator(lower: 0xffff_fff0, size: 17) #expect(Bool(false), "Expected AllocatorError.rangeExceeded to be thrown") } catch { #expect(error as? AllocatorError == .rangeExceeded, "Unexpected error thrown: \(error)") } } @Test func testFreeUnallocated() throws { let allocator = try IPv4Address.allocator( lower: 0xc0a8_4000, size: 256) do { _ = try allocator.release(IPv4Address("192.168.64.2")) #expect(Bool(false), "Expected AllocatorError.notAllocated to be thrown") } catch { #expect(error as? AllocatorError == .notAllocated("192.168.64.2"), "Unexpected error thrown: \(error)") } } @Test func testChoose() throws { let allocator = try IPv4Address.allocator( lower: 0xc0a8_4000, size: 2) try allocator.reserve(IPv4Address("192.168.64.1")) do { _ = try allocator.reserve(IPv4Address("192.168.64.1")) #expect(Bool(false), "Expected AllocatorError.alreadyAllocated to be thrown") } catch { #expect(error as? AllocatorError == .alreadyAllocated("192.168.64.1"), "Unexpected error thrown: \(error)") } } @Test func testipv4AddressAllocator() throws { var allocations = Set() let lower = try IPv4Address("192.168.64.1").value & Prefix(length: 24)!.prefixMask32 let allocator = try IPv4Address.allocator( lower: lower, size: 3) allocations.insert(try allocator.allocate().value) allocations.insert(try allocator.allocate().value) allocations.insert(try allocator.allocate().value) do { _ = try allocator.allocate() #expect(Bool(false), "Expected AllocatorError.allocatorFull to be thrown") } catch { #expect(error as? AllocatorError == .allocatorFull, "Unexpected error thrown: \(error)") } let address = try IPv4Address("192.168.64.2") try allocator.release(address) let value = try allocator.allocate() #expect(value == address) } @Test func testHighestIPv4AddressAllocator() throws { var allocations = Set() let lower = try IPv4Address("255.255.255.255").value & Prefix(length: 32)!.prefixMask32 let allocator = try IPv4Address.allocator( lower: lower, size: 1) allocations.insert(try allocator.allocate().value) do { _ = try allocator.allocate() #expect(Bool(false), "Expected AllocatorError.allocatorFull to be thrown") } catch { #expect(error as? AllocatorError == .allocatorFull, "Unexpected error thrown: \(error)") } let address = try IPv4Address("255.255.255.255") try allocator.release(address) let value = try allocator.allocate() #expect(value == address) } @Test func testLargestIPv4AddressAllocator() throws { // NOTE: This allocator should consume about 16MB _ = try IPv4Address.allocator(lower: 0, size: 1 << 32) } @Test func testUInt16PortAllocator() throws { var allocations = Set() let lower = UInt16(1024) let allocator = try UInt16.allocator(lower: lower, size: 3) allocations.insert(try allocator.allocate()) allocations.insert(try allocator.allocate()) allocations.insert(try allocator.allocate()) do { _ = try allocator.allocate() #expect(Bool(false), "Expected AllocatorError.allocatorFull to be thrown") } catch { #expect(error as? AllocatorError == .allocatorFull, "Unexpected error thrown: \(error)") } let address = UInt16(1025) try allocator.release(address) let value = try allocator.allocate() #expect(value == address) } @Test func testUInt32PortAllocator() throws { var allocations = Set() let lower = UInt32(5000) let allocator = try UInt32.allocator(lower: lower, size: 3) allocations.insert(try allocator.allocate()) allocations.insert(try allocator.allocate()) allocations.insert(try allocator.allocate()) do { _ = try allocator.allocate() #expect(Bool(false), "Expected AllocatorError.allocatorFull to be thrown") } catch { #expect(error as? AllocatorError == .allocatorFull, "Unexpected error thrown: \(error)") } let address = UInt32(5001) try allocator.release(address) let value = try allocator.allocate() #expect(value == address) } @Test func testRotatingUInt32PortAllocator() throws { var allocations = Set() let lower = UInt32(5000) let allocator = try UInt32.rotatingAllocator(lower: lower, size: 3) allocations.insert(try allocator.allocate()) allocations.insert(try allocator.allocate()) allocations.insert(try allocator.allocate()) do { _ = try allocator.allocate() #expect(Bool(false), "Expected AllocatorError.allocatorFull to be thrown") } catch { #expect(error as? AllocatorError == .allocatorFull, "Unexpected error thrown: \(error)") } let address = UInt32(5001) try allocator.release(address) let value = try allocator.allocate() #expect(value == address) } @Test func testRotatingFIFOUInt32PortAllocator() throws { let lower = UInt32(5000) let allocator = try UInt32.rotatingAllocator(lower: lower, size: 3) let first = try allocator.allocate() #expect(first == 5000) let second = try allocator.allocate() #expect(second == 5001) try allocator.release(first) let third = try allocator.allocate() // even after a release, it should continue to allocate in the range // before reusing a previous allocation on the stack. #expect(third == 5002) // now the next allocation should be our first port let reused = try allocator.allocate() #expect(reused == first) try allocator.release(third) let thirdReused = try allocator.allocate() #expect(thirdReused == third) } @Test func testRotatingReservedUInt32PortAllocator() throws { let lower = UInt32(5000) let allocator = try UInt32.rotatingAllocator(lower: lower, size: 3) try allocator.reserve(5001) let first = try allocator.allocate() #expect(first == 5000) // this should skip the reserved 5001 let second = try allocator.allocate() #expect(second == 5002) // no release our reserved try allocator.release(5001) let third = try allocator.allocate() #expect(third == 5001) } } ================================================ FILE: Tests/ContainerizationExtrasTests/TestPrefix.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Testing @testable import ContainerizationExtras struct TestPrefix { // MARK: - IPv4 Mask Tests struct IPv4Mask { let length: UInt8 let expectedPrefix: UInt32 let expectedSuffix: UInt32 } @Test(arguments: [ IPv4Mask( length: 0, expectedPrefix: 0x0000_0000, expectedSuffix: 0xFFFF_FFFF ), IPv4Mask( length: 8, expectedPrefix: 0xFF00_0000, expectedSuffix: 0x00FF_FFFF ), IPv4Mask( length: 16, expectedPrefix: 0xFFFF_0000, expectedSuffix: 0x0000_FFFF ), IPv4Mask( length: 24, expectedPrefix: 0xFFFF_FF00, expectedSuffix: 0x0000_00FF ), IPv4Mask( length: 32, expectedPrefix: 0xFFFF_FFFF, expectedSuffix: 0x0000_0000 ), ]) func testIPv4Masks(testCase: IPv4Mask) { let prefix = Prefix(length: testCase.length)! #expect(prefix.prefixMask32 == testCase.expectedPrefix) #expect(prefix.suffixMask32 == testCase.expectedSuffix) } @Test func testMasksAreInverses32() { for length in 0...32 { let prefix = Prefix(length: UInt8(length))! #expect(~prefix.prefixMask32 == prefix.suffixMask32) } } // MARK: - IPv6 Mask Tests struct IPv6Mask { let length: UInt8 let expectedPrefix: UInt128 let expectedSuffix: UInt128 } @Test func testIPv6Masks() { let cases = [ IPv6Mask( length: 0, expectedPrefix: UInt128(0), expectedSuffix: UInt128.max ), IPv6Mask( length: 64, expectedPrefix: 0xFFFF_FFFF_FFFF_FFFF_0000_0000_0000_0000, expectedSuffix: 0x0000_0000_0000_0000_FFFF_FFFF_FFFF_FFFF ), IPv6Mask( length: 128, expectedPrefix: UInt128.max, expectedSuffix: UInt128(0) ), ] for testCase in cases { let prefix = Prefix(length: testCase.length)! #expect(prefix.prefixMask128 == testCase.expectedPrefix) #expect(prefix.suffixMask128 == testCase.expectedSuffix) } } @Test func testMasksAreInverses128() { for length in stride(from: 0, through: 128, by: 8) { let prefix = Prefix(length: UInt8(length))! #expect(~prefix.prefixMask128 == prefix.suffixMask128) } } // MARK: - Description Tests @Test func testDescription() { #expect(Prefix(length: 24)!.description == "24") #expect(Prefix(length: 0)!.description == "0") #expect(Prefix(length: 128)!.description == "128") } // MARK: - Validation Tests @Test func testValidationRejectsInvalidLengths() { // Valid ranges #expect(Prefix(length: 0) != nil) #expect(Prefix(length: 32) != nil) #expect(Prefix(length: 128) != nil) // Invalid ranges #expect(Prefix(length: 129) == nil) #expect(Prefix(length: 200) == nil) #expect(Prefix(length: 255) == nil) } @Test func testIPv4SpecificValidation() { // Valid IPv4 prefixes #expect(Prefix.ipv4(0) != nil) #expect(Prefix.ipv4(16) != nil) #expect(Prefix.ipv4(32) != nil) // Invalid IPv4 prefixes #expect(Prefix.ipv4(33) == nil) #expect(Prefix.ipv4(64) == nil) #expect(Prefix.ipv4(128) == nil) } @Test func testIPv6SpecificValidation() { // Valid IPv6 prefixes #expect(Prefix.ipv6(0) != nil) #expect(Prefix.ipv6(64) != nil) #expect(Prefix.ipv6(128) != nil) // Invalid IPv6 prefixes #expect(Prefix.ipv6(129) == nil) #expect(Prefix.ipv6(255) == nil) } } ================================================ FILE: Tests/ContainerizationExtrasTests/TestTimeout.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import ContainerizationExtras final class TestTimeoutType { @Test func testNoCancellation() async throws { await #expect(throws: Never.self) { try await Timeout.run( for: .seconds(5), operation: { return }) } } @Test func testCancellationError() async throws { await #expect(throws: CancellationError.self) { try await Timeout.run( for: .milliseconds(50), operation: { try await Task.sleep(for: .seconds(2)) }) } } @Test func testClosureError() async throws { // Check that we get the closures error if we don't timeout, but // the closure does throw before. await #expect(throws: POSIXError.self) { try await Timeout.run( for: .seconds(10), operation: { throw POSIXError(.E2BIG) }) } } } ================================================ FILE: Tests/ContainerizationExtrasTests/UInt8+DataBindingTest.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Testing @testable import ContainerizationExtras struct BufferTest { // MARK: - hexEncodedString Tests @Test func testArrayHexEncodedStringEmpty() { let buffer: [UInt8] = [] #expect(buffer.hexEncodedString() == "") } @Test func testArrayHexEncodedStringSingleByte() { let buffer: [UInt8] = [0xFF] #expect(buffer.hexEncodedString() == "ff") } @Test func testArrayHexEncodedStringMultipleBytes() { let buffer: [UInt8] = [0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF] #expect(buffer.hexEncodedString() == "0123456789abcdef") } @Test func testArrayHexEncodedStringZeroes() { let buffer: [UInt8] = [0x00, 0x00, 0x00] #expect(buffer.hexEncodedString() == "000000") } @Test func testArraySliceHexEncodedStringEmpty() { let buffer: [UInt8] = [0x01, 0x02, 0x03] let slice = buffer[0..<0] #expect(slice.hexEncodedString() == "") } @Test func testArraySliceHexEncodedStringSingleByte() { let buffer: [UInt8] = [0x01, 0x02, 0x03] let slice = buffer[1..<2] #expect(slice.hexEncodedString() == "02") } @Test func testArraySliceHexEncodedStringMultipleBytes() { let buffer: [UInt8] = [0x00, 0xAA, 0xBB, 0xCC, 0x00] let slice = buffer[1..<4] #expect(slice.hexEncodedString() == "aabbcc") } // MARK: - bind Tests @Test func testBufferBind() throws { let expectedValue: UInt64 = 0x0102_0304_0506_0708 let expectedBuffer: [UInt8] = [ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, ] var buffer = [UInt8](repeating: 0, count: 3 * MemoryLayout.size) guard let ptr = buffer.bind(as: UInt64.self, offset: 2 * MemoryLayout.size) else { #expect(Bool(false), "could not bind value to buffer") return } ptr.pointee = expectedValue #expect(buffer == expectedBuffer) } @Test func testBufferBindZeroOffset() { let expectedValue: UInt32 = 0x1234_5678 var buffer = [UInt8](repeating: 0, count: 8) guard let ptr = buffer.bind(as: UInt32.self, offset: 0) else { #expect(Bool(false), "could not bind value to buffer at offset 0") return } ptr.pointee = expectedValue #expect(buffer[0] == 0x78) #expect(buffer[1] == 0x56) #expect(buffer[2] == 0x34) #expect(buffer[3] == 0x12) } @Test func testBufferBindRangeError() throws { var buffer = [UInt8](repeating: 0, count: 3 * MemoryLayout.size) #expect(buffer.bind(as: UInt64.self, offset: 2 * MemoryLayout.size + 1) == nil) } @Test func testBufferBindRangeErrorExactBoundary() { var buffer = [UInt8](repeating: 0, count: 8) // Trying to bind UInt64 at offset 1 requires 9 bytes total #expect(buffer.bind(as: UInt64.self, offset: 1) == nil) } @Test func testBufferBindWithCustomSize() { var buffer = [UInt8](repeating: 0, count: 16) // Request a size larger than the type guard let ptr = buffer.bind(as: UInt32.self, offset: 4, size: 8) else { #expect(Bool(false), "could not bind with custom size") return } ptr.pointee = 0xAABB_CCDD #expect(buffer[4] == 0xDD) #expect(buffer[5] == 0xCC) #expect(buffer[6] == 0xBB) #expect(buffer[7] == 0xAA) } @Test func testBufferBindWithCustomSizeRangeError() { var buffer = [UInt8](repeating: 0, count: 10) // Request size 8 at offset 4 would require 12 bytes total #expect(buffer.bind(as: UInt32.self, offset: 4, size: 8) == nil) } // MARK: - copyIn Tests @Test func testCopyInUInt8() { var buffer = [UInt8](repeating: 0, count: 4) let value: UInt8 = 0x42 guard let offset = buffer.copyIn(as: UInt8.self, value: value, offset: 2) else { #expect(Bool(false), "could not copy UInt8 to buffer") return } #expect(offset == 3) #expect(buffer[2] == 0x42) } @Test func testCopyInUInt16() { var buffer = [UInt8](repeating: 0, count: 8) let value: UInt16 = 0x1234 guard let offset = buffer.copyIn(as: UInt16.self, value: value, offset: 3) else { #expect(Bool(false), "could not copy UInt16 to buffer") return } #expect(offset == 5) #expect(buffer[3] == 0x34) #expect(buffer[4] == 0x12) } @Test func testCopyInUInt32() { var buffer = [UInt8](repeating: 0, count: 8) let value: UInt32 = 0x1234_5678 guard let offset = buffer.copyIn(as: UInt32.self, value: value, offset: 0) else { #expect(Bool(false), "could not copy UInt32 to buffer") return } #expect(offset == 4) #expect(buffer[0] == 0x78) #expect(buffer[1] == 0x56) #expect(buffer[2] == 0x34) #expect(buffer[3] == 0x12) } @Test func testCopyInUInt64() { var buffer = [UInt8](repeating: 0, count: 16) let value: UInt64 = 0x0102_0304_0506_0708 guard let offset = buffer.copyIn(as: UInt64.self, value: value, offset: 4) else { #expect(Bool(false), "could not copy UInt64 to buffer") return } #expect(offset == 12) #expect(buffer[4] == 0x08) #expect(buffer[5] == 0x07) #expect(buffer[6] == 0x06) #expect(buffer[7] == 0x05) #expect(buffer[8] == 0x04) #expect(buffer[9] == 0x03) #expect(buffer[10] == 0x02) #expect(buffer[11] == 0x01) } @Test func testCopyInRangeError() { var buffer = [UInt8](repeating: 0, count: 8) let value: UInt64 = 0x1234_5678_90AB_CDEF // Offset 4 + size 8 = 12, but buffer only has 8 bytes #expect(buffer.copyIn(as: UInt64.self, value: value, offset: 4) == nil) } @Test func testCopyInExactBoundary() { var buffer = [UInt8](repeating: 0, count: 8) let value: UInt64 = 0xFEDC_BA98_7654_3210 guard let offset = buffer.copyIn(as: UInt64.self, value: value, offset: 0) else { #expect(Bool(false), "could not copy UInt64 at exact boundary") return } #expect(offset == 8) } @Test func testCopyInWithCustomSize() { var buffer = [UInt8](repeating: 0, count: 16) let value: UInt32 = 0xAABB_CCDD // Copy with custom size of 8 (larger than UInt32's 4 bytes) guard let offset = buffer.copyIn(as: UInt32.self, value: value, offset: 2, size: 8) else { #expect(Bool(false), "could not copy with custom size") return } #expect(offset == 6) // offset + MemoryLayout.size #expect(buffer[2] == 0xDD) #expect(buffer[3] == 0xCC) #expect(buffer[4] == 0xBB) #expect(buffer[5] == 0xAA) } @Test func testCopyInWithCustomSizeRangeError() { var buffer = [UInt8](repeating: 0, count: 8) let value: UInt32 = 0x1234_5678 // Request size 8 at offset 2 would require 10 bytes total #expect(buffer.copyIn(as: UInt32.self, value: value, offset: 2, size: 8) == nil) } // MARK: - copyOut Tests @Test func testCopyOutUInt8() { let buffer: [UInt8] = [0x00, 0x11, 0x22, 0x33] guard let (offset, value) = buffer.copyOut(as: UInt8.self, offset: 2) else { #expect(Bool(false), "could not copy out UInt8") return } #expect(offset == 3) #expect(value == 0x22) } @Test func testCopyOutUInt16() { let buffer: [UInt8] = [0x00, 0x11, 0x22, 0x33, 0x44, 0x55] guard let (offset, value) = buffer.copyOut(as: UInt16.self, offset: 2) else { #expect(Bool(false), "could not copy out UInt16") return } #expect(offset == 4) #expect(value == 0x3322) } @Test func testCopyOutUInt32() { let buffer: [UInt8] = [0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC, 0xDE, 0xF0] guard let (offset, value) = buffer.copyOut(as: UInt32.self, offset: 0) else { #expect(Bool(false), "could not copy out UInt32") return } #expect(offset == 4) #expect(value == 0x7856_3412) } @Test func testCopyOutUInt64() { let buffer: [UInt8] = [ 0x00, 0x00, 0x00, 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0xFF, 0xFF, ] guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: 4) else { #expect(Bool(false), "could not copy out UInt64") return } #expect(offset == 12) #expect(value == 0x8877_6655_4433_2211) } @Test func testCopyOutRangeError() { let buffer: [UInt8] = [0x00, 0x11, 0x22, 0x33] // Trying to read UInt64 from offset 0 with only 4 bytes #expect(buffer.copyOut(as: UInt64.self, offset: 0) == nil) } @Test func testCopyOutExactBoundary() { let buffer: [UInt8] = [0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08] guard let (offset, value) = buffer.copyOut(as: UInt64.self, offset: 0) else { #expect(Bool(false), "could not copy out at exact boundary") return } #expect(offset == 8) #expect(value == 0x0807_0605_0403_0201) } @Test func testCopyOutWithCustomSize() { let buffer: [UInt8] = [0x00, 0x00, 0x11, 0x22, 0x33, 0x44, 0xFF, 0xFF, 0xFF, 0xFF] guard let (offset, value) = buffer.copyOut(as: UInt32.self, offset: 2, size: 8) else { #expect(Bool(false), "could not copy out with custom size") return } #expect(offset == 6) // offset + MemoryLayout.size #expect(value == 0x4433_2211) } @Test func testCopyOutWithCustomSizeRangeError() { let buffer: [UInt8] = [0x00, 0x11, 0x22, 0x33, 0x44, 0x55] // Request size 8 at offset 2 would require 10 bytes total, but buffer only has 6 #expect(buffer.copyOut(as: UInt32.self, offset: 2, size: 8) == nil) } // MARK: - copyIn(buffer:) and copyOut(buffer:) Tests @Test func testBufferCopy() throws { let inputBuffer: [UInt8] = [0x01, 0x02, 0x03] var buffer = [UInt8](repeating: 0, count: 9) guard let offset = buffer.copyIn(buffer: inputBuffer, offset: 4) else { #expect(Bool(false), "could not copy to buffer") return } #expect(offset == 7) guard let offset = buffer.copyIn(buffer: inputBuffer, offset: 6) else { #expect(Bool(false), "could not copy to buffer") return } #expect(offset == 9) let expectedBuffer: [UInt8] = [ 0x00, 0x00, 0x00, 0x00, 0x01, 0x02, 0x01, 0x02, 0x03, ] #expect(expectedBuffer == buffer) var outputBuffer = [UInt8](repeating: 0, count: 3) guard let offset = buffer.copyOut(buffer: &outputBuffer, offset: 6) else { #expect(Bool(false), "could not copy to buffer") return } #expect(offset == 9) let expectedOutputBuffer: [UInt8] = [ 0x01, 0x02, 0x03, ] #expect(expectedOutputBuffer == outputBuffer) } @Test func testBufferCopyZeroOffset() { let inputBuffer: [UInt8] = [0xAA, 0xBB, 0xCC] var buffer = [UInt8](repeating: 0, count: 5) guard let offset = buffer.copyIn(buffer: inputBuffer, offset: 0) else { #expect(Bool(false), "could not copy to buffer at offset 0") return } #expect(offset == 3) #expect(buffer[0] == 0xAA) #expect(buffer[1] == 0xBB) #expect(buffer[2] == 0xCC) } @Test func testBufferCopyEmptyBuffer() { let inputBuffer: [UInt8] = [] var buffer = [UInt8](repeating: 0, count: 5) guard let offset = buffer.copyIn(buffer: inputBuffer, offset: 2) else { #expect(Bool(false), "could not copy empty buffer") return } #expect(offset == 2) } @Test func testBufferCopyExactFit() { let inputBuffer: [UInt8] = [0x01, 0x02, 0x03] var buffer = [UInt8](repeating: 0, count: 6) guard let offset = buffer.copyIn(buffer: inputBuffer, offset: 3) else { #expect(Bool(false), "could not copy to exact fit") return } #expect(offset == 6) } @Test func testBufferCopyRangeError() throws { let inputBuffer: [UInt8] = [0x01, 0x02, 0x03] var buffer = [UInt8](repeating: 0, count: 9) #expect(buffer.copyIn(buffer: inputBuffer, offset: 7) == nil) var outputBuffer = [UInt8](repeating: 0, count: 3) #expect(buffer.copyOut(buffer: &outputBuffer, offset: 7) == nil) } @Test func testBufferCopyOutZeroOffset() { let buffer: [UInt8] = [0x11, 0x22, 0x33, 0x44, 0x55] var outputBuffer = [UInt8](repeating: 0, count: 3) guard let offset = buffer.copyOut(buffer: &outputBuffer, offset: 0) else { #expect(Bool(false), "could not copy out at offset 0") return } #expect(offset == 3) #expect(outputBuffer[0] == 0x11) #expect(outputBuffer[1] == 0x22) #expect(outputBuffer[2] == 0x33) } @Test func testBufferCopyOutEmptyBuffer() { let buffer: [UInt8] = [0x11, 0x22, 0x33] var outputBuffer: [UInt8] = [] guard let offset = buffer.copyOut(buffer: &outputBuffer, offset: 1) else { #expect(Bool(false), "could not copy out to empty buffer") return } #expect(offset == 1) } @Test func testBufferCopyOutExactFit() { let buffer: [UInt8] = [0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF] var outputBuffer = [UInt8](repeating: 0, count: 3) guard let offset = buffer.copyOut(buffer: &outputBuffer, offset: 3) else { #expect(Bool(false), "could not copy out exact fit") return } #expect(offset == 6) #expect(outputBuffer[0] == 0xDD) #expect(outputBuffer[1] == 0xEE) #expect(outputBuffer[2] == 0xFF) } } ================================================ FILE: Tests/ContainerizationNetlinkTests/MockNetlinkSocket.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // @testable import ContainerizationNetlink class MockNetlinkSocket: NetlinkSocket { static let ENOMEM: Int32 = 12 static let EOVERFLOW: Int32 = 75 var pid: UInt32 = 0 var requests: [[UInt8]] = [] var responses: [[UInt8]] = [] var responseIndex = 0 public init() throws {} public func send(buf: UnsafeRawPointer!, len: Int, flags: Int32) throws -> Int { let ptr = buf.bindMemory(to: UInt8.self, capacity: len) requests.append(Array(UnsafeBufferPointer(start: ptr, count: len))) return len } public func recv(buf: UnsafeMutableRawPointer!, len: Int, flags: Int32) throws -> Int { guard responseIndex < responses.count else { throw NetlinkSocketError.recvFailure(rc: Self.ENOMEM) } let response = responses[responseIndex] guard len >= response.count else { throw NetlinkSocketError.recvFailure(rc: 75) } response.withUnsafeBytes { bytes in buf.copyMemory(from: bytes.baseAddress!, byteCount: response.count) } responseIndex += 1 return response.count } } ================================================ FILE: Tests/ContainerizationNetlinkTests/NetlinkSessionTest.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationExtras import ContainerizationOS import Testing @testable import ContainerizationNetlink struct NetlinkSessionTest { @Test func testNetworkLinkDown() throws { let mockSocket = try MockNetlinkSocket() mockSocket.pid = 0xc00c_c00c // Lookup interface by name, truncated response with no attributes (not needed at present). let expectedLookupRequest = "3400000012000100000000000cc00cc0" // Netlink header (16 B) + "110000000000000001000000ffffffff" // struct ifinfomsg (16 B) + "08001d00090000000c0003006574683000000000" // RT attrs: IFLA_EXT_MASK + IFLA_IFNAME (“eth0”) mockSocket.responses.append( [UInt8]( hex: "2000000010000000000000000cc00cc0" // Netlink header (16 B) + "00000100020000004310010000000000" // struct ifinfomsg (16 B) – no RT attrs ) ) // Link‑down request – 32‑byte payload, no attributes. let expectedDownRequest = "2000000010000500000000000cc00cc0" // Netlink header (16 B) + "110000000200000000000000ffffffff" // struct ifinfomsg (16 B) – no RT attrs mockSocket.responses.append( [UInt8]( hex: "2400000002000001000000000cc00cc0" // Netlink header (16 B) + "00000000200000001000050000000000" // nlmsg_err payload (16 B) + "0c000000" // first 4 B of echoed header ) ) let session = NetlinkSession(socket: mockSocket) try session.linkSet(interface: "eth0", up: false) #expect(mockSocket.requests.count == 2) #expect(mockSocket.responseIndex == 2) mockSocket.requests[0][8..<12] = [0, 0, 0, 0] #expect(expectedLookupRequest == mockSocket.requests[0].hexEncodedString()) mockSocket.requests[1][8..<12] = [0, 0, 0, 0] #expect(expectedDownRequest == mockSocket.requests[1].hexEncodedString()) } @Test func testNetworkLinkUp() throws { let mockSocket = try MockNetlinkSocket() mockSocket.pid = 0x0cc0_0cc0 // Lookup interface by name, truncated response with no attributes (not needed at present). let expectedLookupRequest = "340000001200010000000000c00cc00c" // Netlink header (16 B) + "110000000000000001000000ffffffff" // struct ifinfomsg (16 B) + "08001d00090000000c0003006574683000000000" // RT attrs: IFLA_EXT_MASK + IFLA_IFNAME (“eth0”) mockSocket.responses.append( [UInt8]( hex: "200000001000000000000000c00cc00c" // Netlink header (16 B) + "00000100020000004310010000000000" // struct ifinfomsg (16 B) – no attributes ) ) // Network up for interface. let expectedUpRequest = "280000001000050000000000c00cc00c" // Netlink header (16 B) + "110000000200000001000000ffffffff" // struct ifinfomsg (16 B) + "0800040000050000" // RT attr: IFLA_MTU = 1280 (8 B) mockSocket.responses.append( [UInt8]( hex: "240000000200000100000000c00cc00c" // Netlink header (16 B) + "00000000200000001000050000000000" // nlmsg_err payload (16 B) + "11000000" // 1st 4 B of echoed offending header ) ) let session = NetlinkSession(socket: mockSocket) try session.linkSet(interface: "eth0", up: true, mtu: 1280) #expect(mockSocket.requests.count == 2) #expect(mockSocket.responseIndex == 2) mockSocket.requests[0][8..<12] = [0, 0, 0, 0] #expect(expectedLookupRequest == mockSocket.requests[0].hexEncodedString()) mockSocket.requests[1][8..<12] = [0, 0, 0, 0] #expect(expectedUpRequest == mockSocket.requests[1].hexEncodedString()) } @Test func testNetworkLinkUpLoopback() throws { let mockSocket = try MockNetlinkSocket() mockSocket.pid = 0xc00c_c00c // Lookup loopback interface let expectedLookupRequest = "3000000012000100000000000cc00cc0" // Netlink header (16 B) + "110000000000000001000000ffffffff" // struct ifinfomsg (16 B) + "08001d0009000000080003006c6f0000" // RT attrs: IFLA_EXT_MASK + IFLA_IFNAME (“lo”) mockSocket.responses.append( [UInt8]( hex: "2000000010000000000000000cc00cc0" // Netlink header (16 B) + "00000100010000004310010000000000" // struct ifinfomsg (16 B) – no attributes ) ) // Link up request for loopback, 32‑byte payload and no attributes let expectedUpRequest = "2000000010000500000000000cc00cc0" // Netlink header (16 B) + "110000000100000001000000ffffffff" // struct ifinfomsg (16 B) – no RT attrs mockSocket.responses.append( [UInt8]( hex: "2400000002000001000000000cc00cc0" // Netlink header (16 B) + "00000000200000001000050000000000" // nlmsg_err payload (16 B) + "0c000000" // first 4 B of echoed offending header ) ) let session = NetlinkSession(socket: mockSocket) try session.linkSet(interface: "lo", up: true) #expect(mockSocket.requests.count == 2) #expect(mockSocket.responseIndex == 2) mockSocket.requests[0][8..<12] = [0, 0, 0, 0] #expect(expectedLookupRequest == mockSocket.requests[0].hexEncodedString()) mockSocket.requests[1][8..<12] = [0, 0, 0, 0] #expect(expectedUpRequest == mockSocket.requests[1].hexEncodedString()) } @Test func testNetworkLinkGetEth0() throws { let mockSocket = try MockNetlinkSocket() mockSocket.pid = 0x1234_5678 // Lookup interface by name, truncated response with three attributes. let expectedLookupRequest = "34000000120001000000000078563412" // Netlink header (16 B) + "110000000000000001000000ffffffff" // struct ifinfomsg (16 B) + "08001d00090000000c0003006574683000000000" // RT attrs: IFLA_EXT_MASK + IFLA_IFNAME (“eth0”) mockSocket.responses.append( [UInt8]( hex: "48000000100000000000000078563412" // Netlink header (16 B) + "00000100020000004300010000000000" // struct ifinfomsg (16 B) + "090003006574683000000000" // IFLA_IFNAME (“eth0”) attr (12 B) + "08000d00e8030000" // IFLA_MTU = 1000 attr (8 B) + "0500100006000000" // attr type 0x0010 (8 B) + "0a000100825524c244030000" // IFLA_ADDRESS = 82:55:24:c2:44:03 (12 B) ) ) let session = NetlinkSession(socket: mockSocket) let links = try session.linkGet(interface: "eth0") #expect(mockSocket.requests.count == 1) #expect(mockSocket.responseIndex == 1) mockSocket.requests[0][8..<12] = [0, 0, 0, 0] #expect(expectedLookupRequest == mockSocket.requests[0].hexEncodedString()) try #require(links.count == 1) #expect(links[0].interfaceIndex == 2) #expect(links[0].interfaceFlags == 0x0001_0043) #expect(links[0].interfaceType == 1) #expect(links[0].isEthernet) #expect(!links[0].isLoopback) #expect(links[0].address == [0x82, 0x55, 0x24, 0xc2, 0x44, 0x03]) try #require(links[0].attrDatas.count == 4) #expect(links[0].attrDatas[0].attribute.type == 0x0003) #expect(links[0].attrDatas[0].attribute.len == 0x0009) #expect(links[0].attrDatas[0].data == [0x65, 0x74, 0x68, 0x30, 0x00]) #expect(links[0].attrDatas[1].attribute.type == 0x000d) #expect(links[0].attrDatas[1].attribute.len == 0x0008) #expect(links[0].attrDatas[1].data == [0xe8, 0x03, 0x00, 0x00]) #expect(links[0].attrDatas[2].attribute.type == 0x0010) #expect(links[0].attrDatas[2].attribute.len == 0x0005) #expect(links[0].attrDatas[2].data == [0x06]) } @Test func testNetworkLinkGet() throws { let mockSocket = try MockNetlinkSocket() mockSocket.pid = 0x8765_4321 // Lookup all interfaces, responses with only the interface name attribute. let expectedLookupRequest = "28000000120001030000000021436587" // Netlink header (16 B) + "110000000000000001000000ffffffff" // struct ifinfomsg (16 B) + "08001d0009000000" // RT attr: IFLA_EXT_MASK (8 B) mockSocket.responses.append( [UInt8]( hex: "28000000100002000000000021436587" // Netlink header (16 B) + "00000403010000004900010000000000" // struct ifinfomsg (16 B) + "070003006c6f0000" // IFLA_IFNAME “lo” (8 B, padded) ) ) mockSocket.responses.append( [UInt8]( hex: "2c000000100002000000000021436587" // Netlink header (16 B) + "00000003040000008000000000000000" // struct ifinfomsg (16 B) + "0a00030074756e6c30000000" // IFLA_IFNAME “tunl0” attr (12 B, padded) ) ) mockSocket.responses.append( [UInt8]( hex: "14000000030002000000000021436587" // Netlink header (16 B) – NLMSG_DONE + "00000000" // 4-byte payload ) ) let session = NetlinkSession(socket: mockSocket) let links = try session.linkGet() #expect(mockSocket.requests.count == 1) #expect(mockSocket.responseIndex == 3) mockSocket.requests[0][8..<12] = [0, 0, 0, 0] #expect(expectedLookupRequest == mockSocket.requests[0].hexEncodedString()) try #require(links.count == 2) #expect(links[0].interfaceIndex == 1) try #require(links[0].attrDatas.count == 1) #expect(links[0].attrDatas[0].attribute.type == 0x0003) #expect(links[0].attrDatas[0].attribute.len == 0x0007) #expect(links[0].attrDatas[0].data == [0x6c, 0x6f, 0x00]) #expect(links[1].interfaceIndex == 4) try #require(links[1].attrDatas.count == 1) #expect(links[1].attrDatas[0].attribute.type == 0x0003) #expect(links[1].attrDatas[0].attribute.len == 0x000a) #expect(links[1].attrDatas[0].data == [0x74, 0x75, 0x6e, 0x6c, 0x30, 0x00]) } @Test func testNetworkAddressAdd() throws { let mockSocket = try MockNetlinkSocket() mockSocket.pid = 0xc00c_c00c // Lookup interface by name, truncated response with no attributes (not needed at present). let expectedLookupRequest = "3400000012000100000000000cc00cc0" // Netlink header (16 B) + "110000000000000001000000ffffffff" // struct ifinfomsg (16 B) + "08001d00090000000c0003006574683000000000" // RT attrs: IFLA_EXT_MASK + IFLA_IFNAME (“eth0”) mockSocket.responses.append( [UInt8]( hex: "2000000010000000000000000cc00cc0" // Netlink header (16 B) + "00000100020000004310010000000000" // struct ifinfomsg (16 B) – no attributes ) ) // Network down for interface. let expectedAddRequest = "2800000014000506000000000cc00cc0" // Netlink header (16 B) + "0218000002000000" // ifaddrmsg (8 B): AF_INET, /24, ifindex 2 + "08000200c0a840fa" // RT attr: IFA_LOCAL 192.168.64.250 + "08000100c0a840fa" // RT attr: IFA_ADDRESS 192.168.64.250 mockSocket.responses.append( [UInt8]( hex: "2400000002000001000000000cc00cc0" // Netlink header (16 B) + "00000000280000001400050600000000" // nlmsg_err payload (16 B) + "1f000000" // first 4 B of echoed offending header ) ) let session = NetlinkSession(socket: mockSocket) try session.addressAdd(interface: "eth0", ipv4Address: try CIDRv4("192.168.64.250/24")) #expect(mockSocket.requests.count == 2) #expect(mockSocket.responseIndex == 2) mockSocket.requests[0][8..<12] = [0, 0, 0, 0] #expect(expectedLookupRequest == mockSocket.requests[0].hexEncodedString()) #expect(expectedAddRequest == mockSocket.requests[1].hexEncodedString()) } @Test func testNetworkRouteAddIpLink() throws { let mockSocket = try MockNetlinkSocket() mockSocket.pid = 0xc00c_c00c // Lookup interface by name, truncated response with no attributes (not needed at present). let expectedLookupRequest = "3400000012000100000000000cc00cc0" // Netlink header (16 B) + "110000000000000001000000ffffffff" // struct ifinfomsg (16 B) + "08001d00090000000c0003006574683000000000" // RT attrs: IFLA_EXT_MASK + IFLA_IFNAME ("eth0") mockSocket.responses.append( [UInt8]( hex: "2000000010000000000000000cc00cc0" // Netlink header (16 B) + "00000100020000004310010000000000" // struct ifinfomsg (16 B) – no attributes ) ) // Add link route. let expectedAddRequest = "3400000018000506000000000cc00cc0" // Netlink header (16 B) + "02180000fe02fd0100000000" // struct rtmsg (12 B): AF_INET, dst/24, // table=RT_TABLE_MAIN (0xfe), proto=RTPROT_KERNEL (0x02), // scope=RT_SCOPE_LINK (0xfd), type=RTN_UNICAST (0x01) + "08000100c0a84000" // RTA_DST 192.168.64.0 + "08000700c0a84003" // RTA_PREFSRC 192.168.64.3 + "0800040002000000" // RTA_OIF ifindex 2 (eth0) mockSocket.responses.append( [UInt8]( hex: "2400000002000001000000000cc00cc0" // Netlink header (16 B) + "00000000280000001400050600000000" // nlmsg_err payload (16 B) + "1f000000" // first 4 B of echoed offending header ) ) let session = NetlinkSession(socket: mockSocket) try session.routeAdd( interface: "eth0", dstIpv4Addr: try CIDRv4("192.168.64.0/24"), srcIpv4Addr: try IPv4Address("192.168.64.3") ) #expect(mockSocket.requests.count == 2) #expect(mockSocket.responseIndex == 2) mockSocket.requests[0][8..<12] = [0, 0, 0, 0] #expect(expectedLookupRequest == mockSocket.requests[0].hexEncodedString()) mockSocket.requests[1][8..<12] = [0, 0, 0, 0] #expect(expectedAddRequest == mockSocket.requests[1].hexEncodedString()) } @Test func testNetworkRouteAddIpLinkWithoutSrc() throws { let mockSocket = try MockNetlinkSocket() mockSocket.pid = 0xc00c_c00c // Lookup interface by name, truncated response with no attributes (not needed at present). let expectedLookupRequest = "3400000012000100000000000cc00cc0" // Netlink header (16 B) + "110000000000000001000000ffffffff" // struct ifinfomsg (16 B) + "08001d00090000000c0003006574683000000000" // RT attrs: IFLA_EXT_MASK + IFLA_IFNAME ("eth0") mockSocket.responses.append( [UInt8]( hex: "2000000010000000000000000cc00cc0" // Netlink header (16 B) + "00000100020000004310010000000000" // struct ifinfomsg (16 B) – no attributes ) ) // Add link route without RTA_PREFSRC. let expectedAddRequest = "2c00000018000506000000000cc00cc0" // Netlink header (16 B) + "02180000fe02fd0100000000" // struct rtmsg (12 B): AF_INET, dst/24, // table=RT_TABLE_MAIN (0xfe), proto=RTPROT_KERNEL (0x02), // scope=RT_SCOPE_LINK (0xfd), type=RTN_UNICAST (0x01) + "08000100c0a84000" // RTA_DST 192.168.64.0 + "0800040002000000" // RTA_OIF ifindex 2 (eth0) mockSocket.responses.append( [UInt8]( hex: "2400000002000001000000000cc00cc0" // Netlink header (16 B) + "00000000280000001400050600000000" // nlmsg_err payload (16 B) + "1f000000" // first 4 B of echoed offending header ) ) let session = NetlinkSession(socket: mockSocket) try session.routeAdd( interface: "eth0", dstIpv4Addr: try CIDRv4("192.168.64.0/24"), srcIpv4Addr: nil ) #expect(mockSocket.requests.count == 2) #expect(mockSocket.responseIndex == 2) mockSocket.requests[0][8..<12] = [0, 0, 0, 0] #expect(expectedLookupRequest == mockSocket.requests[0].hexEncodedString()) mockSocket.requests[1][8..<12] = [0, 0, 0, 0] #expect(expectedAddRequest == mockSocket.requests[1].hexEncodedString()) } @Test func testNetworkLinkGetMultipleMessagesInSingleBuffer() throws { let mockSocket = try MockNetlinkSocket() mockSocket.pid = 0x8765_4321 // Lookup all interfaces, with multiple messages packed into a single buffer. // This tests the fix for parsing multiple netlink messages that arrive in one recv() call. let expectedLookupRequest = "28000000120001030000000021436587" // Netlink header (16 B) + "110000000000000001000000ffffffff" // struct ifinfomsg (16 B) + "08001d0009000000" // RT attr: IFLA_EXT_MASK (8 B) // Pack three messages into a single response buffer: // // Message 1: loopback interface with one attribute let msg1 = "28000000100002000000000021436587" // Netlink header (16 B), len=40 + "00000403010000004900010000000000" // struct ifinfomsg (16 B) + "070003006c6f0000" // IFLA_IFNAME "lo" (8 B, padded) // Message 2: tunl0 interface with one attribute let msg2 = "2c000000100002000000000021436587" // Netlink header (16 B), len=44 + "00000003040000008000000000000000" // struct ifinfomsg (16 B) + "0a00030074756e6c30000000" // IFLA_IFNAME "tunl0" attr (12 B, padded) // Message 3: eth0 interface with two attributes let msg3 = "34000000100002000000000021436587" // Netlink header (16 B), len=52 + "00000100020000004300010000000000" // struct ifinfomsg (16 B) + "090003006574683000000000" // IFLA_IFNAME "eth0" attr (12 B) + "08000d00e8030000" // IFLA_MTU = 1000 attr (8 B) // Combine all three messages into a single buffer mockSocket.responses.append([UInt8](hex: msg1 + msg2 + msg3)) // Final NLMSG_DONE message in separate buffer mockSocket.responses.append( [UInt8]( hex: "14000000030002000000000021436587" // Netlink header (16 B) – NLMSG_DONE + "00000000" // 4-byte payload ) ) let session = NetlinkSession(socket: mockSocket) let links = try session.linkGet() #expect(mockSocket.requests.count == 1) #expect(mockSocket.responseIndex == 2) mockSocket.requests[0][8..<12] = [0, 0, 0, 0] #expect(expectedLookupRequest == mockSocket.requests[0].hexEncodedString()) // Verify we got all three interfaces try #require(links.count == 3) // Verify loopback interface #expect(links[0].interfaceIndex == 1) try #require(links[0].attrDatas.count == 1) #expect(links[0].attrDatas[0].attribute.type == 0x0003) #expect(links[0].attrDatas[0].attribute.len == 0x0007) #expect(links[0].attrDatas[0].data == [0x6c, 0x6f, 0x00]) // Verify tunl0 interface #expect(links[1].interfaceIndex == 4) try #require(links[1].attrDatas.count == 1) #expect(links[1].attrDatas[0].attribute.type == 0x0003) #expect(links[1].attrDatas[0].attribute.len == 0x000a) #expect(links[1].attrDatas[0].data == [0x74, 0x75, 0x6e, 0x6c, 0x30, 0x00]) // Verify eth0 interface #expect(links[2].interfaceIndex == 2) try #require(links[2].attrDatas.count == 2) #expect(links[2].attrDatas[0].attribute.type == 0x0003) #expect(links[2].attrDatas[0].attribute.len == 0x0009) #expect(links[2].attrDatas[0].data == [0x65, 0x74, 0x68, 0x30, 0x00]) #expect(links[2].attrDatas[1].attribute.type == 0x000d) #expect(links[2].attrDatas[1].attribute.len == 0x0008) #expect(links[2].attrDatas[1].data == [0xe8, 0x03, 0x00, 0x00]) } } extension Array where Element == UInt8 { /// Initializes `[UInt8]` from an even-length hex string init(hex: String) { self = stride(from: 0, to: hex.count, by: 2).compactMap { UInt8( hex[hex.index(hex.startIndex, offsetBy: $0)...] .prefix(2), radix: 16) } } } ================================================ FILE: Tests/ContainerizationNetlinkTests/TypesTest.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // import Testing @testable import ContainerizationNetlink struct TypesTest { @Test func testNetlinkMessageHeader() throws { let expectedValue = NetlinkMessageHeader( len: 0x1234_5678, type: 0x9abc, flags: 0xdef0, seq: 0x1122_3344, pid: 0x5566_7788) let expectedBuffer: [UInt8] = [ 0x78, 0x56, 0x34, 0x12, 0xbc, 0x9a, 0xf0, 0xde, 0x44, 0x33, 0x22, 0x11, 0x88, 0x77, 0x66, 0x55, ] var buffer = [UInt8](repeating: 0, count: NetlinkMessageHeader.size) let offset = try expectedValue.appendBuffer(&buffer, offset: 0) #expect(NetlinkMessageHeader.size == offset) #expect(expectedBuffer == buffer) guard let (offset, value) = buffer.copyOut(as: NetlinkMessageHeader.self) else { #expect(Bool(false), "could not bind value to buffer") return } #expect(offset == NetlinkMessageHeader.size) #expect(expectedValue == value) } @Test func testInterfaceInfo() throws { let expectedValue = InterfaceInfo( family: UInt8(AddressFamily.AF_NETLINK), type: 0x1234, index: 0x1234_5678, flags: 0x9abc_def0, change: 0x0fed_cba9 ) let expectedBuffer: [UInt8] = [ 0x10, 0x00, 0x34, 0x12, 0x78, 0x56, 0x34, 0x12, 0xf0, 0xde, 0xbc, 0x9a, 0xa9, 0xcb, 0xed, 0x0f, ] var buffer = [UInt8](repeating: 0, count: InterfaceInfo.size) let offset = try expectedValue.appendBuffer(&buffer, offset: 0) #expect(InterfaceInfo.size == offset) #expect(expectedBuffer == buffer) guard let (offset, value) = buffer.copyOut(as: InterfaceInfo.self) else { #expect(Bool(false), "could not bind value to buffer") return } #expect(offset == InterfaceInfo.size) #expect(expectedValue == value) } @Test func testAddressInfo() throws { let expectedValue = AddressInfo( family: UInt8(AddressFamily.AF_INET), prefixLength: 24, flags: 0x5a, scope: 0xa5, index: 0xdead_beef) let expectedBuffer: [UInt8] = [ 0x02, 0x18, 0x5a, 0xa5, 0xef, 0xbe, 0xad, 0xde, ] var buffer = [UInt8](repeating: 0, count: AddressInfo.size) let offset = try expectedValue.appendBuffer(&buffer, offset: 0) #expect(AddressInfo.size == offset) #expect(expectedBuffer == buffer) guard let (offset, value) = buffer.copyOut(as: AddressInfo.self) else { #expect(Bool(false), "could not bind value to buffer") return } #expect(offset == AddressInfo.size) #expect(expectedValue == value) } @Test func testRTAttribute() throws { let expectedValue = RTAttribute(len: 0x1234, type: 0x5678) let expectedBuffer: [UInt8] = [ 0x34, 0x12, 0x78, 0x56, ] var buffer = [UInt8](repeating: 0, count: RTAttribute.size) let offset = try expectedValue.appendBuffer(&buffer, offset: 0) #expect(RTAttribute.size == offset) #expect(expectedBuffer == buffer) guard let (offset, value) = buffer.copyOut(as: RTAttribute.self) else { #expect(Bool(false), "could not bind value to buffer") return } #expect(offset == RTAttribute.size) #expect(expectedValue == value) } @Test func testSockaddrNetlink() throws { let expectedValue = SockaddrNetlink(family: 16, pid: 0x1234_5678, groups: 0x9abc_def0) let expectedBuffer: [UInt8] = [ 0x10, 0x00, 0x00, 0x00, 0x78, 0x56, 0x34, 0x12, 0xf0, 0xde, 0xbc, 0x9a, ] var buffer = [UInt8](repeating: 0, count: SockaddrNetlink.size) let offset = try expectedValue.appendBuffer(&buffer, offset: 0) #expect(SockaddrNetlink.size == offset) #expect(expectedBuffer == buffer) var unmarshaledValue = SockaddrNetlink() let bindOffset = try unmarshaledValue.bindBuffer(&buffer, offset: 0) #expect(bindOffset == SockaddrNetlink.size) #expect(expectedValue == unmarshaledValue) } @Test func testRouteInfo() throws { let expectedValue = RouteInfo( family: UInt8(AddressFamily.AF_INET), dstLen: 24, srcLen: 0, tos: 0, table: RouteTable.MAIN, proto: RouteProtocol.KERNEL, scope: RouteScope.LINK, type: RouteType.UNICAST, flags: 0xdead_beef ) let expectedBuffer: [UInt8] = [ 0x02, 0x18, 0x00, 0x00, 0xfe, 0x02, 0xfd, 0x01, 0xef, 0xbe, 0xad, 0xde, ] var buffer = [UInt8](repeating: 0, count: RouteInfo.size) let offset = try expectedValue.appendBuffer(&buffer, offset: 0) #expect(RouteInfo.size == offset) #expect(expectedBuffer == buffer) var unmarshaledValue = RouteInfo( dstLen: 0, srcLen: 0, tos: 0, table: 0, proto: 0, scope: 0, type: 0, flags: 0) let bindOffset = try unmarshaledValue.bindBuffer(&buffer, offset: 0) #expect(bindOffset == RouteInfo.size) #expect(expectedValue == unmarshaledValue) } @Test func testLinkStatistics64() throws { var expectedValue = LinkStatistics64() expectedValue.rxPackets = 0x0102_0304_0506_0708 expectedValue.txPackets = 0x090a_0b0c_0d0e_0f10 expectedValue.rxBytes = 0x1112_1314_1516_1718 expectedValue.txBytes = 0x191a_1b1c_1d1e_1f20 expectedValue.rxErrors = 0x2122_2324_2526_2728 expectedValue.txErrors = 0x292a_2b2c_2d2e_2f30 expectedValue.rxDropped = 0x3132_3334_3536_3738 expectedValue.txDropped = 0x393a_3b3c_3d3e_3f40 expectedValue.multicast = 0x4142_4344_4546_4748 expectedValue.collisions = 0x494a_4b4c_4d4e_4f50 expectedValue.rxLengthErrors = 0x5152_5354_5556_5758 expectedValue.rxOverErrors = 0x595a_5b5c_5d5e_5f60 expectedValue.rxCrcErrors = 0x6162_6364_6566_6768 expectedValue.rxFrameErrors = 0x696a_6b6c_6d6e_6f70 expectedValue.rxFifoErrors = 0x7172_7374_7576_7778 expectedValue.rxMissedErrors = 0x797a_7b7c_7d7e_7f80 expectedValue.txAbortedErrors = 0x8182_8384_8586_8788 expectedValue.txCarrierErrors = 0x898a_8b8c_8d8e_8f90 expectedValue.txFifoErrors = 0x9192_9394_9596_9798 expectedValue.txHeartbeatErrors = 0x999a_9b9c_9d9e_9fa0 expectedValue.txWindowErrors = 0xa1a2_a3a4_a5a6_a7a8 expectedValue.rxCompressed = 0xa9aa_abac_adae_afb0 expectedValue.txCompressed = 0xb1b2_b3b4_b5b6_b7b8 let expectedBuffer: [UInt8] = [ 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x10, 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x18, 0x17, 0x16, 0x15, 0x14, 0x13, 0x12, 0x11, 0x20, 0x1f, 0x1e, 0x1d, 0x1c, 0x1b, 0x1a, 0x19, 0x28, 0x27, 0x26, 0x25, 0x24, 0x23, 0x22, 0x21, 0x30, 0x2f, 0x2e, 0x2d, 0x2c, 0x2b, 0x2a, 0x29, 0x38, 0x37, 0x36, 0x35, 0x34, 0x33, 0x32, 0x31, 0x40, 0x3f, 0x3e, 0x3d, 0x3c, 0x3b, 0x3a, 0x39, 0x48, 0x47, 0x46, 0x45, 0x44, 0x43, 0x42, 0x41, 0x50, 0x4f, 0x4e, 0x4d, 0x4c, 0x4b, 0x4a, 0x49, 0x58, 0x57, 0x56, 0x55, 0x54, 0x53, 0x52, 0x51, 0x60, 0x5f, 0x5e, 0x5d, 0x5c, 0x5b, 0x5a, 0x59, 0x68, 0x67, 0x66, 0x65, 0x64, 0x63, 0x62, 0x61, 0x70, 0x6f, 0x6e, 0x6d, 0x6c, 0x6b, 0x6a, 0x69, 0x78, 0x77, 0x76, 0x75, 0x74, 0x73, 0x72, 0x71, 0x80, 0x7f, 0x7e, 0x7d, 0x7c, 0x7b, 0x7a, 0x79, 0x88, 0x87, 0x86, 0x85, 0x84, 0x83, 0x82, 0x81, 0x90, 0x8f, 0x8e, 0x8d, 0x8c, 0x8b, 0x8a, 0x89, 0x98, 0x97, 0x96, 0x95, 0x94, 0x93, 0x92, 0x91, 0xa0, 0x9f, 0x9e, 0x9d, 0x9c, 0x9b, 0x9a, 0x99, 0xa8, 0xa7, 0xa6, 0xa5, 0xa4, 0xa3, 0xa2, 0xa1, 0xb0, 0xaf, 0xae, 0xad, 0xac, 0xab, 0xaa, 0xa9, 0xb8, 0xb7, 0xb6, 0xb5, 0xb4, 0xb3, 0xb2, 0xb1, ] var buffer = [UInt8](repeating: 0, count: LinkStatistics64.size) let offset = try expectedValue.appendBuffer(&buffer, offset: 0) #expect(LinkStatistics64.size == offset) #expect(expectedBuffer == buffer) var unmarshaledValue = LinkStatistics64() let bindOffset = try unmarshaledValue.bindBuffer(&buffer, offset: 0) #expect(bindOffset == LinkStatistics64.size) #expect(expectedValue == unmarshaledValue) } } ================================================ FILE: Tests/ContainerizationOCITests/AuthChallengeTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import ContainerizationOCI struct AuthChallengeTests { internal struct TestCase: Sendable { let input: String let expected: AuthenticateChallenge } private static let testCases: [TestCase] = [ .init( input: """ Bearer realm="https://domain.io/token",service="domain.io",scope="repository:user/image:pull" """, expected: .init(type: "Bearer", realm: "https://domain.io/token", service: "domain.io", scope: "repository:user/image:pull", error: nil)), .init( input: """ Bearer realm="https://foo-bar-registry.com/auth",service="Awesome Registry" """, expected: .init(type: "Bearer", realm: "https://foo-bar-registry.com/auth", service: "Awesome Registry", scope: nil, error: nil)), .init( input: """ Bearer realm="users.example.com", scope="create delete" """, expected: .init(type: "Bearer", realm: "users.example.com", service: nil, scope: "create delete", error: nil)), .init( input: """ Bearer realm="https://auth.server.io/token",service="registry.server.io" """, expected: .init(type: "Bearer", realm: "https://auth.server.io/token", service: "registry.server.io", scope: nil, error: nil)), ] @Test(arguments: testCases) func parseAuthHeader(testCase: TestCase) throws { let challenges = RegistryClient.parseWWWAuthenticateHeaders(headers: [testCase.input]) #expect(challenges.count == 1) #expect(challenges[0] == testCase.expected) } } ================================================ FILE: Tests/ContainerizationOCITests/OCIImageTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // import Foundation import Testing @testable import ContainerizationOCI struct OCITests { @Test func config() { let config = ContainerizationOCI.ImageConfig() let rootfs = ContainerizationOCI.Rootfs(type: "foo", diffIDs: ["diff1", "diff2"]) let history = ContainerizationOCI.History() let image = ContainerizationOCI.Image(architecture: "arm64", os: "linux", config: config, rootfs: rootfs, history: [history]) #expect(image.rootfs.type == "foo") } @Test func descriptor() { let platform = ContainerizationOCI.Platform(arch: "arm64", os: "linux") let descriptor = ContainerizationOCI.Descriptor(mediaType: MediaTypes.descriptor, digest: "123", size: 0, platform: platform) #expect(descriptor.platform?.architecture == "arm64") #expect(descriptor.platform?.os == "linux") #expect(descriptor.artifactType == nil) } @Test func descriptorWithArtifactType() throws { let testArtifactType = "application/vnd.example.test.v1+json" let descriptor = ContainerizationOCI.Descriptor( mediaType: MediaTypes.imageManifest, digest: "sha256:abc123", size: 1234, artifactType: testArtifactType ) #expect(descriptor.artifactType == testArtifactType) let data = try JSONEncoder().encode(descriptor) let decoded = try JSONDecoder().decode(ContainerizationOCI.Descriptor.self, from: data) #expect(decoded.artifactType == testArtifactType) } @Test func descriptorWithoutArtifactTypeDecodesAsNil() throws { let json = """ {"mediaType":"application/vnd.oci.descriptor.v1+json","digest":"sha256:abc","size":0} """ let decoded = try JSONDecoder().decode(ContainerizationOCI.Descriptor.self, from: json.data(using: .utf8)!) #expect(decoded.artifactType == nil) } @Test func index() { var descriptors: [ContainerizationOCI.Descriptor] = [] for i in 0..<5 { let descriptor = ContainerizationOCI.Descriptor(mediaType: MediaTypes.descriptor, digest: "\(i)", size: Int64(i)) descriptors.append(descriptor) } let index = ContainerizationOCI.Index(schemaVersion: 1, manifests: descriptors) #expect(index.manifests.count == 5) #expect(index.subject == nil) #expect(index.artifactType == nil) } @Test func indexWithSubjectAndArtifactType() throws { let testArtifactType = "application/vnd.example.test.v1+json" let subject = ContainerizationOCI.Descriptor(mediaType: MediaTypes.imageManifest, digest: "sha256:subject", size: 512) let index = ContainerizationOCI.Index( schemaVersion: 2, manifests: [], subject: subject, artifactType: testArtifactType ) #expect(index.subject?.digest == "sha256:subject") #expect(index.artifactType == testArtifactType) let data = try JSONEncoder().encode(index) let decoded = try JSONDecoder().decode(ContainerizationOCI.Index.self, from: data) #expect(decoded.subject?.digest == "sha256:subject") #expect(decoded.artifactType == testArtifactType) } @Test func indexDecodesWithoutNewFields() throws { let json = """ {"schemaVersion":2,"manifests":[{"mediaType":"application/vnd.oci.descriptor.v1+json","digest":"sha256:abc","size":10}]} """ let decoded = try JSONDecoder().decode(ContainerizationOCI.Index.self, from: json.data(using: .utf8)!) #expect(decoded.schemaVersion == 2) #expect(decoded.manifests.count == 1) #expect(decoded.subject == nil) #expect(decoded.artifactType == nil) } @Test func manifests() { var descriptors: [ContainerizationOCI.Descriptor] = [] for i in 0..<5 { let descriptor = ContainerizationOCI.Descriptor(mediaType: MediaTypes.descriptor, digest: "\(i)", size: Int64(i)) descriptors.append(descriptor) } let config = ContainerizationOCI.Descriptor(mediaType: MediaTypes.descriptor, digest: "123", size: 0) let manifest = ContainerizationOCI.Manifest(schemaVersion: 1, config: config, layers: descriptors) #expect(manifest.config.digest == "123") #expect(manifest.layers.count == 5) #expect(manifest.subject == nil) #expect(manifest.artifactType == nil) } @Test func manifestWithSubjectAndArtifactType() throws { let testArtifactType = "application/vnd.example.test.v1+json" let config = ContainerizationOCI.Descriptor(mediaType: MediaTypes.emptyJSON, digest: "sha256:empty", size: 2) let subject = ContainerizationOCI.Descriptor(mediaType: MediaTypes.imageManifest, digest: "sha256:target", size: 1234) let layer = ContainerizationOCI.Descriptor( mediaType: testArtifactType, digest: "sha256:meta", size: 89, annotations: ["org.opencontainers.image.title": "metadata.json"] ) let manifest = ContainerizationOCI.Manifest( config: config, layers: [layer], subject: subject, artifactType: testArtifactType ) #expect(manifest.subject?.digest == "sha256:target") #expect(manifest.artifactType == testArtifactType) #expect(manifest.layers[0].annotations?["org.opencontainers.image.title"] == "metadata.json") let data = try JSONEncoder().encode(manifest) let decoded = try JSONDecoder().decode(ContainerizationOCI.Manifest.self, from: data) #expect(decoded.subject?.digest == "sha256:target") #expect(decoded.artifactType == testArtifactType) } @Test func manifestDecodesWithoutNewFields() throws { let json = """ { "schemaVersion": 2, "config": {"mediaType":"application/vnd.oci.empty.v1+json","digest":"sha256:abc","size":2}, "layers": [] } """ let decoded = try JSONDecoder().decode(ContainerizationOCI.Manifest.self, from: json.data(using: .utf8)!) #expect(decoded.schemaVersion == 2) #expect(decoded.subject == nil) #expect(decoded.artifactType == nil) } } ================================================ FILE: Tests/ContainerizationOCITests/OCIPlatformTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // import Testing @testable import ContainerizationOCI struct OCIPlatformTests { @Test func identicalPlatforms() { let amd64lhs = Platform(arch: "amd64", os: "linux") let amd64rhs = Platform(arch: "amd64", os: "linux") #expect(amd64lhs == amd64rhs, "amd64 platforms should be equal") let arm64lhs = Platform(arch: "arm64", os: "linux") let arm64rhs = Platform(arch: "arm64", os: "linux") #expect(arm64lhs == arm64rhs, "arm64 platforms should be equal") } @Test func differentOS() { let lhs = Platform(arch: "arm64", os: "linux") let rhs = Platform(arch: "arm64", os: "darwin") #expect(lhs != rhs, "Different OS should not be equal") } @Test func differentArch() { let lhs = Platform(arch: "amd64", os: "linux") let rhs = Platform(arch: "arm64", os: "linux") #expect(lhs != rhs, "Different arch should not be equal") } @Test func arm64_sameVariant() { let lhs = Platform(arch: "arm64", os: "linux", variant: "v8") let rhs = Platform(arch: "arm64", os: "linux", variant: "v8") #expect(lhs == rhs, "Both OS arm64, same arch, same variant => equal") } @Test func arm64_nilAndV8() { let lhs = Platform(arch: "arm64", os: "linux", variant: nil) let rhs = Platform(arch: "arm64", os: "linux", variant: "v8") #expect(lhs == rhs, "One variant nil and other v8 => equal under special arm64 rule") } @Test func arm64_nilAndV7() { let lhs = Platform(arch: "arm64", os: "linux", variant: nil) let rhs = Platform(arch: "arm64", os: "linux", variant: "v7") #expect(lhs != rhs, "nil vs v7 is not covered by the special rule => not equal") } @Test func arm64_bothNil() { let lhs = Platform(arch: "arm64", os: "linux", variant: nil) let rhs = Platform(arch: "arm64", os: "linux", variant: nil) #expect(lhs == rhs, "Both nil variants => variantEqual is true => overall equal") } } ================================================ FILE: Tests/ContainerizationOCITests/OCISpecTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import ContainerizationOCI struct OCISpecTests { @Test func minimalSpecDecode() throws { let version = "1.2.3" let minSpec = """ { "ociVersion": "\(version)" } """ guard let data = minSpec.data(using: .utf8) else { Issue.record("test spec is not valid: \(minSpec)") return } let decodedSpec = try JSONDecoder().decode(ContainerizationOCI.Spec.self, from: data) #expect(decodedSpec.version == version) #expect(decodedSpec.hooks == nil) #expect(decodedSpec.process == nil) #expect(decodedSpec.hostname == "") #expect(decodedSpec.domainname == "") #expect(decodedSpec.mounts.isEmpty) #expect(decodedSpec.annotations == nil) #expect(decodedSpec.root == nil) #expect(decodedSpec.linux == nil) } @Test func minimalProcessSpecDecode() throws { let cwd = "/test" let minProcessSpec = """ { "cwd": "\(cwd)", "user": { "uid": 10, "gid": 11 } } """ guard let data = minProcessSpec.data(using: .utf8) else { Issue.record("test process spec is not valid: \(minProcessSpec)") return } let decodedSpec = try JSONDecoder().decode(ContainerizationOCI.Process.self, from: data) #expect(decodedSpec.cwd == cwd) #expect(decodedSpec.env.isEmpty) #expect(decodedSpec.consoleSize == nil) #expect(decodedSpec.selinuxLabel == "") #expect(decodedSpec.noNewPrivileges == false) #expect(decodedSpec.commandLine == "") #expect(decodedSpec.oomScoreAdj == nil) #expect(decodedSpec.capabilities == nil) #expect(decodedSpec.apparmorProfile == "") #expect(decodedSpec.user.uid == 10) #expect(decodedSpec.user.gid == 11) #expect(decodedSpec.rlimits.isEmpty) #expect(decodedSpec.terminal == false) } @Test func minimalUserSpecDecode() throws { let minUserSpec = """ { "uid": 10, "gid": 11 } """ guard let data = minUserSpec.data(using: .utf8) else { Issue.record("test user spec is not valid: \(minUserSpec)") return } let decodedSpec = try JSONDecoder().decode(ContainerizationOCI.User.self, from: data) #expect(decodedSpec.uid == 10) #expect(decodedSpec.gid == 11) #expect(decodedSpec.umask == nil) #expect(decodedSpec.additionalGids.isEmpty) #expect(decodedSpec.username == "") } @Test func minimalRootSpecDecode() throws { let path = "/testpath" let minRootSpec = """ { "path": "\(path)" } """ guard let data = minRootSpec.data(using: .utf8) else { Issue.record("test root spec is not valid: \(minRootSpec)") return } let decodedSpec = try JSONDecoder().decode(ContainerizationOCI.Root.self, from: data) #expect(decodedSpec.path == path) #expect(decodedSpec.readonly == false) } @Test func minimalMountSpecDecode() throws { let destination = "/testdest" let minMountSpec = """ { "destination": "\(destination)" } """ guard let data = minMountSpec.data(using: .utf8) else { Issue.record("test mount spec is not valid: \(minMountSpec)") return } let decodedSpec = try JSONDecoder().decode(ContainerizationOCI.Mount.self, from: data) #expect(decodedSpec.type == "") #expect(decodedSpec.source == "") #expect(decodedSpec.destination == destination) #expect(decodedSpec.options.isEmpty) #expect(decodedSpec.uidMappings == nil) #expect(decodedSpec.gidMappings == nil) } @Test func minimalCapabilitiesDecode() throws { let minCapabilitiesSpec = """ { "ociVersion": "1.1.0", "capabilities": { "permitted": [ "CAP_SYS_ADMIN" ] }, "linux": {} } """ guard let data = minCapabilitiesSpec.data(using: .utf8) else { Issue.record("test capabilities spec is not valid: \(minCapabilitiesSpec)") return } let _ = try JSONDecoder().decode(ContainerizationOCI.Spec.self, from: data) } } ================================================ FILE: Tests/ContainerizationOCITests/ReferenceTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // swiftlint:disable force_cast large_tuple import ContainerizationError import Foundation import Testing @testable import ContainerizationOCI @Suite("Reference Parse Tests") struct ReferenceParseTests { internal struct ReferenceParseTestCase: Sendable { let input: String let domain: String? let path: String let tag: String? let digest: String? init(input: String, domain: String? = nil, path: String, tag: String? = nil, digest: String? = nil) { self.input = input self.domain = domain self.path = path self.tag = tag self.digest = digest } } @Test(arguments: [ ReferenceParseTestCase(input: "tensorflow/tensorflow", path: "tensorflow/tensorflow"), ReferenceParseTestCase(input: "debian", path: "debian"), ReferenceParseTestCase(input: "repo_with_underscore", path: "repo_with_underscore"), ReferenceParseTestCase(input: "swift5.10:alpine", path: "swift5.10", tag: "alpine"), ReferenceParseTestCase(input: "registry.com.with.port:5000/no_tag", domain: "registry.com.with.port:5000", path: "no_tag"), ReferenceParseTestCase(input: "registry.com.with.port:5000/name/foo/bar:tag23", domain: "registry.com.with.port:5000", path: "name/foo/bar", tag: "tag23"), ReferenceParseTestCase(input: "some-repo-with-dashes/name", path: "some-repo-with-dashes/name"), ReferenceParseTestCase(input: "domain.with-dashes/cool-image:foo", domain: "domain.with-dashes", path: "cool-image", tag: "foo"), ReferenceParseTestCase(input: "localhost:8080/123:latest", domain: "localhost:8080", path: "123", tag: "latest"), ReferenceParseTestCase( input: "localhost/123@sha256:\(String(repeating: "a", count: 64))", domain: "localhost", path: "123", digest: "sha256:\(String(repeating: "a", count: 64))"), ReferenceParseTestCase( input: "registry.com.with.port:1254/foo/bar/baz@sha256:\(String(repeating: "abcd", count: 16))", domain: "registry.com.with.port:1254", path: "foo/bar/baz", digest: "sha256:\(String(repeating: "abcd", count: 16))"), ReferenceParseTestCase(input: "192.168.1.1:5544/local/swift:6.0", domain: "192.168.1.1:5544", path: "local/swift", tag: "6.0"), ReferenceParseTestCase(input: "[abc12::4]:5683/swift", domain: "[abc12::4]:5683", path: "swift"), // Verify names longer than 127 characters are accepted (OCI spec allows up to 255). ReferenceParseTestCase( input: "reg.io/\(String(repeating: "a", count: 121))", domain: "reg.io", path: String(repeating: "a", count: 121)), // Verify a name of exactly 255 characters (the OCI spec maximum) is accepted. ReferenceParseTestCase( input: "registry.example.com/\(String(repeating: "a", count: 234))", domain: "registry.example.com", path: String(repeating: "a", count: 234)), ]) func validReferenceParse(testCase: ReferenceParseTestCase) async throws { #expect(throws: Never.self) { let parsed = try Reference.parse(testCase.input) #expect(parsed.path == testCase.path) #expect(parsed.domain == testCase.domain) #expect(parsed.digest == testCase.digest) #expect(parsed.tag == testCase.tag) } } @Test(arguments: [ "localhost:8080", "localhost/123@sha256:\(String(repeating: "a", count: 200))", "https://github.com/apple/containerization", "", "-testString", "-testString/image", "-testString.com/image/release", "foo///bar", "mostly.valid/image/but/Caps", "[abc12::4]", "[abc12::4]:abc12::4", "[2001:db8:3:4::192.0.2.33]:5000/debian", "1a3f5e7d9c1b3a5f7e9d1c3b5a7f9e1d3c5b7a9f1e3d5d7c9b1a3f5e7d9c1b3a", // A name of 256 characters exceeds the OCI spec limit of 255 and must be rejected. "registry.example.com/\(String(repeating: "a", count: 235))", ]) func invalidReferenceParse(input: String) async throws { #expect(throws: ContainerizationError.self) { try Reference.parse(input) } } @Test(arguments: [ ReferenceParseTestCase(input: "only_name", path: "only_name", tag: "latest"), ReferenceParseTestCase(input: "docker.io/alpine", domain: "docker.io", path: "library/alpine", tag: "latest"), ReferenceParseTestCase(input: "ghcr.io/myrepo/alpine", domain: "ghcr.io", path: "myrepo/alpine", tag: "latest"), ReferenceParseTestCase(input: "name@sha256:" + String(repeating: "1", count: 64), path: "name", digest: "sha256:" + String(repeating: "1", count: 64)), ReferenceParseTestCase(input: "registry-1.docker.io/testrepo/myname:v2", domain: "registry-1.docker.io", path: "testrepo/myname", tag: "v2"), ]) func testNormalize(testCase: ReferenceParseTestCase) throws { let parsed = try Reference.parse(testCase.input) parsed.normalize() #expect(parsed.path == testCase.path) #expect(parsed.domain == testCase.domain) #expect(parsed.digest == testCase.digest) #expect(parsed.tag == testCase.tag) } } ================================================ FILE: Tests/ContainerizationOCITests/RegistryClientTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // import ContainerizationError import ContainerizationIO import Crypto import Foundation import NIO import Synchronization import Testing @testable import ContainerizationOCI struct OCIClientTests: ~Copyable { private var contentPath: URL private let fileManager = FileManager.default private var encoder = JSONEncoder() init() async throws { let testDir = fileManager.uniqueTemporaryDirectory() let contentPath = testDir.appendingPathComponent("content") try fileManager.createDirectory(at: contentPath, withIntermediateDirectories: true) self.contentPath = contentPath encoder.outputFormatting = .prettyPrinted } deinit { try? fileManager.removeItem(at: contentPath) } private static var arch: String? { var uts = utsname() let result = uname(&uts) guard result == EXIT_SUCCESS else { return nil } let machine = Data(bytes: &uts.machine, count: 256) guard let arch = String(bytes: machine, encoding: .utf8) else { return nil } switch arch.lowercased().trimmingCharacters(in: .controlCharacters) { case "arm64": return "arm64" default: return "amd64" } } @Test(.enabled(if: hasRegistryCredentials)) func fetchToken() async throws { let client = RegistryClient(host: "ghcr.io", authentication: Self.authentication) let request = TokenRequest(realm: "https://ghcr.io/token", service: "ghcr.io", clientId: "tests", scope: nil) let response = try await client.fetchToken(request: request) #expect(response.getToken() != nil) } @Test(arguments: [ "registry-1.docker.io", "public.ecr.aws", "registry.k8s.io", "mcr.microsoft.com", ]) func ping(host: String) async throws { let client = RegistryClient(host: host) try await client.ping() } @Test func pingWithInvalidCredentials() async throws { let authentication = BasicAuthentication(username: "foo", password: "bar") let client = RegistryClient(host: "ghcr.io", authentication: authentication) let error = await #expect(throws: RegistryClient.Error.self) { try await client.ping() } guard case .invalidStatus(_, let status, let reason) = error else { throw error! } #expect(status == .unauthorized) #expect(reason == "access denied or wrong credentials") } @Test(.enabled(if: hasRegistryCredentials)) func pingWithCredentials() async throws { let client = RegistryClient(host: "ghcr.io", authentication: Self.authentication) try await client.ping() } @Test func resolve() async throws { let client = RegistryClient(host: "ghcr.io") let descriptor = try await client.resolve(name: "apple/containerization/dockermanifestimage", tag: "0.0.2") #expect(descriptor.mediaType == MediaTypes.dockerManifest) #expect(descriptor.size != 0) #expect(!descriptor.digest.isEmpty) } @Test func resolveSha() async throws { let client = RegistryClient(host: "ghcr.io") let descriptor = try await client.resolve( name: "apple/containerization/dockermanifestimage", tag: "sha256:c8d344d228b7d9a702a95227438ec0d71f953a9a483e28ffabc5704f70d2b61e") let namedDescriptor = try await client.resolve(name: "apple/containerization/dockermanifestimage", tag: "0.0.2") #expect(descriptor == namedDescriptor) #expect(descriptor.mediaType == MediaTypes.dockerManifest) #expect(descriptor.size != 0) #expect(!descriptor.digest.isEmpty) } @Test func fetchManifest() async throws { let client = RegistryClient(host: "ghcr.io") let descriptor = try await client.resolve(name: "apple/containerization/dockermanifestimage", tag: "0.0.2") let manifest: Manifest = try await client.fetch(name: "apple/containerization/dockermanifestimage", descriptor: descriptor) #expect(manifest.schemaVersion == 2) #expect(manifest.layers.count == 1) } @Test func fetchManifestAsData() async throws { let client = RegistryClient(host: "ghcr.io") let descriptor = try await client.resolve(name: "apple/containerization/dockermanifestimage", tag: "0.0.2") let manifestData = try await client.fetchData(name: "apple/containerization/dockermanifestimage", descriptor: descriptor) let checksum = SHA256.hash(data: manifestData) #expect(descriptor.digest == checksum.digest) } @Test func fetchConfig() async throws { let client = RegistryClient(host: "ghcr.io") let descriptor = try await client.resolve(name: "apple/containerization/dockermanifestimage", tag: "0.0.2") let manifest: Manifest = try await client.fetch(name: "apple/containerization/dockermanifestimage", descriptor: descriptor) let image: Image = try await client.fetch(name: "apple/containerization/dockermanifestimage", descriptor: manifest.config) // This is an empty image -- check that the image label is present in the image config #expect(image.config?.labels?["org.opencontainers.image.source"] == "https://github.com/apple/containerization") #expect(image.rootfs.diffIDs.count == 1) } @Test func fetchBlob() async throws { let client = RegistryClient(host: "ghcr.io") let descriptor = try await client.resolve(name: "apple/containerization/dockermanifestimage", tag: "0.0.2") let manifest: Manifest = try await client.fetch(name: "apple/containerization/dockermanifestimage", descriptor: descriptor) var called = false var done = false try await client.fetchBlob(name: "apple/containerization/dockermanifestimage", descriptor: manifest.layers.first!) { (expected, body) in called = true #expect(expected != 0) var received = 0 for try await buffer in body { received += buffer.readableBytes if received == expected { done = true } } } #expect(called) #expect(done) } @Test(.disabled("External users cannot push images, disable while we find a better solution")) func pushIndex() async throws { let client = RegistryClient(host: "ghcr.io", authentication: Self.authentication) let indexDescriptor = try await client.resolve(name: "apple/containerization/emptyimage", tag: "0.0.1") let index: Index = try await client.fetch(name: "apple/containerization/emptyimage", descriptor: indexDescriptor) let platform = Platform(arch: "amd64", os: "linux") var manifestDescriptor: Descriptor? for m in index.manifests where m.platform == platform { manifestDescriptor = m break } #expect(manifestDescriptor != nil) let manifest: Manifest = try await client.fetch(name: "apple/containerization/emptyimage", descriptor: manifestDescriptor!) let imgConfig: Image = try await client.fetch(name: "apple/containerization/emptyimage", descriptor: manifest.config) let layer = try #require(manifest.layers.first) let blobPath = contentPath.appendingPathComponent(layer.digest) let outputStream = OutputStream(toFileAtPath: blobPath.path, append: false) #expect(outputStream != nil) try await outputStream!.withThrowingOpeningStream { try await client.fetchBlob(name: "apple/containerization/emptyimage", descriptor: layer) { (expected, body) in var received: Int64 = 0 for try await buffer in body { received += Int64(buffer.readableBytes) buffer.withUnsafeReadableBytes { pointer in let unsafeBufferPointer = pointer.bindMemory(to: UInt8.self) if let addr = unsafeBufferPointer.baseAddress { outputStream!.write(addr, maxLength: buffer.readableBytes) } } } #expect(received == expected) } } let name = "apple/test-images/image-push" let ref = "latest" // Push the layer first. do { let content = try LocalContent(path: blobPath) let generator = { let stream = try ReadStream(url: content.path) try stream.reset() return stream.stream } try await client.push(name: name, ref: ref, descriptor: layer, streamGenerator: generator, progress: nil) } catch let err as ContainerizationError { guard err.code == .exists else { throw err } } // Push the image configuration. var imgConfigDesc: Descriptor? do { imgConfigDesc = try await self.pushDescriptor( client: client, name: name, ref: ref, content: imgConfig, baseDescriptor: manifest.config ) } catch let err as ContainerizationError { guard err.code != .exists else { return } throw err } // Push the image manifest. let newManifest = Manifest( schemaVersion: manifest.schemaVersion, mediaType: manifest.mediaType!, config: imgConfigDesc!, layers: manifest.layers, annotations: manifest.annotations ) let manifestDesc = try await self.pushDescriptor( client: client, name: name, ref: ref, content: newManifest, baseDescriptor: manifestDescriptor! ) // Push the index. let newIndex = Index( schemaVersion: index.schemaVersion, mediaType: index.mediaType, manifests: [manifestDesc], annotations: index.annotations ) try await self.pushDescriptor( client: client, name: name, ref: ref, content: newIndex, baseDescriptor: indexDescriptor ) } @Test func resolveWithRetry() async throws { let counter = Mutex(0) let client = RegistryClient( host: "ghcr.io", retryOptions: RetryOptions( maxRetries: 3, retryInterval: 500_000_000, shouldRetry: ({ response in if response.status == .notFound { counter.withLock { $0 += 1 } return true } return false }) ) ) do { _ = try await client.resolve(name: "containerization/not-exists", tag: "foo") } catch { #expect(counter.withLock { $0 } <= 3) } } // MARK: private functions static var hasRegistryCredentials: Bool { authentication != nil } static var authentication: Authentication? { let env = ProcessInfo.processInfo.environment guard let password = env["REGISTRY_TOKEN"], let username = env["REGISTRY_USERNAME"] else { return nil } return BasicAuthentication(username: username, password: password) } @discardableResult private func pushDescriptor( client: RegistryClient, name: String, ref: String, content: T, baseDescriptor: Descriptor ) async throws -> Descriptor { let encoded = try self.encoder.encode(content) let digest = SHA256.hash(data: encoded) let descriptor = Descriptor( mediaType: baseDescriptor.mediaType, digest: digest.digest, size: Int64(encoded.count), urls: baseDescriptor.urls, annotations: baseDescriptor.annotations, platform: baseDescriptor.platform ) let generator = { let stream = ReadStream(data: encoded) try stream.reset() return stream.stream } try await client.push( name: name, ref: ref, descriptor: descriptor, streamGenerator: generator, progress: nil ) return descriptor } } extension OutputStream { fileprivate func withThrowingOpeningStream(_ closure: () async throws -> Void) async throws { self.open() defer { self.close() } try await closure() } } extension SHA256.Digest { fileprivate var digest: String { let parts = self.description.split(separator: ": ") return "sha256:\(parts[1])" } } ================================================ FILE: Tests/ContainerizationOSTests/FileDescriptor+SecurePathTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import SystemPackage import Testing @testable import ContainerizationOS #if canImport(Darwin) import Darwin let os_close = Darwin.close #elseif canImport(Musl) import Musl let os_close = Musl.close #elseif canImport(Glibc) import Glibc let os_close = Glibc.close #endif struct FileDescriptorPathSecureTests { @Test( "Test creation of stub file under directory successfully created by secure mkdir", arguments: [ // Case 1: Single component, no intermediates needed, default permissions ([Entry](), FilePath("foo"), nil as FilePermissions?, false), // Case 2: Single component with explicit permissions ([Entry](), FilePath("foo"), FilePermissions(rawValue: 0o755), false), // Case 3: Two components, parent exists, no intermediates ([Entry.directory(path: "foo")], FilePath("foo/bar"), nil as FilePermissions?, false), // Case 4: Two components, parent missing, makeIntermediates true ([Entry](), FilePath("foo/bar"), nil as FilePermissions?, true), // Case 5: Three components, makeIntermediates true, custom permissions ([Entry](), FilePath("foo/bar/baz"), FilePermissions(rawValue: 0o700), true), // Case 6: Replace existing file with directory (single component) ([Entry.regular(path: "foo")], FilePath("foo"), nil as FilePermissions?, false), // Case 7: Replace existing file with directory path (makeIntermediates true) ([Entry.regular(path: "foo")], FilePath("foo/bar"), nil as FilePermissions?, true), // Case 8: Replace existing directory with new directory (should be idempotent) ([Entry.directory(path: "foo")], FilePath("foo"), nil as FilePermissions?, false), // Case 9: Replace nested directory structure ( [ Entry.directory(path: "foo/bar"), Entry.regular(path: "foo/bar/file.txt"), ], FilePath("foo/bar"), nil as FilePermissions?, false ), // Case 10: Replace symlink with directory ([Entry.symlink(target: "target", source: "foo")], FilePath("foo"), nil as FilePermissions?, false), // Case 11: Multi-level with some intermediates existing ([Entry.directory(path: "foo")], FilePath("foo/bar/baz"), nil as FilePermissions?, true), // Case 12: Deep nesting with makeIntermediates ([Entry](), FilePath("a/b/c/d/e"), nil as FilePermissions?, true), ] ) func testMkdirSecureValid(entries: [Entry], relativePath: FilePath, permissions: FilePermissions?, makeIntermediates: Bool) async throws { let rootPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: rootPath.string) } try createEntries(rootPath: rootPath, entries: entries, permissions: permissions) let rootFd = try FileDescriptor.open(rootPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } let stubFileName = "stub.txt" let stubContent = Data("stub file content".utf8) try rootFd.mkdirSecure(relativePath, permissions: permissions, makeIntermediates: makeIntermediates) { dirFd in // Create a stub file in the directory using openat let fd = openat( dirFd.rawValue, stubFileName, O_WRONLY | O_CREAT | O_TRUNC, 0o644 ) guard fd >= 0 else { throw Errno(rawValue: errno) } defer { close(fd) } try stubContent.withUnsafeBytes { buffer in guard let baseAddress = buffer.baseAddress else { return } let written = write(fd, baseAddress, buffer.count) guard written == buffer.count else { throw Errno(rawValue: errno) } } } // Check stub file existence at expected location let expectedStubPath = rootPath.appending(relativePath.string).appending(stubFileName) #expect(FileManager.default.fileExists(atPath: expectedStubPath.string)) // Verify stub file content let readContent = try Data(contentsOf: URL(fileURLWithPath: expectedStubPath.string)) #expect(readContent == stubContent) // Check directory permissions if specified if let permissions = permissions { // Check each component of the path let components = relativePath.components var currentPath = "" for (index, component) in components.enumerated() { if index > 0 { currentPath += "/" } currentPath += component.string let dirPath = rootPath.appending(currentPath) let attrs = try FileManager.default.attributesOfItem(atPath: dirPath.string) let posixPerms = attrs[.posixPermissions] as? NSNumber // Mask to permission bits only (not file type bits) let permMask: UInt16 = 0o777 let actualPerms = (posixPerms?.uint16Value ?? 0) & permMask let expectedPerms = permissions.rawValue & permMask #expect( actualPerms == expectedPerms, "Directory '\(currentPath)' has permissions 0o\(String(actualPerms, radix: 8)) but expected 0o\(String(expectedPerms, radix: 8))") } } } @Test( "Test mkdirSecure error cases", arguments: [ // Case 1: Path starting with ".." should be rejected (FilePath("../escape"), false, SecurePathError.invalidRelativePath), // Case 2: Path with ".." in middle that would escape (FilePath("foo/../../escape"), false, SecurePathError.invalidRelativePath), // Case 3: Missing intermediate without makeIntermediates should fail (FilePath("missing/intermediate/path"), false, SecurePathError.invalidPathComponent), // Case 4: Multiple .. that escape (FilePath("a/b/../../../escape"), false, SecurePathError.invalidRelativePath), ] ) func testMkdirSecureInvalid(relativePath: FilePath, makeIntermediates: Bool, expectedError: SecurePathError) async throws { let rootPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: rootPath.string) } let rootFd = try FileDescriptor.open(rootPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } // Attempt the operation and expect it to throw #expect { try rootFd.mkdirSecure(relativePath, makeIntermediates: makeIntermediates) { _ in } } throws: { error in guard let securePathError = error as? SecurePathError else { return false } // Compare error cases switch (securePathError, expectedError) { case (.invalidRelativePath, .invalidRelativePath), (.invalidPathComponent, .invalidPathComponent), (.cannotFollowSymlink, .cannotFollowSymlink): return true case (.systemError(let op1, let err1), .systemError(let op2, let err2)): return op1 == op2 && err1 == err2 default: return false } } } @Test( "Test paths with .. that normalize to valid paths", arguments: [ // Paths with .. that should normalize and succeed ("./safe", "safe"), // Leading ./ normalizes to safe ("./a/./b", "a/b"), // Multiple ./ normalize away ] ) func testPathsWithDotNormalization(path: String, expectedNormalized: String) async throws { let rootPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: rootPath.string) } let rootFd = try FileDescriptor.open(rootPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } let stubFileName = "stub.txt" let stubContent = Data("stub file content".utf8) try rootFd.mkdirSecure(FilePath(path), makeIntermediates: true) { dirFd in // Create a stub file to verify we're in the right place let fd = openat( dirFd.rawValue, stubFileName, O_WRONLY | O_CREAT | O_TRUNC, 0o644 ) guard fd >= 0 else { throw Errno(rawValue: errno) } defer { close(fd) } try stubContent.withUnsafeBytes { buffer in guard let baseAddress = buffer.baseAddress else { return } let written = write(fd, baseAddress, buffer.count) guard written == buffer.count else { throw Errno(rawValue: errno) } } } // Verify stub file exists at the normalized location let expectedPath = expectedNormalized.isEmpty ? rootPath.appending(stubFileName) : rootPath.appending(expectedNormalized).appending(stubFileName) #expect( FileManager.default.fileExists(atPath: expectedPath.string), "Expected file at normalized path: \(expectedPath.string)") } @Test( "Test paths with .. that normalize to valid paths", arguments: [ // Paths with .. that should fail ("safe/.."), // Normalizes to empty (current dir) ("a/../b"), // Normalizes to b ("a/b/../c"), // Normalizes to a/c ] ) func testPathsWithDotDotNormalization(path: String) async throws { let rootPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: rootPath.string) } let rootFd = try FileDescriptor.open(rootPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } #expect(throws: SecurePathError.invalidRelativePath.self) { try rootFd.mkdirSecure(FilePath(path), makeIntermediates: true) } } @Test( "Test paths with empty components (double slashes)", arguments: [ "a//b", // Double slash in middle "a///b", // Triple slash "a//b//c", // Multiple double slashes ] ) func testPathsWithEmptyComponents(path: String) async throws { let rootPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: rootPath.string) } let rootFd = try FileDescriptor.open(rootPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } let stubFileName = "stub.txt" let stubContent = Data("stub file content".utf8) // Should normalize and succeed (// becomes /) try rootFd.mkdirSecure(FilePath(path), makeIntermediates: true) { dirFd in let fd = openat( dirFd.rawValue, stubFileName, O_WRONLY | O_CREAT | O_TRUNC, 0o644 ) guard fd >= 0 else { throw Errno(rawValue: errno) } defer { close(fd) } try stubContent.withUnsafeBytes { buffer in guard let baseAddress = buffer.baseAddress else { return } let written = write(fd, baseAddress, buffer.count) guard written == buffer.count else { throw Errno(rawValue: errno) } } } // Verify the file exists somewhere under root (normalization should handle it) // The exact location depends on how FilePath normalizes empty components let normalizedPath = FilePath(path).lexicallyNormalized() let expectedPath = rootPath.appending(normalizedPath.string).appending(stubFileName) #expect( FileManager.default.fileExists(atPath: expectedPath.string), "Expected file at normalized path: \(expectedPath.string)") } @Test("Test very deep nesting") func testDeepNesting() async throws { let rootPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: rootPath.string) } let rootFd = try FileDescriptor.open(rootPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } // Create a 100-level deep path var deepPath = "" for i in 0..<100 { if i > 0 { deepPath += "/" } deepPath += "level\(i)" } let stubFileName = "deep.txt" let stubContent = Data("deep file".utf8) try rootFd.mkdirSecure(FilePath(deepPath), makeIntermediates: true) { dirFd in let fd = openat( dirFd.rawValue, stubFileName, O_WRONLY | O_CREAT | O_TRUNC, 0o644 ) guard fd >= 0 else { throw Errno(rawValue: errno) } defer { close(fd) } try stubContent.withUnsafeBytes { buffer in guard let baseAddress = buffer.baseAddress else { return } let written = write(fd, baseAddress, buffer.count) guard written == buffer.count else { throw Errno(rawValue: errno) } } } // Verify the deep file exists let expectedPath = rootPath.appending(deepPath).appending(stubFileName) #expect(FileManager.default.fileExists(atPath: expectedPath.string)) } @Test("Test path with null byte") func testNullByteInPath() async throws { let rootPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: rootPath.string) } let rootFd = try FileDescriptor.open(rootPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } // Path with null byte - FilePath may handle this differently // This tests that we don't crash or have unexpected behavior let pathWithNull = "file\u{0000}.txt" // Try to create it - behavior depends on FilePath's null byte handling // We mainly want to ensure it doesn't bypass security checks do { try rootFd.mkdirSecure(FilePath(pathWithNull), makeIntermediates: true) { _ in } // If it succeeds, verify it stayed within root let entries = try FileManager.default.contentsOfDirectory(atPath: rootPath.string) for entry in entries { let fullPath = rootPath.appending(entry) let canonicalRoot = try rootFd.getCanonicalPath() let canonicalEntry = try FileDescriptor.open(fullPath, .readOnly) let canonicalEntryPath = try canonicalEntry.getCanonicalPath() try? canonicalEntry.close() // Verify entry is under root #expect( canonicalEntryPath.string.hasPrefix(canonicalRoot.string + "/") || canonicalEntryPath.string == canonicalRoot.string, "Entry escaped root: \(canonicalEntryPath.string)") } } catch { // If it fails, that's also acceptable - just don't crash } } @Test("Remove a regular file") func testRemoveRegularFile() throws { let tempPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: tempPath.string) } let rootFd = try FileDescriptor.open(tempPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } // Create a regular file let filePath = tempPath.appending("testfile.txt") FileManager.default.createFile(atPath: filePath.string, contents: Data("test".utf8)) // Verify file exists #expect(FileManager.default.fileExists(atPath: filePath.string)) // Remove it try rootFd.unlinkRecursiveSecure(filename: FilePath.Component("testfile.txt")) // Verify file is gone #expect(!FileManager.default.fileExists(atPath: filePath.string)) } @Test("Remove an empty directory") func testRemoveEmptyDirectory() throws { let tempPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: tempPath.string) } let rootFd = try FileDescriptor.open(tempPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } // Create an empty directory let dirPath = tempPath.appending("emptydir") try FileManager.default.createDirectory(atPath: dirPath.string, withIntermediateDirectories: false) // Verify directory exists var isDir: ObjCBool = false #expect(FileManager.default.fileExists(atPath: dirPath.string, isDirectory: &isDir)) #expect(isDir.boolValue) // Remove it try rootFd.unlinkRecursiveSecure(filename: FilePath.Component("emptydir")) // Verify directory is gone #expect(!FileManager.default.fileExists(atPath: dirPath.string)) } @Test("Remove a directory with nested files and subdirectories") func testRemoveNestedDirectory() throws { let tempPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: tempPath.string) } let rootFd = try FileDescriptor.open(tempPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } // Create nested structure: // nested/ // file1.txt // subdir/ // file2.txt // deepdir/ // file3.txt let nestedPath = tempPath.appending("nested") let subdirPath = nestedPath.appending("subdir") let deepdirPath = subdirPath.appending("deepdir") try FileManager.default.createDirectory(atPath: deepdirPath.string, withIntermediateDirectories: true) FileManager.default.createFile(atPath: nestedPath.appending("file1.txt").string, contents: Data("1".utf8)) FileManager.default.createFile(atPath: subdirPath.appending("file2.txt").string, contents: Data("2".utf8)) FileManager.default.createFile(atPath: deepdirPath.appending("file3.txt").string, contents: Data("3".utf8)) // Verify structure exists #expect(FileManager.default.fileExists(atPath: nestedPath.string)) #expect(FileManager.default.fileExists(atPath: subdirPath.string)) #expect(FileManager.default.fileExists(atPath: deepdirPath.string)) // Remove entire tree try rootFd.unlinkRecursiveSecure(filename: FilePath.Component("nested")) // Verify everything is gone #expect(!FileManager.default.fileExists(atPath: nestedPath.string)) } @Test("Remove non-existent file returns without error") func testRemoveNonExistent() throws { let tempPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: tempPath.string) } let rootFd = try FileDescriptor.open(tempPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } // Remove non-existent file should not throw try rootFd.unlinkRecursiveSecure(filename: FilePath.Component("nonexistent.txt")) } @Test("Remove symlink without following it") func testRemoveSymlink() throws { let tempPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: tempPath.string) } let rootFd = try FileDescriptor.open(tempPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } // Create target file and symlink let targetPath = tempPath.appending("target.txt") let linkPath = tempPath.appending("link") FileManager.default.createFile(atPath: targetPath.string, contents: Data("target".utf8)) try FileManager.default.createSymbolicLink(atPath: linkPath.string, withDestinationPath: "target.txt") // Verify both exist #expect(FileManager.default.fileExists(atPath: targetPath.string)) #expect(FileManager.default.fileExists(atPath: linkPath.string)) // Remove symlink try rootFd.unlinkRecursiveSecure(filename: FilePath.Component("link")) // Verify symlink is gone but target remains #expect(!FileManager.default.fileExists(atPath: linkPath.string)) #expect(FileManager.default.fileExists(atPath: targetPath.string)) } @Test("Remove directory with mixed content (files, dirs, symlinks)") func testRemoveMixedDirectory() throws { let tempPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: tempPath.string) } let rootFd = try FileDescriptor.open(tempPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } // Create mixed structure: // mixed/ // file.txt // subdir/ // link -> file.txt let mixedPath = tempPath.appending("mixed") let subdirPath = mixedPath.appending("subdir") try FileManager.default.createDirectory(atPath: subdirPath.string, withIntermediateDirectories: true) FileManager.default.createFile(atPath: mixedPath.appending("file.txt").string, contents: Data("test".utf8)) try FileManager.default.createSymbolicLink( atPath: mixedPath.appending("link").string, withDestinationPath: "file.txt" ) // Verify structure exists #expect(FileManager.default.fileExists(atPath: mixedPath.string)) // Remove entire tree try rootFd.unlinkRecursiveSecure(filename: FilePath.Component("mixed")) // Verify everything is gone #expect(!FileManager.default.fileExists(atPath: mixedPath.string)) } @Test("Guards against removing '.' component") func testGuardDotComponent() throws { let tempPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: tempPath.string) } let rootFd = try FileDescriptor.open(tempPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } // Should return without error and without removing anything try rootFd.unlinkRecursiveSecure(filename: FilePath.Component(".")) // Verify directory still exists #expect(FileManager.default.fileExists(atPath: tempPath.string)) } @Test("Guards against removing '..' component") func testGuardDotDotComponent() throws { let tempPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: tempPath.string) } let rootFd = try FileDescriptor.open(tempPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } // Should return without error and without removing anything try rootFd.unlinkRecursiveSecure(filename: FilePath.Component("..")) // Verify directory still exists #expect(FileManager.default.fileExists(atPath: tempPath.string)) } @Test("Test mkdirSecure with empty path calls completion with parent") func testMkdirSecureEmptyPath() throws { let rootPath = try createTempDirectory() defer { try? FileManager.default.removeItem(atPath: rootPath.string) } let rootFd = try FileDescriptor.open(rootPath, .readOnly, options: [.directory]) defer { try? rootFd.close() } let stubFileName = "root-level-file.txt" let stubContent = Data("root level content".utf8) var completionCalled = false // Call mkdirSecure with empty path try rootFd.mkdirSecure(FilePath(""), makeIntermediates: false) { dirFd in completionCalled = true // Verify dirFd is the same as rootFd #expect(dirFd.rawValue == rootFd.rawValue, "Completion should receive the parent directory FD") // Create a file in the directory to verify we got the right FD let fd = openat( dirFd.rawValue, stubFileName, O_WRONLY | O_CREAT | O_TRUNC, 0o644 ) guard fd >= 0 else { throw Errno(rawValue: errno) } defer { close(fd) } try stubContent.withUnsafeBytes { buffer in guard let baseAddress = buffer.baseAddress else { return } let written = write(fd, baseAddress, buffer.count) guard written == buffer.count else { throw Errno(rawValue: errno) } } } // Verify completion was called #expect(completionCalled, "Completion handler should be called for empty path") // Verify file was created at root level let expectedPath = rootPath.appending(stubFileName) #expect(FileManager.default.fileExists(atPath: expectedPath.string)) // Verify content let readContent = try Data(contentsOf: URL(fileURLWithPath: expectedPath.string)) #expect(readContent == stubContent) } private func createTempDirectory() throws -> FilePath { let tempURL = FileManager.default.temporaryDirectory .appendingPathComponent(UUID().uuidString) try FileManager.default.createDirectory(at: tempURL, withIntermediateDirectories: true) return FilePath(tempURL.path) } private func createEntries(rootPath: FilePath, entries: [Entry], permissions: FilePermissions? = nil) throws { for entry in entries { switch entry { case .regular(let path): let fullPath = rootPath.appending(path) // Create parent directories if needed let parentPath = FilePath(fullPath.string).removingLastComponent() if !FileManager.default.fileExists(atPath: parentPath.string) { try FileManager.default.createDirectory( atPath: parentPath.string, withIntermediateDirectories: true, attributes: permissions.map { [.posixPermissions: $0.rawValue] } ) } FileManager.default.createFile( atPath: fullPath.string, contents: Data("test".utf8) ) case .directory(let path): let fullPath = rootPath.appending(path) try FileManager.default.createDirectory( atPath: fullPath.string, withIntermediateDirectories: true, attributes: permissions.map { [.posixPermissions: $0.rawValue] } ) case .symlink(let target, let source): let sourcePath = rootPath.appending(source) // Create parent directories for source if needed let parentPath = FilePath(sourcePath.string).removingLastComponent() if !FileManager.default.fileExists(atPath: parentPath.string) { try FileManager.default.createDirectory( atPath: parentPath.string, withIntermediateDirectories: true, attributes: permissions.map { [.posixPermissions: $0.rawValue] } ) } try FileManager.default.createSymbolicLink( atPath: sourcePath.string, withDestinationPath: target ) } } } } enum Entry { case regular(path: String) case directory(path: String) case symlink(target: String, source: String) } ================================================ FILE: Tests/ContainerizationOSTests/KeychainQueryTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import ContainerizationOS struct KeychainQueryTests { let securityDomain = "com.example.container-testing-keychain" let hostname = "testing-keychain.example.com" let username = "containerization-test" let kq = KeychainQuery() @Test(.enabled(if: !isCI)) func keychainQuery() throws { defer { try? kq.delete(securityDomain: securityDomain, hostname: hostname) } do { try kq.save(securityDomain: securityDomain, hostname: hostname, username: username, password: "foobar") #expect(try kq.exists(securityDomain: securityDomain, hostname: hostname)) let fetched = try kq.get(securityDomain: securityDomain, hostname: hostname) let result = try #require(fetched) #expect(result.username == username) #expect(result.password == "foobar") } catch KeychainQuery.Error.unhandledError(status: -25308) { // ignore errSecInteractionNotAllowed } } @Test(.enabled(if: !isCI)) func list() throws { let hostname1 = "testing-1-keychain.example.com" let hostname2 = "testing-2-keychain.example.com" defer { try? kq.delete(securityDomain: securityDomain, hostname: hostname1) try? kq.delete(securityDomain: securityDomain, hostname: hostname2) } do { try kq.save(securityDomain: securityDomain, hostname: hostname1, username: username, password: "foobar") try kq.save(securityDomain: securityDomain, hostname: hostname2, username: username, password: "foobar") let entries = try kq.list(securityDomain: securityDomain) // Verify that both hostnames exist let hostnames = entries.map { $0.hostname } #expect(hostnames.contains(hostname1)) #expect(hostnames.contains(hostname2)) // Verify that the accounts exist for entry in entries { #expect(entry.username == username) } } catch KeychainQuery.Error.unhandledError(status: -25308) { // ignore errSecInteractionNotAllowed } } private static var isCI: Bool { ProcessInfo.processInfo.environment["CI"] != nil } } ================================================ FILE: Tests/ContainerizationOSTests/SocketTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import CShim import Foundation import Testing @testable import ContainerizationOS #if canImport(Darwin) import Darwin #elseif canImport(Glibc) import Glibc #elseif canImport(Musl) import Musl #endif @Suite("Socket SCM_RIGHTS tests") final class SocketTests { /// Helper function to send a file descriptor via SCM_RIGHTS private func sendFileDescriptor(socket: Socket, fd: Int32) throws { var msg = msghdr() var iov = iovec() var buf: UInt8 = 0 iov.iov_base = withUnsafeMutablePointer(to: &buf) { UnsafeMutableRawPointer($0) } iov.iov_len = 1 msg.msg_iov = withUnsafeMutablePointer(to: &iov) { $0 } msg.msg_iovlen = 1 // Control message buffer for file descriptor var cmsgBuf = [UInt8](repeating: 0, count: Int(CZ_CMSG_SPACE(Int(MemoryLayout.size)))) msg.msg_control = withUnsafeMutablePointer(to: &cmsgBuf[0]) { UnsafeMutableRawPointer($0) } msg.msg_controllen = socklen_t(cmsgBuf.count) // Set up control message let cmsgPtr = withUnsafeMutablePointer(to: &msg) { CZ_CMSG_FIRSTHDR($0) } guard let cmsg = cmsgPtr else { throw SocketError.invalidFileDescriptor } cmsg.pointee.cmsg_level = SOL_SOCKET cmsg.pointee.cmsg_type = SCM_RIGHTS cmsg.pointee.cmsg_len = socklen_t(CZ_CMSG_LEN(Int(MemoryLayout.size))) guard let dataPtr = CZ_CMSG_DATA(cmsg) else { throw SocketError.invalidFileDescriptor } dataPtr.assumingMemoryBound(to: Int32.self).pointee = fd let sendResult = withUnsafeMutablePointer(to: &msg) { msgPtr in sendmsg(socket.fileDescriptor, msgPtr, 0) } guard sendResult >= 0 else { throw SocketError.withErrno("sendmsg failed", errno: errno) } } @Test func testSCMRightsFileDescriptorPassing() throws { // Create a socketpair for testing var fds: [Int32] = [0, 0] let result = socketpair(AF_UNIX, SOCK_STREAM, 0, &fds) try #require(result == 0, "socketpair should succeed") defer { close(fds[0]) close(fds[1]) } // Use a dummy UnixType since we won't be using it for bind/connect/listen let socketType = try UnixType(path: "/tmp/dummy") let sendSocket = Socket(fd: fds[0], type: socketType, closeOnDeinit: false, connected: true) let recvSocket = Socket(fd: fds[1], type: socketType, closeOnDeinit: false, connected: true) // Create a temporary file to send its descriptor let fileManager = FileManager.default let tempDir = fileManager.uniqueTemporaryDirectory() defer { try? fileManager.removeItem(at: tempDir) } let testFilePath = tempDir.appending(path: "test.txt") let testContent = "Hello, SCM_RIGHTS!" try testContent.write(to: testFilePath, atomically: true, encoding: .utf8) let testFileHandle = try FileHandle(forReadingFrom: testFilePath) defer { try? testFileHandle.close() } let originalFD = testFileHandle.fileDescriptor try sendFileDescriptor(socket: sendSocket, fd: originalFD) let receivedFd = try recvSocket.receiveFileDescriptor() let receivedFileHandle = FileHandle(fileDescriptor: receivedFd) defer { try? receivedFileHandle.close() } try #require(receivedFileHandle.fileDescriptor != originalFD, "Received FD should be different") try #require(receivedFileHandle.fileDescriptor >= 0, "Received FD should be valid") let data = try receivedFileHandle.readToEnd() try #require(data != nil, "Should be able to read from received FD") let receivedContent = String(data: data!, encoding: .utf8) #expect(receivedContent == testContent, "Content should match original file") } } ================================================ FILE: Tests/ContainerizationOSTests/UserTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationExtras import Foundation import Testing @testable import ContainerizationOS @Suite("User/Group parse tests") final class UsersTests { struct TestCase: Sendable { let userString: String let expect: User.ExecUser let shouldThrow: Bool init(_ userString: String, _ expect: User.ExecUser, _ shouldThrow: Bool) { self.userString = userString self.expect = expect self.shouldThrow = shouldThrow } } static func createFile(path: URL, content: Data) throws { let parent = path.deletingLastPathComponent() let fileManager = FileManager.default try fileManager.createDirectory(at: parent, withIntermediateDirectories: true) try content.write(to: path) } @Test func testExecUserOnlyPasswd() throws { let passwordContent = """ root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin platform:x:1000:1000:Platform:/home/platform:/bin/sh """ let fileManager = FileManager.default let tempDir = fileManager.uniqueTemporaryDirectory() defer { try? fileManager.removeItem(at: tempDir) } let passwdPath = tempDir.appending(path: "etc/passwd") try Self.createFile(path: passwdPath, content: passwordContent.data(using: .ascii)!) let testCases: [TestCase] = [ .init("root", .init(uid: 0, gid: 0, sgids: [], home: "/root", shell: "/bin/bash"), false), .init("0:0", .init(uid: 0, gid: 0, sgids: [], home: "/root", shell: "/bin/bash"), false), .init("platform", .init(uid: 1000, gid: 1000, sgids: [], home: "/home/platform", shell: "/bin/sh"), false), .init("65534", .init(uid: 65534, gid: 65534, sgids: [], home: "/nonexistent", shell: "/usr/sbin/nologin"), false), .init("should_fail", .init(uid: 456, gid: 123, sgids: [], home: "/undefined", shell: ""), true), .init(":nouser", .init(uid: 456, gid: 123, sgids: [], home: "/undefined", shell: ""), true), ] let groupPath = tempDir.appending(path: "etc/group") for testCase in testCases { if testCase.shouldThrow { #expect(throws: User.Error.self) { try User.getExecUser(userString: testCase.userString, passwdPath: passwdPath, groupPath: groupPath) } continue } let user = try User.getExecUser(userString: testCase.userString, passwdPath: passwdPath, groupPath: groupPath) #expect(testCase.expect.uid == user.uid) #expect(testCase.expect.gid == user.gid) #expect(testCase.expect.home == user.home) #expect(testCase.expect.sgids == user.sgids) #expect(testCase.expect.shell == user.shell) } } @Test func testExecUserNoPasswdFile() throws { #expect(throws: User.Error.self) { try User.getExecUser( userString: "root:root", passwdPath: URL(filePath: "/foobar-passwd"), groupPath: URL(filePath: "/foobar-group") ) } } @Test func testExecUserPasswdGroup() throws { let passwordContent = """ root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin backup:x:34:34:backup:/var/backups:/usr/sbin/nologin nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin platform:x:1000:1000:platform:/home/platform:/bin/bash """ let groupContent = """ root:x:0: daemon:x:1: bin:x:2: adm:x:4:platform tape:x:26: sudo:x:27:platform audio:x:29:platform video:x:44:platform nogroup:x:65534: platform:x:1000: """ let fileManager = FileManager.default let tempDir = fileManager.uniqueTemporaryDirectory() defer { try? fileManager.removeItem(at: tempDir) } let passwdPath = tempDir.appending(path: "etc/passwd") let groupPath = tempDir.appending(path: "etc/group") try Self.createFile(path: passwdPath, content: passwordContent.data(using: .ascii)!) try Self.createFile(path: groupPath, content: groupContent.data(using: .ascii)!) let testCases: [TestCase] = [ .init("root:bin", .init(uid: 0, gid: 2, sgids: [2], home: "/root", shell: "/bin/bash"), false), .init("daemon:platform", .init(uid: 1, gid: 1000, sgids: [1000], home: "/usr/sbin", shell: "/usr/sbin/nologin"), false), .init("platform", .init(uid: 1000, gid: 1000, sgids: [4, 27, 29, 44], home: "/home/platform", shell: "/bin/bash"), false), .init("nobody", .init(uid: 65534, gid: 65534, sgids: [], home: "/nonexistent", shell: "/usr/sbin/nologin"), false), .init("2:1000", .init(uid: 2, gid: 1000, sgids: [1000], home: "/bin", shell: "/usr/sbin/nologin"), false), ] for testCase in testCases { if testCase.shouldThrow { #expect(throws: User.Error.self) { try User.getExecUser(userString: testCase.userString, passwdPath: passwdPath, groupPath: groupPath) } } let user = try User.getExecUser(userString: testCase.userString, passwdPath: passwdPath, groupPath: groupPath) #expect(testCase.expect.uid == user.uid) #expect(testCase.expect.gid == user.gid) #expect(testCase.expect.home == user.home) #expect(Set(testCase.expect.sgids) == Set(user.sgids)) #expect(testCase.expect.shell == user.shell) } } } ================================================ FILE: Tests/ContainerizationTests/ContainerManagerTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Containerization import ContainerizationArchive import ContainerizationError import ContainerizationExtras import Foundation import Testing @testable import Containerization private struct NilGatewayInterface: Interface { let ipv4Address: CIDRv4 let ipv4Gateway: IPv4Address? = nil let macAddress: MACAddress? = nil init() { self.ipv4Address = try! CIDRv4("192.168.64.2/24") } } private struct NilGatewayNetwork: Network { mutating func createInterface(_ id: String) throws -> Interface? { NilGatewayInterface() } mutating func releaseInterface(_ id: String) throws {} } @Suite struct ContainerManagerTests { @Test func testCreateThrowsWhenGatewayMissing() async throws { let fm = FileManager.default let root = fm.uniqueTemporaryDirectory(create: true) defer { try? fm.removeItem(at: root) } let kernelPath = root.appendingPathComponent("vmlinux") fm.createFile(atPath: kernelPath.path, contents: Data(), attributes: nil) let initfsPath = root.appendingPathComponent("initfs.ext4") fm.createFile(atPath: initfsPath.path, contents: Data(), attributes: nil) let kernel = Kernel(path: kernelPath, platform: .linuxArm) let initfs = Mount.block(format: "ext4", source: initfsPath.path, destination: "/") var manager = try ContainerManager( kernel: kernel, initfs: initfs, root: root, network: NilGatewayNetwork() ) let tempDir = fm.uniqueTemporaryDirectory() defer { try? fm.removeItem(at: tempDir) } let tarPath = Foundation.Bundle.module.url(forResource: "scratch", withExtension: "tar")! let reader = try ArchiveReader(format: .pax, filter: .none, file: tarPath) let rejectedPaths = try reader.extractContents(to: tempDir) #expect(rejectedPaths.isEmpty) let images = try await manager.imageStore.load(from: tempDir) let image = images.first! let rootfsPath = root.appendingPathComponent("rootfs.ext4") fm.createFile(atPath: rootfsPath.path, contents: Data(), attributes: nil) let rootfs = Mount.block(format: "ext4", source: rootfsPath.path, destination: "/") do { _ = try await manager.create("test-nil-gateway", image: image, rootfs: rootfs) { _ in } #expect(Bool(false), "expected invalidState error for missing ipv4 gateway") } catch let error as ContainerizationError { #expect(error.code == .invalidState) #expect(error.message.contains("missing ipv4 gateway")) } catch { #expect(Bool(false), "unexpected error: \(error)") } } @Test func testNetworkingFalseSkipsInterfaceCreation() async throws { let fm = FileManager.default let root = fm.uniqueTemporaryDirectory(create: true) defer { try? fm.removeItem(at: root) } let kernelPath = root.appendingPathComponent("vmlinux") fm.createFile(atPath: kernelPath.path, contents: Data(), attributes: nil) let initfsPath = root.appendingPathComponent("initfs.ext4") fm.createFile(atPath: initfsPath.path, contents: Data(), attributes: nil) let kernel = Kernel(path: kernelPath, platform: .linuxArm) let initfs = Mount.block(format: "ext4", source: initfsPath.path, destination: "/") // Use NilGatewayNetwork — with networking: true this would throw invalidState, // but with networking: false the network's createInterface() is never called. var manager = try ContainerManager( kernel: kernel, initfs: initfs, root: root, network: NilGatewayNetwork() ) let tempDir = fm.uniqueTemporaryDirectory() defer { try? fm.removeItem(at: tempDir) } let tarPath = Foundation.Bundle.module.url(forResource: "scratch", withExtension: "tar")! let reader = try ArchiveReader(format: .pax, filter: .none, file: tarPath) let rejectedPaths = try reader.extractContents(to: tempDir) #expect(rejectedPaths.isEmpty) let images = try await manager.imageStore.load(from: tempDir) let image = images.first! let rootfsPath = root.appendingPathComponent("rootfs.ext4") fm.createFile(atPath: rootfsPath.path, contents: Data(), attributes: nil) let rootfs = Mount.block(format: "ext4", source: rootfsPath.path, destination: "/") // With networking: false, NilGatewayNetwork.createInterface() is never called, // so we should not get the "missing ipv4 gateway" error. // The container creation will fail for other reasons (dummy VMM), but the // configuration closure should see empty interfaces. var closureWasCalled = false do { _ = try await manager.create( "test-no-networking", image: image, rootfs: rootfs, networking: false ) { config in closureWasCalled = true #expect(config.interfaces.isEmpty) #expect(config.dns == nil) } } catch { // Container creation may fail due to dummy kernel/VMM — that's expected. // The key assertion is in the configuration closure above. let description = String(describing: error) #expect(!description.contains("missing ipv4 gateway")) } #expect(closureWasCalled, "configuration closure must be invoked to validate interfaces") } } ================================================ FILE: Tests/ContainerizationTests/DNSTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import Containerization struct DNSTests { @Test func dnsResolvConfWithAllFields() { let dns = DNS( nameservers: ["8.8.8.8", "1.1.1.1"], domain: "example.com", searchDomains: ["internal.com", "test.com"], options: ["ndots:2", "timeout:1"] ) let expected = "nameserver 8.8.8.8\nnameserver 1.1.1.1\ndomain example.com\nsearch internal.com test.com\noptions ndots:2 timeout:1\n" #expect(dns.resolvConf == expected) } @Test func dnsResolvConfWithEmptyFields() { let dns = DNS( nameservers: [], domain: nil, searchDomains: [], options: [] ) // Should return empty string when all fields are empty #expect(dns.resolvConf == "") } @Test func dnsResolvConfWithOnlyNameservers() { let dns = DNS(nameservers: ["8.8.8.8"]) let expected = "nameserver 8.8.8.8\n" #expect(dns.resolvConf == expected) } } ================================================ FILE: Tests/ContainerizationTests/HashTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import Containerization struct HashTests { @Test func hashMountSourceWithValidString() throws { let result = try hashMountSource(source: "/valid/path") // Should produce a non-empty hash #expect(!result.isEmpty) // Same input should produce same hash (deterministic) let result2 = try hashMountSource(source: "/valid/path") #expect(result == result2) // Different inputs should produce different hashes let result3 = try hashMountSource(source: "/different/path") #expect(result != result3) } } ================================================ FILE: Tests/ContainerizationTests/HostsTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import Containerization struct HostsTests { @Test func hostsEntryRenderedWithAllFields() { let entry = Hosts.Entry( ipAddress: "192.168.1.100", hostnames: ["myserver", "server.local"], comment: "My local server" ) let expected = "192.168.1.100 myserver server.local # My local server " #expect(entry.rendered == expected) } @Test func hostsEntryRenderedWithoutComment() { let entry = Hosts.Entry( ipAddress: "10.0.0.1", hostnames: ["gateway"] ) let expected = "10.0.0.1 gateway" #expect(entry.rendered == expected) } @Test func hostsEntryRenderedWithEmptyHostnames() { let entry = Hosts.Entry( ipAddress: "172.16.0.1", hostnames: [], comment: "Empty hostnames" ) let expected = "172.16.0.1 # Empty hostnames " #expect(entry.rendered == expected) } @Test func hostsFileWithCommentAndEntries() { let hosts = Hosts( entries: [ Hosts.Entry(ipAddress: "127.0.0.1", hostnames: ["localhost"]), Hosts.Entry(ipAddress: "192.168.1.10", hostnames: ["server"], comment: "Main server"), ], comment: "Generated hosts file" ) let expected = "# Generated hosts file\n127.0.0.1 localhost\n192.168.1.10 server # Main server \n" #expect(hosts.hostsFile == expected) } } ================================================ FILE: Tests/ContainerizationTests/ImageTests/ContainsAuth.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOCI import Foundation internal protocol ContainsAuth { } extension ContainsAuth { static var hasRegistryCredentials: Bool { authentication != nil } static var authentication: Authentication? { let env = ProcessInfo.processInfo.environment guard let password = env["REGISTRY_TOKEN"], let username = env["REGISTRY_USERNAME"] else { return nil } return BasicAuthentication(username: username, password: password) } } ================================================ FILE: Tests/ContainerizationTests/ImageTests/ImageStoreImagePullTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // import ContainerizationOCI import Crypto import Foundation import NIO import Testing @testable import Containerization @Suite final class ImageStoreImagePullTests { let store: ImageStore let dir: URL let contentStore: ContentStore public init() { let dir = FileManager.default.uniqueTemporaryDirectory(create: true) let cs = try! LocalContentStore(path: dir) let store = try! ImageStore(path: dir, contentStore: cs) self.dir = dir self.store = store self.contentStore = cs } deinit { try! FileManager.default.removeItem(at: self.dir) } @Test func testPullImageWithoutIndex() async throws { let img = try await self.store.pull(reference: "ghcr.io/apple/containerization/dockermanifestimage:0.0.2") let rootDescriptor = img.descriptor let index: ContainerizationOCI.Index = try await contentStore.get(digest: rootDescriptor.digest)! #expect(index.manifests.count == 1) let desc = index.manifests.first! #expect(desc.platform!.architecture == "amd64") await #expect(throws: Never.self) { let manifest: ContainerizationOCI.Manifest = try await self.contentStore.get(digest: desc.digest)! let _: ContainerizationOCI.Image = try await self.contentStore.get(digest: manifest.config.digest)! for layer in manifest.layers { _ = try await self.contentStore.get(digest: layer.digest)! } } } @Test( arguments: [ (Platform(arch: "arm64", os: "linux", variant: "v8"), imagePullArm64Layers), (Platform(arch: "amd64", os: "linux"), imagePullAmd64Layers), (nil, imagePullTestAllLayers), ]) func testPullSinglePlatform(platform: Platform?, expectLayers: [String]) async throws { let img = try await self.store.pull( reference: "ghcr.io/linuxcontainers/alpine:3.20@sha256:0a6a86d44d7f93c4f2b8dea7f0eee64e72cb98635398779f3610949632508d57", platform: platform) let rootDescriptor = img.descriptor let index: ContainerizationOCI.Index = try await contentStore.get(digest: rootDescriptor.digest)! var foundMatch = false for desc in index.manifests { if let platform { if desc.platform != platform { continue } } foundMatch = true await #expect(throws: Never.self) { let manifest: ContainerizationOCI.Manifest = try await self.contentStore.get(digest: desc.digest)! let _: ContainerizationOCI.Image = try await self.contentStore.get(digest: manifest.config.digest)! for layer in manifest.layers { _ = try await self.contentStore.get(digest: layer.digest)! } } } #expect(foundMatch) let contentPath = dir.appendingPathComponent("blobs/sha256") let filesOnDisk = try FileManager.default.contentsOfDirectory(at: contentPath, includingPropertiesForKeys: nil).map { $0.lastPathComponent }.sorted() #expect(filesOnDisk == expectLayers) } @Test func testPullWithSha() async throws { let sha = "sha256:0a6a86d44d7f93c4f2b8dea7f0eee64e72cb98635398779f3610949632508d57" let r = "ghcr.io/linuxcontainers/alpine:3.20@\(sha)" let img = try await self.store.pull(reference: r, platform: .current) #expect(img.descriptor.digest == sha) } } let imagePullTestAllLayers = [ "013c522f9494ecda30dc8fbee7805b59c773573fd080c74e6835def22547bd07", "037316e2a3a13e6d7e15057d3ede6ad063f15c92216778576ee88a74e6f7c6fc", "0566dbe8e93e20dbfebc6b023399a6eb337719faf1d11dab57f975286c198a00", "0928a8adc0d420ddda0d25c76e95282534a5b69b13ffcbb6ddbc41c50fc77550", "0a6a86d44d7f93c4f2b8dea7f0eee64e72cb98635398779f3610949632508d57", "0a9a5dfd008f05ebc27e4790db0709a29e527690c21bcbcd01481eaeb6bb49dc", "0c11ea92e0d923e7812d258defbe6788642547fa347969a3dbd7bb7cbc0a9666", "156724324a3250a38177b0328390d7efb4ba85d7e095ad7af9ca19a3cd46f855", "1c2a87b1633d21ffcd8192bc84f9bed0c479bbcfbcd8b76b9ca1b8bf8bc61516", "2803bd9fd5a5e53bc39c576b3e7eaf4839ec77dcc1274c6ad9f7d534ccc566c7", "2d2e65d21b1f1a7cf14b99e54809bb4eee749fa9145d1e263279e18e246e5e1b", "34bac5d0022b2997fdfd5c678521d6afe58a4ea6c65d5d31e3ece0be141158ea", "3e6ec69548a14d7bf37b242f02f26dd41c69e9c510225078ca1f241ef249b3df", "423949aec9a2fe60140a59926634f90979ac19878957becf9902dcc547592a44", "4817c12fc96d333e818e9f56f22a7c8683bd3ca8b0c04ce45e188dc6aaf8e5c3", "4e32c214e82a5d6ccb62b58fb42405fc961c69da5fe02c670f1e4c62c8eb6fbb", "4ea6a163031004a9a61288b7a5ffbf73d84115d398abe5180caeb15442d1a5fe", "4f0bb7ea5efffa5762fc231a403f232ca3ea43ef6db18d4bf52aeca8c15d7dec", "55a8c211d2e969b7b7e9e4825853cf24a75cbbcaf7728db15840c1514838a23d", "5c979effb79226e255a01eaeb2a525bd12019c02eba2b76f6e0726dd2701508e", "63e2abc26a64dea41796995524777edc558e143bea4929f06954c52706363f33", "6d8b5334139bdee0462dd4d6cc85fdec98ad4d97155075973432ec4ff67906c9", "6f3c7dfa949497fb255d0a28c244e7add0d52ae6318b45947a8a2940d846b2e2", "718fbe9a22ec3da853bdbd5d8112f2dc8ba41f30d46899b3792242f16a0f8b41", "744d40c360fd0988b20b15ab845d3db943817b027f38ea6850361bab4ac916be", "76a0ff976fd7cf0f21858535989ef59ac2ee64a3f1bf1b68d98d15138cd46afa", "772078ddbdee5be52d429e08f953aaad6715a90d7e4d6496eb1cd4004efa8a95", "7c6bf3be7c8016421fb3033e19b6a313f264093e1ac9e77c9f931ade0d61b3f7", "7f608f0a59b5b3717cdd3cc61ef59c329d3c2c16c5fc6963b3b13360d43841c0", "81fc5885a3ad37110bf576934de28326e1194bd943e020bc3924502335fdf181", "84df3263e35ed35440625ae0ebb5b1c3d00f57ffcec61188015d5217988a8b35", "85b46e4c8e4841ce7964ce897a07a4d9df7d589322593fb600dd428e47d635ae", "872bd582507dfe35ccd496fcd128f61963620053a722b517353f3d9df46412e9", "8a9fb51ac81600da44afb1c4a5df4745d23eca0cc5d924f989c074f3da7a9440", "90bb43c8fe064682d965fe27b1ca0cf2b42cf0273914cc20a4e636e174ccdaf5", "9368b67dac9dc00ca8dbbd25b6f148fd6229b01dac5ff3d89281bd296cf196c6", "94e9d8af22013aabf0edcaf42950c88b0a1350c3a9ce076d61b98a535a673dd9", "9cbaf16e9229ef1466c71cf97a75ddd7d2041522012dd1bcace0d56a9ad77688", "9cfe406db828239417e29e2c00bdf196c32b39ffcead4c2e28cdf60ff8a8dd58", "adc8e49a814d3e4f73ccdd1d26d4cbd3f1a338b4e136a55c092bdcca57863225", "b1ca1bb0a5f203b48e1ca60861ae852f49b910ce8488c19c392a3bc7ee31b072", "b3d7db73e90671cb6b7925cc878d43a2781451bed256cf0626110f5386cdd4dc", "bfc9829f240e42bab6b756c64179b8e73317baf0e9a8940ea1571cb2f29efcc3", "c70d93f05189a8a6a10ba5657b8e89e849f2c7491d76587178f75d9fca228bf1", "c9813c0f5a2f289ea6175876fd973d6d8adcd495da4a23e9273600c8f0a761c5", "c9aedc9d4e47fa9429e5c329420d8a93e16c433e361d0f9281565ed4da3c057e", "d27e7628ef6e28a3e91cdc1ef1f998a703d356067ecedddfe9e9281e36d8c9f9", "ef99f4640fe11015a03439935b827bff242d0db64db27db005a31ab4497db4a2", "f2c7f3c3fecbf01204eccd798e2f77b0003a8567927a5d6242fd3ed81727fee9", "f882dda529d0cd4b586a10a7f60048c7f8faaff26d6672008d0478b8b004bc63", ] let imagePullArm64Layers = [ "0a6a86d44d7f93c4f2b8dea7f0eee64e72cb98635398779f3610949632508d57", "3e6ec69548a14d7bf37b242f02f26dd41c69e9c510225078ca1f241ef249b3df", "423949aec9a2fe60140a59926634f90979ac19878957becf9902dcc547592a44", "76a0ff976fd7cf0f21858535989ef59ac2ee64a3f1bf1b68d98d15138cd46afa", "94e9d8af22013aabf0edcaf42950c88b0a1350c3a9ce076d61b98a535a673dd9", ] let imagePullAmd64Layers = [ "0a6a86d44d7f93c4f2b8dea7f0eee64e72cb98635398779f3610949632508d57", "0a9a5dfd008f05ebc27e4790db0709a29e527690c21bcbcd01481eaeb6bb49dc", "156724324a3250a38177b0328390d7efb4ba85d7e095ad7af9ca19a3cd46f855", "1c2a87b1633d21ffcd8192bc84f9bed0c479bbcfbcd8b76b9ca1b8bf8bc61516", "4ea6a163031004a9a61288b7a5ffbf73d84115d398abe5180caeb15442d1a5fe", ] ================================================ FILE: Tests/ContainerizationTests/ImageTests/ImageStoreTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // import ContainerizationArchive import ContainerizationExtras import ContainerizationOCI import Foundation import Testing @testable import Containerization @Suite public class ImageStoreTests: ContainsAuth { let store: ImageStore let dir: URL public init() { let dir = FileManager.default.uniqueTemporaryDirectory(create: true) let cs = try! LocalContentStore(path: dir) let store = try! ImageStore(path: dir, contentStore: cs) self.dir = dir self.store = store } deinit { try! FileManager.default.removeItem(at: self.dir) } @Test func testImageStoreOperation() async throws { let fileManager = FileManager.default let tempDir = fileManager.uniqueTemporaryDirectory() defer { try? fileManager.removeItem(at: tempDir) } let tarPath = Foundation.Bundle.module.url(forResource: "scratch", withExtension: "tar")! let reader = try ArchiveReader(format: .pax, filter: .none, file: tarPath) let rejectedPaths = try reader.extractContents(to: tempDir) #expect(rejectedPaths.count == 0, "unexpected rejected paths [\(rejectedPaths)]") let _ = try await self.store.load(from: tempDir) let loaded = try await self.store.load(from: tempDir) let expectedLoadedImage = "registry.local/integration-tests/scratch:latest" #expect(loaded.first!.reference == "registry.local/integration-tests/scratch:latest") guard let authentication = Self.authentication else { return } let imageReference = "ghcr.io/apple/containerization/dockermanifestimage:0.0.2" let busyboxImage = try await self.store.pull(reference: imageReference, auth: authentication) let got = try await self.store.get(reference: imageReference) #expect(got.descriptor == busyboxImage.descriptor) let newTag = "registry.local/integration-tests/dockermanifestimage:latest" let _ = try await self.store.tag(existing: imageReference, new: newTag) let tempFile = self.dir.appending(path: "export.tar") try await self.store.save(references: [imageReference, expectedLoadedImage], out: tempFile) } @Test(.disabled("External users cannot push images, disable while we find a better solution")) func testImageStorePush() async throws { guard let authentication = Self.authentication else { return } let imageReference = "ghcr.io/apple/containerization/dockermanifestimage:0.0.2" let remoteImageName = "ghcr.io/apple/test-images/image-push" let epoch = Int(Date().timeIntervalSince1970.description) let tag = epoch != nil ? String(epoch!) : "latest" let upstreamTag = "\(remoteImageName):\(tag)" let _ = try await self.store.tag(existing: imageReference, new: upstreamTag) try await self.store.push(reference: upstreamTag, auth: authentication) } @Test func testLoadImageWithoutAnnotations() async throws { let fileManager = FileManager.default let tempDir = fileManager.uniqueTemporaryDirectory() defer { try? fileManager.removeItem(at: tempDir) } let tarPath = Foundation.Bundle.module.url(forResource: "scratch_no_annotations", withExtension: "tar")! let reader = try ArchiveReader(format: .pax, filter: .none, file: tarPath) let rejectedPaths = try reader.extractContents(to: tempDir) #expect(rejectedPaths.count == 0, "unexpected rejected paths [\(rejectedPaths)]") let loaded = try await self.store.load(from: tempDir) #expect(loaded.count == 1) let reference = loaded.first!.reference #expect(reference.hasPrefix("untagged@sha256:")) let retrieved = try await self.store.get(reference: reference) #expect(retrieved.reference == reference) } } ================================================ FILE: Tests/ContainerizationTests/ImageTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOCI import Foundation import Testing @testable import Containerization struct ImageTests { @Test func imageDescriptionComputedProperties() { let descriptor = Descriptor( mediaType: "application/vnd.oci.image.manifest.v1+json", digest: "sha256:abc123def456", size: 1024 ) let description = Image.Description(reference: "myapp:latest", descriptor: descriptor) #expect(description.digest == "sha256:abc123def456") #expect(description.mediaType == "application/vnd.oci.image.manifest.v1+json") #expect(description.reference == "myapp:latest") } } ================================================ FILE: Tests/ContainerizationTests/KernelTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // import Foundation import Testing @testable import Containerization final class KernelTests { @Test func kernelArgs() { let commandLine = Kernel.CommandLine(debug: false, panic: 0) let kernel = Kernel(path: .init(fileURLWithPath: ""), platform: .linuxArm, commandline: commandLine) let expected = "console=hvc0 tsc=reliable panic=0" let cmdline = kernel.commandLine.kernelArgs.joined(separator: " ") #expect(cmdline == expected) } @Test func kernelDebugArgs() { let cmdLine = Kernel.CommandLine(debug: true, panic: 0) let kernel = Kernel(path: .init(fileURLWithPath: ""), platform: .linuxArm, commandline: cmdLine) let expected = "console=hvc0 tsc=reliable debug panic=0" let cmdline = kernel.commandLine.kernelArgs.joined(separator: " ") #expect(cmdline == expected) } @Test func kernelCommandLineInitWithDebugTrue() { let commandLine = Kernel.CommandLine(debug: true, panic: 5, initArgs: ["--verbose"]) #expect(commandLine.kernelArgs == ["console=hvc0", "tsc=reliable", "debug", "panic=5"]) #expect(commandLine.initArgs == ["--verbose"]) } @Test func kernelCommandLineMutatingMethods() { var commandLine = Kernel.CommandLine(kernelArgs: ["console=hvc0"], initArgs: []) commandLine.addDebug() commandLine.addPanic(level: 10) #expect(commandLine.kernelArgs == ["console=hvc0", "debug", "panic=10"]) } } ================================================ FILE: Tests/ContainerizationTests/LinuxContainerTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOCI import Foundation import Testing @testable import Containerization struct LinuxContainerTests { @Test func processInitFromImageConfigWithAllFields() { let imageConfig = ImageConfig( user: "appuser", env: ["NODE_ENV=production", "PORT=3000"], entrypoint: ["/usr/bin/node"], cmd: ["app.js", "--verbose"], workingDir: "/app" ) let process = LinuxProcessConfiguration(from: imageConfig) #expect(process.workingDirectory == "/app") #expect(process.environmentVariables == ["NODE_ENV=production", "PORT=3000"]) #expect(process.arguments == ["/usr/bin/node", "app.js", "--verbose"]) #expect(process.user.username == "appuser") } @Test func processInitFromImageConfigWithNilValues() { let imageConfig = ImageConfig( user: nil, env: nil, entrypoint: nil, cmd: nil, workingDir: nil ) let process = LinuxProcessConfiguration(from: imageConfig) #expect(process.workingDirectory == "/") #expect(process.environmentVariables == []) #expect(process.arguments == []) #expect(process.user.username == "") // Default User() has empty string username } @Test func processInitFromImageConfigEntrypointAndCmdConcatenation() { let imageConfig = ImageConfig( entrypoint: ["/bin/sh", "-c"], cmd: ["echo 'hello'", "&&", "sleep 10"] ) let process = LinuxProcessConfiguration(from: imageConfig) #expect(process.arguments == ["/bin/sh", "-c", "echo 'hello'", "&&", "sleep 10"]) } } ================================================ FILE: Tests/ContainerizationTests/MountTests.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation import Testing @testable import Containerization struct MountTests { @Test func mountShareCreatesVirtiofsMount() { let mount = Mount.share( source: "/host/shared", destination: "/guest/shared", options: ["rw", "noatime"], runtimeOptions: ["tag=shared"] ) #expect(mount.type == "virtiofs") #expect(mount.source == "/host/shared") #expect(mount.destination == "/guest/shared") #expect(mount.options == ["rw", "noatime"]) if case .virtiofs(let opts) = mount.runtimeOptions { #expect(opts == ["tag=shared"]) } else { #expect(Bool(false), "Expected virtiofs runtime options") } } } ================================================ FILE: Tests/TestImages/dockermanifestimage/Dockerfile ================================================ # This image is built as a single platform image with media type application/vnd.docker.distribution.manifest.v2+json FROM scratch LABEL org.opencontainers.image.source=https://github.com/apple/containerization # empty add so that the build doesn't error due to no build directives ADD . . ================================================ FILE: Tests/TestImages/emptyimage/Dockerfile ================================================ FROM scratch LABEL org.opencontainers.image.source=https://github.com/apple/containerization ADD . . ================================================ FILE: examples/README.md ================================================ # Examples This directory contains example projects demonstrating how to use Containerization. ## Available Examples ### [ctr-example](ctr-example/) A basic example of launching a Linux container using Containerization. This example demonstrates: - Fetching and configuring a Linux kernel - Creating and starting containers - Basic container management operations See the [ctr-example README](ctr-example/README.md) for detailed build and run instructions. ================================================ FILE: examples/ctr-example/Makefile ================================================ # Copyright © 2025-2026 Apple Inc. and the Containerization project authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ctr-example Makefile SWIFT = /usr/bin/swift .PHONY: all build clean run all: run build: $(SWIFT) build --configuration release codesign --force --sign - --entitlements ctr-example.entitlements ./.build/release/ctr-example cp ./.build/release/ctr-example ./ctr-example clean: $(SWIFT) package clean rm -f ./ctr-example run: build ./ctr-example # Development targets debug: $(SWIFT) build codesign --force --sign - --entitlements ctr-example.entitlements ./.build/debug/ctr-example fmt: $(SWIFT) format --in-place --recursive Sources/ fetch-default-kernel: $(MAKE) -C ../.. fetch-default-kernel cp -L ../../.local/vmlinux ./vmlinux ================================================ FILE: examples/ctr-example/Package.resolved ================================================ { "originHash" : "5de11e9b526f881c570e7b65cb339765f3aa79e8646a0c1289d36f224f9f8ca0", "pins" : [ { "identity" : "async-http-client", "kind" : "remoteSourceControl", "location" : "https://github.com/swift-server/async-http-client.git", "state" : { "revision" : "b2faff932b956df50668241d14f1b42f7bae12b4", "version" : "1.30.0" } }, { "identity" : "containerization", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/containerization.git", "state" : { "revision" : "636eef0eff00e451de6d5d426e6a6785b90b44e2", "version" : "0.26.5" } }, { "identity" : "grpc-swift", "kind" : "remoteSourceControl", "location" : "https://github.com/grpc/grpc-swift.git", "state" : { "revision" : "f857994e146f5146d702e9c31ac6f3c27d55d18a", "version" : "1.27.0" } }, { "identity" : "swift-algorithms", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-algorithms.git", "state" : { "revision" : "87e50f483c54e6efd60e885f7f5aa946cee68023", "version" : "1.2.1" } }, { "identity" : "swift-argument-parser", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-argument-parser.git", "state" : { "revision" : "cdd0ef3755280949551dc26dee5de9ddeda89f54", "version" : "1.6.2" } }, { "identity" : "swift-asn1", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-asn1.git", "state" : { "revision" : "40d25bbb2fc5b557a9aa8512210bded327c0f60d", "version" : "1.5.0" } }, { "identity" : "swift-async-algorithms", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-async-algorithms.git", "state" : { "revision" : "042e1c4d9d19748c9c228f8d4ebc97bb1e339b0b", "version" : "1.0.4" } }, { "identity" : "swift-atomics", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-atomics.git", "state" : { "revision" : "b601256eab081c0f92f059e12818ac1d4f178ff7", "version" : "1.3.0" } }, { "identity" : "swift-certificates", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-certificates.git", "state" : { "revision" : "c399f90e7bbe8874f6cbfda1d5f9023d1f5ce122", "version" : "1.15.1" } }, { "identity" : "swift-collections", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-collections.git", "state" : { "revision" : "7b847a3b7008b2dc2f47ca3110d8c782fb2e5c7e", "version" : "1.3.0" } }, { "identity" : "swift-crypto", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-crypto.git", "state" : { "revision" : "95ba0316a9b733e92bb6b071255ff46263bbe7dc", "version" : "3.15.1" } }, { "identity" : "swift-distributed-tracing", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-distributed-tracing.git", "state" : { "revision" : "baa932c1336f7894145cbaafcd34ce2dd0b77c97", "version" : "1.3.1" } }, { "identity" : "swift-http-structured-headers", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-http-structured-headers.git", "state" : { "revision" : "76d7627bd88b47bf5a0f8497dd244885960dde0b", "version" : "1.6.0" } }, { "identity" : "swift-http-types", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-http-types.git", "state" : { "revision" : "45eb0224913ea070ec4fba17291b9e7ecf4749ca", "version" : "1.5.1" } }, { "identity" : "swift-log", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-log.git", "state" : { "revision" : "ce592ae52f982c847a4efc0dd881cc9eb32d29f2", "version" : "1.6.4" } }, { "identity" : "swift-nio", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio.git", "state" : { "revision" : "56724a2b6d8e2aed1b2c5f23865b9ea5c43f9977", "version" : "2.89.0" } }, { "identity" : "swift-nio-extras", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio-extras.git", "state" : { "revision" : "7ee281d816fa8e5f3967a2c294035a318ea551c7", "version" : "1.31.0" } }, { "identity" : "swift-nio-http2", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio-http2.git", "state" : { "revision" : "c2ba4cfbb83f307c66f5a6df6bb43e3c88dfbf80", "version" : "1.39.0" } }, { "identity" : "swift-nio-ssl", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio-ssl.git", "state" : { "revision" : "173cc69a058623525a58ae6710e2f5727c663793", "version" : "2.36.0" } }, { "identity" : "swift-nio-transport-services", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio-transport-services.git", "state" : { "revision" : "df6c28355051c72c884574a6c858bc54f7311ff9", "version" : "1.25.2" } }, { "identity" : "swift-numerics", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-numerics.git", "state" : { "revision" : "0c0290ff6b24942dadb83a929ffaaa1481df04a2", "version" : "1.1.1" } }, { "identity" : "swift-protobuf", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-protobuf.git", "state" : { "revision" : "c169a5744230951031770e27e475ff6eefe51f9d", "version" : "1.33.3" } }, { "identity" : "swift-service-context", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-service-context.git", "state" : { "revision" : "1983448fefc717a2bc2ebde5490fe99873c5b8a6", "version" : "1.2.1" } }, { "identity" : "swift-service-lifecycle", "kind" : "remoteSourceControl", "location" : "https://github.com/swift-server/swift-service-lifecycle.git", "state" : { "revision" : "1de37290c0ab3c5a96028e0f02911b672fd42348", "version" : "2.9.1" } }, { "identity" : "swift-system", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-system.git", "state" : { "revision" : "395a77f0aa927f0ff73941d7ac35f2b46d47c9db", "version" : "1.6.3" } }, { "identity" : "zstd", "kind" : "remoteSourceControl", "location" : "https://github.com/facebook/zstd.git", "state" : { "revision" : "f8745da6ff1ad1e7bab384bd1f9d742439278e99", "version" : "1.5.7" } } ], "version" : 3 } ================================================ FILE: examples/ctr-example/Package.swift ================================================ // swift-tools-version: 6.2 //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import PackageDescription let scVersion = "0.26.5" let package = Package( name: "ctr-example", platforms: [ .macOS("26.0") ], products: [ .executable( name: "ctr-example", targets: ["ctr-example"] ) ], dependencies: [ .package(url: "https://github.com/apple/containerization.git", exact: Version(stringLiteral: scVersion)) ], targets: [ .executableTarget( name: "ctr-example", dependencies: [ .product(name: "Containerization", package: "containerization"), .product(name: "ContainerizationOS", package: "containerization"), ] ) ] ) ================================================ FILE: examples/ctr-example/README.md ================================================ # Container Example Very basic example of launching a Linux container using Containerization. ## Build and Run ### 1. Fetch Kernel In your terminal, change directories to examples/ctr-example and run: **Option A: Using Makefile (recommended)** ```bash make fetch-default-kernel ``` **Option B: Copy from installed container tool** ```bash cp "$(ls -t ~/Library/Application\ Support/com.apple.container/kernels/vmlinux-* | head -1)" ./vmlinux ``` You should now see the `vmlinux` image in examples/ctr-example ### 2. Build/Run ctr-example From examples/ctr-example run `make all` > [!WARNING] > If you get the following error, try building from the default macOS terminal: > `error: compiled module was created by a newer version of the compiler` After the build completes, the example will run. In your terminal you should see something like: ``` Starting container example... Fetching container initial filesystem... Creating container from docker.io/library/alpine:3.16... Starting container... / # ``` > [!WARNING] > If you get the following error, try moving the `ctr-example` binary to `/var/tmp` and run it from there. > `Swift/ErrorType.swift:254: Fatal error: Error raised at top level: unsupported: "failed to create vmnet network with status vmnet_return_t(rawValue: 1001)"` **Congratulations, you've started the example container!** ================================================ FILE: examples/ctr-example/Sources/ctr-example/main.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Containerization import ContainerizationOS import Foundation @main struct CtrExample { static func main() async throws { print("Starting container example...") // Set up terminal in raw mode (like cctl) let current = try Terminal.current try current.setraw() defer { current.tryReset() } let initfsReference = "ghcr.io/apple/containerization/vminit:0.26.5" let kernelPath = "./vmlinux" print("Fetching base container filesystem...") // Create container manager with file-based initfs var manager = try await ContainerManager( kernel: Kernel(path: URL(fileURLWithPath: kernelPath), platform: .linuxArm), initfsReference: initfsReference, network: try VmnetNetwork() ) let containerId = "ctr-example" let imageReference = "docker.io/library/alpine:3.16" print("Creating container from \(imageReference)...") // Create container with simple configuration let container = try await manager.create( containerId, reference: imageReference, rootfsSizeInBytes: 1.gib() ) { @Sendable config in config.cpus = 2 config.memoryInBytes = 512.mib() config.process.setTerminalIO(terminal: current) config.process.arguments = ["/bin/sh"] config.process.workingDirectory = "/" } // Clean up on exit defer { try? manager.delete(containerId) } print("Starting container...") try await container.create() try await container.start() // Resize terminal to match current window try? await container.resize(to: try current.size) // Wait for container to finish let exitCode = try await container.wait() print("Container exited with code \(exitCode)") try await container.stop() } } ================================================ FILE: examples/ctr-example/ctr-example.entitlements ================================================ com.apple.security.virtualization ================================================ FILE: examples/ctr-example/lab.md ================================================ # ## Install and test the container tool: See https://github.com/apple/container/releases Once installed, start the service and follow prompts. ```bash container system start ``` This'll install your kernel. After this start your first container. On first launch, this'll install another artifact for our guest init process: ``` container run alpine uname ``` Container starts after this will be fast! ## Get the Containerization sources: ```bash $ git clone https://github.com/apple/containerization.git ``` > [!IMPORTANT] > There is a bug in the `vmnet` framework on macOS 26 that causes network creation to fail if the creating applications are located under your `Documents` or `Desktop` directories. To workaround this, clone the project elsewhere, such as `~/projects/containerization`, until this issue is resolved. ## Take a look at ctr-example Read through the sources: - ContainerManager: - manager.create() - container.create(), start(), wait(), stop() ## Fetch the kernel Run ```bash cp "$(ls -t ~/Library/Application\ Support/com.apple.container/kernels/vmlinux-* | head -1)" ./vmlinux ``` ## Build and run the example ```bash $ cd examples/ctr-example $ make ``` ## Modify the project - Change the command run by the container - Change the image ================================================ FILE: kernel/Makefile ================================================ # Copyright © 2025-2026 Apple Inc. and the Containerization project authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. KSOURCE ?= https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-6.18.5.tar.xz KIMAGE ?= kernel-build:0.1 CURDIR := $(shell pwd) .DEFAULT_GOAL := all .PHONY: all all: kernel-build-image all: kernel-build .PHONY: kernel-build-image kernel-build-image: container build image/ -f image/Dockerfile -t ${KIMAGE} .PHONY: kernel-build kernel-build: ifeq (,$(wildcard source.tar.xz)) curl -SsL -o source.tar.xz ${KSOURCE} endif container run \ --cpus 8 \ --rm \ --memory 16g \ -v ${CURDIR}:/kernel \ --cwd /kernel \ ${KIMAGE} \ /bin/bash -c "./build.sh" ================================================ FILE: kernel/README.md ================================================ # Containerization Kernel Configuration This directory includes an optimized kernel configuration to produce a fast and lightweight kernel for container use. - `config-arm64` includes the kernel `CONFIG_` options. - `Makefile` includes the kernel version and source package url. - `build.sh` scripts the kernel build process. - `image/` includes the configuration for an image with build tooling. ## Building 1. The build process relies on having the `container` tool installed (https://github.com/apple/container/releases). 2. Run `make`. This should create the image used for building the resulting Linux kernel, and then run a container with that image to perform the kernel build. A `kernel/vmlinux` file will be the result of the build. ================================================ FILE: kernel/build.sh ================================================ #!/bin/bash # Copyright © 2025-2026 Apple Inc. and the Containerization project authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. set -e mkdir -p /kbuild tar -xf /kernel/source.tar.xz -C /kbuild --strip-components=1 cp /kernel/config-arm64 /kbuild/.config ( cd /kbuild make olddefconfig && \ make -j$((`nproc`-1)) && \ cp arch/arm64/boot/Image /kernel/vmlinux ) ================================================ FILE: kernel/config-arm64 ================================================ # # Automatically generated file; DO NOT EDIT. # Linux/arm64 6.1.68 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (containerization) 9.4.0" CONFIG_CC_IS_GCC=y CONFIG_GCC_VERSION=90400 CONFIG_CLANG_VERSION=0 CONFIG_AS_IS_GNU=y CONFIG_AS_VERSION=23400 CONFIG_LD_IS_BFD=y CONFIG_LD_VERSION=23400 CONFIG_LLD_VERSION=0 CONFIG_CC_CAN_LINK=y CONFIG_CC_CAN_LINK_STATIC=y CONFIG_CC_HAS_ASM_INLINE=y CONFIG_CC_HAS_NO_PROFILE_FN_ATTR=y CONFIG_PAHOLE_VERSION=0 CONFIG_IRQ_WORK=y CONFIG_BUILDTIME_TABLE_SORT=y CONFIG_THREAD_INFO_IN_TASK=y # # General setup # CONFIG_INIT_ENV_ARG_LIMIT=32 # CONFIG_COMPILE_TEST is not set # CONFIG_WERROR is not set CONFIG_LOCALVERSION="" # CONFIG_LOCALVERSION_AUTO is not set CONFIG_BUILD_SALT="" CONFIG_DEFAULT_INIT="" CONFIG_DEFAULT_HOSTNAME="sandbox-vm" CONFIG_SYSVIPC=y CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y # CONFIG_WATCH_QUEUE is not set CONFIG_CROSS_MEMORY_ATTACH=y # CONFIG_USELIB is not set CONFIG_AUDIT=y CONFIG_HAVE_ARCH_AUDITSYSCALL=y CONFIG_AUDITSYSCALL=y # # IRQ subsystem # CONFIG_GENERIC_IRQ_PROBE=y CONFIG_GENERIC_IRQ_SHOW=y CONFIG_GENERIC_IRQ_SHOW_LEVEL=y CONFIG_GENERIC_IRQ_EFFECTIVE_AFF_MASK=y CONFIG_GENERIC_IRQ_MIGRATION=y CONFIG_HARDIRQS_SW_RESEND=y CONFIG_IRQ_DOMAIN=y CONFIG_IRQ_DOMAIN_HIERARCHY=y CONFIG_GENERIC_IRQ_IPI=y CONFIG_GENERIC_MSI_IRQ=y CONFIG_GENERIC_MSI_IRQ_DOMAIN=y CONFIG_IRQ_MSI_IOMMU=y CONFIG_IRQ_FORCED_THREADING=y CONFIG_SPARSE_IRQ=y # CONFIG_GENERIC_IRQ_DEBUGFS is not set # end of IRQ subsystem CONFIG_GENERIC_TIME_VSYSCALL=y CONFIG_GENERIC_CLOCKEVENTS=y CONFIG_ARCH_HAS_TICK_BROADCAST=y CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y CONFIG_HAVE_POSIX_CPU_TIMERS_TASK_WORK=y CONFIG_POSIX_CPU_TIMERS_TASK_WORK=y CONFIG_CONTEXT_TRACKING=y CONFIG_CONTEXT_TRACKING_IDLE=y # # Timers subsystem # CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ_COMMON=y # CONFIG_HZ_PERIODIC is not set CONFIG_NO_HZ_IDLE=y # CONFIG_NO_HZ_FULL is not set CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y # end of Timers subsystem CONFIG_BPF=y CONFIG_HAVE_EBPF_JIT=y CONFIG_ARCH_WANT_DEFAULT_BPF_JIT=y # # BPF subsystem # CONFIG_BPF_SYSCALL=y # CONFIG_BPF_UNPRIV_DEFAULT_OFF is not set CONFIG_USERMODE_DRIVER=y CONFIG_BPF_PRELOAD=y CONFIG_BPF_PRELOAD_UMD=y # end of BPF subsystem CONFIG_PREEMPT_NONE_BUILD=y CONFIG_PREEMPT_NONE=y # CONFIG_PREEMPT_VOLUNTARY is not set # CONFIG_PREEMPT is not set # CONFIG_PREEMPT_DYNAMIC is not set # CONFIG_SCHED_CORE is not set # # CPU/Task time and stats accounting # CONFIG_TICK_CPU_ACCOUNTING=y # CONFIG_VIRT_CPU_ACCOUNTING_GEN is not set # CONFIG_IRQ_TIME_ACCOUNTING is not set CONFIG_HAVE_SCHED_AVG_IRQ=y CONFIG_BSD_PROCESS_ACCT=y CONFIG_BSD_PROCESS_ACCT_V3=y CONFIG_TASKSTATS=y CONFIG_TASK_DELAY_ACCT=y CONFIG_TASK_XACCT=y CONFIG_TASK_IO_ACCOUNTING=y # CONFIG_PSI is not set # end of CPU/Task time and stats accounting CONFIG_CPU_ISOLATION=y # # RCU Subsystem # CONFIG_TREE_RCU=y # CONFIG_RCU_EXPERT is not set CONFIG_SRCU=y CONFIG_TREE_SRCU=y CONFIG_TASKS_RCU_GENERIC=y CONFIG_TASKS_TRACE_RCU=y CONFIG_RCU_STALL_COMMON=y CONFIG_RCU_NEED_SEGCBLIST=y # end of RCU Subsystem CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y # CONFIG_IKHEADERS is not set CONFIG_LOG_BUF_SHIFT=21 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 CONFIG_PRINTK_SAFE_LOG_BUF_SHIFT=13 # CONFIG_PRINTK_INDEX is not set CONFIG_GENERIC_SCHED_CLOCK=y # # Scheduler features # # end of Scheduler features CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y CONFIG_CC_HAS_INT128=y CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5" CONFIG_GCC11_NO_ARRAY_BOUNDS=y CONFIG_ARCH_SUPPORTS_INT128=y CONFIG_NUMA_BALANCING=y # CONFIG_NUMA_BALANCING_DEFAULT_ENABLED is not set CONFIG_CGROUPS=y CONFIG_PAGE_COUNTER=y # CONFIG_CGROUP_FAVOR_DYNMODS is not set CONFIG_MEMCG=y CONFIG_MEMCG_KMEM=y CONFIG_BLK_CGROUP=y CONFIG_CGROUP_WRITEBACK=y CONFIG_CGROUP_SCHED=y CONFIG_FAIR_GROUP_SCHED=y CONFIG_CFS_BANDWIDTH=y CONFIG_RT_GROUP_SCHED=y CONFIG_CGROUP_PIDS=y # CONFIG_CGROUP_RDMA is not set CONFIG_CGROUP_FREEZER=y CONFIG_CGROUP_HUGETLB=y CONFIG_CPUSETS=y CONFIG_PROC_PID_CPUSET=y CONFIG_CGROUP_DEVICE=y CONFIG_CGROUP_CPUACCT=y CONFIG_CGROUP_PERF=y CONFIG_CGROUP_BPF=y # CONFIG_CGROUP_MISC is not set # CONFIG_CGROUP_DEBUG is not set CONFIG_SOCK_CGROUP_DATA=y CONFIG_NAMESPACES=y CONFIG_UTS_NS=y CONFIG_TIME_NS=y CONFIG_IPC_NS=y CONFIG_USER_NS=y CONFIG_PID_NS=y CONFIG_NET_NS=y # CONFIG_CHECKPOINT_RESTORE is not set CONFIG_SCHED_AUTOGROUP=y # CONFIG_SYSFS_DEPRECATED is not set CONFIG_RELAY=y CONFIG_BLK_DEV_INITRD=y CONFIG_INITRAMFS_SOURCE="" CONFIG_RD_GZIP=y CONFIG_RD_BZIP2=y CONFIG_RD_LZMA=y CONFIG_RD_XZ=y CONFIG_RD_LZO=y CONFIG_RD_LZ4=y # CONFIG_RD_ZSTD is not set # CONFIG_BOOT_CONFIG is not set CONFIG_INITRAMFS_PRESERVE_MTIME=y CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y # CONFIG_CC_OPTIMIZE_FOR_SIZE is not set CONFIG_LD_ORPHAN_WARN=y CONFIG_SYSCTL=y CONFIG_SYSCTL_EXCEPTION_TRACE=y CONFIG_EXPERT=y CONFIG_MULTIUSER=y CONFIG_SGETMASK_SYSCALL=y CONFIG_SYSFS_SYSCALL=y CONFIG_FHANDLE=y CONFIG_POSIX_TIMERS=y CONFIG_PRINTK=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y CONFIG_FUTEX_PI=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_IO_URING=y CONFIG_ADVISE_SYSCALLS=y CONFIG_MEMBARRIER=y CONFIG_KALLSYMS=y # CONFIG_KALLSYMS_ALL is not set CONFIG_KALLSYMS_BASE_RELATIVE=y CONFIG_ARCH_HAS_MEMBARRIER_SYNC_CORE=y CONFIG_KCMP=y CONFIG_RSEQ=y # CONFIG_DEBUG_RSEQ is not set # CONFIG_EMBEDDED is not set CONFIG_HAVE_PERF_EVENTS=y CONFIG_GUEST_PERF_EVENTS=y # CONFIG_PC104 is not set # # Kernel Performance Events And Counters # CONFIG_PERF_EVENTS=y # CONFIG_DEBUG_PERF_USE_VMALLOC is not set # end of Kernel Performance Events And Counters # CONFIG_PROFILING is not set # end of General setup CONFIG_ARM64=y CONFIG_GCC_SUPPORTS_DYNAMIC_FTRACE_WITH_REGS=y CONFIG_64BIT=y CONFIG_MMU=y CONFIG_ARM64_PAGE_SHIFT=12 CONFIG_ARM64_CONT_PTE_SHIFT=4 CONFIG_ARM64_CONT_PMD_SHIFT=4 CONFIG_ARCH_MMAP_RND_BITS_MIN=18 CONFIG_ARCH_MMAP_RND_BITS_MAX=33 CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=11 CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16 CONFIG_STACKTRACE_SUPPORT=y CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000 CONFIG_LOCKDEP_SUPPORT=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y CONFIG_GENERIC_HWEIGHT=y CONFIG_GENERIC_CSUM=y CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE=y CONFIG_SMP=y CONFIG_KERNEL_MODE_NEON=y CONFIG_FIX_EARLYCON_MEM=y CONFIG_PGTABLE_LEVELS=4 CONFIG_ARCH_SUPPORTS_UPROBES=y CONFIG_ARCH_PROC_KCORE_TEXT=y # # Platform selection # # CONFIG_ARCH_ACTIONS is not set # CONFIG_ARCH_SUNXI is not set # CONFIG_ARCH_ALPINE is not set # CONFIG_ARCH_APPLE is not set # CONFIG_ARCH_BCM is not set # CONFIG_ARCH_BERLIN is not set # CONFIG_ARCH_BITMAIN is not set # CONFIG_ARCH_EXYNOS is not set # CONFIG_ARCH_SPARX5 is not set # CONFIG_ARCH_K3 is not set # CONFIG_ARCH_LG1K is not set # CONFIG_ARCH_HISI is not set # CONFIG_ARCH_KEEMBAY is not set # CONFIG_ARCH_MEDIATEK is not set # CONFIG_ARCH_MESON is not set # CONFIG_ARCH_MVEBU is not set # CONFIG_ARCH_NXP is not set # CONFIG_ARCH_NPCM is not set # CONFIG_ARCH_QCOM is not set # CONFIG_ARCH_REALTEK is not set # CONFIG_ARCH_RENESAS is not set # CONFIG_ARCH_ROCKCHIP is not set # CONFIG_ARCH_SEATTLE is not set # CONFIG_ARCH_INTEL_SOCFPGA is not set # CONFIG_ARCH_SYNQUACER is not set # CONFIG_ARCH_TEGRA is not set # CONFIG_ARCH_SPRD is not set # CONFIG_ARCH_THUNDER is not set # CONFIG_ARCH_THUNDER2 is not set # CONFIG_ARCH_UNIPHIER is not set # CONFIG_ARCH_VEXPRESS is not set # CONFIG_ARCH_VISCONTI is not set # CONFIG_ARCH_XGENE is not set # CONFIG_ARCH_ZYNQMP is not set # end of Platform selection # # Kernel Features # # # ARM errata workarounds via the alternatives framework # CONFIG_AMPERE_ERRATUM_AC03_CPU_38=y CONFIG_ARM64_WORKAROUND_CLEAN_CACHE=y CONFIG_ARM64_ERRATUM_826319=y CONFIG_ARM64_ERRATUM_827319=y CONFIG_ARM64_ERRATUM_824069=y CONFIG_ARM64_ERRATUM_819472=y CONFIG_ARM64_ERRATUM_832075=y CONFIG_ARM64_ERRATUM_834220=y CONFIG_ARM64_ERRATUM_843419=y CONFIG_ARM64_LD_HAS_FIX_ERRATUM_843419=y CONFIG_ARM64_ERRATUM_1024718=y CONFIG_ARM64_WORKAROUND_SPECULATIVE_AT=y CONFIG_ARM64_ERRATUM_1165522=y CONFIG_ARM64_ERRATUM_1319367=y CONFIG_ARM64_ERRATUM_1530923=y CONFIG_ARM64_WORKAROUND_REPEAT_TLBI=y CONFIG_ARM64_ERRATUM_2441007=y CONFIG_ARM64_ERRATUM_1286807=y CONFIG_ARM64_ERRATUM_1463225=y CONFIG_ARM64_ERRATUM_1542419=y CONFIG_ARM64_ERRATUM_1508412=y CONFIG_ARM64_ERRATUM_2051678=y CONFIG_ARM64_ERRATUM_2077057=y CONFIG_ARM64_ERRATUM_2658417=y CONFIG_ARM64_WORKAROUND_TSB_FLUSH_FAILURE=y CONFIG_ARM64_ERRATUM_2054223=y CONFIG_ARM64_ERRATUM_2067961=y CONFIG_ARM64_ERRATUM_2441009=y CONFIG_ARM64_ERRATUM_2457168=y CONFIG_ARM64_ERRATUM_2966298=y CONFIG_CAVIUM_ERRATUM_22375=y CONFIG_CAVIUM_ERRATUM_23144=y CONFIG_CAVIUM_ERRATUM_23154=y CONFIG_CAVIUM_ERRATUM_27456=y CONFIG_CAVIUM_ERRATUM_30115=y CONFIG_CAVIUM_TX2_ERRATUM_219=y CONFIG_FUJITSU_ERRATUM_010001=y CONFIG_HISILICON_ERRATUM_161600802=y CONFIG_QCOM_FALKOR_ERRATUM_1003=y CONFIG_QCOM_FALKOR_ERRATUM_1009=y CONFIG_QCOM_QDF2400_ERRATUM_0065=y CONFIG_QCOM_FALKOR_ERRATUM_E1041=y # CONFIG_NVIDIA_CARMEL_CNP_ERRATUM is not set CONFIG_SOCIONEXT_SYNQUACER_PREITS=y # end of ARM errata workarounds via the alternatives framework CONFIG_ARM64_4K_PAGES=y # CONFIG_ARM64_16K_PAGES is not set # CONFIG_ARM64_64K_PAGES is not set # CONFIG_ARM64_VA_BITS_39 is not set CONFIG_ARM64_VA_BITS_48=y CONFIG_ARM64_VA_BITS=48 CONFIG_ARM64_PA_BITS_48=y CONFIG_ARM64_PA_BITS=48 # CONFIG_CPU_BIG_ENDIAN is not set CONFIG_CPU_LITTLE_ENDIAN=y CONFIG_SCHED_MC=y # CONFIG_SCHED_CLUSTER is not set CONFIG_SCHED_SMT=y CONFIG_NR_CPUS=128 CONFIG_HOTPLUG_CPU=y CONFIG_NUMA=y CONFIG_NODES_SHIFT=10 # CONFIG_HZ_100 is not set CONFIG_HZ_250=y # CONFIG_HZ_300 is not set # CONFIG_HZ_1000 is not set CONFIG_HZ=250 CONFIG_SCHED_HRTICK=y CONFIG_ARCH_SPARSEMEM_ENABLE=y CONFIG_HW_PERF_EVENTS=y CONFIG_PARAVIRT=y CONFIG_PARAVIRT_TIME_ACCOUNTING=y # CONFIG_KEXEC is not set CONFIG_KEXEC_FILE=y # CONFIG_KEXEC_SIG is not set # CONFIG_CRASH_DUMP is not set CONFIG_TRANS_TABLE=y # CONFIG_XEN is not set CONFIG_ARCH_FORCE_MAX_ORDER=11 CONFIG_UNMAP_KERNEL_AT_EL0=y CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY=y CONFIG_RODATA_FULL_DEFAULT_ENABLED=y # CONFIG_ARM64_SW_TTBR0_PAN is not set CONFIG_ARM64_TAGGED_ADDR_ABI=y # CONFIG_COMPAT is not set # # ARMv8.1 architectural features # CONFIG_ARM64_HW_AFDBM=y CONFIG_ARM64_PAN=y CONFIG_AS_HAS_LDAPR=y CONFIG_AS_HAS_LSE_ATOMICS=y CONFIG_ARM64_LSE_ATOMICS=y CONFIG_ARM64_USE_LSE_ATOMICS=y # end of ARMv8.1 architectural features # # ARMv8.2 architectural features # CONFIG_AS_HAS_ARMV8_2=y CONFIG_AS_HAS_SHA3=y # CONFIG_ARM64_PMEM is not set CONFIG_ARM64_RAS_EXTN=y CONFIG_ARM64_CNP=y # end of ARMv8.2 architectural features # # ARMv8.3 architectural features # CONFIG_ARM64_PTR_AUTH=y CONFIG_ARM64_PTR_AUTH_KERNEL=y CONFIG_CC_HAS_BRANCH_PROT_PAC_RET=y CONFIG_CC_HAS_SIGN_RETURN_ADDRESS=y CONFIG_AS_HAS_PAC=y CONFIG_AS_HAS_CFI_NEGATE_RA_STATE=y # end of ARMv8.3 architectural features # # ARMv8.4 architectural features # CONFIG_ARM64_AMU_EXTN=y CONFIG_AS_HAS_ARMV8_4=y CONFIG_ARM64_TLB_RANGE=y # end of ARMv8.4 architectural features # # ARMv8.5 architectural features # CONFIG_AS_HAS_ARMV8_5=y CONFIG_ARM64_BTI=y CONFIG_CC_HAS_BRANCH_PROT_PAC_RET_BTI=y CONFIG_ARM64_E0PD=y CONFIG_ARM64_AS_HAS_MTE=y CONFIG_ARM64_MTE=y # end of ARMv8.5 architectural features # # ARMv8.7 architectural features # CONFIG_ARM64_EPAN=y # end of ARMv8.7 architectural features # CONFIG_ARM64_SVE is not set # CONFIG_ARM64_PSEUDO_NMI is not set CONFIG_RELOCATABLE=y CONFIG_RANDOMIZE_BASE=y CONFIG_RANDOMIZE_MODULE_REGION_FULL=y CONFIG_CC_HAVE_STACKPROTECTOR_SYSREG=y CONFIG_STACKPROTECTOR_PER_TASK=y CONFIG_ARCH_NR_GPIO=0 # end of Kernel Features # # Boot options # # CONFIG_ARM64_ACPI_PARKING_PROTOCOL is not set CONFIG_CMDLINE="" CONFIG_EFI_STUB=y CONFIG_EFI=y CONFIG_DMI=y # end of Boot options # # Power management options # # CONFIG_SUSPEND is not set CONFIG_HIBERNATE_CALLBACKS=y CONFIG_HIBERNATION=y CONFIG_HIBERNATION_SNAPSHOT_DEV=y CONFIG_PM_STD_PARTITION="" CONFIG_PM_SLEEP=y CONFIG_PM_SLEEP_SMP=y # CONFIG_PM_AUTOSLEEP is not set # CONFIG_PM_USERSPACE_AUTOSLEEP is not set # CONFIG_PM_WAKELOCKS is not set CONFIG_PM=y # CONFIG_PM_DEBUG is not set CONFIG_PM_CLK=y # CONFIG_WQ_POWER_EFFICIENT_DEFAULT is not set CONFIG_CPU_PM=y # CONFIG_ENERGY_MODEL is not set CONFIG_ARCH_HIBERNATION_POSSIBLE=y CONFIG_ARCH_HIBERNATION_HEADER=y CONFIG_ARCH_SUSPEND_POSSIBLE=y # end of Power management options # # CPU Power Management # # # CPU Idle # CONFIG_CPU_IDLE=y CONFIG_CPU_IDLE_GOV_LADDER=y CONFIG_CPU_IDLE_GOV_MENU=y # CONFIG_CPU_IDLE_GOV_TEO is not set # # ARM CPU Idle Drivers # # CONFIG_ARM_PSCI_CPUIDLE is not set # end of ARM CPU Idle Drivers # end of CPU Idle # # CPU Frequency scaling # CONFIG_CPU_FREQ=y # CONFIG_CPU_FREQ_STAT is not set CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y # CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE is not set # CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE is not set # CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND is not set # CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE is not set # CONFIG_CPU_FREQ_DEFAULT_GOV_SCHEDUTIL is not set CONFIG_CPU_FREQ_GOV_PERFORMANCE=y # CONFIG_CPU_FREQ_GOV_POWERSAVE is not set # CONFIG_CPU_FREQ_GOV_USERSPACE is not set # CONFIG_CPU_FREQ_GOV_ONDEMAND is not set # CONFIG_CPU_FREQ_GOV_CONSERVATIVE is not set # CONFIG_CPU_FREQ_GOV_SCHEDUTIL is not set # # CPU frequency scaling drivers # # CONFIG_CPUFREQ_DT is not set # CONFIG_ACPI_CPPC_CPUFREQ is not set # end of CPU Frequency scaling # end of CPU Power Management CONFIG_ARCH_SUPPORTS_ACPI=y CONFIG_ACPI=y CONFIG_ACPI_GENERIC_GSI=y CONFIG_ACPI_CCA_REQUIRED=y # CONFIG_ACPI_DEBUGGER is not set CONFIG_ACPI_SPCR_TABLE=y # CONFIG_ACPI_EC_DEBUGFS is not set # CONFIG_ACPI_AC is not set # CONFIG_ACPI_BATTERY is not set CONFIG_ACPI_BUTTON=y # CONFIG_ACPI_VIDEO is not set # CONFIG_ACPI_FAN is not set # CONFIG_ACPI_TAD is not set # CONFIG_ACPI_DOCK is not set CONFIG_ACPI_PROCESSOR_IDLE=y CONFIG_ACPI_MCFG=y CONFIG_ACPI_PROCESSOR=y CONFIG_ACPI_HOTPLUG_CPU=y CONFIG_ACPI_THERMAL=y CONFIG_ARCH_HAS_ACPI_TABLE_UPGRADE=y CONFIG_ACPI_TABLE_UPGRADE=y # CONFIG_ACPI_DEBUG is not set # CONFIG_ACPI_PCI_SLOT is not set CONFIG_ACPI_CONTAINER=y CONFIG_ACPI_HOTPLUG_MEMORY=y # CONFIG_ACPI_HED is not set # CONFIG_ACPI_CUSTOM_METHOD is not set # CONFIG_ACPI_BGRT is not set CONFIG_ACPI_REDUCED_HARDWARE_ONLY=y CONFIG_ACPI_NUMA=y # CONFIG_ACPI_HMAT is not set CONFIG_HAVE_ACPI_APEI=y # CONFIG_ACPI_APEI is not set # CONFIG_ACPI_CONFIGFS is not set # CONFIG_ACPI_PFRUT is not set CONFIG_ACPI_IORT=y CONFIG_ACPI_GTDT=y CONFIG_ACPI_PPTT=y CONFIG_ACPI_PCC=y # CONFIG_PMIC_OPREGION is not set CONFIG_ACPI_VIOT=y CONFIG_ACPI_PRMT=y CONFIG_IRQ_BYPASS_MANAGER=y CONFIG_HAVE_KVM=y CONFIG_HAVE_KVM_IRQCHIP=y CONFIG_HAVE_KVM_IRQFD=y CONFIG_HAVE_KVM_IRQ_ROUTING=y CONFIG_HAVE_KVM_EVENTFD=y CONFIG_KVM_MMIO=y CONFIG_HAVE_KVM_MSI=y CONFIG_HAVE_KVM_CPU_RELAX_INTERCEPT=y CONFIG_KVM_VFIO=y CONFIG_HAVE_KVM_ARCH_TLB_FLUSH_ALL=y CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT=y CONFIG_HAVE_KVM_IRQ_BYPASS=y CONFIG_HAVE_KVM_VCPU_RUN_PID_CHANGE=y CONFIG_KVM_XFER_TO_GUEST_WORK=y CONFIG_VIRTUALIZATION=y CONFIG_KVM=y # CONFIG_NVHE_EL2_DEBUG is not set # # General architecture-dependent options # CONFIG_CRASH_CORE=y CONFIG_KEXEC_CORE=y CONFIG_ARCH_HAS_SUBPAGE_FAULTS=y CONFIG_JUMP_LABEL=y # CONFIG_STATIC_KEYS_SELFTEST is not set CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y CONFIG_HAVE_IOREMAP_PROT=y CONFIG_HAVE_KPROBES=y CONFIG_HAVE_KRETPROBES=y CONFIG_ARCH_CORRECT_STACKTRACE_ON_KRETPROBE=y CONFIG_HAVE_FUNCTION_ERROR_INJECTION=y CONFIG_HAVE_NMI=y CONFIG_TRACE_IRQFLAGS_SUPPORT=y CONFIG_TRACE_IRQFLAGS_NMI_SUPPORT=y CONFIG_HAVE_ARCH_TRACEHOOK=y CONFIG_HAVE_DMA_CONTIGUOUS=y CONFIG_GENERIC_SMP_IDLE_THREAD=y CONFIG_GENERIC_IDLE_POLL_SETUP=y CONFIG_ARCH_HAS_FORTIFY_SOURCE=y CONFIG_ARCH_HAS_KEEPINITRD=y CONFIG_ARCH_HAS_SET_MEMORY=y CONFIG_ARCH_HAS_SET_DIRECT_MAP=y CONFIG_HAVE_ARCH_THREAD_STRUCT_WHITELIST=y CONFIG_ARCH_WANTS_NO_INSTR=y CONFIG_HAVE_ASM_MODVERSIONS=y CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y CONFIG_HAVE_RSEQ=y CONFIG_HAVE_FUNCTION_ARG_ACCESS_API=y CONFIG_HAVE_HW_BREAKPOINT=y CONFIG_HAVE_PERF_REGS=y CONFIG_HAVE_PERF_USER_STACK_DUMP=y CONFIG_HAVE_ARCH_JUMP_LABEL=y CONFIG_HAVE_ARCH_JUMP_LABEL_RELATIVE=y CONFIG_MMU_GATHER_TABLE_FREE=y CONFIG_MMU_GATHER_RCU_TABLE_FREE=y CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y CONFIG_HAVE_CMPXCHG_LOCAL=y CONFIG_HAVE_CMPXCHG_DOUBLE=y CONFIG_HAVE_ARCH_SECCOMP=y CONFIG_HAVE_ARCH_SECCOMP_FILTER=y CONFIG_SECCOMP=y CONFIG_SECCOMP_FILTER=y # CONFIG_SECCOMP_CACHE_DEBUG is not set CONFIG_HAVE_ARCH_STACKLEAK=y CONFIG_HAVE_STACKPROTECTOR=y CONFIG_STACKPROTECTOR=y CONFIG_STACKPROTECTOR_STRONG=y CONFIG_ARCH_SUPPORTS_LTO_CLANG=y CONFIG_ARCH_SUPPORTS_LTO_CLANG_THIN=y CONFIG_LTO_NONE=y CONFIG_ARCH_SUPPORTS_CFI_CLANG=y CONFIG_HAVE_CONTEXT_TRACKING_USER=y CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y CONFIG_HAVE_MOVE_PUD=y CONFIG_HAVE_MOVE_PMD=y CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y CONFIG_HAVE_ARCH_HUGE_VMAP=y CONFIG_HAVE_ARCH_HUGE_VMALLOC=y CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y CONFIG_MODULES_USE_ELF_RELA=y CONFIG_HAVE_SOFTIRQ_ON_OWN_STACK=y CONFIG_SOFTIRQ_ON_OWN_STACK=y CONFIG_ARCH_HAS_ELF_RANDOMIZE=y CONFIG_HAVE_ARCH_MMAP_RND_BITS=y CONFIG_ARCH_MMAP_RND_BITS=18 CONFIG_PAGE_SIZE_LESS_THAN_64KB=y CONFIG_PAGE_SIZE_LESS_THAN_256KB=y CONFIG_ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT=y CONFIG_CLONE_BACKWARDS=y # CONFIG_COMPAT_32BIT_TIME is not set CONFIG_HAVE_ARCH_VMAP_STACK=y CONFIG_VMAP_STACK=y CONFIG_HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET=y CONFIG_RANDOMIZE_KSTACK_OFFSET=y # CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT is not set CONFIG_ARCH_HAS_STRICT_KERNEL_RWX=y CONFIG_STRICT_KERNEL_RWX=y CONFIG_ARCH_HAS_STRICT_MODULE_RWX=y CONFIG_HAVE_ARCH_COMPILER_H=y CONFIG_HAVE_ARCH_PREL32_RELOCATIONS=y CONFIG_ARCH_USE_MEMREMAP_PROT=y # CONFIG_LOCK_EVENT_COUNTS is not set CONFIG_ARCH_HAS_RELR=y CONFIG_HAVE_PREEMPT_DYNAMIC=y CONFIG_HAVE_PREEMPT_DYNAMIC_KEY=y CONFIG_ARCH_WANT_LD_ORPHAN_WARN=y CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y CONFIG_ARCH_SUPPORTS_PAGE_TABLE_CHECK=y CONFIG_ARCH_HAVE_TRACE_MMIO_ACCESS=y # # GCOV-based kernel profiling # # CONFIG_GCOV_KERNEL is not set CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y # end of GCOV-based kernel profiling CONFIG_HAVE_GCC_PLUGINS=y # end of General architecture-dependent options CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set CONFIG_BLOCK=y CONFIG_BLOCK_LEGACY_AUTOLOAD=y CONFIG_BLK_CGROUP_RWSTAT=y CONFIG_BLK_DEV_BSG_COMMON=y CONFIG_BLK_DEV_BSGLIB=y CONFIG_BLK_DEV_INTEGRITY=y # CONFIG_BLK_DEV_ZONED is not set CONFIG_BLK_DEV_THROTTLING=y # CONFIG_BLK_DEV_THROTTLING_LOW is not set CONFIG_BLK_WBT=y CONFIG_BLK_WBT_MQ=y # CONFIG_BLK_CGROUP_IOLATENCY is not set # CONFIG_BLK_CGROUP_IOCOST is not set # CONFIG_BLK_CGROUP_IOPRIO is not set CONFIG_BLK_DEBUG_FS=y # CONFIG_BLK_SED_OPAL is not set # CONFIG_BLK_INLINE_ENCRYPTION is not set # # Partition Types # CONFIG_PARTITION_ADVANCED=y # CONFIG_ACORN_PARTITION is not set # CONFIG_AIX_PARTITION is not set # CONFIG_OSF_PARTITION is not set # CONFIG_AMIGA_PARTITION is not set # CONFIG_ATARI_PARTITION is not set # CONFIG_MAC_PARTITION is not set # CONFIG_MSDOS_PARTITION is not set # CONFIG_LDM_PARTITION is not set # CONFIG_SGI_PARTITION is not set # CONFIG_ULTRIX_PARTITION is not set # CONFIG_SUN_PARTITION is not set # CONFIG_KARMA_PARTITION is not set CONFIG_EFI_PARTITION=y # CONFIG_SYSV68_PARTITION is not set # CONFIG_CMDLINE_PARTITION is not set # end of Partition Types CONFIG_BLK_MQ_PCI=y CONFIG_BLK_MQ_VIRTIO=y CONFIG_BLK_PM=y # # IO Schedulers # # CONFIG_MQ_IOSCHED_DEADLINE is not set # CONFIG_MQ_IOSCHED_KYBER is not set # CONFIG_IOSCHED_BFQ is not set # end of IO Schedulers CONFIG_PREEMPT_NOTIFIERS=y CONFIG_ASN1=y CONFIG_ARCH_INLINE_SPIN_TRYLOCK=y CONFIG_ARCH_INLINE_SPIN_TRYLOCK_BH=y CONFIG_ARCH_INLINE_SPIN_LOCK=y CONFIG_ARCH_INLINE_SPIN_LOCK_BH=y CONFIG_ARCH_INLINE_SPIN_LOCK_IRQ=y CONFIG_ARCH_INLINE_SPIN_LOCK_IRQSAVE=y CONFIG_ARCH_INLINE_SPIN_UNLOCK=y CONFIG_ARCH_INLINE_SPIN_UNLOCK_BH=y CONFIG_ARCH_INLINE_SPIN_UNLOCK_IRQ=y CONFIG_ARCH_INLINE_SPIN_UNLOCK_IRQRESTORE=y CONFIG_ARCH_INLINE_READ_LOCK=y CONFIG_ARCH_INLINE_READ_LOCK_BH=y CONFIG_ARCH_INLINE_READ_LOCK_IRQ=y CONFIG_ARCH_INLINE_READ_LOCK_IRQSAVE=y CONFIG_ARCH_INLINE_READ_UNLOCK=y CONFIG_ARCH_INLINE_READ_UNLOCK_BH=y CONFIG_ARCH_INLINE_READ_UNLOCK_IRQ=y CONFIG_ARCH_INLINE_READ_UNLOCK_IRQRESTORE=y CONFIG_ARCH_INLINE_WRITE_LOCK=y CONFIG_ARCH_INLINE_WRITE_LOCK_BH=y CONFIG_ARCH_INLINE_WRITE_LOCK_IRQ=y CONFIG_ARCH_INLINE_WRITE_LOCK_IRQSAVE=y CONFIG_ARCH_INLINE_WRITE_UNLOCK=y CONFIG_ARCH_INLINE_WRITE_UNLOCK_BH=y CONFIG_ARCH_INLINE_WRITE_UNLOCK_IRQ=y CONFIG_ARCH_INLINE_WRITE_UNLOCK_IRQRESTORE=y CONFIG_INLINE_SPIN_TRYLOCK=y CONFIG_INLINE_SPIN_TRYLOCK_BH=y CONFIG_INLINE_SPIN_LOCK=y CONFIG_INLINE_SPIN_LOCK_BH=y CONFIG_INLINE_SPIN_LOCK_IRQ=y CONFIG_INLINE_SPIN_LOCK_IRQSAVE=y CONFIG_INLINE_SPIN_UNLOCK_BH=y CONFIG_INLINE_SPIN_UNLOCK_IRQ=y CONFIG_INLINE_SPIN_UNLOCK_IRQRESTORE=y CONFIG_INLINE_READ_LOCK=y CONFIG_INLINE_READ_LOCK_BH=y CONFIG_INLINE_READ_LOCK_IRQ=y CONFIG_INLINE_READ_LOCK_IRQSAVE=y CONFIG_INLINE_READ_UNLOCK=y CONFIG_INLINE_READ_UNLOCK_BH=y CONFIG_INLINE_READ_UNLOCK_IRQ=y CONFIG_INLINE_READ_UNLOCK_IRQRESTORE=y CONFIG_INLINE_WRITE_LOCK=y CONFIG_INLINE_WRITE_LOCK_BH=y CONFIG_INLINE_WRITE_LOCK_IRQ=y CONFIG_INLINE_WRITE_LOCK_IRQSAVE=y CONFIG_INLINE_WRITE_UNLOCK=y CONFIG_INLINE_WRITE_UNLOCK_BH=y CONFIG_INLINE_WRITE_UNLOCK_IRQ=y CONFIG_INLINE_WRITE_UNLOCK_IRQRESTORE=y CONFIG_ARCH_SUPPORTS_ATOMIC_RMW=y CONFIG_MUTEX_SPIN_ON_OWNER=y CONFIG_RWSEM_SPIN_ON_OWNER=y CONFIG_LOCK_SPIN_ON_OWNER=y CONFIG_ARCH_USE_QUEUED_SPINLOCKS=y CONFIG_QUEUED_SPINLOCKS=y CONFIG_ARCH_USE_QUEUED_RWLOCKS=y CONFIG_QUEUED_RWLOCKS=y CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE=y CONFIG_ARCH_HAS_SYSCALL_WRAPPER=y CONFIG_FREEZER=y # # Executable file formats # CONFIG_BINFMT_ELF=y CONFIG_ARCH_BINFMT_ELF_STATE=y CONFIG_ARCH_BINFMT_ELF_EXTRA_PHDRS=y CONFIG_ARCH_HAVE_ELF_PROT=y CONFIG_ARCH_USE_GNU_PROPERTY=y CONFIG_ELFCORE=y CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y CONFIG_BINFMT_SCRIPT=y CONFIG_BINFMT_MISC=y CONFIG_COREDUMP=y # end of Executable file formats # # Memory Management options # CONFIG_ZPOOL=y CONFIG_SWAP=y CONFIG_ZSWAP=y # CONFIG_ZSWAP_DEFAULT_ON is not set # CONFIG_ZSWAP_COMPRESSOR_DEFAULT_DEFLATE is not set CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZO=y # CONFIG_ZSWAP_COMPRESSOR_DEFAULT_842 is not set # CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZ4 is not set # CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZ4HC is not set # CONFIG_ZSWAP_COMPRESSOR_DEFAULT_ZSTD is not set CONFIG_ZSWAP_COMPRESSOR_DEFAULT="lzo" CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # CONFIG_ZSWAP_ZPOOL_DEFAULT_Z3FOLD is not set # CONFIG_ZSWAP_ZPOOL_DEFAULT_ZSMALLOC is not set CONFIG_ZSWAP_ZPOOL_DEFAULT="zbud" CONFIG_ZBUD=y # CONFIG_Z3FOLD is not set CONFIG_ZSMALLOC=y CONFIG_ZSMALLOC_STAT=y # # SLAB allocator options # # CONFIG_SLAB is not set CONFIG_SLUB=y # CONFIG_SLOB is not set CONFIG_SLAB_MERGE_DEFAULT=y # CONFIG_SLAB_FREELIST_RANDOM is not set CONFIG_SLAB_FREELIST_HARDENED=y # CONFIG_SLUB_STATS is not set CONFIG_SLUB_CPU_PARTIAL=y # end of SLAB allocator options # CONFIG_SHUFFLE_PAGE_ALLOCATOR is not set # CONFIG_COMPAT_BRK is not set CONFIG_SPARSEMEM=y CONFIG_SPARSEMEM_EXTREME=y CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y CONFIG_SPARSEMEM_VMEMMAP=y CONFIG_HAVE_FAST_GUP=y CONFIG_ARCH_KEEP_MEMBLOCK=y CONFIG_NUMA_KEEP_MEMINFO=y CONFIG_MEMORY_ISOLATION=y CONFIG_EXCLUSIVE_SYSTEM_RAM=y CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y CONFIG_ARCH_ENABLE_MEMORY_HOTREMOVE=y CONFIG_MEMORY_HOTPLUG=y # CONFIG_MEMORY_HOTPLUG_DEFAULT_ONLINE is not set CONFIG_MEMORY_HOTREMOVE=y CONFIG_MHP_MEMMAP_ON_MEMORY=y CONFIG_SPLIT_PTLOCK_CPUS=4 CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y CONFIG_MEMORY_BALLOON=y CONFIG_BALLOON_COMPACTION=y CONFIG_COMPACTION=y CONFIG_COMPACT_UNEVICTABLE_DEFAULT=1 CONFIG_PAGE_REPORTING=y CONFIG_MIGRATION=y CONFIG_DEVICE_MIGRATION=y CONFIG_ARCH_ENABLE_HUGEPAGE_MIGRATION=y CONFIG_ARCH_ENABLE_THP_MIGRATION=y CONFIG_CONTIG_ALLOC=y CONFIG_PHYS_ADDR_T_64BIT=y CONFIG_MMU_NOTIFIER=y CONFIG_KSM=y CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 CONFIG_ARCH_SUPPORTS_MEMORY_FAILURE=y # CONFIG_MEMORY_FAILURE is not set CONFIG_ARCH_WANTS_THP_SWAP=y CONFIG_TRANSPARENT_HUGEPAGE=y # CONFIG_TRANSPARENT_HUGEPAGE_ALWAYS is not set CONFIG_TRANSPARENT_HUGEPAGE_MADVISE=y CONFIG_THP_SWAP=y # CONFIG_READ_ONLY_THP_FOR_FS is not set CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y CONFIG_USE_PERCPU_NUMA_NODE_ID=y CONFIG_HAVE_SETUP_PER_CPU_AREA=y CONFIG_FRONTSWAP=y # CONFIG_CMA is not set CONFIG_GENERIC_EARLY_IOREMAP=y # CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set # CONFIG_IDLE_PAGE_TRACKING is not set CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y CONFIG_ARCH_HAS_CURRENT_STACK_POINTER=y CONFIG_ARCH_HAS_PTE_DEVMAP=y CONFIG_ARCH_HAS_ZONE_DMA_SET=y CONFIG_ZONE_DMA=y CONFIG_ZONE_DMA32=y CONFIG_ZONE_DEVICE=y # CONFIG_DEVICE_PRIVATE is not set CONFIG_ARCH_USES_HIGH_VMA_FLAGS=y CONFIG_VM_EVENT_COUNTERS=y CONFIG_PERCPU_STATS=y # CONFIG_GUP_TEST is not set CONFIG_ARCH_HAS_PTE_SPECIAL=y CONFIG_SECRETMEM=y # CONFIG_ANON_VMA_NAME is not set CONFIG_USERFAULTFD=y CONFIG_HAVE_ARCH_USERFAULTFD_MINOR=y # CONFIG_LRU_GEN is not set CONFIG_LOCK_MM_AND_FIND_VMA=y # # Data Access Monitoring # # CONFIG_DAMON is not set # end of Data Access Monitoring # end of Memory Management options CONFIG_NET=y CONFIG_NET_INGRESS=y CONFIG_NET_EGRESS=y CONFIG_SKB_EXTENSIONS=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_DIAG=y CONFIG_UNIX=y CONFIG_UNIX_SCM=y CONFIG_AF_UNIX_OOB=y CONFIG_UNIX_DIAG=y CONFIG_TLS=y # CONFIG_TLS_DEVICE is not set # CONFIG_TLS_TOE is not set CONFIG_XFRM=y CONFIG_XFRM_OFFLOAD=y CONFIG_XFRM_ALGO=y CONFIG_XFRM_USER=y # CONFIG_XFRM_INTERFACE is not set CONFIG_XFRM_SUB_POLICY=y CONFIG_XFRM_MIGRATE=y CONFIG_XFRM_STATISTICS=y CONFIG_XFRM_AH=y CONFIG_XFRM_ESP=y CONFIG_NET_KEY=y CONFIG_NET_KEY_MIGRATE=y CONFIG_XFRM_ESPINTCP=y CONFIG_XDP_SOCKETS=y # CONFIG_XDP_SOCKETS_DIAG is not set CONFIG_INET=y # CONFIG_IP_MULTICAST is not set CONFIG_IP_ADVANCED_ROUTER=y # CONFIG_IP_FIB_TRIE_STATS is not set CONFIG_IP_MULTIPLE_TABLES=y # CONFIG_IP_ROUTE_MULTIPATH is not set # CONFIG_IP_ROUTE_VERBOSE is not set CONFIG_IP_ROUTE_CLASSID=y CONFIG_IP_PNP=y CONFIG_IP_PNP_DHCP=y CONFIG_IP_PNP_BOOTP=y CONFIG_IP_PNP_RARP=y CONFIG_NET_IPIP=y # CONFIG_NET_IPGRE_DEMUX is not set CONFIG_NET_IP_TUNNEL=y CONFIG_SYN_COOKIES=y # CONFIG_NET_IPVTI is not set CONFIG_NET_UDP_TUNNEL=y CONFIG_NET_FOU=y CONFIG_NET_FOU_IP_TUNNELS=y # CONFIG_INET_AH is not set # CONFIG_INET_ESP is not set # CONFIG_INET_IPCOMP is not set CONFIG_INET_TABLE_PERTURB_ORDER=16 CONFIG_INET_TUNNEL=y CONFIG_INET_DIAG=y CONFIG_INET_TCP_DIAG=y CONFIG_INET_UDP_DIAG=y CONFIG_INET_RAW_DIAG=y # CONFIG_INET_DIAG_DESTROY is not set # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y CONFIG_DEFAULT_TCP_CONG="cubic" # CONFIG_TCP_MD5SIG is not set CONFIG_IPV6=y CONFIG_IPV6_ROUTER_PREF=y CONFIG_IPV6_ROUTE_INFO=y CONFIG_IPV6_OPTIMISTIC_DAD=y CONFIG_INET6_AH=y CONFIG_INET6_ESP=y CONFIG_INET6_ESP_OFFLOAD=y CONFIG_INET6_ESPINTCP=y # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_IPV6_ILA is not set CONFIG_INET6_TUNNEL=y # CONFIG_IPV6_VTI is not set CONFIG_IPV6_SIT=y # CONFIG_IPV6_SIT_6RD is not set CONFIG_IPV6_NDISC_NODETYPE=y CONFIG_IPV6_TUNNEL=y CONFIG_IPV6_FOU=y CONFIG_IPV6_FOU_TUNNEL=y CONFIG_IPV6_MULTIPLE_TABLES=y # CONFIG_IPV6_SUBTREES is not set # CONFIG_IPV6_MROUTE is not set # CONFIG_IPV6_SEG6_LWTUNNEL is not set # CONFIG_IPV6_SEG6_HMAC is not set # CONFIG_IPV6_RPL_LWTUNNEL is not set # CONFIG_IPV6_IOAM6_LWTUNNEL is not set # CONFIG_MPTCP is not set CONFIG_NETWORK_SECMARK=y CONFIG_NET_PTP_CLASSIFY=y # CONFIG_NETWORK_PHY_TIMESTAMPING is not set CONFIG_NETFILTER=y CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=y # # Core Netfilter Configuration # CONFIG_NETFILTER_INGRESS=y CONFIG_NETFILTER_EGRESS=y CONFIG_NETFILTER_SKIP_EGRESS=y CONFIG_NETFILTER_NETLINK=y CONFIG_NETFILTER_FAMILY_BRIDGE=y CONFIG_NETFILTER_FAMILY_ARP=y # CONFIG_NETFILTER_NETLINK_HOOK is not set CONFIG_NETFILTER_NETLINK_ACCT=y CONFIG_NETFILTER_NETLINK_QUEUE=y CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NETFILTER_NETLINK_OSF=y CONFIG_NF_CONNTRACK=y CONFIG_NF_LOG_SYSLOG=y CONFIG_NETFILTER_CONNCOUNT=y CONFIG_NF_CONNTRACK_MARK=y # CONFIG_NF_CONNTRACK_SECMARK is not set CONFIG_NF_CONNTRACK_ZONES=y CONFIG_NF_CONNTRACK_PROCFS=y CONFIG_NF_CONNTRACK_EVENTS=y CONFIG_NF_CONNTRACK_TIMEOUT=y CONFIG_NF_CONNTRACK_TIMESTAMP=y CONFIG_NF_CONNTRACK_LABELS=y CONFIG_NF_CT_PROTO_DCCP=y CONFIG_NF_CT_PROTO_SCTP=y CONFIG_NF_CT_PROTO_UDPLITE=y # CONFIG_NF_CONNTRACK_AMANDA is not set # CONFIG_NF_CONNTRACK_FTP is not set # CONFIG_NF_CONNTRACK_H323 is not set # CONFIG_NF_CONNTRACK_IRC is not set # CONFIG_NF_CONNTRACK_NETBIOS_NS is not set # CONFIG_NF_CONNTRACK_SNMP is not set # CONFIG_NF_CONNTRACK_PPTP is not set # CONFIG_NF_CONNTRACK_SANE is not set # CONFIG_NF_CONNTRACK_SIP is not set # CONFIG_NF_CONNTRACK_TFTP is not set CONFIG_NF_CT_NETLINK=y # CONFIG_NF_CT_NETLINK_TIMEOUT is not set # CONFIG_NETFILTER_NETLINK_GLUE_CT is not set CONFIG_NF_NAT=y CONFIG_NF_NAT_REDIRECT=y CONFIG_NF_NAT_MASQUERADE=y CONFIG_NETFILTER_SYNPROXY=y CONFIG_NF_TABLES=y CONFIG_NF_TABLES_INET=y CONFIG_NF_TABLES_NETDEV=y CONFIG_NFT_NUMGEN=y CONFIG_NFT_CT=y CONFIG_NFT_CONNLIMIT=y CONFIG_NFT_LOG=y CONFIG_NFT_LIMIT=y CONFIG_NFT_MASQ=y CONFIG_NFT_REDIR=y CONFIG_NFT_NAT=y CONFIG_NFT_TUNNEL=y CONFIG_NFT_OBJREF=y CONFIG_NFT_QUEUE=y CONFIG_NFT_QUOTA=y CONFIG_NFT_REJECT=y CONFIG_NFT_REJECT_INET=y CONFIG_NFT_COMPAT=y CONFIG_NFT_HASH=y CONFIG_NFT_FIB=y CONFIG_NFT_FIB_INET=y CONFIG_NFT_XFRM=y CONFIG_NFT_SOCKET=y CONFIG_NFT_OSF=y CONFIG_NFT_TPROXY=y CONFIG_NFT_SYNPROXY=y CONFIG_NF_DUP_NETDEV=y CONFIG_NFT_DUP_NETDEV=y CONFIG_NFT_FWD_NETDEV=y CONFIG_NFT_FIB_NETDEV=y CONFIG_NFT_REJECT_NETDEV=y # CONFIG_NF_FLOW_TABLE is not set CONFIG_NETFILTER_XTABLES=y # # Xtables combined modules # CONFIG_NETFILTER_XT_MARK=y CONFIG_NETFILTER_XT_CONNMARK=y CONFIG_NETFILTER_XT_SET=y # # Xtables targets # CONFIG_NETFILTER_XT_TARGET_AUDIT=y CONFIG_NETFILTER_XT_TARGET_CHECKSUM=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y CONFIG_NETFILTER_XT_TARGET_CT=y CONFIG_NETFILTER_XT_TARGET_DSCP=y CONFIG_NETFILTER_XT_TARGET_HL=y CONFIG_NETFILTER_XT_TARGET_HMARK=y CONFIG_NETFILTER_XT_TARGET_IDLETIMER=y CONFIG_NETFILTER_XT_TARGET_LOG=y CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_NAT=y CONFIG_NETFILTER_XT_TARGET_NETMAP=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y CONFIG_NETFILTER_XT_TARGET_RATEEST=y CONFIG_NETFILTER_XT_TARGET_REDIRECT=y CONFIG_NETFILTER_XT_TARGET_MASQUERADE=y CONFIG_NETFILTER_XT_TARGET_TEE=y CONFIG_NETFILTER_XT_TARGET_TPROXY=y CONFIG_NETFILTER_XT_TARGET_TRACE=y # CONFIG_NETFILTER_XT_TARGET_SECMARK is not set CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y # # Xtables matches # CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y CONFIG_NETFILTER_XT_MATCH_BPF=y CONFIG_NETFILTER_XT_MATCH_CGROUP=y CONFIG_NETFILTER_XT_MATCH_CLUSTER=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y CONFIG_NETFILTER_XT_MATCH_CONNLABEL=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y CONFIG_NETFILTER_XT_MATCH_CPU=y CONFIG_NETFILTER_XT_MATCH_DCCP=y CONFIG_NETFILTER_XT_MATCH_DEVGROUP=y CONFIG_NETFILTER_XT_MATCH_DSCP=y CONFIG_NETFILTER_XT_MATCH_ECN=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y CONFIG_NETFILTER_XT_MATCH_HL=y CONFIG_NETFILTER_XT_MATCH_IPCOMP=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y # CONFIG_NETFILTER_XT_MATCH_IPVS is not set CONFIG_NETFILTER_XT_MATCH_L2TP=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y CONFIG_NETFILTER_XT_MATCH_NFACCT=y CONFIG_NETFILTER_XT_MATCH_OSF=y CONFIG_NETFILTER_XT_MATCH_OWNER=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y CONFIG_NETFILTER_XT_MATCH_RECENT=y CONFIG_NETFILTER_XT_MATCH_SCTP=y CONFIG_NETFILTER_XT_MATCH_SOCKET=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y # end of Core Netfilter Configuration CONFIG_IP_SET=y CONFIG_IP_SET_MAX=256 # CONFIG_IP_SET_BITMAP_IP is not set # CONFIG_IP_SET_BITMAP_IPMAC is not set # CONFIG_IP_SET_BITMAP_PORT is not set CONFIG_IP_SET_HASH_IP=y # CONFIG_IP_SET_HASH_IPMARK is not set # CONFIG_IP_SET_HASH_IPPORT is not set # CONFIG_IP_SET_HASH_IPPORTIP is not set # CONFIG_IP_SET_HASH_IPPORTNET is not set # CONFIG_IP_SET_HASH_IPMAC is not set # CONFIG_IP_SET_HASH_MAC is not set # CONFIG_IP_SET_HASH_NETPORTNET is not set # CONFIG_IP_SET_HASH_NET is not set # CONFIG_IP_SET_HASH_NETNET is not set # CONFIG_IP_SET_HASH_NETPORT is not set # CONFIG_IP_SET_HASH_NETIFACE is not set # CONFIG_IP_SET_LIST_SET is not set CONFIG_IP_VS=y # CONFIG_IP_VS_IPV6 is not set # CONFIG_IP_VS_DEBUG is not set CONFIG_IP_VS_TAB_BITS=12 # # IPVS transport protocol load balancing support # CONFIG_IP_VS_PROTO_TCP=y CONFIG_IP_VS_PROTO_UDP=y CONFIG_IP_VS_PROTO_AH_ESP=y CONFIG_IP_VS_PROTO_ESP=y CONFIG_IP_VS_PROTO_AH=y CONFIG_IP_VS_PROTO_SCTP=y # # IPVS scheduler # # CONFIG_IP_VS_RR is not set # CONFIG_IP_VS_WRR is not set # CONFIG_IP_VS_LC is not set # CONFIG_IP_VS_WLC is not set # CONFIG_IP_VS_FO is not set # CONFIG_IP_VS_OVF is not set # CONFIG_IP_VS_LBLC is not set # CONFIG_IP_VS_LBLCR is not set CONFIG_IP_VS_DH=y # CONFIG_IP_VS_SH is not set # CONFIG_IP_VS_MH is not set # CONFIG_IP_VS_SED is not set # CONFIG_IP_VS_NQ is not set # CONFIG_IP_VS_TWOS is not set # # IPVS SH scheduler # CONFIG_IP_VS_SH_TAB_BITS=8 # # IPVS MH scheduler # CONFIG_IP_VS_MH_TAB_INDEX=12 # # IPVS application helper # # CONFIG_IP_VS_NFCT is not set # # IP: Netfilter Configuration # CONFIG_NF_DEFRAG_IPV4=y CONFIG_NF_SOCKET_IPV4=y CONFIG_NF_TPROXY_IPV4=y CONFIG_NF_TABLES_IPV4=y CONFIG_NFT_REJECT_IPV4=y CONFIG_NFT_DUP_IPV4=y CONFIG_NFT_FIB_IPV4=y CONFIG_NF_TABLES_ARP=y CONFIG_NF_DUP_IPV4=y CONFIG_NF_LOG_ARP=y CONFIG_NF_LOG_IPV4=y CONFIG_NF_REJECT_IPV4=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y CONFIG_IP_NF_MATCH_RPFILTER=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_SYNPROXY=y CONFIG_IP_NF_NAT=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_CLUSTERIP=y CONFIG_IP_NF_TARGET_ECN=y CONFIG_IP_NF_TARGET_TTL=y CONFIG_IP_NF_RAW=y CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_ARPFILTER=y CONFIG_IP_NF_ARP_MANGLE=y # end of IP: Netfilter Configuration # # IPv6: Netfilter Configuration # CONFIG_NF_SOCKET_IPV6=y CONFIG_NF_TPROXY_IPV6=y CONFIG_NF_TABLES_IPV6=y CONFIG_NFT_REJECT_IPV6=y CONFIG_NFT_DUP_IPV6=y CONFIG_NFT_FIB_IPV6=y CONFIG_NF_DUP_IPV6=y CONFIG_NF_REJECT_IPV6=y CONFIG_NF_LOG_IPV6=y CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_MATCH_AH=y CONFIG_IP6_NF_MATCH_EUI64=y CONFIG_IP6_NF_MATCH_FRAG=y CONFIG_IP6_NF_MATCH_OPTS=y CONFIG_IP6_NF_MATCH_HL=y CONFIG_IP6_NF_MATCH_IPV6HEADER=y CONFIG_IP6_NF_MATCH_MH=y CONFIG_IP6_NF_MATCH_RPFILTER=y CONFIG_IP6_NF_MATCH_RT=y CONFIG_IP6_NF_MATCH_SRH=y CONFIG_IP6_NF_TARGET_HL=y CONFIG_IP6_NF_FILTER=y CONFIG_IP6_NF_TARGET_REJECT=y CONFIG_IP6_NF_TARGET_SYNPROXY=y CONFIG_IP6_NF_MANGLE=y CONFIG_IP6_NF_RAW=y CONFIG_IP6_NF_NAT=y CONFIG_IP6_NF_TARGET_MASQUERADE=y CONFIG_IP6_NF_TARGET_NPT=y # end of IPv6: Netfilter Configuration CONFIG_NF_DEFRAG_IPV6=y CONFIG_NF_TABLES_BRIDGE=y # CONFIG_NFT_BRIDGE_META is not set # CONFIG_NFT_BRIDGE_REJECT is not set CONFIG_NF_CONNTRACK_BRIDGE=y CONFIG_BRIDGE_NF_EBTABLES=y CONFIG_BRIDGE_EBT_BROUTE=y CONFIG_BRIDGE_EBT_T_FILTER=y CONFIG_BRIDGE_EBT_T_NAT=y CONFIG_BRIDGE_EBT_802_3=y CONFIG_BRIDGE_EBT_AMONG=y CONFIG_BRIDGE_EBT_ARP=y CONFIG_BRIDGE_EBT_IP=y CONFIG_BRIDGE_EBT_IP6=y CONFIG_BRIDGE_EBT_LIMIT=y CONFIG_BRIDGE_EBT_MARK=y CONFIG_BRIDGE_EBT_PKTTYPE=y CONFIG_BRIDGE_EBT_STP=y CONFIG_BRIDGE_EBT_VLAN=y CONFIG_BRIDGE_EBT_ARPREPLY=y CONFIG_BRIDGE_EBT_DNAT=y CONFIG_BRIDGE_EBT_MARK_T=y CONFIG_BRIDGE_EBT_REDIRECT=y CONFIG_BRIDGE_EBT_SNAT=y CONFIG_BRIDGE_EBT_LOG=y CONFIG_BRIDGE_EBT_NFLOG=y CONFIG_BPFILTER=y CONFIG_BPFILTER_UMH=y # CONFIG_IP_DCCP is not set CONFIG_IP_SCTP=y # CONFIG_SCTP_DBG_OBJCNT is not set CONFIG_SCTP_DEFAULT_COOKIE_HMAC_MD5=y # CONFIG_SCTP_DEFAULT_COOKIE_HMAC_SHA1 is not set # CONFIG_SCTP_DEFAULT_COOKIE_HMAC_NONE is not set CONFIG_SCTP_COOKIE_HMAC_MD5=y # CONFIG_SCTP_COOKIE_HMAC_SHA1 is not set CONFIG_INET_SCTP_DIAG=y # CONFIG_RDS is not set # CONFIG_TIPC is not set # CONFIG_ATM is not set # CONFIG_L2TP is not set CONFIG_STP=y CONFIG_BRIDGE=y CONFIG_BRIDGE_IGMP_SNOOPING=y # CONFIG_BRIDGE_VLAN_FILTERING is not set # CONFIG_BRIDGE_MRP is not set # CONFIG_BRIDGE_CFM is not set # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=y # CONFIG_VLAN_8021Q_GVRP is not set # CONFIG_VLAN_8021Q_MVRP is not set CONFIG_LLC=y # CONFIG_LLC2 is not set # CONFIG_ATALK is not set # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_PHONET is not set # CONFIG_6LOWPAN is not set # CONFIG_IEEE802154 is not set CONFIG_NET_SCHED=y # # Queueing/Scheduling # CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y CONFIG_NET_SCH_HFSC=y CONFIG_NET_SCH_PRIO=y CONFIG_NET_SCH_MULTIQ=y CONFIG_NET_SCH_RED=y CONFIG_NET_SCH_SFB=y CONFIG_NET_SCH_SFQ=y CONFIG_NET_SCH_TEQL=y CONFIG_NET_SCH_TBF=y CONFIG_NET_SCH_CBS=y CONFIG_NET_SCH_ETF=y CONFIG_NET_SCH_TAPRIO=y CONFIG_NET_SCH_GRED=y CONFIG_NET_SCH_DSMARK=y CONFIG_NET_SCH_NETEM=y CONFIG_NET_SCH_DRR=y CONFIG_NET_SCH_MQPRIO=y CONFIG_NET_SCH_SKBPRIO=y CONFIG_NET_SCH_CHOKE=y CONFIG_NET_SCH_QFQ=y CONFIG_NET_SCH_CODEL=y CONFIG_NET_SCH_FQ_CODEL=y CONFIG_NET_SCH_CAKE=y CONFIG_NET_SCH_FQ=y CONFIG_NET_SCH_HHF=y CONFIG_NET_SCH_PIE=y CONFIG_NET_SCH_FQ_PIE=y CONFIG_NET_SCH_INGRESS=y CONFIG_NET_SCH_PLUG=y CONFIG_NET_SCH_ETS=y # CONFIG_NET_SCH_DEFAULT is not set # # Classification # CONFIG_NET_CLS=y CONFIG_NET_CLS_BASIC=y CONFIG_NET_CLS_ROUTE4=y CONFIG_NET_CLS_FW=y CONFIG_NET_CLS_U32=y CONFIG_CLS_U32_PERF=y CONFIG_CLS_U32_MARK=y CONFIG_NET_CLS_FLOW=y CONFIG_NET_CLS_CGROUP=y CONFIG_NET_CLS_BPF=y CONFIG_NET_CLS_FLOWER=y CONFIG_NET_CLS_MATCHALL=y CONFIG_NET_EMATCH=y CONFIG_NET_EMATCH_STACK=32 CONFIG_NET_EMATCH_CMP=y CONFIG_NET_EMATCH_NBYTE=y CONFIG_NET_EMATCH_U32=y CONFIG_NET_EMATCH_META=y CONFIG_NET_EMATCH_TEXT=y # CONFIG_NET_EMATCH_IPSET is not set CONFIG_NET_EMATCH_IPT=y CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=y CONFIG_NET_ACT_GACT=y CONFIG_GACT_PROB=y CONFIG_NET_ACT_MIRRED=y CONFIG_NET_ACT_SAMPLE=y CONFIG_NET_ACT_IPT=y CONFIG_NET_ACT_NAT=y CONFIG_NET_ACT_PEDIT=y CONFIG_NET_ACT_SIMP=y CONFIG_NET_ACT_SKBEDIT=y CONFIG_NET_ACT_CSUM=y CONFIG_NET_ACT_MPLS=y CONFIG_NET_ACT_VLAN=y CONFIG_NET_ACT_BPF=y CONFIG_NET_ACT_CONNMARK=y CONFIG_NET_ACT_CTINFO=y CONFIG_NET_ACT_SKBMOD=y CONFIG_NET_ACT_IFE=y CONFIG_NET_ACT_TUNNEL_KEY=y CONFIG_NET_ACT_GATE=y CONFIG_NET_IFE_SKBMARK=y CONFIG_NET_IFE_SKBPRIO=y CONFIG_NET_IFE_SKBTCINDEX=y CONFIG_NET_TC_SKB_EXT=y CONFIG_NET_SCH_FIFO=y # CONFIG_DCB is not set CONFIG_DNS_RESOLVER=y # CONFIG_BATMAN_ADV is not set # CONFIG_OPENVSWITCH is not set CONFIG_VSOCKETS=y CONFIG_VSOCKETS_DIAG=y CONFIG_VSOCKETS_LOOPBACK=y CONFIG_VIRTIO_VSOCKETS=y CONFIG_VIRTIO_VSOCKETS_COMMON=y CONFIG_NETLINK_DIAG=y # CONFIG_MPLS is not set # CONFIG_NET_NSH is not set # CONFIG_HSR is not set # CONFIG_NET_SWITCHDEV is not set CONFIG_NET_L3_MASTER_DEV=y # CONFIG_QRTR is not set # CONFIG_NET_NCSI is not set CONFIG_PCPU_DEV_REFCNT=y CONFIG_RPS=y CONFIG_RFS_ACCEL=y CONFIG_SOCK_RX_QUEUE_MAPPING=y CONFIG_XPS=y CONFIG_CGROUP_NET_PRIO=y CONFIG_CGROUP_NET_CLASSID=y CONFIG_NET_RX_BUSY_POLL=y CONFIG_BQL=y # CONFIG_BPF_STREAM_PARSER is not set CONFIG_NET_FLOW_LIMIT=y # # Network testing # # CONFIG_NET_PKTGEN is not set # end of Network testing # end of Networking options # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_BT is not set # CONFIG_AF_RXRPC is not set # CONFIG_AF_KCM is not set CONFIG_STREAM_PARSER=y # CONFIG_MCTP is not set CONFIG_FIB_RULES=y # CONFIG_WIRELESS is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set # CONFIG_CAIF is not set # CONFIG_CEPH_LIB is not set # CONFIG_NFC is not set CONFIG_PSAMPLE=y CONFIG_NET_IFE=y # CONFIG_LWTUNNEL is not set CONFIG_DST_CACHE=y CONFIG_GRO_CELLS=y CONFIG_NET_SOCK_MSG=y CONFIG_PAGE_POOL=y # CONFIG_PAGE_POOL_STATS is not set CONFIG_FAILOVER=y # CONFIG_ETHTOOL_NETLINK is not set # # Device Drivers # CONFIG_ARM_AMBA=y CONFIG_HAVE_PCI=y CONFIG_PCI=y CONFIG_PCI_DOMAINS=y CONFIG_PCI_DOMAINS_GENERIC=y CONFIG_PCI_SYSCALL=y CONFIG_PCIEPORTBUS=y # CONFIG_HOTPLUG_PCI_PCIE is not set CONFIG_PCIEAER=y # CONFIG_PCIEAER_INJECT is not set # CONFIG_PCIE_ECRC is not set CONFIG_PCIEASPM=y CONFIG_PCIEASPM_DEFAULT=y # CONFIG_PCIEASPM_POWERSAVE is not set # CONFIG_PCIEASPM_POWER_SUPERSAVE is not set # CONFIG_PCIEASPM_PERFORMANCE is not set CONFIG_PCIE_PME=y # CONFIG_PCIE_DPC is not set # CONFIG_PCIE_PTM is not set CONFIG_PCI_MSI=y CONFIG_PCI_MSI_IRQ_DOMAIN=y CONFIG_PCI_QUIRKS=y CONFIG_PCI_DEBUG=y CONFIG_PCI_STUB=y CONFIG_PCI_ECAM=y # CONFIG_PCI_IOV is not set # CONFIG_PCI_PRI is not set # CONFIG_PCI_PASID is not set # CONFIG_PCI_P2PDMA is not set CONFIG_PCI_LABEL=y # CONFIG_PCIE_BUS_TUNE_OFF is not set CONFIG_PCIE_BUS_DEFAULT=y # CONFIG_PCIE_BUS_SAFE is not set # CONFIG_PCIE_BUS_PERFORMANCE is not set # CONFIG_PCIE_BUS_PEER2PEER is not set CONFIG_VGA_ARB=y CONFIG_VGA_ARB_MAX_GPUS=16 CONFIG_HOTPLUG_PCI=y CONFIG_HOTPLUG_PCI_ACPI=y # CONFIG_HOTPLUG_PCI_ACPI_IBM is not set # CONFIG_HOTPLUG_PCI_CPCI is not set # CONFIG_HOTPLUG_PCI_SHPC is not set # # PCI controller drivers # # CONFIG_PCI_FTPCI100 is not set CONFIG_PCI_HOST_COMMON=y CONFIG_PCI_HOST_GENERIC=y # CONFIG_PCIE_XILINX is not set # CONFIG_PCI_XGENE is not set # CONFIG_PCIE_ALTERA is not set # CONFIG_PCI_HOST_THUNDER_PEM is not set # CONFIG_PCI_HOST_THUNDER_ECAM is not set # CONFIG_PCIE_MICROCHIP_HOST is not set # # DesignWare PCI Core Support # # CONFIG_PCIE_DW_PLAT_HOST is not set # CONFIG_PCI_HISI is not set # CONFIG_PCIE_KIRIN is not set # CONFIG_PCI_MESON is not set # CONFIG_PCIE_AL is not set # end of DesignWare PCI Core Support # # Mobiveil PCIe Core Support # # end of Mobiveil PCIe Core Support # # Cadence PCIe controllers support # # CONFIG_PCIE_CADENCE_PLAT_HOST is not set # CONFIG_PCI_J721E_HOST is not set # end of Cadence PCIe controllers support # end of PCI controller drivers # # PCI Endpoint # # CONFIG_PCI_ENDPOINT is not set # end of PCI Endpoint # # PCI switch controller drivers # # CONFIG_PCI_SW_SWITCHTEC is not set # end of PCI switch controller drivers # CONFIG_CXL_BUS is not set # CONFIG_PCCARD is not set # CONFIG_RAPIDIO is not set # # Generic Driver Options # CONFIG_UEVENT_HELPER=y CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug" CONFIG_DEVTMPFS=y CONFIG_DEVTMPFS_MOUNT=y # CONFIG_DEVTMPFS_SAFE is not set CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y # # Firmware loader # CONFIG_FW_LOADER=y CONFIG_FW_LOADER_PAGED_BUF=y CONFIG_FW_LOADER_SYSFS=y CONFIG_EXTRA_FIRMWARE="" CONFIG_FW_LOADER_USER_HELPER=y # CONFIG_FW_LOADER_USER_HELPER_FALLBACK is not set # CONFIG_FW_LOADER_COMPRESS is not set # CONFIG_FW_CACHE is not set # CONFIG_FW_UPLOAD is not set # end of Firmware loader CONFIG_ALLOW_DEV_COREDUMP=y # CONFIG_DEBUG_DRIVER is not set # CONFIG_DEBUG_DEVRES is not set # CONFIG_DEBUG_TEST_DRIVER_REMOVE is not set CONFIG_GENERIC_CPU_AUTOPROBE=y CONFIG_GENERIC_CPU_VULNERABILITIES=y CONFIG_DMA_SHARED_BUFFER=y # CONFIG_DMA_FENCE_TRACE is not set CONFIG_GENERIC_ARCH_TOPOLOGY=y CONFIG_GENERIC_ARCH_NUMA=y # end of Generic Driver Options # # Bus devices # # CONFIG_BRCMSTB_GISB_ARB is not set # CONFIG_VEXPRESS_CONFIG is not set # CONFIG_MHI_BUS is not set # CONFIG_MHI_BUS_EP is not set # end of Bus devices CONFIG_CONNECTOR=y CONFIG_PROC_EVENTS=y # # Firmware Drivers # # # ARM System Control and Management Interface Protocol # # CONFIG_ARM_SCMI_PROTOCOL is not set # end of ARM System Control and Management Interface Protocol # CONFIG_ARM_SCPI_PROTOCOL is not set CONFIG_FIRMWARE_MEMMAP=y CONFIG_DMIID=y CONFIG_DMI_SYSFS=y # CONFIG_FW_CFG_SYSFS is not set # CONFIG_SYSFB_SIMPLEFB is not set # CONFIG_ARM_FFA_TRANSPORT is not set # CONFIG_GOOGLE_FIRMWARE is not set # # EFI (Extensible Firmware Interface) Support # CONFIG_EFI_ESRT=y CONFIG_EFI_PARAMS_FROM_FDT=y CONFIG_EFI_RUNTIME_WRAPPERS=y CONFIG_EFI_GENERIC_STUB=y # CONFIG_EFI_ZBOOT is not set CONFIG_EFI_ARMSTUB_DTB_LOADER=y CONFIG_EFI_GENERIC_STUB_INITRD_CMDLINE_LOADER=y # CONFIG_EFI_BOOTLOADER_CONTROL is not set # CONFIG_EFI_CAPSULE_LOADER is not set # CONFIG_EFI_TEST is not set # CONFIG_RESET_ATTACK_MITIGATION is not set # CONFIG_EFI_DISABLE_PCI_DMA is not set CONFIG_EFI_EARLYCON=y # CONFIG_EFI_CUSTOM_SSDT_OVERLAYS is not set # CONFIG_EFI_DISABLE_RUNTIME is not set # CONFIG_EFI_COCO_SECRET is not set # end of EFI (Extensible Firmware Interface) Support CONFIG_ARM_PSCI_FW=y # CONFIG_ARM_PSCI_CHECKER is not set CONFIG_HAVE_ARM_SMCCC=y CONFIG_HAVE_ARM_SMCCC_DISCOVERY=y # CONFIG_ARM_SMCCC_SOC_ID is not set # # Tegra firmware driver # # end of Tegra firmware driver # end of Firmware Drivers # CONFIG_GNSS is not set # CONFIG_MTD is not set CONFIG_DTC=y CONFIG_OF=y # CONFIG_OF_UNITTEST is not set CONFIG_OF_FLATTREE=y CONFIG_OF_EARLY_FLATTREE=y CONFIG_OF_KOBJ=y CONFIG_OF_ADDRESS=y CONFIG_OF_IRQ=y CONFIG_OF_RESERVED_MEM=y # CONFIG_OF_OVERLAY is not set CONFIG_OF_NUMA=y # CONFIG_PARPORT is not set CONFIG_PNP=y # CONFIG_PNP_DEBUG_MESSAGES is not set # # Protocols # CONFIG_PNPACPI=y CONFIG_BLK_DEV=y CONFIG_BLK_DEV_NULL_BLK=y # CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set CONFIG_ZRAM=y CONFIG_ZRAM_DEF_COMP_LZORLE=y # CONFIG_ZRAM_DEF_COMP_LZO is not set CONFIG_ZRAM_DEF_COMP="lzo-rle" # CONFIG_ZRAM_WRITEBACK is not set # CONFIG_ZRAM_MEMORY_TRACKING is not set CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 # CONFIG_BLK_DEV_DRBD is not set # CONFIG_BLK_DEV_NBD is not set CONFIG_BLK_DEV_RAM=y CONFIG_BLK_DEV_RAM_COUNT=16 CONFIG_BLK_DEV_RAM_SIZE=16384 # CONFIG_ATA_OVER_ETH is not set CONFIG_VIRTIO_BLK=y # CONFIG_BLK_DEV_RBD is not set # CONFIG_BLK_DEV_UBLK is not set # # NVME Support # # CONFIG_BLK_DEV_NVME is not set # CONFIG_NVME_FC is not set # CONFIG_NVME_TCP is not set # CONFIG_NVME_TARGET is not set # end of NVME Support # # Misc devices # # CONFIG_AD525X_DPOT is not set # CONFIG_DUMMY_IRQ is not set # CONFIG_PHANTOM is not set # CONFIG_TIFM_CORE is not set # CONFIG_ICS932S401 is not set # CONFIG_ENCLOSURE_SERVICES is not set # CONFIG_HP_ILO is not set # CONFIG_APDS9802ALS is not set # CONFIG_ISL29003 is not set # CONFIG_ISL29020 is not set # CONFIG_SENSORS_TSL2550 is not set # CONFIG_SENSORS_BH1770 is not set # CONFIG_SENSORS_APDS990X is not set # CONFIG_HMC6352 is not set # CONFIG_DS1682 is not set # CONFIG_SRAM is not set # CONFIG_DW_XDATA_PCIE is not set # CONFIG_PCI_ENDPOINT_TEST is not set # CONFIG_XILINX_SDFEC is not set # CONFIG_OPEN_DICE is not set # CONFIG_VCPU_STALL_DETECTOR is not set # CONFIG_C2PORT is not set # # EEPROM support # # CONFIG_EEPROM_AT24 is not set # CONFIG_EEPROM_LEGACY is not set # CONFIG_EEPROM_MAX6875 is not set # CONFIG_EEPROM_93CX6 is not set # CONFIG_EEPROM_IDT_89HPESX is not set # CONFIG_EEPROM_EE1004 is not set # end of EEPROM support # CONFIG_CB710_CORE is not set # # Texas Instruments shared transport line discipline # # CONFIG_TI_ST is not set # end of Texas Instruments shared transport line discipline # CONFIG_SENSORS_LIS3_I2C is not set # CONFIG_ALTERA_STAPL is not set # CONFIG_VMWARE_VMCI is not set # CONFIG_GENWQE is not set # CONFIG_ECHO is not set # CONFIG_BCM_VK is not set # CONFIG_MISC_ALCOR_PCI is not set # CONFIG_MISC_RTSX_PCI is not set # CONFIG_HABANA_AI is not set # CONFIG_UACCE is not set # CONFIG_PVPANIC is not set # CONFIG_GP_PCI1XXXX is not set # end of Misc devices # # SCSI device support # CONFIG_SCSI_MOD=y # CONFIG_RAID_ATTRS is not set # CONFIG_SCSI is not set # end of SCSI device support # CONFIG_ATA is not set # CONFIG_MD is not set # CONFIG_TARGET_CORE is not set # CONFIG_FUSION is not set # # IEEE 1394 (FireWire) support # # CONFIG_FIREWIRE is not set # CONFIG_FIREWIRE_NOSY is not set # end of IEEE 1394 (FireWire) support CONFIG_NETDEVICES=y CONFIG_NET_CORE=y # CONFIG_BONDING is not set # CONFIG_DUMMY is not set CONFIG_WIREGUARD=y # CONFIG_WIREGUARD_DEBUG is not set # CONFIG_EQUALIZER is not set # CONFIG_IFB is not set # CONFIG_NET_TEAM is not set CONFIG_MACVLAN=y # CONFIG_MACVTAP is not set CONFIG_IPVLAN_L3S=y CONFIG_IPVLAN=y # CONFIG_IPVTAP is not set CONFIG_VXLAN=y CONFIG_GENEVE=y # CONFIG_BAREUDP is not set # CONFIG_GTP is not set # CONFIG_MACSEC is not set # CONFIG_NETCONSOLE is not set CONFIG_TUN=y # CONFIG_TUN_VNET_CROSS_LE is not set CONFIG_VETH=y CONFIG_VIRTIO_NET=y # CONFIG_NLMON is not set # CONFIG_NET_VRF is not set # CONFIG_ARCNET is not set # CONFIG_ETHERNET is not set # CONFIG_FDDI is not set # CONFIG_HIPPI is not set # CONFIG_NET_SB1000 is not set # CONFIG_PHYLIB is not set # CONFIG_PSE_CONTROLLER is not set # CONFIG_MDIO_DEVICE is not set # # PCS device drivers # # end of PCS device drivers # CONFIG_PPP is not set # CONFIG_SLIP is not set # # Host-side USB support is needed for USB Network Adapter support # # CONFIG_WLAN is not set # CONFIG_WAN is not set # # Wireless WAN # # CONFIG_WWAN is not set # end of Wireless WAN # CONFIG_VMXNET3 is not set # CONFIG_FUJITSU_ES is not set # CONFIG_NETDEVSIM is not set CONFIG_NET_FAILOVER=y # CONFIG_ISDN is not set # # Input device support # CONFIG_INPUT=y CONFIG_INPUT_FF_MEMLESS=y CONFIG_INPUT_SPARSEKMAP=y # CONFIG_INPUT_MATRIXKMAP is not set # # Userland interfaces # CONFIG_INPUT_MOUSEDEV=y CONFIG_INPUT_MOUSEDEV_PSAUX=y CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024 CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768 # CONFIG_INPUT_JOYDEV is not set CONFIG_INPUT_EVDEV=y # CONFIG_INPUT_EVBUG is not set # # Input Device Drivers # CONFIG_INPUT_KEYBOARD=y # CONFIG_KEYBOARD_ADP5588 is not set # CONFIG_KEYBOARD_ADP5589 is not set # CONFIG_KEYBOARD_ATKBD is not set # CONFIG_KEYBOARD_QT1050 is not set # CONFIG_KEYBOARD_QT1070 is not set # CONFIG_KEYBOARD_QT2160 is not set # CONFIG_KEYBOARD_DLINK_DIR685 is not set # CONFIG_KEYBOARD_LKKBD is not set CONFIG_KEYBOARD_GPIO=y CONFIG_KEYBOARD_GPIO_POLLED=y # CONFIG_KEYBOARD_TCA6416 is not set # CONFIG_KEYBOARD_TCA8418 is not set # CONFIG_KEYBOARD_MATRIX is not set # CONFIG_KEYBOARD_LM8333 is not set # CONFIG_KEYBOARD_MAX7359 is not set # CONFIG_KEYBOARD_MCS is not set # CONFIG_KEYBOARD_MPR121 is not set # CONFIG_KEYBOARD_NEWTON is not set # CONFIG_KEYBOARD_OPENCORES is not set # CONFIG_KEYBOARD_SAMSUNG is not set # CONFIG_KEYBOARD_STOWAWAY is not set # CONFIG_KEYBOARD_SUNKBD is not set # CONFIG_KEYBOARD_OMAP4 is not set # CONFIG_KEYBOARD_XTKBD is not set # CONFIG_KEYBOARD_CAP11XX is not set # CONFIG_KEYBOARD_BCM is not set # CONFIG_KEYBOARD_CYPRESS_SF is not set # CONFIG_INPUT_MOUSE is not set # CONFIG_INPUT_JOYSTICK is not set # CONFIG_INPUT_TABLET is not set # CONFIG_INPUT_TOUCHSCREEN is not set CONFIG_INPUT_MISC=y # CONFIG_INPUT_AD714X is not set # CONFIG_INPUT_ATMEL_CAPTOUCH is not set # CONFIG_INPUT_BMA150 is not set # CONFIG_INPUT_E3X0_BUTTON is not set # CONFIG_INPUT_MMA8450 is not set # CONFIG_INPUT_GPIO_BEEPER is not set # CONFIG_INPUT_GPIO_DECODER is not set # CONFIG_INPUT_GPIO_VIBRA is not set # CONFIG_INPUT_KXTJ9 is not set CONFIG_INPUT_UINPUT=y # CONFIG_INPUT_PCF8574 is not set # CONFIG_INPUT_GPIO_ROTARY_ENCODER is not set # CONFIG_INPUT_DA7280_HAPTICS is not set # CONFIG_INPUT_ADXL34X is not set # CONFIG_INPUT_IQS269A is not set # CONFIG_INPUT_IQS626A is not set # CONFIG_INPUT_IQS7222 is not set # CONFIG_INPUT_CMA3000 is not set # CONFIG_INPUT_SOC_BUTTON_ARRAY is not set # CONFIG_INPUT_DRV260X_HAPTICS is not set # CONFIG_INPUT_DRV2665_HAPTICS is not set # CONFIG_INPUT_DRV2667_HAPTICS is not set # CONFIG_RMI4_CORE is not set # # Hardware I/O ports # # CONFIG_SERIO is not set # CONFIG_GAMEPORT is not set # end of Hardware I/O ports # end of Input device support # # Character devices # CONFIG_TTY=y CONFIG_VT=y CONFIG_CONSOLE_TRANSLATIONS=y CONFIG_VT_CONSOLE=y CONFIG_VT_CONSOLE_SLEEP=y CONFIG_HW_CONSOLE=y CONFIG_VT_HW_CONSOLE_BINDING=y CONFIG_UNIX98_PTYS=y # CONFIG_LEGACY_PTYS is not set # CONFIG_LDISC_AUTOLOAD is not set # # Serial drivers # CONFIG_SERIAL_EARLYCON=y CONFIG_SERIAL_8250=y # CONFIG_SERIAL_8250_DEPRECATED_OPTIONS is not set CONFIG_SERIAL_8250_PNP=y # CONFIG_SERIAL_8250_16550A_VARIANTS is not set # CONFIG_SERIAL_8250_FINTEK is not set CONFIG_SERIAL_8250_CONSOLE=y CONFIG_SERIAL_8250_DMA=y CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_EXAR=y CONFIG_SERIAL_8250_NR_UARTS=1 CONFIG_SERIAL_8250_RUNTIME_UARTS=1 # CONFIG_SERIAL_8250_EXTENDED is not set CONFIG_SERIAL_8250_FSL=y # CONFIG_SERIAL_8250_DW is not set # CONFIG_SERIAL_8250_RT288X is not set CONFIG_SERIAL_8250_PERICOM=y CONFIG_SERIAL_OF_PLATFORM=y # # Non-8250 serial port support # # CONFIG_SERIAL_AMBA_PL010 is not set CONFIG_SERIAL_AMBA_PL011=y CONFIG_SERIAL_AMBA_PL011_CONSOLE=y # CONFIG_SERIAL_EARLYCON_ARM_SEMIHOST is not set # CONFIG_SERIAL_UARTLITE is not set CONFIG_SERIAL_CORE=y CONFIG_SERIAL_CORE_CONSOLE=y # CONFIG_SERIAL_JSM is not set # CONFIG_SERIAL_SIFIVE is not set # CONFIG_SERIAL_SCCNXP is not set # CONFIG_SERIAL_SC16IS7XX is not set # CONFIG_SERIAL_ALTERA_JTAGUART is not set # CONFIG_SERIAL_ALTERA_UART is not set # CONFIG_SERIAL_XILINX_PS_UART is not set CONFIG_SERIAL_ARC=y # CONFIG_SERIAL_ARC_CONSOLE is not set CONFIG_SERIAL_ARC_NR_PORTS=1 # CONFIG_SERIAL_RP2 is not set # CONFIG_SERIAL_FSL_LPUART is not set # CONFIG_SERIAL_FSL_LINFLEXUART is not set # CONFIG_SERIAL_CONEXANT_DIGICOLOR is not set # CONFIG_SERIAL_SPRD is not set # end of Serial drivers CONFIG_SERIAL_MCTRL_GPIO=y # CONFIG_SERIAL_NONSTANDARD is not set # CONFIG_N_GSM is not set # CONFIG_NOZOMI is not set # CONFIG_NULL_TTY is not set CONFIG_HVC_DRIVER=y # CONFIG_HVC_DCC is not set CONFIG_SERIAL_DEV_BUS=y CONFIG_SERIAL_DEV_CTRL_TTYPORT=y # CONFIG_TTY_PRINTK is not set CONFIG_VIRTIO_CONSOLE=y # CONFIG_IPMI_HANDLER is not set CONFIG_HW_RANDOM=y # CONFIG_HW_RANDOM_TIMERIOMEM is not set # CONFIG_HW_RANDOM_BA431 is not set CONFIG_HW_RANDOM_VIRTIO=y # CONFIG_HW_RANDOM_CCTRNG is not set # CONFIG_HW_RANDOM_XIPHERA is not set CONFIG_HW_RANDOM_ARM_SMCCC_TRNG=y CONFIG_HW_RANDOM_CN10K=y # CONFIG_APPLICOM is not set CONFIG_DEVMEM=y CONFIG_DEVPORT=y # CONFIG_TCG_TPM is not set # CONFIG_XILLYBUS is not set # CONFIG_RANDOM_TRUST_CPU is not set # CONFIG_RANDOM_TRUST_BOOTLOADER is not set # end of Character devices # # I2C support # CONFIG_I2C=y CONFIG_ACPI_I2C_OPREGION=y CONFIG_I2C_BOARDINFO=y CONFIG_I2C_COMPAT=y # CONFIG_I2C_CHARDEV is not set # CONFIG_I2C_MUX is not set CONFIG_I2C_HELPER_AUTO=y CONFIG_I2C_ALGOBIT=y # # I2C Hardware Bus support # # # PC SMBus host controller drivers # # CONFIG_I2C_ALI1535 is not set # CONFIG_I2C_ALI1563 is not set # CONFIG_I2C_ALI15X3 is not set # CONFIG_I2C_AMD756 is not set # CONFIG_I2C_AMD8111 is not set # CONFIG_I2C_AMD_MP2 is not set # CONFIG_I2C_I801 is not set # CONFIG_I2C_ISCH is not set # CONFIG_I2C_PIIX4 is not set # CONFIG_I2C_NFORCE2 is not set # CONFIG_I2C_NVIDIA_GPU is not set # CONFIG_I2C_SIS5595 is not set # CONFIG_I2C_SIS630 is not set # CONFIG_I2C_SIS96X is not set # CONFIG_I2C_VIA is not set # CONFIG_I2C_VIAPRO is not set # # ACPI drivers # # CONFIG_I2C_SCMI is not set # # I2C system bus drivers (mostly embedded / system-on-chip) # # CONFIG_I2C_CADENCE is not set # CONFIG_I2C_CBUS_GPIO is not set # CONFIG_I2C_DESIGNWARE_PLATFORM is not set # CONFIG_I2C_DESIGNWARE_PCI is not set # CONFIG_I2C_EMEV2 is not set # CONFIG_I2C_GPIO is not set # CONFIG_I2C_HISI is not set # CONFIG_I2C_NOMADIK is not set # CONFIG_I2C_OCORES is not set # CONFIG_I2C_PCA_PLATFORM is not set # CONFIG_I2C_RK3X is not set # CONFIG_I2C_SIMTEC is not set # CONFIG_I2C_THUNDERX is not set # CONFIG_I2C_XILINX is not set # # External I2C/SMBus adapter drivers # # CONFIG_I2C_PCI1XXXX is not set # CONFIG_I2C_TAOS_EVM is not set # # Other I2C/SMBus bus drivers # # CONFIG_I2C_VIRTIO is not set # end of I2C Hardware Bus support # CONFIG_I2C_SLAVE is not set # CONFIG_I2C_DEBUG_CORE is not set # CONFIG_I2C_DEBUG_ALGO is not set # CONFIG_I2C_DEBUG_BUS is not set # end of I2C support # CONFIG_I3C is not set # CONFIG_SPI is not set # CONFIG_SPMI is not set # CONFIG_HSI is not set CONFIG_PPS=y CONFIG_PPS_DEBUG=y # # PPS clients support # CONFIG_PPS_CLIENT_KTIMER=y CONFIG_PPS_CLIENT_LDISC=y CONFIG_PPS_CLIENT_GPIO=y # # PPS generators support # # # PTP clock support # CONFIG_PTP_1588_CLOCK=y CONFIG_PTP_1588_CLOCK_OPTIONAL=y # # Enable PHYLIB and NETWORK_PHY_TIMESTAMPING to see the additional clocks. # CONFIG_PTP_1588_CLOCK_KVM=y # CONFIG_PTP_1588_CLOCK_IDT82P33 is not set # CONFIG_PTP_1588_CLOCK_IDTCM is not set # end of PTP clock support # CONFIG_PINCTRL is not set CONFIG_GPIOLIB=y CONFIG_GPIOLIB_FASTPATH_LIMIT=512 CONFIG_OF_GPIO=y CONFIG_GPIO_ACPI=y CONFIG_GPIOLIB_IRQCHIP=y # CONFIG_DEBUG_GPIO is not set # CONFIG_GPIO_SYSFS is not set # CONFIG_GPIO_CDEV is not set # # Memory mapped GPIO drivers # # CONFIG_GPIO_74XX_MMIO is not set # CONFIG_GPIO_ALTERA is not set # CONFIG_GPIO_AMDPT is not set # CONFIG_GPIO_CADENCE is not set # CONFIG_GPIO_DWAPB is not set # CONFIG_GPIO_EXAR is not set # CONFIG_GPIO_FTGPIO010 is not set # CONFIG_GPIO_GENERIC_PLATFORM is not set # CONFIG_GPIO_GRGPIO is not set # CONFIG_GPIO_HISI is not set # CONFIG_GPIO_HLWD is not set # CONFIG_GPIO_MB86S7X is not set CONFIG_GPIO_PL061=y # CONFIG_GPIO_SIFIVE is not set # CONFIG_GPIO_XGENE is not set # CONFIG_GPIO_XILINX is not set # CONFIG_GPIO_AMD_FCH is not set # end of Memory mapped GPIO drivers # # I2C GPIO expanders # # CONFIG_GPIO_ADNP is not set # CONFIG_GPIO_GW_PLD is not set # CONFIG_GPIO_MAX7300 is not set # CONFIG_GPIO_MAX732X is not set # CONFIG_GPIO_PCA953X is not set # CONFIG_GPIO_PCA9570 is not set # CONFIG_GPIO_PCF857X is not set # CONFIG_GPIO_TPIC2810 is not set # end of I2C GPIO expanders # # MFD GPIO expanders # # end of MFD GPIO expanders # # PCI GPIO expanders # # CONFIG_GPIO_BT8XX is not set # CONFIG_GPIO_PCI_IDIO_16 is not set # CONFIG_GPIO_PCIE_IDIO_24 is not set # CONFIG_GPIO_RDC321X is not set # end of PCI GPIO expanders # # Virtual GPIO drivers # # CONFIG_GPIO_AGGREGATOR is not set # CONFIG_GPIO_MOCKUP is not set CONFIG_GPIO_VIRTIO=y # CONFIG_GPIO_SIM is not set # end of Virtual GPIO drivers # CONFIG_W1 is not set CONFIG_POWER_RESET=y # CONFIG_POWER_RESET_GPIO is not set # CONFIG_POWER_RESET_GPIO_RESTART is not set # CONFIG_POWER_RESET_LTC2952 is not set # CONFIG_POWER_RESET_RESTART is not set # CONFIG_POWER_RESET_XGENE is not set # CONFIG_POWER_RESET_SYSCON is not set # CONFIG_POWER_RESET_SYSCON_POWEROFF is not set # CONFIG_NVMEM_REBOOT_MODE is not set CONFIG_POWER_SUPPLY=y # CONFIG_POWER_SUPPLY_DEBUG is not set # CONFIG_PDA_POWER is not set # CONFIG_IP5XXX_POWER is not set # CONFIG_TEST_POWER is not set # CONFIG_CHARGER_ADP5061 is not set # CONFIG_BATTERY_CW2015 is not set # CONFIG_BATTERY_DS2780 is not set # CONFIG_BATTERY_DS2781 is not set # CONFIG_BATTERY_DS2782 is not set # CONFIG_BATTERY_SAMSUNG_SDI is not set # CONFIG_BATTERY_SBS is not set # CONFIG_CHARGER_SBS is not set # CONFIG_BATTERY_BQ27XXX is not set # CONFIG_BATTERY_MAX17040 is not set # CONFIG_BATTERY_MAX17042 is not set # CONFIG_CHARGER_MAX8903 is not set # CONFIG_CHARGER_LP8727 is not set # CONFIG_CHARGER_GPIO is not set # CONFIG_CHARGER_LT3651 is not set # CONFIG_CHARGER_LTC4162L is not set # CONFIG_CHARGER_DETECTOR_MAX14656 is not set # CONFIG_CHARGER_MAX77976 is not set # CONFIG_CHARGER_BQ2415X is not set # CONFIG_CHARGER_BQ24257 is not set # CONFIG_CHARGER_BQ24735 is not set # CONFIG_CHARGER_BQ2515X is not set # CONFIG_CHARGER_BQ25890 is not set # CONFIG_CHARGER_BQ25980 is not set # CONFIG_CHARGER_BQ256XX is not set # CONFIG_BATTERY_GAUGE_LTC2941 is not set # CONFIG_BATTERY_GOLDFISH is not set # CONFIG_BATTERY_RT5033 is not set # CONFIG_CHARGER_RT9455 is not set # CONFIG_CHARGER_BD99954 is not set # CONFIG_BATTERY_UG3105 is not set # CONFIG_HWMON is not set CONFIG_THERMAL=y # CONFIG_THERMAL_NETLINK is not set # CONFIG_THERMAL_STATISTICS is not set CONFIG_THERMAL_EMERGENCY_POWEROFF_DELAY_MS=0 CONFIG_THERMAL_OF=y CONFIG_THERMAL_WRITABLE_TRIPS=y CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y # CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set # CONFIG_THERMAL_DEFAULT_GOV_USER_SPACE is not set CONFIG_THERMAL_GOV_FAIR_SHARE=y CONFIG_THERMAL_GOV_STEP_WISE=y # CONFIG_THERMAL_GOV_BANG_BANG is not set CONFIG_THERMAL_GOV_USER_SPACE=y # CONFIG_CPU_THERMAL is not set # CONFIG_THERMAL_EMULATION is not set # CONFIG_THERMAL_MMIO is not set CONFIG_WATCHDOG=y CONFIG_WATCHDOG_CORE=y # CONFIG_WATCHDOG_NOWAYOUT is not set CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED=y CONFIG_WATCHDOG_OPEN_TIMEOUT=0 # CONFIG_WATCHDOG_SYSFS is not set # CONFIG_WATCHDOG_HRTIMER_PRETIMEOUT is not set # # Watchdog Pretimeout Governors # # CONFIG_WATCHDOG_PRETIMEOUT_GOV is not set # # Watchdog Device Drivers # # CONFIG_SOFT_WATCHDOG is not set # CONFIG_GPIO_WATCHDOG is not set # CONFIG_WDAT_WDT is not set # CONFIG_XILINX_WATCHDOG is not set # CONFIG_ZIIRAVE_WATCHDOG is not set # CONFIG_ARM_SP805_WATCHDOG is not set # CONFIG_ARM_SBSA_WATCHDOG is not set # CONFIG_CADENCE_WATCHDOG is not set # CONFIG_DW_WATCHDOG is not set # CONFIG_MAX63XX_WATCHDOG is not set # CONFIG_ARM_SMC_WATCHDOG is not set # CONFIG_ALIM7101_WDT is not set # CONFIG_I6300ESB_WDT is not set # CONFIG_HP_WATCHDOG is not set # CONFIG_MEN_A21_WDT is not set # # PCI-based Watchdog Cards # # CONFIG_PCIPCWATCHDOG is not set # CONFIG_WDTPCI is not set CONFIG_SSB_POSSIBLE=y # CONFIG_SSB is not set CONFIG_BCMA_POSSIBLE=y # CONFIG_BCMA is not set # # Multifunction device drivers # # CONFIG_MFD_ACT8945A is not set # CONFIG_MFD_AS3711 is not set # CONFIG_MFD_AS3722 is not set # CONFIG_PMIC_ADP5520 is not set # CONFIG_MFD_AAT2870_CORE is not set # CONFIG_MFD_ATMEL_FLEXCOM is not set # CONFIG_MFD_ATMEL_HLCDC is not set # CONFIG_MFD_BCM590XX is not set # CONFIG_MFD_BD9571MWV is not set # CONFIG_MFD_AXP20X_I2C is not set # CONFIG_MFD_MADERA is not set # CONFIG_PMIC_DA903X is not set # CONFIG_MFD_DA9052_I2C is not set # CONFIG_MFD_DA9055 is not set # CONFIG_MFD_DA9062 is not set # CONFIG_MFD_DA9063 is not set # CONFIG_MFD_DA9150 is not set # CONFIG_MFD_GATEWORKS_GSC is not set # CONFIG_MFD_MC13XXX_I2C is not set # CONFIG_MFD_MP2629 is not set # CONFIG_MFD_HI6421_PMIC is not set # CONFIG_HTC_PASIC3 is not set # CONFIG_HTC_I2CPLD is not set # CONFIG_LPC_ICH is not set # CONFIG_LPC_SCH is not set # CONFIG_MFD_IQS62X is not set # CONFIG_MFD_JANZ_CMODIO is not set # CONFIG_MFD_KEMPLD is not set # CONFIG_MFD_88PM800 is not set # CONFIG_MFD_88PM805 is not set # CONFIG_MFD_88PM860X is not set # CONFIG_MFD_MAX14577 is not set # CONFIG_MFD_MAX77620 is not set # CONFIG_MFD_MAX77650 is not set # CONFIG_MFD_MAX77686 is not set # CONFIG_MFD_MAX77693 is not set # CONFIG_MFD_MAX77714 is not set # CONFIG_MFD_MAX77843 is not set # CONFIG_MFD_MAX8907 is not set # CONFIG_MFD_MAX8925 is not set # CONFIG_MFD_MAX8997 is not set # CONFIG_MFD_MAX8998 is not set # CONFIG_MFD_MT6360 is not set # CONFIG_MFD_MT6370 is not set # CONFIG_MFD_MT6397 is not set # CONFIG_MFD_MENF21BMC is not set # CONFIG_MFD_NTXEC is not set # CONFIG_MFD_RETU is not set # CONFIG_MFD_PCF50633 is not set # CONFIG_MFD_SY7636A is not set # CONFIG_MFD_RDC321X is not set # CONFIG_MFD_RT4831 is not set # CONFIG_MFD_RT5033 is not set # CONFIG_MFD_RT5120 is not set # CONFIG_MFD_RC5T583 is not set # CONFIG_MFD_RK808 is not set # CONFIG_MFD_RN5T618 is not set # CONFIG_MFD_SEC_CORE is not set # CONFIG_MFD_SI476X_CORE is not set # CONFIG_MFD_SM501 is not set # CONFIG_MFD_SKY81452 is not set # CONFIG_MFD_STMPE is not set # CONFIG_MFD_SYSCON is not set # CONFIG_MFD_TI_AM335X_TSCADC is not set # CONFIG_MFD_LP3943 is not set # CONFIG_MFD_LP8788 is not set # CONFIG_MFD_TI_LMU is not set # CONFIG_MFD_PALMAS is not set # CONFIG_TPS6105X is not set # CONFIG_TPS65010 is not set # CONFIG_TPS6507X is not set # CONFIG_MFD_TPS65086 is not set # CONFIG_MFD_TPS65090 is not set # CONFIG_MFD_TPS65217 is not set # CONFIG_MFD_TI_LP873X is not set # CONFIG_MFD_TI_LP87565 is not set # CONFIG_MFD_TPS65218 is not set # CONFIG_MFD_TPS6586X is not set # CONFIG_MFD_TPS65910 is not set # CONFIG_MFD_TPS65912_I2C is not set # CONFIG_TWL4030_CORE is not set # CONFIG_TWL6040_CORE is not set # CONFIG_MFD_WL1273_CORE is not set # CONFIG_MFD_LM3533 is not set # CONFIG_MFD_TC3589X is not set # CONFIG_MFD_TQMX86 is not set # CONFIG_MFD_VX855 is not set # CONFIG_MFD_LOCHNAGAR is not set # CONFIG_MFD_ARIZONA_I2C is not set # CONFIG_MFD_WM8400 is not set # CONFIG_MFD_WM831X_I2C is not set # CONFIG_MFD_WM8350_I2C is not set # CONFIG_MFD_WM8994 is not set # CONFIG_MFD_ROHM_BD718XX is not set # CONFIG_MFD_ROHM_BD71828 is not set # CONFIG_MFD_ROHM_BD957XMUF is not set # CONFIG_MFD_STPMIC1 is not set # CONFIG_MFD_STMFX is not set # CONFIG_MFD_ATC260X_I2C is not set # CONFIG_MFD_QCOM_PM8008 is not set # CONFIG_RAVE_SP_CORE is not set # CONFIG_MFD_RSMU_I2C is not set # end of Multifunction device drivers # CONFIG_REGULATOR is not set # CONFIG_RC_CORE is not set # # CEC support # # CONFIG_MEDIA_CEC_SUPPORT is not set # end of CEC support # CONFIG_MEDIA_SUPPORT is not set # # Graphics support # CONFIG_DRM=y # CONFIG_DRM_DEBUG_MM is not set CONFIG_DRM_KMS_HELPER=y # CONFIG_DRM_DEBUG_DP_MST_TOPOLOGY_REFS is not set # CONFIG_DRM_DEBUG_MODESET_LOCK is not set CONFIG_DRM_FBDEV_EMULATION=y CONFIG_DRM_FBDEV_OVERALLOC=100 # CONFIG_DRM_FBDEV_LEAK_PHYS_SMEM is not set # CONFIG_DRM_LOAD_EDID_FIRMWARE is not set CONFIG_DRM_GEM_SHMEM_HELPER=y # # I2C encoder or helper chips # # CONFIG_DRM_I2C_CH7006 is not set # CONFIG_DRM_I2C_SIL164 is not set # CONFIG_DRM_I2C_NXP_TDA998X is not set # CONFIG_DRM_I2C_NXP_TDA9950 is not set # end of I2C encoder or helper chips # # ARM devices # # CONFIG_DRM_HDLCD is not set # CONFIG_DRM_MALI_DISPLAY is not set # CONFIG_DRM_KOMEDA is not set # end of ARM devices # CONFIG_DRM_RADEON is not set # CONFIG_DRM_AMDGPU is not set # CONFIG_DRM_NOUVEAU is not set # CONFIG_DRM_VGEM is not set # CONFIG_DRM_VKMS is not set # CONFIG_DRM_VMWGFX is not set # CONFIG_DRM_AST is not set # CONFIG_DRM_MGAG200 is not set # CONFIG_DRM_RCAR_DW_HDMI is not set # CONFIG_DRM_RCAR_USE_LVDS is not set # CONFIG_DRM_RCAR_USE_MIPI_DSI is not set # CONFIG_DRM_QXL is not set # CONFIG_DRM_VIRTIO_GPU is not set CONFIG_DRM_PANEL=y # # Display Panels # # CONFIG_DRM_PANEL_LVDS is not set # CONFIG_DRM_PANEL_SIMPLE is not set # CONFIG_DRM_PANEL_EDP is not set # CONFIG_DRM_PANEL_OLIMEX_LCD_OLINUXINO is not set # CONFIG_DRM_PANEL_SAMSUNG_ATNA33XC20 is not set # CONFIG_DRM_PANEL_SAMSUNG_S6E63M0 is not set # CONFIG_DRM_PANEL_SAMSUNG_S6E88A0_AMS452EF01 is not set # CONFIG_DRM_PANEL_SAMSUNG_S6E8AA0 is not set # CONFIG_DRM_PANEL_SEIKO_43WVF1G is not set # end of Display Panels CONFIG_DRM_BRIDGE=y CONFIG_DRM_PANEL_BRIDGE=y # # Display Interface Bridges # # CONFIG_DRM_CDNS_DSI is not set # CONFIG_DRM_CHIPONE_ICN6211 is not set # CONFIG_DRM_CHRONTEL_CH7033 is not set # CONFIG_DRM_DISPLAY_CONNECTOR is not set # CONFIG_DRM_ITE_IT6505 is not set # CONFIG_DRM_LONTIUM_LT8912B is not set # CONFIG_DRM_LONTIUM_LT9211 is not set # CONFIG_DRM_LONTIUM_LT9611 is not set # CONFIG_DRM_LONTIUM_LT9611UXC is not set # CONFIG_DRM_ITE_IT66121 is not set # CONFIG_DRM_LVDS_CODEC is not set # CONFIG_DRM_MEGACHIPS_STDPXXXX_GE_B850V3_FW is not set # CONFIG_DRM_NWL_MIPI_DSI is not set # CONFIG_DRM_NXP_PTN3460 is not set # CONFIG_DRM_PARADE_PS8622 is not set # CONFIG_DRM_PARADE_PS8640 is not set # CONFIG_DRM_SIL_SII8620 is not set # CONFIG_DRM_SII902X is not set # CONFIG_DRM_SII9234 is not set # CONFIG_DRM_SIMPLE_BRIDGE is not set # CONFIG_DRM_THINE_THC63LVD1024 is not set # CONFIG_DRM_TOSHIBA_TC358762 is not set # CONFIG_DRM_TOSHIBA_TC358764 is not set # CONFIG_DRM_TOSHIBA_TC358767 is not set # CONFIG_DRM_TOSHIBA_TC358768 is not set # CONFIG_DRM_TOSHIBA_TC358775 is not set # CONFIG_DRM_TI_DLPC3433 is not set # CONFIG_DRM_TI_TFP410 is not set # CONFIG_DRM_TI_SN65DSI83 is not set # CONFIG_DRM_TI_SN65DSI86 is not set # CONFIG_DRM_TI_TPD12S015 is not set # CONFIG_DRM_ANALOGIX_ANX6345 is not set # CONFIG_DRM_ANALOGIX_ANX78XX is not set # CONFIG_DRM_ANALOGIX_ANX7625 is not set # CONFIG_DRM_I2C_ADV7511 is not set # CONFIG_DRM_CDNS_MHDP8546 is not set # end of Display Interface Bridges # CONFIG_DRM_ETNAVIV is not set # CONFIG_DRM_HISI_HIBMC is not set # CONFIG_DRM_HISI_KIRIN is not set # CONFIG_DRM_LOGICVC is not set # CONFIG_DRM_ARCPGU is not set # CONFIG_DRM_BOCHS is not set # CONFIG_DRM_CIRRUS_QEMU is not set # CONFIG_DRM_SIMPLEDRM is not set # CONFIG_DRM_PL111 is not set # CONFIG_DRM_LIMA is not set # CONFIG_DRM_PANFROST is not set # CONFIG_DRM_TIDSS is not set # CONFIG_DRM_SSD130X is not set # CONFIG_DRM_LEGACY is not set CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y CONFIG_DRM_NOMODESET=y # # Frame buffer Devices # CONFIG_FB_CMDLINE=y CONFIG_FB_NOTIFY=y CONFIG_FB=y # CONFIG_FIRMWARE_EDID is not set CONFIG_FB_CFB_FILLRECT=y CONFIG_FB_CFB_COPYAREA=y CONFIG_FB_CFB_IMAGEBLIT=y CONFIG_FB_SYS_FILLRECT=y CONFIG_FB_SYS_COPYAREA=y CONFIG_FB_SYS_IMAGEBLIT=y # CONFIG_FB_FOREIGN_ENDIAN is not set CONFIG_FB_SYS_FOPS=y CONFIG_FB_DEFERRED_IO=y # CONFIG_FB_MODE_HELPERS is not set # CONFIG_FB_TILEBLITTING is not set # # Frame buffer hardware drivers # # CONFIG_FB_CIRRUS is not set # CONFIG_FB_PM2 is not set # CONFIG_FB_ARMCLCD is not set # CONFIG_FB_CYBER2000 is not set # CONFIG_FB_ASILIANT is not set # CONFIG_FB_IMSTT is not set # CONFIG_FB_UVESA is not set # CONFIG_FB_EFI is not set # CONFIG_FB_OPENCORES is not set # CONFIG_FB_S1D13XXX is not set # CONFIG_FB_NVIDIA is not set # CONFIG_FB_RIVA is not set # CONFIG_FB_I740 is not set # CONFIG_FB_MATROX is not set # CONFIG_FB_RADEON is not set # CONFIG_FB_ATY128 is not set # CONFIG_FB_ATY is not set # CONFIG_FB_S3 is not set # CONFIG_FB_SAVAGE is not set # CONFIG_FB_SIS is not set # CONFIG_FB_NEOMAGIC is not set # CONFIG_FB_KYRO is not set # CONFIG_FB_3DFX is not set # CONFIG_FB_VOODOO1 is not set # CONFIG_FB_VT8623 is not set # CONFIG_FB_TRIDENT is not set # CONFIG_FB_ARK is not set # CONFIG_FB_PM3 is not set # CONFIG_FB_CARMINE is not set # CONFIG_FB_IBM_GXT4500 is not set # CONFIG_FB_VIRTUAL is not set # CONFIG_FB_METRONOME is not set # CONFIG_FB_MB862XX is not set # CONFIG_FB_SIMPLE is not set # CONFIG_FB_SSD1307 is not set # CONFIG_FB_SM712 is not set # end of Frame buffer Devices # # Backlight & LCD device support # CONFIG_LCD_CLASS_DEVICE=y # CONFIG_LCD_PLATFORM is not set CONFIG_BACKLIGHT_CLASS_DEVICE=y # CONFIG_BACKLIGHT_KTD253 is not set # CONFIG_BACKLIGHT_QCOM_WLED is not set # CONFIG_BACKLIGHT_ADP8860 is not set # CONFIG_BACKLIGHT_ADP8870 is not set # CONFIG_BACKLIGHT_LM3639 is not set # CONFIG_BACKLIGHT_GPIO is not set # CONFIG_BACKLIGHT_LV5207LP is not set # CONFIG_BACKLIGHT_BD6107 is not set # CONFIG_BACKLIGHT_ARCXCNN is not set # end of Backlight & LCD device support CONFIG_HDMI=y # # Console display driver support # CONFIG_DUMMY_CONSOLE=y CONFIG_DUMMY_CONSOLE_COLUMNS=80 CONFIG_DUMMY_CONSOLE_ROWS=25 CONFIG_FRAMEBUFFER_CONSOLE=y # CONFIG_FRAMEBUFFER_CONSOLE_LEGACY_ACCELERATION is not set CONFIG_FRAMEBUFFER_CONSOLE_DETECT_PRIMARY=y # CONFIG_FRAMEBUFFER_CONSOLE_ROTATION is not set # CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER is not set # end of Console display driver support # CONFIG_LOGO is not set # end of Graphics support # CONFIG_SOUND is not set # # HID support # CONFIG_HID=y # CONFIG_HID_BATTERY_STRENGTH is not set CONFIG_HIDRAW=y CONFIG_UHID=y CONFIG_HID_GENERIC=y # # Special HID drivers # # CONFIG_HID_A4TECH is not set # CONFIG_HID_ACRUX is not set # CONFIG_HID_AUREAL is not set # CONFIG_HID_BELKIN is not set # CONFIG_HID_CHERRY is not set # CONFIG_HID_COUGAR is not set # CONFIG_HID_MACALLY is not set # CONFIG_HID_CMEDIA is not set # CONFIG_HID_CYPRESS is not set # CONFIG_HID_DRAGONRISE is not set # CONFIG_HID_EMS_FF is not set # CONFIG_HID_ELECOM is not set # CONFIG_HID_EZKEY is not set # CONFIG_HID_GEMBIRD is not set # CONFIG_HID_GFRM is not set # CONFIG_HID_GLORIOUS is not set # CONFIG_HID_VIVALDI is not set # CONFIG_HID_KEYTOUCH is not set # CONFIG_HID_KYE is not set # CONFIG_HID_WALTOP is not set # CONFIG_HID_VIEWSONIC is not set # CONFIG_HID_VRC2 is not set # CONFIG_HID_XIAOMI is not set # CONFIG_HID_GYRATION is not set # CONFIG_HID_ICADE is not set # CONFIG_HID_ITE is not set # CONFIG_HID_JABRA is not set # CONFIG_HID_TWINHAN is not set # CONFIG_HID_KENSINGTON is not set # CONFIG_HID_LCPOWER is not set # CONFIG_HID_LENOVO is not set # CONFIG_HID_MAGICMOUSE is not set # CONFIG_HID_MALTRON is not set # CONFIG_HID_MAYFLASH is not set CONFIG_HID_REDRAGON=y # CONFIG_HID_MICROSOFT is not set # CONFIG_HID_MONTEREY is not set # CONFIG_HID_MULTITOUCH is not set # CONFIG_HID_NTI is not set # CONFIG_HID_ORTEK is not set # CONFIG_HID_PANTHERLORD is not set # CONFIG_HID_PETALYNX is not set # CONFIG_HID_PICOLCD is not set # CONFIG_HID_PLANTRONICS is not set # CONFIG_HID_PXRC is not set # CONFIG_HID_RAZER is not set # CONFIG_HID_PRIMAX is not set # CONFIG_HID_SAITEK is not set # CONFIG_HID_SEMITEK is not set # CONFIG_HID_SPEEDLINK is not set # CONFIG_HID_STEAM is not set # CONFIG_HID_STEELSERIES is not set # CONFIG_HID_SUNPLUS is not set # CONFIG_HID_RMI is not set # CONFIG_HID_GREENASIA is not set # CONFIG_HID_SMARTJOYPLUS is not set # CONFIG_HID_TIVO is not set # CONFIG_HID_TOPSEED is not set # CONFIG_HID_TOPRE is not set # CONFIG_HID_UDRAW_PS3 is not set # CONFIG_HID_XINMO is not set # CONFIG_HID_ZEROPLUS is not set # CONFIG_HID_ZYDACRON is not set # CONFIG_HID_SENSOR_HUB is not set # CONFIG_HID_ALPS is not set # end of Special HID drivers # # I2C HID support # # CONFIG_I2C_HID_ACPI is not set # CONFIG_I2C_HID_OF is not set # CONFIG_I2C_HID_OF_ELAN is not set # CONFIG_I2C_HID_OF_GOODIX is not set # end of I2C HID support # end of HID support CONFIG_USB_OHCI_LITTLE_ENDIAN=y # CONFIG_USB_SUPPORT is not set # CONFIG_MMC is not set # CONFIG_MEMSTICK is not set # CONFIG_NEW_LEDS is not set # CONFIG_ACCESSIBILITY is not set # CONFIG_INFINIBAND is not set CONFIG_EDAC_SUPPORT=y # CONFIG_EDAC is not set CONFIG_RTC_LIB=y CONFIG_RTC_CLASS=y CONFIG_RTC_HCTOSYS=y CONFIG_RTC_HCTOSYS_DEVICE="rtc0" CONFIG_RTC_SYSTOHC=y CONFIG_RTC_SYSTOHC_DEVICE="rtc0" # CONFIG_RTC_DEBUG is not set CONFIG_RTC_NVMEM=y # # RTC interfaces # CONFIG_RTC_INTF_SYSFS=y CONFIG_RTC_INTF_PROC=y CONFIG_RTC_INTF_DEV=y # CONFIG_RTC_INTF_DEV_UIE_EMUL is not set # CONFIG_RTC_DRV_TEST is not set # # I2C RTC drivers # # CONFIG_RTC_DRV_ABB5ZES3 is not set # CONFIG_RTC_DRV_ABEOZ9 is not set # CONFIG_RTC_DRV_ABX80X is not set # CONFIG_RTC_DRV_DS1307 is not set # CONFIG_RTC_DRV_DS1374 is not set # CONFIG_RTC_DRV_DS1672 is not set # CONFIG_RTC_DRV_HYM8563 is not set # CONFIG_RTC_DRV_MAX6900 is not set # CONFIG_RTC_DRV_NCT3018Y is not set # CONFIG_RTC_DRV_RS5C372 is not set # CONFIG_RTC_DRV_ISL1208 is not set # CONFIG_RTC_DRV_ISL12022 is not set # CONFIG_RTC_DRV_ISL12026 is not set # CONFIG_RTC_DRV_X1205 is not set # CONFIG_RTC_DRV_PCF8523 is not set # CONFIG_RTC_DRV_PCF85063 is not set # CONFIG_RTC_DRV_PCF85363 is not set # CONFIG_RTC_DRV_PCF8563 is not set # CONFIG_RTC_DRV_PCF8583 is not set # CONFIG_RTC_DRV_M41T80 is not set # CONFIG_RTC_DRV_BQ32K is not set # CONFIG_RTC_DRV_S35390A is not set # CONFIG_RTC_DRV_FM3130 is not set # CONFIG_RTC_DRV_RX8010 is not set # CONFIG_RTC_DRV_RX8581 is not set # CONFIG_RTC_DRV_RX8025 is not set # CONFIG_RTC_DRV_EM3027 is not set # CONFIG_RTC_DRV_RV3028 is not set # CONFIG_RTC_DRV_RV3032 is not set # CONFIG_RTC_DRV_RV8803 is not set # CONFIG_RTC_DRV_SD3078 is not set # # SPI RTC drivers # CONFIG_RTC_I2C_AND_SPI=y # # SPI and I2C RTC drivers # # CONFIG_RTC_DRV_DS3232 is not set # CONFIG_RTC_DRV_PCF2127 is not set # CONFIG_RTC_DRV_RV3029C2 is not set # CONFIG_RTC_DRV_RX6110 is not set # # Platform RTC drivers # # CONFIG_RTC_DRV_DS1286 is not set # CONFIG_RTC_DRV_DS1511 is not set # CONFIG_RTC_DRV_DS1553 is not set # CONFIG_RTC_DRV_DS1685_FAMILY is not set # CONFIG_RTC_DRV_DS1742 is not set # CONFIG_RTC_DRV_DS2404 is not set # CONFIG_RTC_DRV_EFI is not set # CONFIG_RTC_DRV_STK17TA8 is not set # CONFIG_RTC_DRV_M48T86 is not set # CONFIG_RTC_DRV_M48T35 is not set # CONFIG_RTC_DRV_M48T59 is not set # CONFIG_RTC_DRV_MSM6242 is not set # CONFIG_RTC_DRV_BQ4802 is not set # CONFIG_RTC_DRV_RP5C01 is not set # CONFIG_RTC_DRV_V3020 is not set # CONFIG_RTC_DRV_ZYNQMP is not set # # on-CPU RTC drivers # CONFIG_RTC_DRV_PL030=y CONFIG_RTC_DRV_PL031=y # CONFIG_RTC_DRV_CADENCE is not set # CONFIG_RTC_DRV_FTRTC010 is not set # CONFIG_RTC_DRV_R7301 is not set # # HID Sensor RTC drivers # # CONFIG_RTC_DRV_GOLDFISH is not set CONFIG_DMADEVICES=y # CONFIG_DMADEVICES_DEBUG is not set # # DMA Devices # CONFIG_DMA_ENGINE=y CONFIG_DMA_ACPI=y CONFIG_DMA_OF=y # CONFIG_ALTERA_MSGDMA is not set # CONFIG_AMBA_PL08X is not set # CONFIG_DW_AXI_DMAC is not set # CONFIG_FSL_EDMA is not set # CONFIG_FSL_QDMA is not set # CONFIG_INTEL_IDMA64 is not set # CONFIG_MV_XOR_V2 is not set # CONFIG_PL330_DMA is not set # CONFIG_PLX_DMA is not set # CONFIG_XILINX_DMA is not set # CONFIG_XILINX_ZYNQMP_DMA is not set # CONFIG_XILINX_ZYNQMP_DPDMA is not set # CONFIG_QCOM_HIDMA_MGMT is not set # CONFIG_QCOM_HIDMA is not set # CONFIG_DW_DMAC is not set # CONFIG_DW_DMAC_PCI is not set # CONFIG_DW_EDMA is not set # CONFIG_DW_EDMA_PCIE is not set # CONFIG_SF_PDMA is not set # # DMA Clients # # CONFIG_ASYNC_TX_DMA is not set # CONFIG_DMATEST is not set # # DMABUF options # CONFIG_SYNC_FILE=y # CONFIG_SW_SYNC is not set # CONFIG_UDMABUF is not set # CONFIG_DMABUF_MOVE_NOTIFY is not set # CONFIG_DMABUF_DEBUG is not set # CONFIG_DMABUF_SELFTESTS is not set # CONFIG_DMABUF_HEAPS is not set # CONFIG_DMABUF_SYSFS_STATS is not set # end of DMABUF options # CONFIG_AUXDISPLAY is not set CONFIG_UIO=y # CONFIG_UIO_CIF is not set CONFIG_UIO_PDRV_GENIRQ=y CONFIG_UIO_DMEM_GENIRQ=y # CONFIG_UIO_AEC is not set # CONFIG_UIO_SERCOS3 is not set # CONFIG_UIO_PCI_GENERIC is not set # CONFIG_UIO_NETX is not set # CONFIG_UIO_PRUSS is not set # CONFIG_UIO_MF624 is not set CONFIG_VFIO=y CONFIG_VFIO_IOMMU_TYPE1=y CONFIG_VFIO_VIRQFD=y # CONFIG_VFIO_NOIOMMU is not set CONFIG_VFIO_PCI_CORE=y CONFIG_VFIO_PCI_MMAP=y CONFIG_VFIO_PCI_INTX=y CONFIG_VFIO_PCI=y # CONFIG_VFIO_PLATFORM is not set # CONFIG_VFIO_MDEV is not set # CONFIG_VIRT_DRIVERS is not set CONFIG_VIRTIO_ANCHOR=y CONFIG_VIRTIO=y CONFIG_VIRTIO_PCI_LIB=y CONFIG_VIRTIO_PCI_LIB_LEGACY=y CONFIG_VIRTIO_MENU=y CONFIG_VIRTIO_PCI=y CONFIG_VIRTIO_PCI_LEGACY=y CONFIG_VIRTIO_PMEM=y CONFIG_VIRTIO_BALLOON=y # CONFIG_VIRTIO_MEM is not set CONFIG_VIRTIO_INPUT=y CONFIG_VIRTIO_MMIO=y CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES=y CONFIG_VIRTIO_DMA_SHARED_BUFFER=y # CONFIG_VDPA is not set CONFIG_VHOST_MENU=y # CONFIG_VHOST_NET is not set # CONFIG_VHOST_VSOCK is not set # CONFIG_VHOST_CROSS_ENDIAN_LEGACY is not set # # Microsoft Hyper-V guest support # # CONFIG_HYPERV is not set # end of Microsoft Hyper-V guest support # CONFIG_GREYBUS is not set # CONFIG_COMEDI is not set # CONFIG_STAGING is not set # CONFIG_GOLDFISH is not set # CONFIG_CHROME_PLATFORMS is not set # CONFIG_MELLANOX_PLATFORM is not set # CONFIG_SURFACE_PLATFORMS is not set CONFIG_HAVE_CLK=y CONFIG_HAVE_CLK_PREPARE=y CONFIG_COMMON_CLK=y # # Clock driver for ARM Reference designs # # CONFIG_CLK_ICST is not set # CONFIG_CLK_SP810 is not set # end of Clock driver for ARM Reference designs # CONFIG_COMMON_CLK_MAX9485 is not set # CONFIG_COMMON_CLK_SI5341 is not set # CONFIG_COMMON_CLK_SI5351 is not set # CONFIG_COMMON_CLK_SI514 is not set # CONFIG_COMMON_CLK_SI544 is not set # CONFIG_COMMON_CLK_SI570 is not set # CONFIG_COMMON_CLK_CDCE706 is not set # CONFIG_COMMON_CLK_CDCE925 is not set # CONFIG_COMMON_CLK_CS2000_CP is not set # CONFIG_COMMON_CLK_AXI_CLKGEN is not set # CONFIG_COMMON_CLK_XGENE is not set # CONFIG_COMMON_CLK_RS9_PCIE is not set # CONFIG_COMMON_CLK_VC5 is not set # CONFIG_COMMON_CLK_VC7 is not set # CONFIG_COMMON_CLK_FIXED_MMIO is not set # CONFIG_XILINX_VCU is not set # CONFIG_COMMON_CLK_XLNX_CLKWZRD is not set # CONFIG_HWSPINLOCK is not set # # Clock Source drivers # CONFIG_TIMER_OF=y CONFIG_TIMER_ACPI=y CONFIG_TIMER_PROBE=y CONFIG_ARM_ARCH_TIMER=y CONFIG_ARM_ARCH_TIMER_EVTSTREAM=y CONFIG_ARM_ARCH_TIMER_OOL_WORKAROUND=y CONFIG_FSL_ERRATUM_A008585=y CONFIG_HISILICON_ERRATUM_161010101=y CONFIG_ARM64_ERRATUM_858921=y # CONFIG_MICROCHIP_PIT64B is not set # end of Clock Source drivers CONFIG_MAILBOX=y # CONFIG_ARM_MHU is not set # CONFIG_ARM_MHU_V2 is not set # CONFIG_PLATFORM_MHU is not set # CONFIG_PL320_MBOX is not set CONFIG_PCC=y # CONFIG_ALTERA_MBOX is not set # CONFIG_MAILBOX_TEST is not set CONFIG_IOMMU_IOVA=y CONFIG_IOMMU_API=y CONFIG_IOMMU_SUPPORT=y # # Generic IOMMU Pagetable Support # CONFIG_IOMMU_IO_PGTABLE=y CONFIG_IOMMU_IO_PGTABLE_LPAE=y # CONFIG_IOMMU_IO_PGTABLE_LPAE_SELFTEST is not set # CONFIG_IOMMU_IO_PGTABLE_ARMV7S is not set # CONFIG_IOMMU_IO_PGTABLE_DART is not set # end of Generic IOMMU Pagetable Support # CONFIG_IOMMU_DEBUGFS is not set CONFIG_IOMMU_DEFAULT_DMA_STRICT=y # CONFIG_IOMMU_DEFAULT_DMA_LAZY is not set # CONFIG_IOMMU_DEFAULT_PASSTHROUGH is not set CONFIG_OF_IOMMU=y CONFIG_IOMMU_DMA=y # CONFIG_ARM_SMMU is not set # CONFIG_ARM_SMMU_V3 is not set CONFIG_VIRTIO_IOMMU=y # # Remoteproc drivers # # CONFIG_REMOTEPROC is not set # end of Remoteproc drivers # # Rpmsg drivers # # CONFIG_RPMSG_QCOM_GLINK_RPM is not set # CONFIG_RPMSG_VIRTIO is not set # end of Rpmsg drivers # CONFIG_SOUNDWIRE is not set # # SOC (System On Chip) specific Drivers # # # Amlogic SoC drivers # # end of Amlogic SoC drivers # # Broadcom SoC drivers # # CONFIG_SOC_BRCMSTB is not set # end of Broadcom SoC drivers # # NXP/Freescale QorIQ SoC drivers # # CONFIG_QUICC_ENGINE is not set # CONFIG_FSL_RCPM is not set # end of NXP/Freescale QorIQ SoC drivers # # fujitsu SoC drivers # # CONFIG_A64FX_DIAG is not set # end of fujitsu SoC drivers # # i.MX SoC drivers # # end of i.MX SoC drivers # # Enable LiteX SoC Builder specific drivers # # CONFIG_LITEX_SOC_CONTROLLER is not set # end of Enable LiteX SoC Builder specific drivers # # Qualcomm SoC drivers # # end of Qualcomm SoC drivers # CONFIG_SOC_TI is not set # # Xilinx SoC drivers # # end of Xilinx SoC drivers # end of SOC (System On Chip) specific Drivers # CONFIG_PM_DEVFREQ is not set # CONFIG_EXTCON is not set # CONFIG_MEMORY is not set # CONFIG_IIO is not set # CONFIG_NTB is not set # CONFIG_PWM is not set # # IRQ chip support # CONFIG_IRQCHIP=y CONFIG_ARM_GIC=y CONFIG_ARM_GIC_MAX_NR=1 CONFIG_ARM_GIC_V2M=y CONFIG_ARM_GIC_V3=y CONFIG_ARM_GIC_V3_ITS=y CONFIG_ARM_GIC_V3_ITS_PCI=y # CONFIG_AL_FIC is not set # CONFIG_XILINX_INTC is not set CONFIG_PARTITION_PERCPU=y # end of IRQ chip support # CONFIG_IPACK_BUS is not set # CONFIG_RESET_CONTROLLER is not set # # PHY Subsystem # # CONFIG_GENERIC_PHY is not set # CONFIG_PHY_XGENE is not set # CONFIG_PHY_CAN_TRANSCEIVER is not set # # PHY drivers for Broadcom platforms # # CONFIG_BCM_KONA_USB2_PHY is not set # end of PHY drivers for Broadcom platforms # CONFIG_PHY_CADENCE_TORRENT is not set # CONFIG_PHY_CADENCE_DPHY is not set # CONFIG_PHY_CADENCE_DPHY_RX is not set # CONFIG_PHY_CADENCE_SALVO is not set # CONFIG_PHY_PXA_28NM_HSIC is not set # CONFIG_PHY_PXA_28NM_USB2 is not set # end of PHY Subsystem # CONFIG_POWERCAP is not set # CONFIG_MCB is not set # # Performance monitor support # # CONFIG_ARM_CCI_PMU is not set # CONFIG_ARM_CCN is not set # CONFIG_ARM_CMN is not set CONFIG_ARM_PMU=y CONFIG_ARM_PMU_ACPI=y # CONFIG_ARM_SMMU_V3_PMU is not set # CONFIG_ARM_DSU_PMU is not set # CONFIG_ARM_SPE_PMU is not set # CONFIG_ARM_DMC620_PMU is not set # CONFIG_ALIBABA_UNCORE_DRW_PMU is not set # CONFIG_HISI_PMU is not set # CONFIG_HISI_PCIE_PMU is not set # CONFIG_HNS3_PMU is not set # end of Performance monitor support CONFIG_RAS=y # CONFIG_USB4 is not set # # Android # # CONFIG_ANDROID_BINDER_IPC is not set # end of Android CONFIG_LIBNVDIMM=y CONFIG_BLK_DEV_PMEM=y CONFIG_ND_CLAIM=y CONFIG_ND_BTT=y CONFIG_BTT=y CONFIG_ND_PFN=y CONFIG_NVDIMM_PFN=y CONFIG_NVDIMM_DAX=y CONFIG_OF_PMEM=y CONFIG_DAX=y CONFIG_DEV_DAX=y CONFIG_DEV_DAX_PMEM=y CONFIG_DEV_DAX_KMEM=y CONFIG_NVMEM=y CONFIG_NVMEM_SYSFS=y # CONFIG_NVMEM_RMEM is not set # # HW tracing support # # CONFIG_STM is not set # CONFIG_INTEL_TH is not set # CONFIG_HISI_PTT is not set # end of HW tracing support # CONFIG_FPGA is not set # CONFIG_FSI is not set # CONFIG_TEE is not set # CONFIG_SIOX is not set # CONFIG_SLIMBUS is not set # CONFIG_INTERCONNECT is not set # CONFIG_COUNTER is not set # CONFIG_MOST is not set # CONFIG_PECI is not set # CONFIG_HTE is not set # end of Device Drivers # # File systems # CONFIG_DCACHE_WORD_ACCESS=y # CONFIG_VALIDATE_FS_PARSER is not set CONFIG_FS_IOMAP=y # CONFIG_EXT2_FS is not set # CONFIG_EXT3_FS is not set CONFIG_EXT4_FS=y CONFIG_EXT4_USE_FOR_EXT2=y CONFIG_EXT4_FS_POSIX_ACL=y CONFIG_EXT4_FS_SECURITY=y CONFIG_EXT4_DEBUG=y CONFIG_JBD2=y CONFIG_JBD2_DEBUG=y CONFIG_FS_MBCACHE=y # CONFIG_REISERFS_FS is not set # CONFIG_JFS_FS is not set # CONFIG_XFS_FS is not set # CONFIG_GFS2_FS is not set # CONFIG_OCFS2_FS is not set # CONFIG_BTRFS_FS is not set # CONFIG_NILFS2_FS is not set # CONFIG_F2FS_FS is not set CONFIG_FS_DAX=y CONFIG_FS_DAX_PMD=y CONFIG_FS_POSIX_ACL=y CONFIG_EXPORTFS=y # CONFIG_EXPORTFS_BLOCK_OPS is not set CONFIG_FILE_LOCKING=y CONFIG_FS_ENCRYPTION=y CONFIG_FS_ENCRYPTION_ALGS=y # CONFIG_FS_VERITY is not set CONFIG_FSNOTIFY=y CONFIG_DNOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_FANOTIFY=y # CONFIG_QUOTA is not set CONFIG_AUTOFS4_FS=y CONFIG_AUTOFS_FS=y CONFIG_FUSE_FS=y CONFIG_CUSE=y CONFIG_VIRTIO_FS=y CONFIG_FUSE_DAX=y CONFIG_OVERLAY_FS=y # CONFIG_OVERLAY_FS_REDIRECT_DIR is not set CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW=y # CONFIG_OVERLAY_FS_INDEX is not set # CONFIG_OVERLAY_FS_XINO_AUTO is not set # CONFIG_OVERLAY_FS_METACOPY is not set # # Caches # CONFIG_NETFS_SUPPORT=y # CONFIG_NETFS_STATS is not set CONFIG_FSCACHE=y # CONFIG_FSCACHE_STATS is not set # CONFIG_FSCACHE_DEBUG is not set CONFIG_CACHEFILES=y # CONFIG_CACHEFILES_DEBUG is not set # CONFIG_CACHEFILES_ERROR_INJECTION is not set # CONFIG_CACHEFILES_ONDEMAND is not set # end of Caches # # CD-ROM/DVD Filesystems # CONFIG_ISO9660_FS=y CONFIG_JOLIET=y CONFIG_ZISOFS=y CONFIG_UDF_FS=y # end of CD-ROM/DVD Filesystems # # DOS/FAT/EXFAT/NT Filesystems # CONFIG_FAT_FS=y CONFIG_MSDOS_FS=y CONFIG_VFAT_FS=y CONFIG_FAT_DEFAULT_CODEPAGE=437 CONFIG_FAT_DEFAULT_IOCHARSET="ascii" # CONFIG_FAT_DEFAULT_UTF8 is not set # CONFIG_EXFAT_FS is not set # CONFIG_NTFS_FS is not set # CONFIG_NTFS3_FS is not set # end of DOS/FAT/EXFAT/NT Filesystems # # Pseudo filesystems # CONFIG_PROC_FS=y CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_PROC_CHILDREN=y CONFIG_KERNFS=y CONFIG_SYSFS=y CONFIG_TMPFS=y CONFIG_TMPFS_POSIX_ACL=y CONFIG_TMPFS_XATTR=y # CONFIG_TMPFS_INODE64 is not set CONFIG_ARCH_SUPPORTS_HUGETLBFS=y CONFIG_HUGETLBFS=y CONFIG_HUGETLB_PAGE=y CONFIG_MEMFD_CREATE=y CONFIG_ARCH_HAS_GIGANTIC_PAGE=y CONFIG_CONFIGFS_FS=y CONFIG_EFIVAR_FS=y # end of Pseudo filesystems CONFIG_MISC_FILESYSTEMS=y # CONFIG_ORANGEFS_FS is not set # CONFIG_ADFS_FS is not set # CONFIG_AFFS_FS is not set # CONFIG_ECRYPT_FS is not set # CONFIG_HFS_FS is not set # CONFIG_HFSPLUS_FS is not set # CONFIG_BEFS_FS is not set # CONFIG_BFS_FS is not set # CONFIG_EFS_FS is not set # CONFIG_CRAMFS is not set CONFIG_SQUASHFS=y CONFIG_SQUASHFS_FILE_CACHE=y # CONFIG_SQUASHFS_FILE_DIRECT is not set CONFIG_SQUASHFS_DECOMP_SINGLE=y # CONFIG_SQUASHFS_DECOMP_MULTI is not set # CONFIG_SQUASHFS_DECOMP_MULTI_PERCPU is not set # CONFIG_SQUASHFS_XATTR is not set CONFIG_SQUASHFS_ZLIB=y # CONFIG_SQUASHFS_LZ4 is not set # CONFIG_SQUASHFS_LZO is not set CONFIG_SQUASHFS_XZ=y # CONFIG_SQUASHFS_ZSTD is not set # CONFIG_SQUASHFS_4K_DEVBLK_SIZE is not set # CONFIG_SQUASHFS_EMBEDDED is not set CONFIG_SQUASHFS_FRAGMENT_CACHE_SIZE=3 # CONFIG_VXFS_FS is not set # CONFIG_MINIX_FS is not set # CONFIG_OMFS_FS is not set # CONFIG_HPFS_FS is not set # CONFIG_QNX4FS_FS is not set # CONFIG_QNX6FS_FS is not set # CONFIG_ROMFS_FS is not set # CONFIG_PSTORE is not set # CONFIG_SYSV_FS is not set # CONFIG_UFS_FS is not set # CONFIG_EROFS_FS is not set CONFIG_NETWORK_FILESYSTEMS=y CONFIG_NFS_FS=y CONFIG_NFS_V2=y CONFIG_NFS_V3=y # CONFIG_NFS_V3_ACL is not set CONFIG_NFS_V4=y # CONFIG_NFS_SWAP is not set # CONFIG_NFS_V4_1 is not set # CONFIG_ROOT_NFS is not set # CONFIG_NFS_FSCACHE is not set # CONFIG_NFS_USE_LEGACY_DNS is not set CONFIG_NFS_USE_KERNEL_DNS=y CONFIG_NFS_DISABLE_UDP_SUPPORT=y CONFIG_NFSD=y # CONFIG_NFSD_V3_ACL is not set CONFIG_NFSD_V4=y # CONFIG_NFSD_BLOCKLAYOUT is not set # CONFIG_NFSD_SCSILAYOUT is not set # CONFIG_NFSD_FLEXFILELAYOUT is not set CONFIG_GRACE_PERIOD=y CONFIG_LOCKD=y CONFIG_LOCKD_V4=y CONFIG_NFS_COMMON=y CONFIG_SUNRPC=y CONFIG_SUNRPC_GSS=y CONFIG_RPCSEC_GSS_KRB5=y # CONFIG_SUNRPC_DISABLE_INSECURE_ENCTYPES is not set # CONFIG_SUNRPC_DEBUG is not set # CONFIG_CEPH_FS is not set # CONFIG_CIFS is not set # CONFIG_SMB_SERVER is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set CONFIG_NLS=y CONFIG_NLS_DEFAULT="utf8" CONFIG_NLS_CODEPAGE_437=y CONFIG_NLS_CODEPAGE_737=y CONFIG_NLS_CODEPAGE_775=y CONFIG_NLS_CODEPAGE_850=y CONFIG_NLS_CODEPAGE_852=y CONFIG_NLS_CODEPAGE_855=y CONFIG_NLS_CODEPAGE_857=y CONFIG_NLS_CODEPAGE_860=y CONFIG_NLS_CODEPAGE_861=y CONFIG_NLS_CODEPAGE_862=y CONFIG_NLS_CODEPAGE_863=y CONFIG_NLS_CODEPAGE_864=y CONFIG_NLS_CODEPAGE_865=y CONFIG_NLS_CODEPAGE_866=y CONFIG_NLS_CODEPAGE_869=y CONFIG_NLS_CODEPAGE_936=y CONFIG_NLS_CODEPAGE_950=y CONFIG_NLS_CODEPAGE_932=y CONFIG_NLS_CODEPAGE_949=y CONFIG_NLS_CODEPAGE_874=y CONFIG_NLS_ISO8859_8=y CONFIG_NLS_CODEPAGE_1250=y CONFIG_NLS_CODEPAGE_1251=y CONFIG_NLS_ASCII=y CONFIG_NLS_ISO8859_1=y CONFIG_NLS_ISO8859_2=y CONFIG_NLS_ISO8859_3=y CONFIG_NLS_ISO8859_4=y CONFIG_NLS_ISO8859_5=y CONFIG_NLS_ISO8859_6=y CONFIG_NLS_ISO8859_7=y CONFIG_NLS_ISO8859_9=y CONFIG_NLS_ISO8859_13=y CONFIG_NLS_ISO8859_14=y CONFIG_NLS_ISO8859_15=y CONFIG_NLS_KOI8_R=y CONFIG_NLS_KOI8_U=y CONFIG_NLS_MAC_ROMAN=y CONFIG_NLS_MAC_CELTIC=y CONFIG_NLS_MAC_CENTEURO=y CONFIG_NLS_MAC_CROATIAN=y CONFIG_NLS_MAC_CYRILLIC=y CONFIG_NLS_MAC_GAELIC=y CONFIG_NLS_MAC_GREEK=y CONFIG_NLS_MAC_ICELAND=y CONFIG_NLS_MAC_INUIT=y CONFIG_NLS_MAC_ROMANIAN=y CONFIG_NLS_MAC_TURKISH=y CONFIG_NLS_UTF8=y # CONFIG_DLM is not set # CONFIG_UNICODE is not set CONFIG_IO_WQ=y # end of File systems # # Security options # CONFIG_KEYS=y # CONFIG_KEYS_REQUEST_CACHE is not set CONFIG_PERSISTENT_KEYRINGS=y # CONFIG_BIG_KEYS is not set # CONFIG_TRUSTED_KEYS is not set # CONFIG_ENCRYPTED_KEYS is not set # CONFIG_KEY_DH_OPERATIONS is not set # CONFIG_SECURITY_DMESG_RESTRICT is not set # CONFIG_SECURITY is not set CONFIG_SECURITYFS=y CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y # CONFIG_HARDENED_USERCOPY is not set CONFIG_FORTIFY_SOURCE=y # CONFIG_STATIC_USERMODEHELPER is not set # CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT is not set CONFIG_DEFAULT_SECURITY_DAC=y CONFIG_LSM="yama,loadpin,safesetid,integrity" # # Kernel hardening options # # # Memory initialization # CONFIG_INIT_STACK_NONE=y # CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set # CONFIG_INIT_ON_FREE_DEFAULT_ON is not set # end of Memory initialization CONFIG_RANDSTRUCT_NONE=y # end of Kernel hardening options # end of Security options CONFIG_CRYPTO=y # # Crypto core or helper # # CONFIG_CRYPTO_FIPS is not set CONFIG_CRYPTO_ALGAPI=y CONFIG_CRYPTO_ALGAPI2=y CONFIG_CRYPTO_AEAD=y CONFIG_CRYPTO_AEAD2=y CONFIG_CRYPTO_SKCIPHER=y CONFIG_CRYPTO_SKCIPHER2=y CONFIG_CRYPTO_HASH=y CONFIG_CRYPTO_HASH2=y CONFIG_CRYPTO_RNG=y CONFIG_CRYPTO_RNG2=y CONFIG_CRYPTO_RNG_DEFAULT=y CONFIG_CRYPTO_AKCIPHER2=y CONFIG_CRYPTO_AKCIPHER=y CONFIG_CRYPTO_KPP2=y CONFIG_CRYPTO_ACOMP2=y CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_USER is not set # CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set # CONFIG_CRYPTO_MANAGER_EXTRA_TESTS is not set CONFIG_CRYPTO_GF128MUL=y CONFIG_CRYPTO_NULL=y CONFIG_CRYPTO_NULL2=y # CONFIG_CRYPTO_PCRYPT is not set CONFIG_CRYPTO_CRYPTD=y CONFIG_CRYPTO_AUTHENC=y # CONFIG_CRYPTO_TEST is not set # end of Crypto core or helper # # Public-key cryptography # # CONFIG_CRYPTO_RSA is not set # CONFIG_CRYPTO_DH is not set CONFIG_CRYPTO_ECC=y # CONFIG_CRYPTO_ECDH is not set CONFIG_CRYPTO_ECDSA=y # CONFIG_CRYPTO_ECRDSA is not set # CONFIG_CRYPTO_SM2 is not set # CONFIG_CRYPTO_CURVE25519 is not set # end of Public-key cryptography # # Block ciphers # CONFIG_CRYPTO_AES=y # CONFIG_CRYPTO_AES_TI is not set # CONFIG_CRYPTO_ARIA is not set # CONFIG_CRYPTO_BLOWFISH is not set # CONFIG_CRYPTO_CAMELLIA is not set # CONFIG_CRYPTO_CAST5 is not set # CONFIG_CRYPTO_CAST6 is not set CONFIG_CRYPTO_DES=y # CONFIG_CRYPTO_FCRYPT is not set # CONFIG_CRYPTO_SERPENT is not set # CONFIG_CRYPTO_SM4_GENERIC is not set # CONFIG_CRYPTO_TWOFISH is not set # end of Block ciphers # # Length-preserving ciphers and modes # # CONFIG_CRYPTO_ADIANTUM is not set # CONFIG_CRYPTO_CHACHA20 is not set CONFIG_CRYPTO_CBC=y # CONFIG_CRYPTO_CFB is not set CONFIG_CRYPTO_CTR=y CONFIG_CRYPTO_CTS=y CONFIG_CRYPTO_ECB=y # CONFIG_CRYPTO_HCTR2 is not set # CONFIG_CRYPTO_KEYWRAP is not set CONFIG_CRYPTO_LRW=y # CONFIG_CRYPTO_OFB is not set CONFIG_CRYPTO_PCBC=y CONFIG_CRYPTO_XTS=y # end of Length-preserving ciphers and modes # # AEAD (authenticated encryption with associated data) ciphers # # CONFIG_CRYPTO_AEGIS128 is not set # CONFIG_CRYPTO_CHACHA20POLY1305 is not set # CONFIG_CRYPTO_CCM is not set CONFIG_CRYPTO_GCM=y CONFIG_CRYPTO_SEQIV=y CONFIG_CRYPTO_ECHAINIV=y # CONFIG_CRYPTO_ESSIV is not set # end of AEAD (authenticated encryption with associated data) ciphers # # Hashes, digests, and MACs # # CONFIG_CRYPTO_BLAKE2B is not set CONFIG_CRYPTO_CMAC=y CONFIG_CRYPTO_GHASH=y CONFIG_CRYPTO_HMAC=y # CONFIG_CRYPTO_MD4 is not set CONFIG_CRYPTO_MD5=y # CONFIG_CRYPTO_MICHAEL_MIC is not set CONFIG_CRYPTO_POLY1305=y # CONFIG_CRYPTO_RMD160 is not set CONFIG_CRYPTO_SHA1=y CONFIG_CRYPTO_SHA256=y CONFIG_CRYPTO_SHA512=y # CONFIG_CRYPTO_SHA3 is not set # CONFIG_CRYPTO_SM3_GENERIC is not set # CONFIG_CRYPTO_STREEBOG is not set # CONFIG_CRYPTO_VMAC is not set # CONFIG_CRYPTO_WP512 is not set # CONFIG_CRYPTO_XCBC is not set # CONFIG_CRYPTO_XXHASH is not set # end of Hashes, digests, and MACs # # CRCs (cyclic redundancy checks) # CONFIG_CRYPTO_CRC32C=y # CONFIG_CRYPTO_CRC32 is not set CONFIG_CRYPTO_CRCT10DIF=y # end of CRCs (cyclic redundancy checks) # # Compression # CONFIG_CRYPTO_DEFLATE=y CONFIG_CRYPTO_LZO=y # CONFIG_CRYPTO_842 is not set # CONFIG_CRYPTO_LZ4 is not set # CONFIG_CRYPTO_LZ4HC is not set # CONFIG_CRYPTO_ZSTD is not set # end of Compression # # Random number generation # # CONFIG_CRYPTO_ANSI_CPRNG is not set CONFIG_CRYPTO_DRBG_MENU=y CONFIG_CRYPTO_DRBG_HMAC=y CONFIG_CRYPTO_DRBG_HASH=y CONFIG_CRYPTO_DRBG_CTR=y CONFIG_CRYPTO_DRBG=y CONFIG_CRYPTO_JITTERENTROPY=y # end of Random number generation # # Userspace interface # CONFIG_CRYPTO_USER_API=y # CONFIG_CRYPTO_USER_API_HASH is not set # CONFIG_CRYPTO_USER_API_SKCIPHER is not set CONFIG_CRYPTO_USER_API_RNG=y # CONFIG_CRYPTO_USER_API_RNG_CAVP is not set # CONFIG_CRYPTO_USER_API_AEAD is not set # CONFIG_CRYPTO_USER_API_ENABLE_OBSOLETE is not set # end of Userspace interface # CONFIG_CRYPTO_NHPOLY1305_NEON is not set CONFIG_CRYPTO_CHACHA20_NEON=y # # Accelerated Cryptographic Algorithms for CPU (arm64) # # CONFIG_CRYPTO_GHASH_ARM64_CE is not set CONFIG_CRYPTO_POLY1305_NEON=y # CONFIG_CRYPTO_SHA1_ARM64_CE is not set # CONFIG_CRYPTO_SHA256_ARM64 is not set # CONFIG_CRYPTO_SHA2_ARM64_CE is not set # CONFIG_CRYPTO_SHA512_ARM64 is not set # CONFIG_CRYPTO_SHA512_ARM64_CE is not set # CONFIG_CRYPTO_SHA3_ARM64 is not set # CONFIG_CRYPTO_SM3_NEON is not set # CONFIG_CRYPTO_SM3_ARM64_CE is not set # CONFIG_CRYPTO_POLYVAL_ARM64_CE is not set # CONFIG_CRYPTO_AES_ARM64 is not set # CONFIG_CRYPTO_AES_ARM64_CE is not set # CONFIG_CRYPTO_AES_ARM64_CE_BLK is not set # CONFIG_CRYPTO_AES_ARM64_NEON_BLK is not set # CONFIG_CRYPTO_AES_ARM64_BS is not set # CONFIG_CRYPTO_SM4_ARM64_CE is not set # CONFIG_CRYPTO_SM4_ARM64_CE_BLK is not set # CONFIG_CRYPTO_SM4_ARM64_NEON_BLK is not set # CONFIG_CRYPTO_AES_ARM64_CE_CCM is not set # CONFIG_CRYPTO_CRCT10DIF_ARM64_CE is not set # end of Accelerated Cryptographic Algorithms for CPU (arm64) # CONFIG_CRYPTO_HW is not set # CONFIG_ASYMMETRIC_KEY_TYPE is not set # # Certificates for signature checking # CONFIG_SYSTEM_BLACKLIST_KEYRING=y CONFIG_SYSTEM_BLACKLIST_HASH_LIST="" # end of Certificates for signature checking CONFIG_BINARY_PRINTF=y # # Library routines # # CONFIG_PACKING is not set CONFIG_BITREVERSE=y CONFIG_HAVE_ARCH_BITREVERSE=y CONFIG_GENERIC_STRNCPY_FROM_USER=y CONFIG_GENERIC_STRNLEN_USER=y CONFIG_GENERIC_NET_UTILS=y # CONFIG_CORDIC is not set # CONFIG_PRIME_NUMBERS is not set CONFIG_RATIONAL=y CONFIG_GENERIC_PCI_IOMAP=y CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y CONFIG_ARCH_HAS_FAST_MULTIPLIER=y CONFIG_ARCH_USE_SYM_ANNOTATIONS=y # CONFIG_INDIRECT_PIO is not set # # Crypto library routines # CONFIG_CRYPTO_LIB_UTILS=y CONFIG_CRYPTO_LIB_AES=y CONFIG_CRYPTO_LIB_BLAKE2S_GENERIC=y CONFIG_CRYPTO_ARCH_HAVE_LIB_CHACHA=y CONFIG_CRYPTO_LIB_CHACHA_GENERIC=y CONFIG_CRYPTO_LIB_CHACHA=y CONFIG_CRYPTO_LIB_CURVE25519_GENERIC=y CONFIG_CRYPTO_LIB_CURVE25519=y CONFIG_CRYPTO_LIB_DES=y CONFIG_CRYPTO_LIB_POLY1305_RSIZE=9 CONFIG_CRYPTO_ARCH_HAVE_LIB_POLY1305=y CONFIG_CRYPTO_LIB_POLY1305_GENERIC=y CONFIG_CRYPTO_LIB_POLY1305=y CONFIG_CRYPTO_LIB_CHACHA20POLY1305=y CONFIG_CRYPTO_LIB_SHA1=y CONFIG_CRYPTO_LIB_SHA256=y # end of Crypto library routines CONFIG_CRC_CCITT=y CONFIG_CRC16=y CONFIG_CRC_T10DIF=y # CONFIG_CRC64_ROCKSOFT is not set CONFIG_CRC_ITU_T=y CONFIG_CRC32=y # CONFIG_CRC32_SELFTEST is not set CONFIG_CRC32_SLICEBY8=y # CONFIG_CRC32_SLICEBY4 is not set # CONFIG_CRC32_SARWATE is not set # CONFIG_CRC32_BIT is not set # CONFIG_CRC64 is not set # CONFIG_CRC4 is not set # CONFIG_CRC7 is not set CONFIG_LIBCRC32C=y # CONFIG_CRC8 is not set CONFIG_XXHASH=y CONFIG_AUDIT_GENERIC=y CONFIG_AUDIT_ARCH_COMPAT_GENERIC=y # CONFIG_RANDOM32_SELFTEST is not set CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_LZO_COMPRESS=y CONFIG_LZO_DECOMPRESS=y CONFIG_LZ4_DECOMPRESS=y CONFIG_XZ_DEC=y CONFIG_XZ_DEC_X86=y CONFIG_XZ_DEC_POWERPC=y CONFIG_XZ_DEC_IA64=y CONFIG_XZ_DEC_ARM=y CONFIG_XZ_DEC_ARMTHUMB=y CONFIG_XZ_DEC_SPARC=y # CONFIG_XZ_DEC_MICROLZMA is not set CONFIG_XZ_DEC_BCJ=y # CONFIG_XZ_DEC_TEST is not set CONFIG_DECOMPRESS_GZIP=y CONFIG_DECOMPRESS_BZIP2=y CONFIG_DECOMPRESS_LZMA=y CONFIG_DECOMPRESS_XZ=y CONFIG_DECOMPRESS_LZO=y CONFIG_DECOMPRESS_LZ4=y CONFIG_GENERIC_ALLOCATOR=y CONFIG_TEXTSEARCH=y CONFIG_TEXTSEARCH_KMP=y CONFIG_TEXTSEARCH_BM=y CONFIG_TEXTSEARCH_FSM=y CONFIG_INTERVAL_TREE=y CONFIG_XARRAY_MULTI=y CONFIG_ASSOCIATIVE_ARRAY=y CONFIG_HAS_IOMEM=y CONFIG_HAS_IOPORT_MAP=y CONFIG_HAS_DMA=y CONFIG_DMA_OPS=y CONFIG_NEED_SG_DMA_LENGTH=y CONFIG_NEED_DMA_MAP_STATE=y CONFIG_ARCH_DMA_ADDR_T_64BIT=y CONFIG_DMA_DECLARE_COHERENT=y CONFIG_ARCH_HAS_SETUP_DMA_OPS=y CONFIG_ARCH_HAS_TEARDOWN_DMA_OPS=y CONFIG_ARCH_HAS_SYNC_DMA_FOR_DEVICE=y CONFIG_ARCH_HAS_SYNC_DMA_FOR_CPU=y CONFIG_ARCH_HAS_DMA_PREP_COHERENT=y CONFIG_SWIOTLB=y # CONFIG_DMA_RESTRICTED_POOL is not set CONFIG_DMA_NONCOHERENT_MMAP=y CONFIG_DMA_COHERENT_POOL=y CONFIG_DMA_DIRECT_REMAP=y # CONFIG_DMA_API_DEBUG is not set # CONFIG_DMA_MAP_BENCHMARK is not set CONFIG_SGL_ALLOC=y # CONFIG_FORCE_NR_CPUS is not set CONFIG_CPU_RMAP=y CONFIG_DQL=y CONFIG_NLATTR=y CONFIG_IRQ_POLL=y CONFIG_LIBFDT=y CONFIG_OID_REGISTRY=y CONFIG_UCS2_STRING=y CONFIG_HAVE_GENERIC_VDSO=y CONFIG_GENERIC_GETTIMEOFDAY=y CONFIG_GENERIC_VDSO_TIME_NS=y CONFIG_FONT_SUPPORT=y # CONFIG_FONTS is not set CONFIG_FONT_8x8=y CONFIG_FONT_8x16=y CONFIG_SG_POOL=y CONFIG_MEMREGION=y CONFIG_ARCH_STACKWALK=y CONFIG_STACKDEPOT=y CONFIG_SBITMAP=y # end of Library routines CONFIG_GENERIC_IOREMAP=y CONFIG_GENERIC_LIB_DEVMEM_IS_ALLOWED=y # # Kernel hacking # # # printk and dmesg options # CONFIG_PRINTK_TIME=y # CONFIG_PRINTK_CALLER is not set # CONFIG_STACKTRACE_BUILD_ID is not set CONFIG_CONSOLE_LOGLEVEL_DEFAULT=7 CONFIG_CONSOLE_LOGLEVEL_QUIET=4 CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4 # CONFIG_BOOT_PRINTK_DELAY is not set CONFIG_DYNAMIC_DEBUG=y CONFIG_DYNAMIC_DEBUG_CORE=y CONFIG_SYMBOLIC_ERRNAME=y # CONFIG_DEBUG_BUGVERBOSE is not set # end of printk and dmesg options CONFIG_DEBUG_KERNEL=y CONFIG_DEBUG_MISC=y # # Compile-time checks and compiler options # CONFIG_AS_HAS_NON_CONST_LEB128=y CONFIG_DEBUG_INFO_NONE=y # CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT is not set # CONFIG_DEBUG_INFO_DWARF4 is not set # CONFIG_DEBUG_INFO_DWARF5 is not set CONFIG_FRAME_WARN=2048 CONFIG_STRIP_ASM_SYMS=y # CONFIG_READABLE_ASM is not set # CONFIG_HEADERS_INSTALL is not set CONFIG_DEBUG_SECTION_MISMATCH=y CONFIG_SECTION_MISMATCH_WARN_ONLY=y # CONFIG_DEBUG_FORCE_FUNCTION_ALIGN_64B is not set CONFIG_ARCH_WANT_FRAME_POINTERS=y CONFIG_FRAME_POINTER=y CONFIG_VMLINUX_MAP=y # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set # end of Compile-time checks and compiler options # # Generic Kernel Debugging Instruments # CONFIG_MAGIC_SYSRQ=y CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x1 CONFIG_MAGIC_SYSRQ_SERIAL=y CONFIG_MAGIC_SYSRQ_SERIAL_SEQUENCE="" CONFIG_DEBUG_FS=y CONFIG_DEBUG_FS_ALLOW_ALL=y # CONFIG_DEBUG_FS_DISALLOW_MOUNT is not set # CONFIG_DEBUG_FS_ALLOW_NONE is not set CONFIG_HAVE_ARCH_KGDB=y # CONFIG_KGDB is not set CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=y # CONFIG_UBSAN is not set CONFIG_HAVE_ARCH_KCSAN=y # end of Generic Kernel Debugging Instruments # # Networking Debugging # # CONFIG_NET_DEV_REFCNT_TRACKER is not set # CONFIG_NET_NS_REFCNT_TRACKER is not set # CONFIG_DEBUG_NET is not set # end of Networking Debugging # # Memory Debugging # # CONFIG_PAGE_EXTENSION is not set # CONFIG_DEBUG_PAGEALLOC is not set CONFIG_SLUB_DEBUG=y # CONFIG_SLUB_DEBUG_ON is not set # CONFIG_PAGE_OWNER is not set # CONFIG_PAGE_TABLE_CHECK is not set # CONFIG_PAGE_POISONING is not set # CONFIG_DEBUG_RODATA_TEST is not set CONFIG_ARCH_HAS_DEBUG_WX=y # CONFIG_DEBUG_WX is not set CONFIG_GENERIC_PTDUMP=y # CONFIG_PTDUMP_DEBUGFS is not set # CONFIG_DEBUG_OBJECTS is not set # CONFIG_SHRINKER_DEBUG is not set CONFIG_HAVE_DEBUG_KMEMLEAK=y # CONFIG_DEBUG_KMEMLEAK is not set # CONFIG_DEBUG_STACK_USAGE is not set # CONFIG_SCHED_STACK_END_CHECK is not set CONFIG_ARCH_HAS_DEBUG_VM_PGTABLE=y # CONFIG_DEBUG_VM is not set # CONFIG_DEBUG_VM_PGTABLE is not set CONFIG_ARCH_HAS_DEBUG_VIRTUAL=y # CONFIG_DEBUG_VIRTUAL is not set CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_DEBUG_PER_CPU_MAPS is not set CONFIG_HAVE_ARCH_KASAN=y CONFIG_HAVE_ARCH_KASAN_SW_TAGS=y CONFIG_HAVE_ARCH_KASAN_HW_TAGS=y CONFIG_HAVE_ARCH_KASAN_VMALLOC=y CONFIG_CC_HAS_KASAN_GENERIC=y CONFIG_CC_HAS_WORKING_NOSANITIZE_ADDRESS=y # CONFIG_KASAN is not set CONFIG_HAVE_ARCH_KFENCE=y # CONFIG_KFENCE is not set # end of Memory Debugging # CONFIG_DEBUG_SHIRQ is not set # # Debug Oops, Lockups and Hangs # # CONFIG_PANIC_ON_OOPS is not set CONFIG_PANIC_ON_OOPS_VALUE=0 CONFIG_PANIC_TIMEOUT=0 # CONFIG_SOFTLOCKUP_DETECTOR is not set # CONFIG_DETECT_HUNG_TASK is not set # CONFIG_WQ_WATCHDOG is not set # end of Debug Oops, Lockups and Hangs # # Scheduler Debugging # # CONFIG_SCHED_DEBUG is not set CONFIG_SCHED_INFO=y # CONFIG_SCHEDSTATS is not set # end of Scheduler Debugging # CONFIG_DEBUG_TIMEKEEPING is not set # # Lock Debugging (spinlocks, mutexes, etc...) # CONFIG_LOCK_DEBUGGING_SUPPORT=y # CONFIG_PROVE_LOCKING is not set # CONFIG_LOCK_STAT is not set # CONFIG_DEBUG_RT_MUTEXES is not set # CONFIG_DEBUG_SPINLOCK is not set # CONFIG_DEBUG_MUTEXES is not set # CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set # CONFIG_DEBUG_RWSEMS is not set # CONFIG_DEBUG_LOCK_ALLOC is not set # CONFIG_DEBUG_ATOMIC_SLEEP is not set # CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set # CONFIG_LOCK_TORTURE_TEST is not set # CONFIG_WW_MUTEX_SELFTEST is not set # CONFIG_SCF_TORTURE_TEST is not set # CONFIG_CSD_LOCK_WAIT_DEBUG is not set # end of Lock Debugging (spinlocks, mutexes, etc...) # CONFIG_DEBUG_IRQFLAGS is not set CONFIG_STACKTRACE=y # CONFIG_WARN_ALL_UNSEEDED_RANDOM is not set # CONFIG_DEBUG_KOBJECT is not set # # Debug kernel data structures # CONFIG_DEBUG_LIST=y # CONFIG_DEBUG_PLIST is not set # CONFIG_DEBUG_SG is not set # CONFIG_DEBUG_NOTIFIERS is not set CONFIG_BUG_ON_DATA_CORRUPTION=y # CONFIG_DEBUG_MAPLE_TREE is not set # end of Debug kernel data structures # CONFIG_DEBUG_CREDENTIALS is not set # # RCU Debugging # # CONFIG_RCU_SCALE_TEST is not set # CONFIG_RCU_TORTURE_TEST is not set # CONFIG_RCU_REF_SCALE_TEST is not set CONFIG_RCU_CPU_STALL_TIMEOUT=59 CONFIG_RCU_EXP_CPU_STALL_TIMEOUT=0 # CONFIG_RCU_TRACE is not set # CONFIG_RCU_EQS_DEBUG is not set # end of RCU Debugging # CONFIG_DEBUG_WQ_FORCE_RR_CPU is not set # CONFIG_CPU_HOTPLUG_STATE_CONTROL is not set # CONFIG_LATENCYTOP is not set CONFIG_HAVE_FUNCTION_TRACER=y CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y CONFIG_HAVE_DYNAMIC_FTRACE=y CONFIG_HAVE_DYNAMIC_FTRACE_WITH_REGS=y CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y CONFIG_HAVE_SYSCALL_TRACEPOINTS=y CONFIG_HAVE_C_RECORDMCOUNT=y CONFIG_TRACING_SUPPORT=y # CONFIG_FTRACE is not set # CONFIG_SAMPLES is not set CONFIG_STRICT_DEVMEM=y # CONFIG_IO_STRICT_DEVMEM is not set # # arm64 Debugging # # CONFIG_PID_IN_CONTEXTIDR is not set # CONFIG_CORESIGHT is not set # end of arm64 Debugging # # Kernel Testing and Coverage # # CONFIG_KUNIT is not set # CONFIG_NOTIFIER_ERROR_INJECTION is not set # CONFIG_FAULT_INJECTION is not set CONFIG_ARCH_HAS_KCOV=y CONFIG_CC_HAS_SANCOV_TRACE_PC=y CONFIG_RUNTIME_TESTING_MENU=y # CONFIG_LKDTM is not set # CONFIG_TEST_MIN_HEAP is not set # CONFIG_TEST_DIV64 is not set # CONFIG_BACKTRACE_SELF_TEST is not set # CONFIG_TEST_REF_TRACKER is not set # CONFIG_RBTREE_TEST is not set # CONFIG_REED_SOLOMON_TEST is not set # CONFIG_INTERVAL_TREE_TEST is not set # CONFIG_ATOMIC64_SELFTEST is not set # CONFIG_TEST_HEXDUMP is not set # CONFIG_STRING_SELFTEST is not set # CONFIG_TEST_STRING_HELPERS is not set # CONFIG_TEST_STRSCPY is not set # CONFIG_TEST_KSTRTOX is not set # CONFIG_TEST_PRINTF is not set # CONFIG_TEST_SCANF is not set # CONFIG_TEST_BITMAP is not set # CONFIG_TEST_UUID is not set # CONFIG_TEST_XARRAY is not set # CONFIG_TEST_MAPLE_TREE is not set # CONFIG_TEST_RHASHTABLE is not set # CONFIG_TEST_SIPHASH is not set # CONFIG_TEST_IDA is not set # CONFIG_FIND_BIT_BENCHMARK is not set # CONFIG_TEST_FIRMWARE is not set # CONFIG_TEST_SYSCTL is not set # CONFIG_TEST_UDELAY is not set # CONFIG_TEST_DYNAMIC_DEBUG is not set # CONFIG_TEST_MEMCAT_P is not set # CONFIG_TEST_MEMINIT is not set # CONFIG_TEST_FREE_PAGES is not set CONFIG_ARCH_USE_MEMTEST=y # CONFIG_MEMTEST is not set # end of Kernel Testing and Coverage # # Rust hacking # # end of Rust hacking # end of Kernel hacking ================================================ FILE: kernel/image/Dockerfile ================================================ FROM ubuntu:focal RUN apt-get update && apt-get install -y \ autoconf \ bc \ binutils-multiarch \ binutils-aarch64-linux-gnu \ bison \ flex \ gcc \ xz-utils \ gcc-aarch64-linux-gnu \ git \ libncurses-dev \ make \ openssl \ python-is-python3 \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* COPY sources.list /etc/apt/sources.list RUN apt-get update \ && dpkg --add-architecture arm64 \ && apt-get install -y libelf-dev:arm64 \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* ================================================ FILE: kernel/image/sources.list ================================================ deb [arch=arm64] http://ports.ubuntu.com/ focal main restricted deb [arch=arm64] http://ports.ubuntu.com/ focal-updates main restricted deb [arch=arm64] http://ports.ubuntu.com/ focal universe deb [arch=arm64] http://ports.ubuntu.com/ focal-updates universe deb [arch=arm64] http://ports.ubuntu.com/ focal multiverse deb [arch=arm64] http://ports.ubuntu.com/ focal-updates multiverse deb [arch=arm64] http://ports.ubuntu.com/ focal-backports main restricted universe multiverse deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ focal main deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ focal-updates main restricted deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ focal universe deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ focal-updates universe deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ focal multiverse deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ focal-updates multiverse deb [arch=amd64] http://archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse ================================================ FILE: licenserc.toml ================================================ additionalHeaders = ["scripts/cz-header-style.toml"] headerPath = "scripts/license-header.txt" includes = [ "Makefile", "*.Makefile", "*.swift", "*.h", "*.cpp", "*.c", "*.sh", ] excludes = [ "Sources/ContainerizationArchive/CArchive/include", ] [git] attrs = 'enable' ignore = 'enable' [properties] copyrightOwner = "Apple Inc. and the Containerization project authors" [mapping.SWIFT_STYLE] extensions = ["swift"] ================================================ FILE: scripts/check-integration-test-vm-panics.sh ================================================ #!/bin/bash # Copyright © 2025-2026 Apple Inc. and the Containerization project authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # Script to scan the VM boot logs from the integration tests for kernel panics. # Looks for common kernel panic messages like "attempted to kill init" or "Kernel panic". GIT_ROOT=$(git rev-parse --show-toplevel 2>/dev/null) if [ -z "$GIT_ROOT" ]; then echo "Error: Not in a git repository" exit 1 fi BOOT_LOGS_DIR="$GIT_ROOT/bin/integration-bootlogs" if [ ! -d "$BOOT_LOGS_DIR" ]; then echo "Error: Boot logs directory not found: $BOOT_LOGS_DIR" exit 1 fi echo "Scanning boot logs in: $BOOT_LOGS_DIR" echo "========================================" echo "" PANIC_FOUND=0 for logfile in "$BOOT_LOGS_DIR"/*; do if [ -f "$logfile" ]; then if grep -qi "attempted to kill init\|Kernel panic\|end Kernel panic\|Attempted to kill the idle task\|Oops:" "$logfile"; then echo "🚨 PANIC DETECTED in: $(basename "$logfile")" echo "---" grep -i -B 5 -A 10 "attempted to kill init\|Kernel panic\|end Kernel panic\|Attempted to kill the idle task\|Oops:" "$logfile" | head -30 echo "" echo "========================================" echo "" PANIC_FOUND=1 fi fi done if [ $PANIC_FOUND -eq 0 ]; then echo "✅ No kernel panics detected in boot logs" else echo "❌ Found kernel panics - Virtual machine(s) crashed during integration tests" fi exit $PANIC_FOUND ================================================ FILE: scripts/cz-header-style.toml ================================================ [SWIFT_STYLE] firstLine = '//===----------------------------------------------------------------------===//' endLine = "//===----------------------------------------------------------------------===//\n" beforeEachLine = '// ' afterEachLine = '' allowBlankLines = false multipleLines = true padLines = false firstLineDetectionPattern = '//\s?===' lastLineDetectionPattern = '//\s?===' skipLinePattern = '// swift-tools-version' ================================================ FILE: scripts/ensure-hawkeye-exists.sh ================================================ #!/usr/bin/env bash # Copyright © 2025-2026 Apple Inc. and the Containerization project authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. echo "Checking existence of hawkeye..." if command -v .local/bin/hawkeye >/dev/null 2>&1; then echo "hawkeye found!" else echo "hawkeye not found in PATH" echo "please install hawkeye. For convenience, you can run scripts/install-hawkeye.sh" exit 1 fi ================================================ FILE: scripts/install-hawkeye.sh ================================================ #!/usr/bin/env bash # Copyright © 2025-2026 Apple Inc. and the Containerization project authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. if command -v .local/bin/hawkeye >/dev/null 2>&1; then echo "hawkeye already installed" else echo "Installing hawkeye" export VERSION=v6.1.0 curl --proto '=https' --tlsv1.2 -LsSf https://github.com/korandoru/hawkeye/releases/download/${VERSION}/hawkeye-installer.sh | CARGO_HOME=.local sh -s -- --no-modify-path fi ================================================ FILE: scripts/license-header.txt ================================================ Copyright ©{{ " " }}{%- set created = attrs.git_file_created_year or attrs.disk_file_created_year -%}{%- set modified = attrs.git_file_modified_year or created -%}{%- if created != modified -%} {{created}}-{{modified}}{%- else -%}{{created}}{%- endif -%}{{ " " }}{{ props["copyrightOwner"] }}. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at https://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. ================================================ FILE: scripts/make-docs.sh ================================================ #! /bin/bash -e # Copyright © 2025-2026 Apple Inc. and the Containerization project authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. opts=() opts+=("--allow-writing-to-directory" "$1") opts+=("generate-documentation") opts+=("--target" "Containerization") opts+=("--target" "ContainerizationArchive") opts+=("--target" "ContainerizationError") opts+=("--target" "ContainerizationEXT4") opts+=("--target" "ContainerizationExtras") opts+=("--target" "ContainerizationIO") opts+=("--target" "ContainerizationNetlink") opts+=("--target" "ContainerizationOCI") opts+=("--target" "ContainerizationOS") opts+=("--output-path" "$1") opts+=("--disable-indexing") opts+=("--transform-for-static-hosting") opts+=("--enable-experimental-combined-documentation") opts+=("--experimental-documentation-coverage") if [ ! -z "$2" ] ; then opts+=("--hosting-base-path" "$2") fi /usr/bin/swift package ${opts[@]} echo '{}' > "$1/theme-settings.json" cat > "$1/index.html" <<'EOF'

If you are not redirected automatically, click here.

EOF ================================================ FILE: scripts/pre-commit.fmt ================================================ #! /bin/bash -e setup_error() { echo failed to run: $1 1>&2 echo run '"make pre-commit"' and try again 1>&2 exit 1 } if [ ! -z "${PRECOMMIT_NOFMT}" ] ; then exit 0 fi echo checking formatting and licenses 1>&2 project_pathname=$(git rev-parse --show-toplevel) cd "${project_pathname}" make check ================================================ FILE: signing/vz.entitlements ================================================ com.apple.security.virtualization ================================================ FILE: vminitd/.devcontainer/Dockerfile ================================================ FROM swift:6.2 RUN apt-get update \ && apt-get install make \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* RUN swift sdk install https://download.swift.org/swift-6.2.3-release/static-sdk/swift-6.2.3-RELEASE/swift-6.2.3-RELEASE_static-linux-0.0.1.artifactbundle.tar.gz --checksum f30ec724d824ef43b5546e02ca06a8682dafab4b26a99fbb0e858c347e507a2c ================================================ FILE: vminitd/.devcontainer/devcontainer.json ================================================ { "build": { "dockerfile": "Dockerfile" }, "features": {}, "customizations": { "vscode": { "extensions": [ "swiftlang.swift-vscode" ], "settings": { } } }, "runArgs": [], "mounts": [] } ================================================ FILE: vminitd/Makefile ================================================ # Copyright © 2025-2026 Apple Inc. and the Containerization project authors. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. BUILD_CONFIGURATION ?= debug WARNINGS_AS_ERRORS ?= true SWIFT_WARNING_CONFIG := $(if $(filter-out false,$(WARNINGS_AS_ERRORS)),-Xswiftc -warnings-as-errors) SWIFT_CONFIGURATION := --swift-sdk aarch64-swift-linux-musl $(SWIFT_WARNING_CONFIG) -Xlinker -s --disable-automatic-resolution SWIFT_VERSION := 6.3-snapshot-2026-02-27 SWIFT_SDK_URL := https://download.swift.org/swift-6.3-branch/static-sdk/swift-6.3-DEVELOPMENT-SNAPSHOT-2026-02-27-a/swift-6.3-DEVELOPMENT-SNAPSHOT-2026-02-27-a_static-linux-0.1.0.artifactbundle.tar.gz SWIFT_SDK_PATH := /tmp/$(notdir $(SWIFT_SDK_URL)) SWIFTLY_URL := https://download.swift.org/swiftly/darwin/swiftly.pkg SWIFTLY_FILENAME := $(notdir $(SWIFTLY_URL)) SWIFTLY_BIN_DIR ?= ~/.swiftly/bin BUILD_BIN_DIR := $(shell swift build -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) --show-bin-path) SYSTEM_TYPE := $(shell uname -s) ifeq ($(SYSTEM_TYPE),Darwin) MACOS_VERSION := $(shell sw_vers -productVersion) MACOS_MAJOR := $(shell echo $(MACOS_VERSION) | cut -d. -f1) MACOS_RELEASE_TYPE := $(shell sw_vers | grep ReleaseType) endif .DEFAULT_GOAL := all .PHONY: all all: @echo Building vminitd and vmexec... @mkdir -p ./bin/ @rm -f ./bin/vminitd @rm -f ./bin/vmexec @swift --version @swift build -c $(BUILD_CONFIGURATION) $(SWIFT_CONFIGURATION) @install "$(BUILD_BIN_DIR)/vminitd" ./bin/ @install "$(BUILD_BIN_DIR)/vmexec" ./bin/ .PHONY: cross-prep cross-prep: linux-sdk macos-sdk .PHONY: swiftly swiftly: @if ! command -v ${SWIFTLY_BIN_DIR}/swiftly > /dev/null 2>&1; then \ echo "Installing Swiftly..."; \ curl -o /var/tmp/$(SWIFTLY_FILENAME) $(SWIFTLY_URL) && \ installer -pkg /var/tmp/$(SWIFTLY_FILENAME) -target CurrentUserHomeDirectory && \ ${SWIFTLY_BIN_DIR}/swiftly init --quiet-shell-followup --skip-install && \ . ~/.swiftly/env.sh && \ hash -r && \ rm /var/tmp/$(SWIFTLY_FILENAME); \ fi .PHONY: swift swift: swiftly @echo Installing Swift $(SWIFT_VERSION)... @${SWIFTLY_BIN_DIR}/swiftly install $(SWIFT_VERSION) .PHONY: linux-sdk linux-sdk: swift @echo Installing Static Linux SDK... @curl -L -o $(SWIFT_SDK_PATH) $(SWIFT_SDK_URL) -@swift sdk install $(SWIFT_SDK_PATH) @rm $(SWIFT_SDK_PATH) .PHONY: macos-sdk macos-sdk: # Consider switching back to `xcode-cltools`, when possible. @if [ $(MACOS_MAJOR) -gt 15 ] && [ "$(MACOS_RELEASE_TYPE)" = "" ]; then \ "$(MAKE)" xcode; \ else \ "$(MAKE)" xcode; \ fi .PHONY: xcode-cltools xcode-cltools: @echo Activating Xcode Command Line Tools... @sudo xcode-select --switch /Library/Developer/CommandLineTools .PHONY: xcode xcode: @echo "Please install the latest version of Xcode 26 and set the path for the active developer directory using \`sudo xcode-select -s \`". .PHONY: clean clean: @echo Cleaning the vminitd build files... @rm -f ./bin/vminitd @rm -f ./bin/vmexec @swift package clean $(SWIFT_CONFIGURATION) ================================================ FILE: vminitd/Package.resolved ================================================ { "originHash" : "db3e9fbb73707e38ad14f86a67eb82b8c1a92edeb98b8c6747530a33f8d87125", "pins" : [ { "identity" : "async-http-client", "kind" : "remoteSourceControl", "location" : "https://github.com/swift-server/async-http-client.git", "state" : { "revision" : "60235983163d040f343a489f7e2e77c1918a8bd9", "version" : "1.26.1" } }, { "identity" : "grpc-swift", "kind" : "remoteSourceControl", "location" : "https://github.com/grpc/grpc-swift.git", "state" : { "revision" : "a56a157218877ef3e9625f7e1f7b2cb7e46ead1b", "version" : "1.26.1" } }, { "identity" : "swift-algorithms", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-algorithms.git", "state" : { "revision" : "87e50f483c54e6efd60e885f7f5aa946cee68023", "version" : "1.2.1" } }, { "identity" : "swift-argument-parser", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-argument-parser.git", "state" : { "revision" : "011f0c765fb46d9cac61bca19be0527e99c98c8b", "version" : "1.5.1" } }, { "identity" : "swift-asn1", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-asn1.git", "state" : { "revision" : "a54383ada6cecde007d374f58f864e29370ba5c3", "version" : "1.3.2" } }, { "identity" : "swift-async-algorithms", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-async-algorithms.git", "state" : { "revision" : "042e1c4d9d19748c9c228f8d4ebc97bb1e339b0b", "version" : "1.0.4" } }, { "identity" : "swift-atomics", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-atomics.git", "state" : { "revision" : "cd142fd2f64be2100422d658e7411e39489da985", "version" : "1.2.0" } }, { "identity" : "swift-certificates", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-certificates.git", "state" : { "revision" : "999fd70c7803da89f3904d635a6815a2a7cd7585", "version" : "1.10.0" } }, { "identity" : "swift-collections", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-collections.git", "state" : { "revision" : "c1805596154bb3a265fd91b8ac0c4433b4348fb0", "version" : "1.2.0" } }, { "identity" : "swift-crypto", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-crypto.git", "state" : { "revision" : "e8d6eba1fef23ae5b359c46b03f7d94be2f41fed", "version" : "3.12.3" } }, { "identity" : "swift-http-structured-headers", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-http-structured-headers.git", "state" : { "revision" : "db6eea3692638a65e2124990155cd220c2915903", "version" : "1.3.0" } }, { "identity" : "swift-http-types", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-http-types.git", "state" : { "revision" : "a0a57e949a8903563aba4615869310c0ebf14c03", "version" : "1.4.0" } }, { "identity" : "swift-log", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-log.git", "state" : { "revision" : "3d8596ed08bd13520157f0355e35caed215ffbfa", "version" : "1.6.3" } }, { "identity" : "swift-nio", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio.git", "state" : { "revision" : "34d486b01cd891297ac615e40d5999536a1e138d", "version" : "2.83.0" } }, { "identity" : "swift-nio-extras", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio-extras.git", "state" : { "revision" : "145db1962f4f33a4ea07a32e751d5217602eea29", "version" : "1.28.0" } }, { "identity" : "swift-nio-http2", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio-http2.git", "state" : { "revision" : "4281466512f63d1bd530e33f4aa6993ee7864be0", "version" : "1.36.0" } }, { "identity" : "swift-nio-ssl", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio-ssl.git", "state" : { "revision" : "173cc69a058623525a58ae6710e2f5727c663793", "version" : "2.36.0" } }, { "identity" : "swift-nio-transport-services", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-nio-transport-services.git", "state" : { "revision" : "cd1e89816d345d2523b11c55654570acd5cd4c56", "version" : "1.24.0" } }, { "identity" : "swift-numerics", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-numerics.git", "state" : { "revision" : "e0ec0f5f3af6f3e4d5e7a19d2af26b481acb6ba8", "version" : "1.0.3" } }, { "identity" : "swift-protobuf", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-protobuf.git", "state" : { "revision" : "102a647b573f60f73afdce5613a51d71349fe507", "version" : "1.30.0" } }, { "identity" : "swift-service-lifecycle", "kind" : "remoteSourceControl", "location" : "https://github.com/swift-server/swift-service-lifecycle.git", "state" : { "revision" : "e7187309187695115033536e8fc9b2eb87fd956d", "version" : "2.8.0" } }, { "identity" : "swift-system", "kind" : "remoteSourceControl", "location" : "https://github.com/apple/swift-system.git", "state" : { "revision" : "395a77f0aa927f0ff73941d7ac35f2b46d47c9db", "version" : "1.6.3" } }, { "identity" : "zstd", "kind" : "remoteSourceControl", "location" : "https://github.com/facebook/zstd.git", "state" : { "revision" : "f8745da6ff1ad1e7bab384bd1f9d742439278e99", "version" : "1.5.7" } } ], "version" : 3 } ================================================ FILE: vminitd/Package.swift ================================================ // swift-tools-version: 6.3 //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // The swift-tools-version declares the minimum version of Swift required to build this package. import PackageDescription let package = Package( name: "swift-vminitd", platforms: [.macOS("15")], products: [ .executable(name: "vminitd", targets: ["vminitd"]), .executable(name: "vmexec", targets: ["vmexec"]), ], dependencies: [ .package(url: "https://github.com/apple/swift-argument-parser", from: "1.3.0"), .package(url: "https://github.com/apple/swift-log.git", from: "1.0.0"), .package(url: "https://github.com/apple/swift-system.git", from: "1.6.3"), .package(name: "containerization", path: "../"), ], targets: [ .target( name: "LCShim" ), .target( name: "Cgroup", dependencies: [ .product(name: "Logging", package: "swift-log"), .product(name: "ContainerizationOCI", package: "containerization"), .product(name: "ContainerizationOS", package: "containerization"), .product(name: "SystemPackage", package: "swift-system"), ] ), .executableTarget( name: "vminitd", dependencies: [ .product(name: "ArgumentParser", package: "swift-argument-parser"), .product(name: "Logging", package: "swift-log"), .product(name: "Containerization", package: "containerization"), .product(name: "ContainerizationArchive", package: "containerization"), .product(name: "ContainerizationNetlink", package: "containerization"), .product(name: "ContainerizationIO", package: "containerization"), .product(name: "ContainerizationOS", package: "containerization"), .product(name: "SystemPackage", package: "swift-system"), "LCShim", "Cgroup", ] ), .executableTarget( name: "vmexec", dependencies: [ .product(name: "Logging", package: "swift-log"), .product(name: "ArgumentParser", package: "swift-argument-parser"), .product(name: "SystemPackage", package: "swift-system"), .product(name: "Containerization", package: "containerization"), .product(name: "ContainerizationOS", package: "containerization"), "LCShim", "Cgroup", ] ), ] ) ================================================ FILE: vminitd/Sources/Cgroup/Cgroup2Manager.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// // NOTE: Ideally this should live in ContainerizationOS/Linux, or just ContainerizationCgroups // or something similar, but it's not there yet. It does what we need, but it'd need a lot more // features and testing before it's ready to be public. #if os(Linux) #if canImport(Musl) import Musl #elseif canImport(Glibc) import Glibc #endif import ContainerizationOCI import ContainerizationOS import Foundation import Logging package enum Cgroup2Controller: String { case pids case memory case cpuset case cpu case io case hugetlb } // Extremely simple cgroup manager. Our needs are simple for now, and this is // reflected in the type. package struct Cgroup2Manager: Sendable { package static let defaultMountPoint = URL(filePath: "/sys/fs/cgroup") private static let killFile = "cgroup.kill" private static let procsFile = "cgroup.procs" private static let subtreeControlFile = "cgroup.subtree_control" private static let cg2Magic = 0x6367_7270 private let mountPoint: URL private let path: URL private let logger: Logger? package init( mountPoint: URL = Self.defaultMountPoint, group: URL, logger: Logger? = nil ) { self.mountPoint = mountPoint self.path = mountPoint.appending(path: group.path) self.logger = logger } package static func load( mountPoint: URL = Self.defaultMountPoint, group: URL, logger: Logger? = nil ) throws -> Cgroup2Manager { let path = mountPoint.appending(path: group.path) var s = statfs() let res = statfs(path.path, &s) if res != 0 { throw Error.errno(errno: errno, message: "failed to statfs \(path.path)") } if Int64(s.f_type) != Self.cg2Magic { throw Error.notCgroup } return Cgroup2Manager( mountPoint: mountPoint, group: group, logger: logger ) } package static func loadFromPid(pid: Int32, logger: Logger? = nil) throws -> Cgroup2Manager { let procCgPath = URL(filePath: "/proc/\(pid)/cgroup") let fh = try FileHandle(forReadingFrom: procCgPath) guard let data = try fh.readToEnd() else { throw Error.errno(errno: errno, message: "failed to read \(procCgPath)") } // If this fails we have bigger problems. let str = String(data: data, encoding: .utf8)! let parts = str.split(separator: ":") if parts[0] != "0" { throw Error.cgroup1 } // We should really read /proc/pid/mountinfo, but for now just assume // it's always at /sys/fs/cgroup. let path = parts[1].trimmingCharacters(in: .whitespacesAndNewlines) return Cgroup2Manager(group: URL(filePath: String(path)), logger: logger) } package func create(perms: Int16 = 0o755) throws { self.logger?.info( "creating cgroup manager", metadata: [ "mountpoint": "\(self.mountPoint.path)", "path": "\(self.path.path)", ]) try FileManager.default.createDirectory( at: self.path, withIntermediateDirectories: true, attributes: [.posixPermissions: perms] ) } private static func writeValue(path: URL, value: String, fileName: String) throws { let file = path.appending(path: fileName) let fd = open(file.path, O_WRONLY, 0) if fd == -1 { throw Error.errno(errno: errno, message: "failed to open \(file.path)") } defer { close(fd) } let bytes = Array(value.utf8) let res = Syscall.retrying { bytes.withUnsafeBytes { write(fd, $0.baseAddress!, bytes.count) } } if res == -1 { throw Error.errno(errno: errno, message: "failed to write to \(file.path)") } } package func toggleSubtreeControllers(controllers: [Cgroup2Controller], enable: Bool) throws { let value = controllers.map { (enable ? "+" : "-") + $0.rawValue }.joined(separator: " ") let mountComponents = self.mountPoint.pathComponents let pathComponents = self.path.pathComponents // First ensure it's set on the root. var current = self.mountPoint try Self.writeValue( path: current, value: value, fileName: Self.subtreeControlFile ) // Toggle everything except the leaf, as otherwise we won't be able to write // to cgroup.procs, and what fun is that :) if mountComponents.count < pathComponents.count - 1 { for i in mountComponents.count...pathComponents.count - 2 { current = current.appending(path: pathComponents[i]) try Self.writeValue( path: current, value: value, fileName: Self.subtreeControlFile ) } } } package func toggleAllAvailableControllers(enable: Bool) throws { // Read available controllers from cgroup.controllers let controllersFile = self.mountPoint.appending(path: "cgroup.controllers") let controllersContent = try String(contentsOf: controllersFile, encoding: .utf8) .trimmingCharacters(in: .whitespacesAndNewlines) // Parse controller names and convert to our enum let availableControllers = controllersContent .split(separator: " ") .compactMap { Cgroup2Controller(rawValue: String($0)) } if !availableControllers.isEmpty { try toggleSubtreeControllers(controllers: availableControllers, enable: enable) } } package func addProcess(pid: Int32) throws { self.logger?.debug( "adding new proc to cgroup", metadata: [ "mountpoint": "\(self.mountPoint.path)", "path": "\(self.path.path)", ]) let pidStr = String(pid) try Self.writeValue( path: self.path, value: pidStr, fileName: Self.procsFile ) } package func applyResources(resources: ContainerizationOCI.LinuxResources) throws { self.logger?.debug( "applying cgroup resources", metadata: [ "path": "\(self.path.path)" ]) if let memory = resources.memory, let limit = memory.limit { try Self.writeValue( path: self.path, value: String(limit), fileName: "memory.max" ) } if let cpu = resources.cpu { if let quota = cpu.quota, let period = cpu.period { // cpu.max format is "quota period" let value = "\(quota) \(period)" try Self.writeValue( path: self.path, value: value, fileName: "cpu.max" ) } } if let pids = resources.pids { try Self.writeValue( path: self.path, value: String(pids.limit), fileName: "pids.max" ) } } package func setMemoryHigh(bytes: UInt64) throws { self.logger?.debug( "setting memory.high", metadata: [ "path": "\(self.path.path)", "bytes": "\(bytes)", ]) try Self.writeValue( path: self.path, value: String(bytes), fileName: "memory.high" ) } package func getMemoryEvents() throws -> MemoryEvents { let content = try readFileContent(fileName: "memory.events") let values = parseKeyValuePairs(content) return MemoryEvents( low: values["low"] ?? 0, high: values["high"] ?? 0, max: values["max"] ?? 0, oom: values["oom"] ?? 0, oomKill: values["oom_kill"] ?? 0 ) } package func getMemoryEventsPath() -> String { self.path.appending(path: "memory.events").path } package func kill() throws { try Self.writeValue( path: self.path, value: "1", fileName: Self.killFile ) } package func delete(force: Bool = false) throws { self.logger?.info( "deleting cgroup manager", metadata: [ "mountpoint": "\(self.mountPoint.path)", "path": "\(self.path.path)", ]) if force { try self.kill() } // Recursively remove child cgroups first try removeChildCgroups(at: self.path, force: force) let result = rmdir(self.path.path) if result != 0 { throw Error.errno(errno: errno, message: "failed to remove cgroup directory \(self.path.path)") } } private func removeChildCgroups(at path: URL, force: Bool) throws { let fileManager = FileManager.default guard let contents = try? fileManager.contentsOfDirectory(atPath: path.path) else { return } // Remove child directories (potential nested cgroups) first for item in contents { let childPath = path.appending(path: item) var isDirectory: ObjCBool = false if fileManager.fileExists(atPath: childPath.path, isDirectory: &isDirectory) && isDirectory.boolValue { if force { try Self.writeValue( path: childPath, value: "1", fileName: Self.killFile ) } try removeChildCgroups(at: childPath, force: force) let result = rmdir(childPath.path) if result != 0 { throw Error.errno(errno: errno, message: "failed to remove child cgroup \(childPath.path)") } } } } package func stats() throws -> Cgroup2Stats { let pidsStats = try self.readPidsStats() let memoryStats = try self.readMemoryStats() let cpuStats = try self.readCPUStats() let ioStats = try self.readIOStats() return Cgroup2Stats( pids: pidsStats, memory: memoryStats, cpu: cpuStats, io: ioStats ) } private func readFileContent(fileName: String) throws -> String? { let filePath = self.path.appending(path: fileName) guard FileManager.default.fileExists(atPath: filePath.path) else { return nil } return try String(contentsOf: filePath, encoding: .utf8) .trimmingCharacters(in: .whitespacesAndNewlines) } private func parseSingleValue(_ content: String?) -> UInt64? { guard let content = content, !content.isEmpty else { return nil } if content == "max" { return UInt64.max } return UInt64(content) } private func parseKeyValuePairs(_ content: String?) -> [String: UInt64] { guard let content = content else { return [:] } var result: [String: UInt64] = [:] for line in content.components(separatedBy: .newlines) { let parts = line.components(separatedBy: .whitespaces) if parts.count == 2, let value = UInt64(parts[1]) { result[parts[0]] = value } } return result } private func readPidsStats() throws -> PidsStats? { guard let currentContent = try readFileContent(fileName: "pids.current"), let current = parseSingleValue(currentContent) else { return nil } let maxContent = try readFileContent(fileName: "pids.max") let max = parseSingleValue(maxContent) return PidsStats(current: current, max: max) } private func readMemoryStats() throws -> MemoryStats? { guard let usageContent = try readFileContent(fileName: "memory.current"), let usage = parseSingleValue(usageContent) else { return nil } let usageLimit = parseSingleValue(try readFileContent(fileName: "memory.max")) let swapUsage = parseSingleValue(try readFileContent(fileName: "memory.swap.current")) let swapLimit = parseSingleValue(try readFileContent(fileName: "memory.swap.max")) let statContent = try readFileContent(fileName: "memory.stat") let statValues = parseKeyValuePairs(statContent) return MemoryStats( usage: usage, usageLimit: usageLimit, swapUsage: swapUsage, swapLimit: swapLimit, anon: statValues["anon"] ?? 0, file: statValues["file"] ?? 0, kernelStack: statValues["kernel_stack"] ?? 0, slab: statValues["slab"] ?? 0, sock: statValues["sock"] ?? 0, shmem: statValues["shmem"] ?? 0, fileMapped: statValues["file_mapped"] ?? 0, fileDirty: statValues["file_dirty"] ?? 0, fileWriteback: statValues["file_writeback"] ?? 0, pgfault: statValues["pgfault"] ?? 0, pgmajfault: statValues["pgmajfault"] ?? 0, workingsetRefault: statValues["workingset_refault"] ?? 0, workingsetActivate: statValues["workingset_activate"] ?? 0, workingsetNodereclaim: statValues["workingset_nodereclaim"] ?? 0, inactiveAnon: statValues["inactive_anon"] ?? 0, activeAnon: statValues["active_anon"] ?? 0, inactiveFile: statValues["inactive_file"] ?? 0, activeFile: statValues["active_file"] ?? 0 ) } private func readCPUStats() throws -> CPUStats? { let statContent = try readFileContent(fileName: "cpu.stat") let statValues = parseKeyValuePairs(statContent) guard !statValues.isEmpty else { return nil } return CPUStats( usageUsec: statValues["usage_usec"] ?? 0, userUsec: statValues["user_usec"] ?? 0, systemUsec: statValues["system_usec"] ?? 0, nrPeriods: statValues["nr_periods"] ?? 0, nrThrottled: statValues["nr_throttled"] ?? 0, throttledUsec: statValues["throttled_usec"] ?? 0 ) } private func readIOStats() throws -> IOStats? { guard let statContent = try readFileContent(fileName: "io.stat") else { return IOStats(entries: []) } var entries: [IOEntry] = [] for line in statContent.components(separatedBy: .newlines) { guard !line.isEmpty else { continue } let parts = line.components(separatedBy: .whitespaces) guard parts.count >= 2 else { continue } let deviceParts = parts[0].components(separatedBy: ":") guard deviceParts.count == 2, let major = UInt64(deviceParts[0]), let minor = UInt64(deviceParts[1]) else { continue } var rbytes: UInt64 = 0 var wbytes: UInt64 = 0 var rios: UInt64 = 0 var wios: UInt64 = 0 var dbytes: UInt64 = 0 var dios: UInt64 = 0 for i in 1.. int CZ_pivot_root(const char *new_root, const char *put_old); int CZ_set_sub_reaper(); #ifndef SYS_pidfd_open #define SYS_pidfd_open 434 #endif int CZ_pidfd_open(pid_t pid, unsigned int flags); #ifndef SYS_pidfd_getfd #define SYS_pidfd_getfd 438 #endif int CZ_pidfd_getfd(int pidfd, int targetfd, unsigned int flags); int CZ_prctl_set_no_new_privs(); #endif ================================================ FILE: vminitd/Sources/LCShim/syscall.c ================================================ /* * Copyright © 2025-2026 Apple Inc. and the Containerization project authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include #include #include #include "syscall.h" int CZ_pivot_root(const char *new_root, const char *put_old) { return syscall(SYS_pivot_root, new_root, put_old); } int CZ_set_sub_reaper() { return prctl(PR_SET_CHILD_SUBREAPER, 1); } int CZ_pidfd_open(pid_t pid, unsigned int flags) { // Musl doesn't have pidfd_open. return syscall(SYS_pidfd_open, pid, flags); } int CZ_pidfd_getfd(int pidfd, int targetfd, unsigned int flags) { // Musl doesn't have pidfd_getfd. return syscall(SYS_pidfd_getfd, pidfd, targetfd, flags); } int CZ_prctl_set_no_new_privs() { return prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); } ================================================ FILE: vminitd/Sources/vmexec/Console.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import FoundationEssentials import Musl class Console { let master: Int32 let slavePath: String init() throws { let masterFD = open("/dev/ptmx", O_RDWR | O_NOCTTY | O_CLOEXEC) guard masterFD != -1 else { throw App.Errno(stage: "open_ptmx") } guard unlockpt(masterFD) == 0 else { throw App.Errno(stage: "unlockpt") } guard let slavePath = ptsname(masterFD) else { throw App.Errno(stage: "ptsname") } self.master = masterFD self.slavePath = String(cString: slavePath) } func configureStdIO() throws { let path = self.slavePath let slaveFD = open(path, O_RDWR) guard slaveFD != -1 else { throw App.Errno(stage: "open_pts") } defer { Musl.close(slaveFD) } for fd: Int32 in 0...2 { guard dup3(slaveFD, fd, 0) != -1 else { throw App.Errno(stage: "dup3") } } } func close() throws { guard Musl.close(self.master) == 0 else { throw App.Errno(stage: "close") } } } ================================================ FILE: vminitd/Sources/vmexec/ExecCommand.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import ContainerizationOCI import ContainerizationOS import FoundationEssentials import LCShim import Logging import Musl import SystemPackage struct ExecCommand: ParsableCommand { static let configuration = CommandConfiguration( commandName: "exec", abstract: "Exec in a container" ) @Option(name: .long, help: "path to an OCI runtime spec process configuration") var processPath: String @Option(name: .long, help: "pid of the init process for the container") var parentPid: Int func run() throws { do { let src = URL(fileURLWithPath: processPath) let processBytes = try Data(contentsOf: src) let process = try JSONDecoder().decode( ContainerizationOCI.Process.self, from: processBytes ) try execInNamespaces(process: process) } catch { App.writeError(error) throw error } } static func enterNS(pidFd: Int32, nsType: Int32) throws { guard setns(pidFd, nsType) == 0 else { throw App.Errno(stage: "setns(fd)") } } private func execInNamespaces(process: ContainerizationOCI.Process) throws { let syncPipe = FileDescriptor(rawValue: 3) let ackPipe = FileDescriptor(rawValue: 4) let pidFd = CZ_pidfd_open(Int32(parentPid), 0) guard pidFd > 0 else { throw App.Errno(stage: "pidfd_open(\(parentPid))") } try Self.enterNS( pidFd: pidFd, nsType: CLONE_NEWCGROUP | CLONE_NEWPID | CLONE_NEWUTS | CLONE_NEWNS ) let processID = fork() guard processID != -1 else { try? syncPipe.close() try? ackPipe.close() throw App.Errno(stage: "fork") } if processID == 0 { // child // Wait for the grandparent to tell us that they acked our pid. var pidAckBuffer = [UInt8](repeating: 0, count: App.ackPid.count) let pidAckBytesRead = try pidAckBuffer.withUnsafeMutableBytes { buffer in try ackPipe.read(into: buffer) } guard pidAckBytesRead > 0 else { throw App.Failure(message: "read ack pipe") } let pidAckStr = String(decoding: pidAckBuffer[.. 0 else { throw App.Failure(message: "read ack pipe") } let consoleAckStr = String(decoding: consoleAckBuffer[.. ContainerizationOS.Mount { ContainerizationOS.Mount( type: self.type, source: self.source, target: self.destination, options: self.options ) } } ================================================ FILE: vminitd/Sources/vmexec/RunCommand.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import Cgroup import ContainerizationOCI import ContainerizationOS import FoundationEssentials import LCShim import Musl import SystemPackage struct RunCommand: ParsableCommand { static let configuration = CommandConfiguration( commandName: "run", abstract: "Run a container" ) @Option(name: .long, help: "path to an OCI bundle") var bundlePath: String mutating func run() throws { do { let spec: ContainerizationOCI.Spec do { let bundle = try ContainerizationOCI.Bundle.load(path: URL(filePath: bundlePath)) spec = try bundle.loadConfig() } catch { throw App.Failure(message: "failed to load OCI bundle at \(bundlePath): \(error)") } try execInNamespace(spec: spec) } catch { App.writeError(error) throw error } } private func childRootSetup(rootfs: ContainerizationOCI.Root, mounts: [ContainerizationOCI.Mount]) throws { // setup rootfs try prepareRoot(rootfs: rootfs.path) try mountRootfs(rootfs: rootfs.path, mounts: mounts) try setDevSymlinks(rootfs: rootfs.path) try pivotRoot(rootfs: rootfs.path) // Remount ro if requested. if rootfs.readonly { try self.remountRootfsReadOnly() } try reOpenDevNull() } private func remountRootfsReadOnly() throws { var flags = UInt(MS_BIND | MS_REMOUNT | MS_RDONLY) let ret = mount("", "/", "", flags, "") if ret == 0 { return } var s = statfs() guard statfs("/", &s) == 0 else { throw App.Errno(stage: "statfs(/)") } flags |= s.f_flags guard mount("", "/", "", flags, "") == 0 else { throw App.Errno(stage: "mount rootfs ro") } } private func childSetup( spec: ContainerizationOCI.Spec, ackPipe: FileDescriptor, syncPipe: FileDescriptor ) throws { guard let process = spec.process else { throw App.Failure(message: "no process configuration found in runtime spec") } guard let root = spec.root else { throw App.Failure(message: "no root found in runtime spec") } // Wait for the grandparent to tell us that they acked our pid. var pidAckBuffer = [UInt8](repeating: 0, count: App.ackPid.count) let pidAckBytesRead = try pidAckBuffer.withUnsafeMutableBytes { buffer in try ackPipe.read(into: buffer) } guard pidAckBytesRead > 0 else { throw App.Failure(message: "read ack pipe") } let pidAckStr = String(decoding: pidAckBuffer[.. 0 else { throw App.Failure(message: "read ack pipe") } let consoleAckStr = String(decoding: consoleAckBuffer[..= 0 else { throw App.Errno(stage: "sysctl open(\(path))") } defer { close(fd) } let bytes = Array(value.utf8) let written = write(fd, bytes, bytes.count) guard written == bytes.count else { throw App.Errno(stage: "sysctl write(\(key)=\(value))") } } } // Apply O_CLOEXEC to all file descriptors except stdio. // This ensures that all unwanted fds we may have accidentally // inherited are marked close-on-exec so they stay out of the // container. try App.applyCloseExecOnFDs() try App.setRLimits(rlimits: process.rlimits) // Prepare capabilities (before user change) let preparedCaps = try App.prepareCapabilities(capabilities: process.capabilities ?? ContainerizationOCI.LinuxCapabilities()) // Change stdio to be owned by the requested user. try App.fixStdioPerms(user: process.user) // Set uid, gid, and supplementary groups. try App.setPermissions(user: process.user) // Finish capabilities (after user change) try App.finishCapabilities(preparedCaps) // Set no_new_privs if requested by the OCI spec. try App.setNoNewPrivileges(process: process) // Finally execve the container process. try App.exec(process: process, currentEnv: process.env) } private func setupNamespaces(namespaces: [ContainerizationOCI.LinuxNamespace]?) throws -> Int32 { var unshareFlags: Int32 = 0 // Map namespace types to their corresponding CLONE flags let nsTypeToFlag: [ContainerizationOCI.LinuxNamespaceType: Int32] = [ .pid: CLONE_NEWPID, .mount: CLONE_NEWNS, .uts: CLONE_NEWUTS, .ipc: CLONE_NEWIPC, .user: CLONE_NEWUSER, .cgroup: CLONE_NEWCGROUP, ] guard let namespaces = namespaces else { return CLONE_NEWPID | CLONE_NEWNS | CLONE_NEWUTS } for ns in namespaces { guard let flag = nsTypeToFlag[ns.type] else { continue } if ns.path.isEmpty { unshareFlags |= flag } else { let fd = open(ns.path, O_RDONLY | O_CLOEXEC) guard fd >= 0 else { throw App.Errno(stage: "open(\(ns.path))") } defer { close(fd) } guard setns(fd, flag) == 0 else { throw App.Errno(stage: "setns(\(ns.path))") } } } return unshareFlags } private func execInNamespace(spec: ContainerizationOCI.Spec) throws { let syncPipe = FileDescriptor(rawValue: 3) let ackPipe = FileDescriptor(rawValue: 4) let unshareFlags = try setupNamespaces(namespaces: spec.linux?.namespaces) guard unshare(unshareFlags) == 0 else { throw App.Errno(stage: "unshare(\(unshareFlags))") } let processID = fork() guard processID != -1 else { try? syncPipe.close() try? ackPipe.close() throw App.Errno(stage: "fork") } if processID == 0 { // child try childSetup(spec: spec, ackPipe: ackPipe, syncPipe: syncPipe) } else { // parent process // Setup cgroup before child enters cgroup namespace if let linux = spec.linux { let cgroupPath = linux.cgroupsPath if !cgroupPath.isEmpty { let cgroupManager = try Cgroup2Manager.load(group: URL(filePath: cgroupPath)) if let resources = linux.resources { try cgroupManager.applyResources(resources: resources) } try cgroupManager.addProcess(pid: processID) } } // Send our child's pid before we exit. var childPid = processID try withUnsafeBytes(of: &childPid) { bytes in _ = try syncPipe.write(bytes) } } } private func mountRootfs(rootfs: String, mounts: [ContainerizationOCI.Mount]) throws { let containerMount = ContainerMount(rootfs: rootfs, mounts: mounts) try containerMount.mountToRootfs() try containerMount.configureConsole() } private func prepareRoot(rootfs: String) throws { guard mount("", "/", "", UInt(MS_SLAVE | MS_REC), nil) == 0 else { throw App.Errno(stage: "mount(slave|rec)") } guard mount(rootfs, rootfs, "bind", UInt(MS_BIND | MS_REC), nil) == 0 else { throw App.Errno(stage: "mount(bind|rec)") } } private func setDevSymlinks(rootfs: String) throws { let links: [(src: String, dst: String)] = [ ("/proc/self/fd", "/dev/fd"), ("/proc/self/fd/0", "/dev/stdin"), ("/proc/self/fd/1", "/dev/stdout"), ("/proc/self/fd/2", "/dev/stderr"), ("/dev/rtc0", "/dev/rtc"), ] let rootfsURL = URL(fileURLWithPath: rootfs) for (src, dst) in links { let dest = rootfsURL.appendingPathComponent(dst) guard symlink(src, dest.path) == 0 else { if errno == EEXIST { continue } throw App.Errno(stage: "symlink(\(src) -> \(dest.path))") } } } private func reOpenDevNull() throws { let file = open("/dev/null", O_RDWR) guard file != -1 else { throw App.Errno(stage: "open(/dev/null)") } defer { close(file) } var devNullStat = stat() try withUnsafeMutablePointer(to: &devNullStat) { pointer in guard fstat(file, pointer) == 0 else { throw App.Errno(stage: "fstat(/dev/null)") } } for fd: Int32 in 0...2 { var fdStat = stat() try withUnsafeMutablePointer(to: &fdStat) { pointer in guard fstat(fd, pointer) == 0 else { throw App.Errno(stage: "fstat(fd)") } } if fdStat.st_rdev == devNullStat.st_rdev { guard dup3(file, fd, 0) != -1 else { throw App.Errno(stage: "dup3(null)") } } } } /// Pivots the rootfs of the calling process in the namespace to the provided /// rootfs in the argument. /// /// The pivot_root(".", ".") and unmount old root approach is exactly the same /// as runc's pivot root implementation in: /// https://github.com/opencontainers/runc/blob/main/libcontainer/rootfs_linux.go private func pivotRoot(rootfs: String) throws { let oldRoot = open("/", O_RDONLY | O_DIRECTORY) if oldRoot <= 0 { throw App.Errno(stage: "open(oldroot)") } defer { close(oldRoot) } let newRoot = open(rootfs, O_RDONLY | O_DIRECTORY) if newRoot <= 0 { throw App.Errno(stage: "open(newroot)") } defer { close(newRoot) } // change cwd to the new root guard fchdir(newRoot) == 0 else { throw App.Errno(stage: "fchdir(newroot)") } guard CZ_pivot_root(toCString("."), toCString(".")) == 0 else { throw App.Errno(stage: "pivot_root()") } // change cwd to the old root guard fchdir(oldRoot) == 0 else { throw App.Errno(stage: "fchdir(oldroot)") } // mount old root rslave so that unmount doesn't propagate back to outside // the namespace guard mount("", ".", "", UInt(MS_SLAVE | MS_REC), nil) == 0 else { throw App.Errno(stage: "mount(., slave|rec)") } // unmount old root guard umount2(".", Int32(MNT_DETACH)) == 0 else { throw App.Errno(stage: "umount(.)") } // switch cwd to the new root guard chdir("/") == 0 else { throw App.Errno(stage: "chdir(/)") } } private func toCString(_ str: String) -> UnsafeMutablePointer? { let cString = str.utf8CString let cStringCopy = UnsafeMutableBufferPointer.allocate(capacity: cString.count) _ = cStringCopy.initialize(from: cString) return UnsafeMutablePointer(cStringCopy.baseAddress) } private func mountConsole(path: String) throws { let console = "/dev/console" if access(console, F_OK) != 0 { let fd = open(console, O_RDWR | O_CREAT, mode_t(UInt16(0o600))) guard fd != -1 else { throw App.Errno(stage: "open(/dev/console)") } close(fd) } guard mount(path, console, "bind", UInt(MS_BIND), nil) == 0 else { throw App.Errno(stage: "mount(console)") } } } ================================================ FILE: vminitd/Sources/vmexec/vmexec.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// /// NOTE: This binary implements a very small subset of the OCI runtime spec, mostly just /// the process configurations. Mounts are somewhat functional, but masked and read only paths /// aren't checked today. Today the namespaces are also ignored, and we always spawn a new pid /// and mount namespace. import ArgumentParser import ContainerizationError import ContainerizationOCI import ContainerizationOS import FoundationEssentials import LCShim import Logging import Musl import SystemPackage @main struct App: ParsableCommand { static let ackPid = "AckPid" static let ackConsole = "AckConsole" static let configuration = CommandConfiguration( commandName: "vmexec", version: "0.1.0", subcommands: [ ExecCommand.self, RunCommand.self, ] ) } extension App { /// Applies O_CLOEXEC to all file descriptors currently open for /// the process except the stdio fd values static func applyCloseExecOnFDs() throws { let minFD = 2 // stdin, stdout, stderr should be preserved let fdList = try FileManager.default.contentsOfDirectory(atPath: "/proc/self/fd") for fdStr in fdList { guard let fd = Int(fdStr) else { continue } if fd <= minFD { continue } _ = fcntl(Int32(fd), F_SETFD, FD_CLOEXEC) } } static func exec(process: ContainerizationOCI.Process, currentEnv: [String]? = nil) throws { guard !process.args.isEmpty else { throw App.Errno(stage: "exec", info: "process args cannot be empty") } let executableArg = process.args[0] let resolvedExecutable: URL if executableArg.contains("/") { if executableArg.hasPrefix("/") { resolvedExecutable = URL(fileURLWithPath: executableArg) } else { resolvedExecutable = URL(fileURLWithPath: process.cwd).appendingPathComponent(executableArg).standardized } guard FileManager.default.fileExists(atPath: resolvedExecutable.path) else { throw App.Failure(message: "failed to find target executable \(executableArg)") } } else { let path = Path.findPath(currentEnv) ?? Path.getCurrentPath() guard let found = Path.lookPath(executableArg, path: path) else { throw App.Failure(message: "failed to find target executable \(executableArg)") } resolvedExecutable = found } let executable = strdup(resolvedExecutable.path) var argv = process.args.map { strdup($0) } argv += [nil] let env = process.env.map { strdup($0) } + [nil] let cwd = process.cwd // Create the working directory if it doesn't exist, this seems like the expected // OCI runtime spec behavior. if !FileManager.default.fileExists(atPath: cwd) { try FileManager.default.createDirectory( atPath: cwd, withIntermediateDirectories: true, attributes: [.posixPermissions: 0o755] ) } guard chdir(cwd) == 0 else { throw App.Errno(stage: "chdir(cwd)", info: "failed to change directory to '\(cwd)'") } guard execvpe(executable, argv, env) != -1 else { throw App.Errno(stage: "execvpe(\(String(describing: executable)))", info: "failed to exec [\(process.args.joined(separator: " "))]") } fatalError("execvpe failed") } static func setPermissions(user: ContainerizationOCI.User) throws { if user.additionalGids.count > 0 { guard setgroups(user.additionalGids.count, user.additionalGids) == 0 else { throw App.Errno(stage: "setgroups()") } } guard setgid(user.gid) == 0 else { throw App.Errno(stage: "setgid()") } // NOTE: setuid has to be done last because once the uid has been // changed, then the process will lose privilege to set the group // and supplementary groups guard setuid(user.uid) == 0 else { throw App.Errno(stage: "setuid()") } } static func fixStdioPerms(user: ContainerizationOCI.User) throws { for i in 0...2 { var fdStat = stat() try withUnsafeMutablePointer(to: &fdStat) { pointer in guard fstat(Int32(i), pointer) == 0 else { throw App.Errno(stage: "fstat(fd)") } } let desired = uid_t(user.uid) if fdStat.st_uid != desired { guard fchown(Int32(i), desired, fdStat.st_gid) != -1 else { throw App.Errno(stage: "fchown(\(i))") } } } } static func setRLimits(rlimits: [ContainerizationOCI.POSIXRlimit]) throws { for rl in rlimits { var limit = rlimit(rlim_cur: rl.soft, rlim_max: rl.hard) let resource: Int32 switch rl.type { case "RLIMIT_AS": resource = RLIMIT_AS case "RLIMIT_CORE": resource = RLIMIT_CORE case "RLIMIT_CPU": resource = RLIMIT_CPU case "RLIMIT_DATA": resource = RLIMIT_DATA case "RLIMIT_FSIZE": resource = RLIMIT_FSIZE case "RLIMIT_LOCKS": resource = RLIMIT_LOCKS case "RLIMIT_MEMLOCK": resource = RLIMIT_MEMLOCK case "RLIMIT_MSGQUEUE": resource = RLIMIT_MSGQUEUE case "RLIMIT_NICE": resource = RLIMIT_NICE case "RLIMIT_NOFILE": resource = RLIMIT_NOFILE case "RLIMIT_NPROC": resource = RLIMIT_NPROC case "RLIMIT_RSS": resource = RLIMIT_RSS case "RLIMIT_RTPRIO": resource = RLIMIT_RTPRIO case "RLIMIT_RTTIME": resource = RLIMIT_RTTIME case "RLIMIT_SIGPENDING": resource = RLIMIT_SIGPENDING case "RLIMIT_STACK": resource = RLIMIT_STACK default: errno = EINVAL throw App.Errno(stage: "rlimit key unknown") } guard setrlimit(resource, &limit) == 0 else { throw App.Errno(stage: "setrlimit()") } } } static func prepareCapabilities(capabilities: ContainerizationOCI.LinuxCapabilities) throws -> ContainerizationOS.LinuxCapabilities? { // Create capabilities instance from OCI config var caps = ContainerizationOS.LinuxCapabilities() caps.set(which: [.effective], caps: (capabilities.effective ?? []).compactMap { try? CapabilityName(rawValue: $0) }) caps.set(which: [.permitted], caps: (capabilities.permitted ?? []).compactMap { try? CapabilityName(rawValue: $0) }) caps.set(which: [.inheritable], caps: (capabilities.inheritable ?? []).compactMap { try? CapabilityName(rawValue: $0) }) caps.set(which: [.bounding], caps: (capabilities.bounding ?? []).compactMap { try? CapabilityName(rawValue: $0) }) caps.set(which: [.ambient], caps: (capabilities.ambient ?? []).compactMap { try? CapabilityName(rawValue: $0) }) // Apply bounding set BEFORE user change (drop capabilities early) do { try caps.apply(kind: .bounds) } catch { throw App.Failure(message: "failed to apply bounding set capabilities: \(error)") } // Set keep caps to preserve capabilities across setuid() do { try LinuxCapabilities.setKeepCaps() } catch { throw App.Failure(message: "failed to set keep caps: \(error)") } return caps } static func finishCapabilities(_ caps: ContainerizationOS.LinuxCapabilities?) throws { guard let caps = caps else { return } do { try LinuxCapabilities.clearKeepCaps() } catch { throw App.Failure(message: "failed to clear keep caps: \(error)") } do { try caps.apply(kind: [.caps]) } catch { throw App.Failure(message: "failed to apply final capabilities: \(error)") } try? caps.apply(kind: [.ambs]) } static func setNoNewPrivileges(process: ContainerizationOCI.Process) throws { guard process.noNewPrivileges else { return } guard CZ_prctl_set_no_new_privs() == 0 else { throw App.Errno(stage: "prctl(PR_SET_NO_NEW_PRIVS)") } } static func Errno(stage: String, info: String = "") -> ContainerizationError { let posix = POSIXError(.init(rawValue: errno)!, userInfo: ["stage": stage]) return ContainerizationError(.internalError, message: "\(info) \(String(describing: posix))") } static func Failure(message: String) -> ContainerizationError { ContainerizationError( .internalError, message: message ) } static func writeError(_ error: Error) { let errorPipe = FileDescriptor(rawValue: 5) let errorMessage: String if let czError = error as? ContainerizationError { errorMessage = czError.description } else { errorMessage = String(describing: error) } let bytes = Array(errorMessage.utf8) _ = try? bytes.withUnsafeBytes { buffer in try errorPipe.write(buffer) } try? errorPipe.close() } } ================================================ FILE: vminitd/Sources/vminitd/AgentCommand.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import Cgroup import Containerization import ContainerizationError import ContainerizationOS import Foundation import Logging import NIOCore import NIOPosix #if os(Linux) import Musl import LCShim #endif struct AgentCommand: AsyncParsableCommand { static let configuration = CommandConfiguration( commandName: "agent", abstract: "Run the vminitd agent daemon" ) private static let foregroundEnvVar = "FOREGROUND" private static let vsockPort = 1024 @OptionGroup var options: LogLevelOption mutating func run() async throws { let log = makeLogger(label: "vminitd", level: options.resolvedLogLevel()) try Self.adjustLimits(log) // when running under debug mode, launch vminitd as a sub process of pid1 // so that we get a chance to collect better logs and errors before pid1 exists // and the kernel panics. #if DEBUG log.info("DEBUG mode active, checking FOREGROUND env var") let environment = ProcessInfo.processInfo.environment let foreground = environment[Self.foregroundEnvVar] log.info("checking for shim var \(Self.foregroundEnvVar)=\(String(describing: foreground))") if foreground == nil { try Self.runInForeground(log, logLevel: options.logLevel) _exit(0) } log.info("FOREGROUND is set, running as subprocess, setting subreaper") // since we are not running as pid1 in this mode we must set ourselves // as a subpreaper so that all child processes are reaped by us and not // passed onto our parent. CZ_set_sub_reaper() #endif signal(SIGPIPE, SIG_IGN) log.info("vminitd booting") // Set of mounts necessary to be mounted prior to taking any RPCs. // 1. /proc as the sysctl rpc wouldn't make sense if it wasn't there (NOTE: This is done before this method // due to Swift seemingly requiring /proc to be present for the async runtime to spin up). // 2. /run as that is where we store container state. // 3. /sys as we need it for /sys/fs/cgroup // 4. /sys/fs/cgroup to add the agent to a cgroup, as well as containers later. let mounts = [ ContainerizationOS.Mount( type: "tmpfs", source: "tmpfs", target: "/run", options: [] ), ContainerizationOS.Mount( type: "sysfs", source: "sysfs", target: "/sys", options: [] ), ContainerizationOS.Mount( type: "cgroup2", source: "none", target: "/sys/fs/cgroup", options: [] ), ] for mnt in mounts { log.info("mounting \(mnt.target)") try mnt.mount(createWithPerms: 0o755) } try Binfmt.mount() let cgManager = Cgroup2Manager( group: URL(filePath: "/vminitd"), logger: log ) try cgManager.create() try cgManager.toggleAllAvailableControllers(enable: true) // Set memory.high threshold to 75 MiB let threshold: UInt64 = 75 * 1024 * 1024 try cgManager.setMemoryHigh(bytes: threshold) try cgManager.addProcess(pid: getpid()) let memoryMonitor = try MemoryMonitor( cgroupManager: cgManager, threshold: threshold, logger: log ) { [log] (currentUsage, highMark) in log.warning( "vminitd memory threshold exceeded", metadata: [ "threshold_bytes": "\(threshold)", "current_bytes": "\(currentUsage)", "high_events_total": "\(highMark)", ]) } let t = Thread { [log] in do { try memoryMonitor.run() } catch { log.error("memory monitor failed: \(error)") } } t.start() let eg = MultiThreadedEventLoopGroup(numberOfThreads: System.coreCount) let blockingPool = NIOThreadPool(numberOfThreads: System.coreCount) blockingPool.start() let server = Initd(log: log, group: eg, blockingPool: blockingPool) do { log.info("serving vminitd API") try await server.serve(port: Self.vsockPort) log.info("vminitd API returned, syncing filesystems") #if os(Linux) Musl.sync() #endif } catch { log.error("vminitd boot error \(error)") #if os(Linux) Musl.sync() #endif _exit(1) } } private static func runInForeground(_ log: Logger, logLevel: String) throws { log.info("running vminitd under pid1") var command = Command("/sbin/vminitd", arguments: ["agent", "--log-level", logLevel]) command.attrs = .init(setsid: true) command.stdin = .standardInput command.stdout = .standardOutput command.stderr = .standardError command.environment = ["\(foregroundEnvVar)=1"] try command.start() let exitCode = try command.wait() log.info("child process exited with code: \(exitCode)") } private static func adjustLimits(_ log: Logger) throws { let nrOpen = try String(contentsOfFile: "/proc/sys/fs/nr_open", encoding: .utf8) .trimmingCharacters(in: .whitespacesAndNewlines) guard let max = rlim_t(nrOpen) else { throw POSIXError(.EINVAL) } log.debug("setting RLIMIT_NOFILE to \(max)") var limits = rlimit(rlim_cur: max, rlim_max: max) guard setrlimit(RLIMIT_NOFILE, &limits) == 0 else { throw POSIXError(.init(rawValue: errno)!) } } } ================================================ FILE: vminitd/Sources/vminitd/Application.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import ContainerizationOS import Foundation import Logging @main struct Application: AsyncParsableCommand { static let configuration = CommandConfiguration( commandName: "vminitd", abstract: "Virtual machine init daemon", version: "0.1.0", subcommands: [ AgentCommand.self, InitCommand.self, PauseCommand.self, ], defaultSubcommand: AgentCommand.self ) static func main() async throws { // Busybox-style: if invoked as .cz-init, run init mode directly. let invoked = CommandLine.arguments.first?.split(separator: "/").last.map(String.init) ?? "" if invoked == ".cz-init" { let args = Array(CommandLine.arguments.dropFirst()) var command = try InitCommand.parse(args) try command.run() return } // Swift has issues spawning threads if /proc isn't mounted, // so we do this synchronously before any async code runs. try mountProc() var command = try parseAsRoot() if let asyncCommand = command as? AsyncParsableCommand { nonisolated(unsafe) var unsafeCommand = asyncCommand try await unsafeCommand.run() } else { try command.run() } } private static func mountProc() throws { // Is it already mounted (would only be true in debug builds where we re-exec ourselves)? if isProcMounted() { return } let mnt = ContainerizationOS.Mount( type: "proc", source: "proc", target: "/proc", options: [] ) try mnt.mount(createWithPerms: 0o755) } private static func isProcMounted() -> Bool { guard let data = try? String(contentsOfFile: "/proc/mounts", encoding: .utf8) else { return false } for line in data.split(separator: "\n") { let fields = line.split(separator: " ") if fields.count >= 2 { let mountPoint = String(fields[1]) if mountPoint == "/proc" { return true } } } return false } } struct LogLevelOption: ParsableArguments { @Option(name: .long, help: "Set the log level (trace, debug, info, notice, warning, error, critical)") var logLevel: String = "info" func resolvedLogLevel() -> Logger.Level { switch logLevel.lowercased() { case "trace": return .trace case "debug": return .debug case "info": return .info case "notice": return .notice case "warning": return .warning case "error": return .error case "critical": return .critical default: return .info } } } func makeLogger(label: String, level: Logger.Level) -> Logger { LoggingSystem.bootstrap(StreamLogHandler.standardError) var log = Logger(label: label) log.logLevel = level return log } ================================================ FILE: vminitd/Sources/vminitd/CommandRunner.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOS import Foundation import Synchronization struct ProcessSubscription: Sendable { fileprivate let id: UUID } /// Protocol for running commands and waiting for their exit protocol CommandRunner: Sendable { func start(_ cmd: inout Command) throws -> ProcessSubscription func wait(_ cmd: Command, subscription: ProcessSubscription) async throws -> Int32 } struct DirectCommandRunner: CommandRunner { func start(_ cmd: inout Command) throws -> ProcessSubscription { try cmd.start() return ProcessSubscription(id: UUID()) } func wait(_ cmd: Command, subscription: ProcessSubscription) async throws -> Int32 { var rus = rusage() var ws = Int32() let result = wait4(cmd.pid, &ws, 0, &rus) guard result == cmd.pid else { throw POSIXError(.init(rawValue: errno)!) } return Command.toExitStatus(ws) } } final class ReaperCommandRunner: CommandRunner, Sendable { private struct Subscriber { let continuation: AsyncStream<(pid: pid_t, status: Int32)>.Continuation let stream: AsyncStream<(pid: pid_t, status: Int32)> } private let subscribers: Mutex<[UUID: Subscriber]> = Mutex([:]) func start(_ cmd: inout Command) throws -> ProcessSubscription { // Subscribe before starting to avoid missing fast exits let id = UUID() let (stream, continuation) = AsyncStream<(pid: pid_t, status: Int32)>.makeStream() subscribers.withLock { subscribers in subscribers[id] = Subscriber(continuation: continuation, stream: stream) } try cmd.start() return ProcessSubscription(id: id) } func wait(_ cmd: Command, subscription: ProcessSubscription) async throws -> Int32 { let pid = cmd.pid let id = subscription.id defer { subscribers.withLock { subscribers in subscribers[id]?.continuation.finish() subscribers.removeValue(forKey: id) } } // Get the stream from the subscriber guard let stream = subscribers.withLock({ $0[id]?.stream }) else { throw POSIXError(.ECHILD) } for await (exitPid, status) in stream { if exitPid == pid { return status } } throw POSIXError(.ECHILD) } /// Broadcast exit to all subscribers func notifyExit(pid: pid_t, status: Int32) { subscribers.withLock { subscribers in for subscriber in subscribers.values { subscriber.continuation.yield((pid, status)) } } } } ================================================ FILE: vminitd/Sources/vminitd/ContainerProcess.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOS import Foundation /// Exit status information for a container process struct ContainerExitStatus: Sendable { var exitCode: Int32 var exitedAt: Date } /// Protocol for managing container processes /// /// This protocol abstracts the underlying container runtime implementation, /// allowing for different backends like vmexec or runc. protocol ContainerProcess: Sendable { /// Unique identifier for the container process var id: String { get } /// Process ID of the running container (nil if not started) var pid: Int32? { get } /// Start the container process /// - Returns: The process ID of the started container /// - Throws: If the process fails to start func start() async throws -> Int32 /// Wait for the container process to exit /// - Returns: Exit status information when the process exits func wait() async -> ContainerExitStatus /// Send a signal to the container process /// - Parameter signal: The signal number to send /// - Throws: If the signal cannot be sent func kill(_ signal: Int32) async throws /// Resize the terminal for the container process /// - Parameter size: The new terminal size /// - Throws: If the terminal cannot be resized or process doesn't have a terminal func resize(size: Terminal.Size) throws /// Close stdin for the container process /// - Throws: If stdin cannot be closed func closeStdin() throws /// Delete the container process and clean up resources /// - Throws: If cleanup fails func delete() async throws /// Set the exit status of the process. func setExit(_ status: Int32) } ================================================ FILE: vminitd/Sources/vminitd/HostStdio.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// struct HostStdio: Sendable { let stdin: UInt32? let stdout: UInt32? let stderr: UInt32? let terminal: Bool } ================================================ FILE: vminitd/Sources/vminitd/IOCloser+Extensions.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOS import Foundation extension Socket: IOCloser {} extension Terminal: IOCloser { var fileDescriptor: Int32 { self.handle.fileDescriptor } } extension FileHandle: IOCloser {} ================================================ FILE: vminitd/Sources/vminitd/IOCloser.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// protocol IOCloser: Sendable { var fileDescriptor: Int32 { get } func close() throws } ================================================ FILE: vminitd/Sources/vminitd/IOPair.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationOS import Foundation import Logging import Synchronization final class IOPair: Sendable { private let io: Mutex private let logger: Logger? private let reason: String private struct IO { let from: IOCloser let to: IOCloser let buffer: UnsafeMutableBufferPointer var closed: Bool func drain() { let readFrom = OSFile(fd: from.fileDescriptor) let writeTo = OSFile(fd: to.fileDescriptor) while true { let r = readFrom.read(buffer) if r.read > 0 { let view = UnsafeMutableBufferPointer( start: buffer.baseAddress, count: r.read ) let w = writeTo.write(view) if w.wrote != r.read { return } } switch r.action { case .eof, .again, .error(_): return default: break } } } mutating func close(logger: Logger?) { if self.closed { return } // Try and drain IO first. self.drain() // Remove the fd from our global epoll instance first. let readFromFd = self.from.fileDescriptor do { try ProcessSupervisor.default.poller.delete(readFromFd) } catch { logger?.error("failed to delete fd from epoll \(readFromFd): \(error)") } do { try self.from.close() } catch { logger?.error("failed to close reader fd for IOPair: \(error)") } do { try self.to.close() } catch { logger?.error("failed to close writer fd for IOPair: \(error)") } self.buffer.deallocate() self.closed = true } } init( readFrom: IOCloser, writeTo: IOCloser, reason: String, logger: Logger? = nil ) { let buffer = UnsafeMutableBufferPointer.allocate(capacity: Int(getpagesize())) self.io = Mutex( IO( from: readFrom, to: writeTo, buffer: buffer, closed: false )) self.reason = reason self.logger = logger } func relay(ignoreHup: Bool = false) throws { self.logger?.info("setting up relay for \(reason)") let (readFromFd, writeToFd) = self.io.withLock { io in (io.from.fileDescriptor, io.to.fileDescriptor) } let readFrom = OSFile(fd: readFromFd) let writeTo = OSFile(fd: writeToFd) try ProcessSupervisor.default.poller.add(readFromFd, mask: EPOLLIN) { mask in self.io.withLock { io in if io.closed { return } if mask.isHangup && !mask.readyToRead { self.logger?.debug("received EPOLLHUP with no EPOLLIN") if !ignoreHup { io.close(logger: self.logger) } return } // Loop so we drain fully. while true { let r = readFrom.read(io.buffer) if r.read > 0 { let view = UnsafeMutableBufferPointer( start: io.buffer.baseAddress, count: r.read ) let w = writeTo.write(view) if w.wrote != r.read { self.logger?.error("stopping relay: short write for stdio") io.close(logger: self.logger) return } } switch r.action { case .error(let errno): self.logger?.error("failed with errno \(errno) while reading for fd \(readFromFd)") fallthrough case .eof: self.logger?.debug("closing relay for \(readFromFd)") io.close(logger: self.logger) return case .again: if mask.isHangup && !ignoreHup { self.logger?.error("received EPOLLHUP and EAGAIN exiting") self.close() } return default: break } } } } } func close() { self.io.withLock { io in self.logger?.info("closing relay for \(reason)") io.close(logger: self.logger) } } } ================================================ FILE: vminitd/Sources/vminitd/InitCommand.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import ContainerizationOS import LCShim import Musl /// A minimal init process that: /// - Spawns and monitors a child process /// - Forwards signals to the child /// - Reaps zombie processes /// - Exits with the child's exit code struct InitCommand: ParsableCommand { static let configuration = CommandConfiguration( commandName: "init", abstract: "Run as a minimal init process" ) @Flag(name: .shortAndLong, help: "Send signals to the child's process group instead of just the child") var processGroup: Bool = false @Argument(help: "The command to run") var command: String @Argument(parsing: .captureForPassthrough, help: "Arguments for the command") var arguments: [String] = [] /// Signals that should NOT be forwarded to the child. private static let ignoredSignals: Set = [ SIGCHLD, // We handle this for zombie reaping SIGFPE, SIGILL, SIGSEGV, SIGBUS, SIGABRT, SIGTRAP, SIGSYS, // Synchronous signals ] mutating func run() throws { // If we're not PID 1, register as a child subreaper so orphaned // processes get reparented to us and we can reap them. if getpid() != 1 { CZ_set_sub_reaper() } // Block all signals. We'll handle them synchronously via sigtimedwait var allSignals = sigset_t() sigfillset(&allSignals) sigprocmask(SIG_BLOCK, &allSignals, nil) let resolvedCommand = Path.lookPath(command)?.path ?? command var cmd = Command(resolvedCommand, arguments: arguments) cmd.stdin = .standardInput cmd.stdout = .standardOutput cmd.stderr = .standardError cmd.attrs = .init(setPGroup: true, setForegroundPGroup: true, setSignalDefault: true) try cmd.start() let childPid = cmd.pid let signalTarget = processGroup ? -childPid : childPid var timeout = timespec(tv_sec: 0, tv_nsec: 100_000_000) // Handle signals and reap zombies var childExitStatus: Int32? while childExitStatus == nil { var siginfo = siginfo_t() let sig = sigtimedwait(&allSignals, &siginfo, &timeout) if sig > 0 && !Self.ignoredSignals.contains(sig) { _ = Musl.kill(signalTarget, sig) } while true { var status: Int32 = 0 let pid = waitpid(-1, &status, WNOHANG) if pid <= 0 { break } if pid == childPid { childExitStatus = Command.toExitStatus(status) } } } Musl.exit(childExitStatus ?? 1) } } ================================================ FILE: vminitd/Sources/vminitd/ManagedContainer.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Cgroup import ContainerizationError import ContainerizationOCI import ContainerizationOS import Foundation import Logging actor ManagedContainer { let id: String let initProcess: any ContainerProcess private let cgroupManager: Cgroup2Manager private let log: Logger private let bundle: ContainerizationOCI.Bundle private let needsCgroupCleanup: Bool private var execs: [String: any ContainerProcess] = [:] var pid: Int32? { self.initProcess.pid } init( id: String, stdio: HostStdio, spec: ContainerizationOCI.Spec, ociRuntimePath: String? = nil, log: Logger ) async throws { var cgroupsPath: String if let cgPath = spec.linux?.cgroupsPath { cgroupsPath = cgPath } else { cgroupsPath = "/container/\(id)" } let bundle = try ContainerizationOCI.Bundle.create( path: Self.craftBundlePath(id: id), spec: spec ) log.debug("created bundle with spec \(spec)") let cgManager = Cgroup2Manager( group: URL(filePath: cgroupsPath), logger: log ) try cgManager.create() do { try cgManager.toggleAllAvailableControllers(enable: true) let initProcess: any ContainerProcess if let runtimePath = ociRuntimePath { // Use runc runtime let runc = ProcessSupervisor.default.getRuncWithReaper( Runc( command: runtimePath, root: "/run/runc" ) ) initProcess = try RuncProcess( id: id, stdio: stdio, bundle: bundle, runc: runc, log: log ) self.needsCgroupCleanup = false log.info("created runc init process with runtime: \(runtimePath)") } else { // Use vmexec runtime initProcess = try ManagedProcess( id: id, stdio: stdio, bundle: bundle, cgroupManager: cgManager, owningPid: nil, log: log ) self.needsCgroupCleanup = true log.info("created vmexec init process") } self.cgroupManager = cgManager self.initProcess = initProcess self.id = id self.bundle = bundle self.log = log } catch { try? cgManager.delete() throw error } } } extension ManagedContainer { // removeCgroupWithRetry will remove a cgroup path handling EAGAIN and EBUSY errors and // retrying the remove after an exponential timeout private func removeCgroupWithRetry() async throws { var delay = 10 // 10ms let maxRetries = 5 for i in 0.. Int32 { let proc = try self.getExecOrInit(execID: execID) return try await ProcessSupervisor.default.start(process: proc) } func wait(execID: String) async throws -> ContainerExitStatus { let proc = try self.getExecOrInit(execID: execID) return await proc.wait() } func kill(execID: String, _ signal: Int32) async throws { let proc = try self.getExecOrInit(execID: execID) try await proc.kill(signal) } func resize(execID: String, size: Terminal.Size) throws { let proc = try self.getExecOrInit(execID: execID) try proc.resize(size: size) } func closeStdin(execID: String) throws { let proc = try self.getExecOrInit(execID: execID) try proc.closeStdin() } func deleteExec(id: String) throws { try ensureExecExists(id) do { try self.bundle.deleteExecSpec(id: id) } catch { self.log.error("failed to remove exec spec from filesystem: \(error)") } self.execs.removeValue(forKey: id) } func delete() async throws { // Delete the init process if it's a RuncProcess try await self.initProcess.delete() // Delete the bundle and cgroup try self.bundle.delete() if self.needsCgroupCleanup { try await self.removeCgroupWithRetry() } } func stats() throws -> Cgroup2Stats { try self.cgroupManager.stats() } func getMemoryEvents() throws -> MemoryEvents { try self.cgroupManager.getMemoryEvents() } func getExecOrInit(execID: String) throws -> any ContainerProcess { if execID == self.id { return self.initProcess } guard let proc = self.execs[execID] else { throw ContainerizationError( .invalidState, message: "exec \(execID) does not exist in container \(self.id)" ) } return proc } } extension ContainerizationOCI.Bundle { func createExecSpec(id: String, process: ContainerizationOCI.Process) throws { let specDir = self.path.appending(path: "execs/\(id)") let fm = FileManager.default try fm.createDirectory( atPath: specDir.path, withIntermediateDirectories: true ) let specData = try JSONEncoder().encode(process) let processConfigPath = specDir.appending(path: "process.json") try specData.write(to: processConfigPath) } func getExecSpecPath(id: String) -> URL { self.path.appending(path: "execs/\(id)/process.json") } func deleteExecSpec(id: String) throws { let specDir = self.path.appending(path: "execs/\(id)") let fm = FileManager.default try fm.removeItem(at: specDir) } } extension ManagedContainer { static func craftBundlePath(id: String) -> URL { URL(fileURLWithPath: "/run/container").appending(path: id) } } ================================================ FILE: vminitd/Sources/vminitd/ManagedProcess.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Cgroup import Containerization import ContainerizationError import ContainerizationOCI import ContainerizationOS import Foundation import GRPC import Logging import Synchronization final class ManagedProcess: ContainerProcess, Sendable { // swiftlint: disable type_name protocol IO { func attach(pid: Int32, fd: Int32) throws func start(process: inout Command) throws func resize(size: Terminal.Size) throws func close() throws func closeStdin() throws func closeAfterExec() throws } // swiftlint: enable type_name private struct State { init(io: IO) { self.io = io } let io: IO var waiters: [CheckedContinuation] = [] var exitStatus: ContainerExitStatus? = nil var pid: Int32? } private static let ackPid = "AckPid" private static let ackConsole = "AckConsole" let id: String private let log: Logger private let command: Command private let state: Mutex private let owningPid: Int32? private let ackPipe: Pipe private let syncPipe: Pipe private let errorPipe: Pipe private let terminal: Bool private let bundle: ContainerizationOCI.Bundle private let cgroupManager: Cgroup2Manager? var pid: Int32? { self.state.withLock { $0.pid } } init( id: String, stdio: HostStdio, bundle: ContainerizationOCI.Bundle, cgroupManager: Cgroup2Manager? = nil, owningPid: Int32? = nil, log: Logger ) throws { self.id = id var log = log log[metadataKey: "id"] = "\(id)" self.log = log self.owningPid = owningPid let syncPipe = Pipe() try syncPipe.setCloexec() self.syncPipe = syncPipe let ackPipe = Pipe() try ackPipe.setCloexec() self.ackPipe = ackPipe let errorPipe = Pipe() try errorPipe.setCloexec() self.errorPipe = errorPipe let args: [String] if let owningPid { args = [ "exec", "--parent-pid", "\(owningPid)", "--process-path", bundle.getExecSpecPath(id: id).path, ] } else { args = ["run", "--bundle-path", bundle.path.path] } var command = Command( "/sbin/vmexec", arguments: args, extraFiles: [ syncPipe.fileHandleForWriting, ackPipe.fileHandleForReading, errorPipe.fileHandleForWriting, ] ) var io: IO if stdio.terminal { log.info("setting up terminal I/O") let attrs = Command.Attrs(setsid: false, setctty: false) command.attrs = attrs io = try TerminalIO( stdio: stdio, log: log ) } else { command.attrs = .init(setsid: false) io = StandardIO( stdio: stdio, log: log ) } log.info("starting I/O") // Setup IO early. We expect the host to be listening already. try io.start(process: &command) self.cgroupManager = cgroupManager self.command = command self.terminal = stdio.terminal self.bundle = bundle self.state = Mutex(State(io: io)) } } extension ManagedProcess { func start() async throws -> Int32 { do { return try self.state.withLock { log.info( "starting managed process", metadata: [ "id": "\(id)" ]) // Start the underlying process. try command.start() defer { try? self.ackPipe.fileHandleForWriting.close() try? self.syncPipe.fileHandleForReading.close() try? self.ackPipe.fileHandleForReading.close() try? self.syncPipe.fileHandleForWriting.close() try? self.errorPipe.fileHandleForWriting.close() } // Close our side of any pipes. try $0.io.closeAfterExec() try self.ackPipe.fileHandleForReading.close() try self.syncPipe.fileHandleForWriting.close() try self.errorPipe.fileHandleForWriting.close() let size = MemoryLayout.size guard let piddata = try syncPipe.fileHandleForReading.read(upToCount: size) else { throw ContainerizationError(.internalError, message: "no PID data from sync pipe") } guard piddata.count == size else { throw ContainerizationError(.internalError, message: "invalid payload") } let pid = piddata.withUnsafeBytes { ptr in ptr.load(as: Int32.self) } log.info( "got back pid data", metadata: [ "pid": "\(pid)" ]) $0.pid = pid // This should probably happen in vmexec, but we don't need to set any cgroup // toggles so the problem is much simpler to just do it here. if let owningPid { let cgManager = try Cgroup2Manager.loadFromPid(pid: owningPid) try cgManager.addProcess(pid: pid) } log.info( "sending pid acknowledgement", metadata: [ "pid": "\(pid)" ]) try self.ackPipe.fileHandleForWriting.write(contentsOf: Self.ackPid.data(using: .utf8)!) if self.terminal { log.info( "wait for PTY FD", metadata: [ "id": "\(id)" ]) // Wait for a new write that will contain the pty fd if we asked for one. guard let ptyFd = try self.syncPipe.fileHandleForReading.read(upToCount: size) else { throw ContainerizationError( .internalError, message: "no PTY data from sync pipe" ) } let fd = ptyFd.withUnsafeBytes { ptr in ptr.load(as: Int32.self) } log.info( "received PTY FD from container, attaching", metadata: [ "id": "\(id)" ]) try $0.io.attach(pid: pid, fd: fd) try self.ackPipe.fileHandleForWriting.write(contentsOf: Self.ackConsole.data(using: .utf8)!) } // Wait for the errorPipe to close (after exec). if let errorData = try? self.errorPipe.fileHandleForReading.readToEnd(), let errorString = String(data: errorData, encoding: .utf8), !errorString.isEmpty { throw ContainerizationError( .internalError, message: "vmexec error: \(errorString.trimmingCharacters(in: .whitespacesAndNewlines))" ) } log.info( "started managed process", metadata: [ "pid": "\(pid)", "id": "\(id)", ]) return pid } } catch { if let errorData = try? self.errorPipe.fileHandleForReading.readToEnd(), let errorString = String(data: errorData, encoding: .utf8), !errorString.isEmpty { throw ContainerizationError( .internalError, message: "vmexec error: \(errorString.trimmingCharacters(in: .whitespacesAndNewlines))", cause: error ) } throw error } } func setExit(_ status: Int32) { self.state.withLock { state in self.log.info( "managed process exit", metadata: [ "status": "\(status)" ]) let exitStatus = ContainerExitStatus(exitCode: status, exitedAt: Date.now) state.exitStatus = exitStatus do { try state.io.close() } catch { self.log.error("failed to close I/O for process: \(error)") } for waiter in state.waiters { waiter.resume(returning: exitStatus) } self.log.debug("\(state.waiters.count) managed process waiters signaled") state.waiters.removeAll() } } /// Wait on the process to exit func wait() async -> ContainerExitStatus { await withCheckedContinuation { cont in self.state.withLock { if let status = $0.exitStatus { cont.resume(returning: status) return } $0.waiters.append(cont) } } } func kill(_ signal: Int32) async throws { try self.state.withLock { guard let pid = $0.pid else { throw ContainerizationError(.invalidState, message: "process PID is required") } guard $0.exitStatus == nil else { return } self.log.info("sending signal \(signal) to process \(pid)") guard Foundation.kill(pid, signal) == 0 else { throw POSIXError.fromErrno() } } } func resize(size: Terminal.Size) throws { try self.state.withLock { guard $0.exitStatus == nil else { return } try $0.io.resize(size: size) } } func closeStdin() throws { let io = self.state.withLock { $0.io } try io.closeStdin() } func delete() async throws { // vmexec doesn't require explicit cleanup - the process is cleaned up // when it exits and IO is closed via setExit() } } ================================================ FILE: vminitd/Sources/vminitd/MemoryMonitor.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(Linux) import Cgroup import Foundation import Logging #if canImport(Musl) import Musl #elseif canImport(Glibc) import Glibc #endif package final class MemoryMonitor: Sendable { private static let inotifyEventSize = 0x10 private let cgroupManager: Cgroup2Manager private let threshold: UInt64 private let logger: Logger private let inotifyFd: Int32 private let watchDescriptor: Int32 private let onThresholdExceeded: @Sendable (UInt64, UInt64) -> Void package init( cgroupManager: Cgroup2Manager, threshold: UInt64, logger: Logger, onThresholdExceeded: @escaping @Sendable (UInt64, UInt64) -> Void ) throws { self.cgroupManager = cgroupManager self.threshold = threshold self.logger = logger self.onThresholdExceeded = onThresholdExceeded let fd = inotify_init() guard fd != -1 else { throw Error.inotifyInit(errno: errno) } self.inotifyFd = fd let eventsPath = cgroupManager.getMemoryEventsPath() let wd = inotify_add_watch( inotifyFd, eventsPath, UInt32(IN_MODIFY) ) guard wd != -1 else { close(fd) throw Error.inotifyAddWatch(errno: errno, path: eventsPath) } self.watchDescriptor = wd } /// Run the monitoring loop. Call this from a dedicated thread. /// This function blocks until an error occurs. package func run() throws { let eventsPath = cgroupManager.getMemoryEventsPath() logger.info( "Started memory monitoring", metadata: [ "threshold_bytes": "\(threshold)", "events_path": "\(eventsPath)", ]) // Read initial state var highCountMax: UInt64 = 0 do { let events = try cgroupManager.getMemoryEvents() highCountMax = events.high } catch { throw Error.readMemoryEvents(error: error) } let bufSize = Self.inotifyEventSize * 10 var buffer = [UInt8](repeating: 0, count: bufSize) while true { let bytesRead = buffer.withUnsafeMutableBytes { ptr in read(inotifyFd, ptr.baseAddress!, bufSize) } if bytesRead < 0 { if errno == EINTR { continue } throw Error.readFailed(errno: errno) } do { let events = try cgroupManager.getMemoryEvents() if events.high > highCountMax { highCountMax = events.high let stats = try cgroupManager.stats() let currentUsage = stats.memory?.usage ?? 0 onThresholdExceeded(currentUsage, events.high) } if events.oom > 0 || events.oomKill > 0 { logger.error( "OOM events detected", metadata: [ "oom_events": "\(events.oom)", "oom_kill_events": "\(events.oomKill)", ]) } } catch { throw Error.readMemoryEvents(error: error) } } } deinit { inotify_rm_watch(inotifyFd, watchDescriptor) close(inotifyFd) } } extension MemoryMonitor { package enum Error: Swift.Error, CustomStringConvertible { case inotifyInit(errno: Int32) case inotifyAddWatch(errno: Int32, path: String) case readFailed(errno: Int32) case readMemoryEvents(error: Swift.Error) package var description: String { switch self { case .inotifyInit(let errno): return "failed to initialize inotify: errno \(errno)" case .inotifyAddWatch(let errno, let path): return "failed to add inotify watch on \(path): errno \(errno)" case .readFailed(let errno): return "failed to read inotify events: errno \(errno)" case .readMemoryEvents(let error): return "failed to read memory events: \(error)" } } } } #endif ================================================ FILE: vminitd/Sources/vminitd/OSFile+Splice.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation extension OSFile { struct SpliceFile: Sendable { fileprivate var file: OSFile fileprivate var offset: Int fileprivate let pipe = Pipe() var fileDescriptor: Int32 { file.fileDescriptor } var reader: Int32 { pipe.fileHandleForReading.fileDescriptor } var writer: Int32 { pipe.fileHandleForWriting.fileDescriptor } init(fd: Int32) { self.file = OSFile(fd: fd) self.offset = 0 } init(handle: FileHandle) { self.file = OSFile(handle: handle) self.offset = 0 } init(from: OSFile, withOffset: Int = 0) { self.file = from self.offset = withOffset } func close() throws { try self.file.close() } } static func splice(from: inout SpliceFile, to: inout SpliceFile, count: Int = 1 << 16) throws -> (read: Int, wrote: Int, action: IOAction) { let fromOffset = from.offset let toOffset = to.offset while true { while (from.offset - to.offset) < count { let toRead = count - (from.offset - to.offset) let bytesRead = Foundation.splice(from.fileDescriptor, nil, to.writer, nil, toRead, UInt32(bitPattern: SPLICE_F_MOVE | SPLICE_F_NONBLOCK)) if bytesRead == -1 { if errno != EAGAIN && errno != EIO { throw POSIXError(.init(rawValue: errno)!) } break } if bytesRead == 0 { return (0, 0, .eof) } from.offset += bytesRead if bytesRead < toRead { break } } if from.offset == to.offset { return (from.offset - fromOffset, to.offset - toOffset, .success) } while to.offset < from.offset { let toWrite = from.offset - to.offset let bytesWrote = Foundation.splice(to.reader, nil, to.fileDescriptor, nil, toWrite, UInt32(bitPattern: SPLICE_F_MOVE | SPLICE_F_NONBLOCK)) if bytesWrote == -1 { if errno != EAGAIN && errno != EIO { throw POSIXError(.init(rawValue: errno)!) } break } to.offset += bytesWrote if bytesWrote == 0 { return (from.offset - fromOffset, to.offset - toOffset, .brokenPipe) } if bytesWrote < toWrite { break } } } } } ================================================ FILE: vminitd/Sources/vminitd/OSFile.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Foundation struct OSFile: Sendable { enum IOAction: Equatable { case eof case again case success case brokenPipe case error(_ errno: Int32) } private let fd: Int32 var closed: Bool { Foundation.fcntl(fd, F_GETFD) == -1 && errno == EBADF } var fileDescriptor: Int32 { fd } init(fd: Int32) { self.fd = fd } init(handle: FileHandle) { self.fd = handle.fileDescriptor } func close() throws { guard Foundation.close(self.fd) == 0 else { throw POSIXError(.init(rawValue: errno)!) } } func read(_ buffer: UnsafeMutableBufferPointer) -> (read: Int, action: IOAction) { if buffer.count == 0 { return (0, .success) } var bytesRead: Int = 0 while true { let n = Foundation.read( self.fd, buffer.baseAddress!.advanced(by: bytesRead), buffer.count - bytesRead ) if n == -1 { if errno == EAGAIN || errno == EIO { return (bytesRead, .again) } return (bytesRead, .error(errno)) } if n == 0 { return (bytesRead, .eof) } bytesRead += n if bytesRead < buffer.count { continue } return (bytesRead, .success) } } func write(_ buffer: UnsafeMutableBufferPointer) -> (wrote: Int, action: IOAction) { if buffer.count == 0 { return (0, .success) } var bytesWrote: Int = 0 while true { let n = Foundation.write( self.fd, buffer.baseAddress!.advanced(by: bytesWrote), buffer.count - bytesWrote ) if n == -1 { if errno == EAGAIN || errno == EIO { return (bytesWrote, .again) } return (bytesWrote, .error(errno)) } if n == 0 { return (bytesWrote, .brokenPipe) } bytesWrote += n if bytesWrote < buffer.count { continue } return (bytesWrote, .success) } } static func pipe() -> (read: Self, write: Self) { let pipe = Pipe() return (Self(handle: pipe.fileHandleForReading), Self(handle: pipe.fileHandleForWriting)) } static func open(path: String) throws -> Self { try open(path: path, mode: O_RDONLY | O_CLOEXEC) } static func open(path: String, mode: Int32) throws -> Self { let fd = Foundation.open(path, mode) if fd < 0 { throw POSIXError(.init(rawValue: errno)!) } return Self(fd: fd) } } ================================================ FILE: vminitd/Sources/vminitd/PauseCommand.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ArgumentParser import Dispatch import Logging import Musl struct PauseCommand: ParsableCommand { static let configuration = CommandConfiguration( commandName: "pause", abstract: "Run the pause container" ) @OptionGroup var options: LogLevelOption mutating func run() throws { let log = makeLogger(label: "pause", level: options.resolvedLogLevel()) if getpid() != 1 { log.warning("pause should be the first process") } // NOTE: For whatever reason, using signal() for the below causes a swift compiler issue. // Can revert whenever that is understood. let sigintSource = DispatchSource.makeSignalSource(signal: SIGINT) sigintSource.setEventHandler { log.info("Shutting down, got SIGINT") Musl.exit(0) } sigintSource.resume() let sigtermSource = DispatchSource.makeSignalSource(signal: SIGTERM) sigtermSource.setEventHandler { log.info("Shutting down, got SIGTERM") Musl.exit(0) } sigtermSource.resume() let sigchldSource = DispatchSource.makeSignalSource(signal: SIGCHLD) sigchldSource.setEventHandler { var status: Int32 = 0 while waitpid(-1, &status, WNOHANG) > 0 {} } sigchldSource.resume() log.info("pause container running, waiting for signals...") while true { Musl.pause() } log.error("Error: infinite loop terminated") Musl.exit(42) } } ================================================ FILE: vminitd/Sources/vminitd/ProcessSupervisor.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOS import Foundation import Logging import Synchronization final class ProcessSupervisor: Sendable { let poller: Epoll private let queue: DispatchQueue // `DispatchSourceSignal` is thread-safe. private nonisolated(unsafe) let source: DispatchSourceSignal private struct State { var processes: [any ContainerProcess] = [] var log: Logger? } private let state: Mutex private let reaperCommandRunner = ReaperCommandRunner() func setLog(_ log: Logger?) { self.state.withLock { $0.log = log } } static let `default` = ProcessSupervisor() private init() { let queue = DispatchQueue(label: "process-supervisor") self.source = DispatchSource.makeSignalSource(signal: SIGCHLD, queue: queue) self.queue = queue self.poller = try! Epoll() self.state = Mutex(State()) let t = Thread { try! self.poller.run() } t.start() } func ready() { self.source.setEventHandler { self.handleSignal() } self.source.resume() } private func handleSignal() { dispatchPrecondition(condition: .onQueue(queue)) let exited = Reaper.reap() for (pid, status) in exited { reaperCommandRunner.notifyExit(pid: pid, status: status) } self.state.withLock { state in state.log?.debug("received SIGCHLD, reaping processes") state.log?.debug("finished wait4 of \(exited.count) processes") state.log?.debug("checking for exit of managed process", metadata: ["exits": "\(exited)", "processes": "\(state.processes.count)"]) let exitedProcesses = state.processes.filter { proc in exited.contains { pid, _ in proc.pid == pid } } for proc in exitedProcesses { guard let pid = proc.pid else { continue } if let status = exited[pid] { state.log?.debug( "managed process exited", metadata: [ "pid": "\(pid)", "status": "\(status)", "count": "\(state.processes.count - 1)", ]) proc.setExit(status) state.processes.removeAll(where: { $0.pid == pid }) } } } } func start(process: any ContainerProcess) async throws -> Int32 { self.state.withLock { state in state.log?.debug("in supervisor lock to start process") state.processes.append(process) } do { return try await process.start() } catch { self.state.withLock { state in state.processes.removeAll(where: { $0.id == process.id }) } throw error } } /// Get a Runc instance configured with the reaper command runner func getRuncWithReaper(_ base: Runc = Runc()) -> Runc { var runc = base runc.commandRunner = reaperCommandRunner return runc } deinit { source.cancel() try? poller.shutdown() } } ================================================ FILE: vminitd/Sources/vminitd/Runc/ConsoleSocket.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOS import Foundation #if os(Linux) /// A Unix socket for receiving PTY master file descriptors from runc public final class ConsoleSocket: Sendable { private let socket: Socket private let socketPath: String /// The path to the console socket public var path: String { socketPath } /// Create a new console socket at the specified path public init(path: String) throws { let absPath = path.starts(with: "/") ? path : FileManager.default.currentDirectoryPath + "/" + path self.socketPath = absPath let pathURL = URL(fileURLWithPath: absPath) let dir = pathURL.deletingLastPathComponent().path try FileManager.default.createDirectory( atPath: dir, withIntermediateDirectories: true, attributes: nil ) let socketType = try UnixType(path: absPath, unlinkExisting: true) self.socket = try Socket(type: socketType) try socket.listen() } /// Create a temporary console socket in the runtime directory public static func temporary() throws -> ConsoleSocket { let tmpDir = "/tmp" let socketDir = tmpDir + "/runc-console-\(UUID().uuidString)" let socketPath = socketDir + "/console.sock" try FileManager.default.createDirectory( atPath: socketDir, withIntermediateDirectories: true, attributes: nil ) let socket = try ConsoleSocket(path: socketPath) return socket } /// Receive the PTY master file descriptor from runc public func receiveMaster() throws -> Int32 { let connection = try socket.accept() defer { try? connection.close() } return try connection.receiveFileDescriptor() } /// Close the socket and optionally remove the socket file public func close() throws { try socket.close() try FileManager.default.removeItem(atPath: socketPath) } deinit { try? close() } } #endif // os(Linux) ================================================ FILE: vminitd/Sources/vminitd/Runc/Runc.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOCI import ContainerizationOS import Foundation /// Log format for runc output enum LogFormat: String, Sendable { case json case text } /// Configuration and client for interacting with the runc binary struct Runc: Sendable { /// IO configuration for runc operations struct IO: Sendable { var stdin: FileHandle? var stdout: FileHandle? var stderr: FileHandle? init( stdin: FileHandle? = nil, stdout: FileHandle? = nil, stderr: FileHandle? = nil ) { self.stdin = stdin self.stdout = stdout self.stderr = stderr } static let inherit = IO() } /// Path to the runc binary var command: String /// Root directory for container state var root: String? /// Enable debug output var debug: Bool /// Path to log file var log: String? /// Format for log output var logFormat: LogFormat? /// Signal to send when parent process dies var pdeathSignal: Int32? /// Set process group ID var setpgid: Bool /// Path to criu binary for checkpoint/restore var criu: String? /// Use systemd cgroup manager var systemdCgroup: Bool /// Enable rootless mode var rootless: Bool /// Additional arguments to pass to runc var extraArgs: [String] /// Command runner to use instead of direct wait4 (for PID 1 environments with reapers) var commandRunner: (any CommandRunner)? init( command: String = "runc", root: String? = nil, debug: Bool = false, log: String? = nil, logFormat: LogFormat? = nil, pdeathSignal: Int32? = nil, setpgid: Bool = false, criu: String? = nil, systemdCgroup: Bool = false, rootless: Bool = false, extraArgs: [String] = [], commandRunner: (any CommandRunner)? = nil ) { self.command = command self.root = root self.debug = debug self.log = log self.logFormat = logFormat self.pdeathSignal = pdeathSignal self.setpgid = setpgid self.criu = criu self.systemdCgroup = systemdCgroup self.rootless = rootless self.extraArgs = extraArgs self.commandRunner = commandRunner } } /// Options for creating a container struct CreateOpts: Sendable { /// Path to file to write container PID var pidFile: String? /// Path to console socket for terminal access var consoleSocket: String? /// Detach from the container process var detach: Bool /// Do not use pivot_root to change root var noPivot: Bool /// Do not create a new session var noNewKeyring: Bool /// Additional file descriptors to pass to the container var extraFiles: [FileHandle] /// IO configuration for the runc process var io: Runc.IO init( pidFile: String? = nil, consoleSocket: String? = nil, detach: Bool = false, noPivot: Bool = false, noNewKeyring: Bool = false, extraFiles: [FileHandle] = [], io: Runc.IO = .inherit ) { self.pidFile = pidFile self.consoleSocket = consoleSocket self.detach = detach self.noPivot = noPivot self.noNewKeyring = noNewKeyring self.extraFiles = extraFiles self.io = io } } /// Options for executing a process in a container struct ExecOpts: Sendable { /// Path to file to write process PID var pidFile: String? /// Path to console socket for terminal access var consoleSocket: String? /// Detach from the process var detach: Bool /// Path to process.json file var processPath: String? /// IO configuration for the runc process var io: Runc.IO init( pidFile: String? = nil, consoleSocket: String? = nil, detach: Bool = false, processPath: String? = nil, io: Runc.IO = .inherit ) { self.pidFile = pidFile self.consoleSocket = consoleSocket self.detach = detach self.processPath = processPath self.io = io } } /// Options for deleting a container struct DeleteOpts: Sendable { /// Force deletion of a running container var force: Bool init(force: Bool = false) { self.force = force } } /// Options for restoring a container from checkpoint struct RestoreOpts: Sendable { /// Path to file to write container PID var pidFile: String? /// Path to console socket for terminal access var consoleSocket: String? /// Detach from the container process var detach: Bool /// Do not use pivot_root to change root var noPivot: Bool /// Do not create a new session var noNewKeyring: Bool /// Path to checkpoint image var imagePath: String? /// Path to parent checkpoint var parentPath: String? /// Work directory for CRIU var workPath: String? init( pidFile: String? = nil, consoleSocket: String? = nil, detach: Bool = false, noPivot: Bool = false, noNewKeyring: Bool = false, imagePath: String? = nil, parentPath: String? = nil, workPath: String? = nil ) { self.pidFile = pidFile self.consoleSocket = consoleSocket self.detach = detach self.noPivot = noPivot self.noNewKeyring = noNewKeyring self.imagePath = imagePath self.parentPath = parentPath self.workPath = workPath } } /// Container information returned from list operation struct Container: Sendable, Codable { let id: String let pid: Int let status: String let bundle: String let rootfs: String let created: Date let annotations: [String: String]? enum CodingKeys: String, CodingKey { case id case pid case status case bundle case rootfs case created case annotations } } extension Runc { enum Error: Swift.Error, CustomStringConvertible { case invalidJSON(String) case commandFailed(Int32, String) case invalidPidFile(String) var description: String { switch self { case .invalidJSON(let detail): return "invalid JSON: \(detail)" case .commandFailed(let status, let output): return "command failed with status \(status): \(output)" case .invalidPidFile(let path): return "invalid or missing PID file: \(path)" } } } } // MARK: - Command Building and Execution extension Runc { /// Build base arguments for runc command func baseArgs() -> [String] { var args: [String] = [] if let root = root { args += ["--root", root] } if debug { args.append("--debug") } if let log = log { args += ["--log", log] } if let logFormat = logFormat { args += ["--log-format", logFormat.rawValue] } if systemdCgroup { args.append("--systemd-cgroup") } if rootless { args.append("--rootless") } args += extraArgs return args } /// Execute a runc command and return the output func execute( args: [String], stdin: FileHandle? = nil, stdout: FileHandle? = nil, stderr: FileHandle? = nil, extraFiles: [FileHandle] = [], directory: String? = nil ) async throws -> (status: Int32, output: Data) { var cmd = Command( command, arguments: args, directory: directory, extraFiles: extraFiles ) // Setup IO let outPipe = Pipe() cmd.stdin = stdin cmd.stdout = stdout ?? outPipe.fileHandleForWriting cmd.stderr = stderr ?? outPipe.fileHandleForWriting if let pdeathSignal = pdeathSignal { cmd.attrs.pdeathSignal = pdeathSignal } if setpgid { cmd.attrs.setPGroup = true } let exitStatus: Int32 if let runner = commandRunner { let subscription = try runner.start(&cmd) exitStatus = try await runner.wait(cmd, subscription: subscription) } else { try cmd.start() exitStatus = try cmd.wait() } var output = Data() if stdout == nil { try? outPipe.fileHandleForWriting.close() output = try outPipe.fileHandleForReading.readToEnd() ?? Data() } return (exitStatus, output) } /// Execute command and parse JSON output func executeJSON( args: [String], directory: String? = nil ) async throws -> T { let (status, output) = try await execute(args: args, directory: directory) guard status == 0 else { let errorOutput = String(data: output, encoding: .utf8) ?? "" throw Error.commandFailed(status, errorOutput) } do { return try JSONDecoder().decode(T.self, from: output) } catch { let outputStr = String(data: output, encoding: .utf8) ?? "" throw Error.invalidJSON("failed to decode: \(error), output: \(outputStr)") } } /// Execute command without capturing output func executeVoid( args: [String], stdin: FileHandle? = nil, stdout: FileHandle? = nil, stderr: FileHandle? = nil, extraFiles: [FileHandle] = [], directory: String? = nil ) async throws { let (status, output) = try await execute( args: args, stdin: stdin, stdout: stdout, stderr: stderr, extraFiles: extraFiles, directory: directory ) guard status == 0 else { let errorOutput = String(data: output, encoding: .utf8) ?? "" throw Error.commandFailed(status, errorOutput) } } /// Read PID from a file func readPidFile(_ path: String) throws -> Int { guard let data = try? Data(contentsOf: URL(fileURLWithPath: path)), let pidString = String(data: data, encoding: .utf8)?.trimmingCharacters(in: .whitespacesAndNewlines), let pid = Int(pidString) else { throw Error.invalidPidFile(path) } return pid } } extension Runc { /// Create a container func create( id: String, bundle: String, opts: CreateOpts = CreateOpts() ) async throws -> Int? { var args = baseArgs() + ["create"] if let pidFile = opts.pidFile { args += ["--pid-file", pidFile] } if let consoleSocket = opts.consoleSocket { args += ["--console-socket", consoleSocket] } if opts.detach { args.append("--detach") } if opts.noPivot { args.append("--no-pivot") } if opts.noNewKeyring { args.append("--no-new-keyring") } args += ["--bundle", bundle, id] try await executeVoid( args: args, stdin: opts.io.stdin, stdout: opts.io.stdout, stderr: opts.io.stderr, extraFiles: opts.extraFiles, directory: bundle ) // Read PID if pidFile was specified if let pidFile = opts.pidFile { return try readPidFile(pidFile) } return nil } /// Start a container func start(id: String) async throws { let args = baseArgs() + ["start", id] try await executeVoid(args: args) } /// Run a container (create + start) func run( id: String, bundle: String, opts: CreateOpts = CreateOpts() ) async throws -> Int? { var args = baseArgs() + ["run"] if let pidFile = opts.pidFile { args += ["--pid-file", pidFile] } if let consoleSocket = opts.consoleSocket { args += ["--console-socket", consoleSocket] } if opts.detach { args.append("--detach") } if opts.noPivot { args.append("--no-pivot") } if opts.noNewKeyring { args.append("--no-new-keyring") } args += ["--bundle", bundle, id] try await executeVoid( args: args, stdin: opts.io.stdin, stdout: opts.io.stdout, stderr: opts.io.stderr, extraFiles: opts.extraFiles, directory: bundle ) // Read PID if pidFile was specified if let pidFile = opts.pidFile { return try readPidFile(pidFile) } return nil } /// Delete a container func delete(id: String, opts: DeleteOpts = DeleteOpts()) async throws { var args = baseArgs() + ["delete"] if opts.force { args.append("--force") } args.append(id) try await executeVoid(args: args) } /// Send a signal to a container func kill(id: String, signal: Int32, all: Bool = false) async throws { var args = baseArgs() + ["kill"] if all { args.append("--all") } args += [id, String(signal)] try await executeVoid(args: args) } /// Pause a container func pause(id: String) async throws { let args = baseArgs() + ["pause", id] try await executeVoid(args: args) } /// Resume a paused container func resume(id: String) async throws { let args = baseArgs() + ["resume", id] try await executeVoid(args: args) } /// Execute a process in a running container func exec( id: String, processSpec: String, opts: ExecOpts = ExecOpts() ) async throws -> Int? { var args = baseArgs() + ["exec"] if let pidFile = opts.pidFile { args += ["--pid-file", pidFile] } if let consoleSocket = opts.consoleSocket { args += ["--console-socket", consoleSocket] } if opts.detach { args.append("--detach") } if let processPath = opts.processPath { args += ["--process", processPath] } args += [id, processSpec] try await executeVoid( args: args, stdin: opts.io.stdin, stdout: opts.io.stdout, stderr: opts.io.stderr ) // Read PID if pidFile was specified if let pidFile = opts.pidFile { return try readPidFile(pidFile) } return nil } /// Update container resources func update(id: String, resources: String) async throws { let args = baseArgs() + ["update", "--resources", resources, id] try await executeVoid(args: args) } /// Checkpoint a container func checkpoint( id: String, imagePath: String, leaveRunning: Bool = false, workPath: String? = nil ) async throws { var args = baseArgs() + ["checkpoint"] if leaveRunning { args.append("--leave-running") } if let workPath = workPath { args += ["--work-path", workPath] } args += ["--image-path", imagePath, id] try await executeVoid(args: args) } /// Restore a container from checkpoint func restore( id: String, bundle: String, opts: RestoreOpts = RestoreOpts() ) async throws -> Int? { var args = baseArgs() + ["restore"] if let pidFile = opts.pidFile { args += ["--pid-file", pidFile] } if let consoleSocket = opts.consoleSocket { args += ["--console-socket", consoleSocket] } if opts.detach { args.append("--detach") } if opts.noPivot { args.append("--no-pivot") } if opts.noNewKeyring { args.append("--no-new-keyring") } if let imagePath = opts.imagePath { args += ["--image-path", imagePath] } if let parentPath = opts.parentPath { args += ["--parent-path", parentPath] } if let workPath = opts.workPath { args += ["--work-path", workPath] } args += ["--bundle", bundle, id] try await executeVoid(args: args, directory: bundle) if let pidFile = opts.pidFile { return try readPidFile(pidFile) } return nil } } // MARK: - List and State Operations extension Runc { /// List all containers func list() async throws -> [Container] { let args = baseArgs() + ["list", "--format", "json"] let containers: [Container] = try await executeJSON(args: args) return containers } /// Get state of a specific container func state(id: String) async throws -> ContainerizationOCI.State { let args = baseArgs() + ["state", id] let state: ContainerizationOCI.State = try await executeJSON(args: args) return state } /// List process IDs in a container func ps(id: String) async throws -> [Int] { let args = baseArgs() + ["ps", "--format", "json", id] let (status, output) = try await execute(args: args) guard status == 0 else { let errorOutput = String(data: output, encoding: .utf8) ?? "" throw Error.commandFailed(status, errorOutput) } // ps output is just an array of PIDs let pids = try JSONDecoder().decode([Int].self, from: output) return pids } /// Get version information func version() async throws -> String { let args = [command, "--version"] let (status, output) = try await execute(args: args) guard status == 0 else { let errorOutput = String(data: output, encoding: .utf8) ?? "" throw Error.commandFailed(status, errorOutput) } return String(data: output, encoding: .utf8) ?? "" } } // MARK: - Events extension Runc { /// Event from container runtime struct Event: Codable, Sendable { let type: String let id: String let stats: EventStats? enum CodingKeys: String, CodingKey { case type case id case stats } } /// Statistics in an event struct EventStats: Codable, Sendable { let cpu: CPUStats? let memory: MemoryStats? let pids: PIDStats? enum CodingKeys: String, CodingKey { case cpu case memory case pids } } struct CPUStats: Codable, Sendable { let usage: CPUUsage? let throttling: ThrottlingData? struct CPUUsage: Codable, Sendable { let total: UInt64? let percpu: [UInt64]? } struct ThrottlingData: Codable, Sendable { let periods: UInt64? let throttledPeriods: UInt64? let throttledTime: UInt64? } } struct MemoryStats: Codable, Sendable { let usage: MemoryUsage? let limit: UInt64? struct MemoryUsage: Codable, Sendable { let usage: UInt64? let max: UInt64? } } struct PIDStats: Codable, Sendable { let current: UInt64? let limit: UInt64? } } ================================================ FILE: vminitd/Sources/vminitd/RuncProcess.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// #if os(Linux) import Containerization import ContainerizationError import ContainerizationOCI import ContainerizationOS import Foundation import Logging import Synchronization /// A container process implementation that uses runc as the OCI runtime final class RuncProcess: ContainerProcess, Sendable { // swiftlint: disable type_name protocol IO: Sendable { func attachConsole(fd: Int32) throws func create() throws func getIO() -> Runc.IO func closeAfterExec() throws func resize(size: Terminal.Size) throws func close() throws func closeStdin() throws } // swiftlint: enable type_name private enum ProcessState { case initial case creating case running(pid: Int32) case exited(ContainerExitStatus) } private struct State { var state: ProcessState = .initial var waiters: [CheckedContinuation] = [] } let id: String private let log: Logger private let runc: Runc private let io: IO private let state: Mutex private let terminal: Bool private let bundle: ContainerizationOCI.Bundle private let consoleSocket: ConsoleSocket? var pid: Int32? { self.state.withLock { switch $0.state { case .running(let pid): return pid default: return nil } } } init( id: String, stdio: HostStdio, bundle: ContainerizationOCI.Bundle, runc: Runc, log: Logger ) throws { self.id = id var log = log log[metadataKey: "id"] = "\(id)" self.log = log self.runc = runc self.bundle = bundle self.terminal = stdio.terminal var io: IO var consoleSocket: ConsoleSocket? = nil if stdio.terminal { log.info("setting up terminal I/O for runc") let socket = try ConsoleSocket.temporary() consoleSocket = socket io = try RuncTerminalIO( stdio: stdio, log: log ) } else { io = RuncStandardIO( stdio: stdio, log: log ) } log.info("starting I/O for runc") try io.create() self.consoleSocket = consoleSocket self.io = io self.state = Mutex(State()) } func start() async throws -> Int32 { try self.state.withLock { guard case .initial = $0.state else { throw ContainerizationError( .invalidState, message: "container already started" ) } $0.state = .creating } log.info( "starting runc process", metadata: [ "id": "\(id)" ]) let pidFilePath = self.bundle.path.appendingPathComponent("runc-pid").path let runcIO = self.io.getIO() let opts: CreateOpts if let consoleSocket { opts = CreateOpts( pidFile: pidFilePath, consoleSocket: consoleSocket.path, io: runcIO ) } else { opts = CreateOpts( pidFile: pidFilePath, io: runcIO ) } guard let pidInt = try await self.runc.create( id: self.id, bundle: self.bundle.path.path, opts: opts ) else { throw ContainerizationError( .internalError, message: "runc create did not return a PID" ) } let pid = Int32(pidInt) self.log.info( "container created", metadata: [ "pid": "\(pid)" ]) // Close the pipe ends we gave to runc now that it has inherited them // and attach console if in terminal mode if self.terminal, let consoleSocket = self.consoleSocket { self.log.info("waiting for console FD from runc") let ptyFd = try consoleSocket.receiveMaster() self.log.info( "received PTY FD from runc, attaching", metadata: [ "id": "\(self.id)" ]) try self.io.closeAfterExec() try self.io.attachConsole(fd: ptyFd) } else { try self.io.closeAfterExec() } try await self.runc.start(id: self.id) self.state.withLock { $0.state = .running(pid: pid) } self.log.info( "started runc process", metadata: [ "pid": "\(pid)", "id": "\(self.id)", ]) return pid } func setExit(_ status: Int32) { self.state.withLock { self.log.info( "runc process exit", metadata: [ "status": "\(status)" ]) let exitStatus = ContainerExitStatus(exitCode: status, exitedAt: Date.now) $0.state = .exited(exitStatus) do { try self.io.close() } catch { self.log.error("failed to close I/O for process: \(error)") } for waiter in $0.waiters { waiter.resume(returning: exitStatus) } self.log.debug("\($0.waiters.count) runc process waiters signaled") $0.waiters.removeAll() } } func wait() async -> ContainerExitStatus { await withCheckedContinuation { cont in self.state.withLock { if case .exited(let exitStatus) = $0.state { cont.resume(returning: exitStatus) return } $0.waiters.append(cont) } } } func kill(_ signal: Int32) async throws { self.log.info("sending signal \(signal) to runc container \(id)") try await self.runc.kill(id: self.id, signal: signal) } func resize(size: Terminal.Size) throws { try self.state.withLock { if case .exited = $0.state { return } try self.io.resize(size: size) } } func closeStdin() throws { try self.io.closeStdin() } func delete() async throws { let shouldDelete = self.state.withLock { state -> Bool in switch state.state { case .initial, .creating: return false default: return true } } guard shouldDelete else { log.info("container was never created, skipping delete") return } log.info("deleting runc container", metadata: ["id": "\(id)"]) try await self.runc.delete( id: self.id, opts: DeleteOpts(force: true) ) if let consoleSocket = self.consoleSocket { try consoleSocket.close() } } } // MARK: - RuncTerminalIO final class RuncTerminalIO: RuncProcess.IO & Sendable { private struct State { var stdinSocket: Socket? var stdoutSocket: Socket? var stdin: IOPair? var stdout: IOPair? var terminal: Terminal? } private let log: Logger? private let hostStdio: HostStdio private let state: Mutex init( stdio: HostStdio, log: Logger? ) throws { self.hostStdio = stdio self.log = log self.state = Mutex(State()) } func resize(size: Terminal.Size) throws { try self.state.withLock { if let terminal = $0.terminal { try terminal.resize(size: size) } } } func create() throws { try self.state.withLock { if let stdinPort = self.hostStdio.stdin { let type = VsockType( port: stdinPort, cid: VsockType.hostCID ) let stdinSocket = try Socket(type: type, closeOnDeinit: false) try stdinSocket.connect() $0.stdinSocket = stdinSocket } if let stdoutPort = self.hostStdio.stdout { let type = VsockType( port: stdoutPort, cid: VsockType.hostCID ) let stdoutSocket = try Socket(type: type, closeOnDeinit: false) try stdoutSocket.connect() $0.stdoutSocket = stdoutSocket } } } func getIO() -> Runc.IO { // Terminal mode doesn't pass pipes to runc, it uses the console socket .inherit } func closeAfterExec() throws { // No pipes to close in terminal mode } func attachConsole(fd: Int32) throws { try self.state.withLock { let term = try Terminal(descriptor: fd, setInitState: false) $0.terminal = term if let stdinSocket = $0.stdinSocket { let pair = IOPair( readFrom: stdinSocket, writeTo: term, reason: "RuncTerminalIO stdin", logger: log ) try pair.relay(ignoreHup: true) $0.stdin = pair } if let stdoutSocket = $0.stdoutSocket { let pair = IOPair( readFrom: term, writeTo: stdoutSocket, reason: "RuncTerminalIO stdout", logger: log ) try pair.relay(ignoreHup: true) $0.stdout = pair } } } func close() throws { self.state.withLock { if let stdin = $0.stdin { stdin.close() $0.stdin = nil } if let stdout = $0.stdout { stdout.close() $0.stdout = nil } $0.terminal = nil } } func closeStdin() throws { self.state.withLock { if let stdin = $0.stdin { stdin.close() $0.stdin = nil } } } } // MARK: - RuncStandardIO final class RuncStandardIO: RuncProcess.IO & Sendable { private struct State { var stdin: IOPair? var stdout: IOPair? var stderr: IOPair? var stdinPipe: Pipe? var stdoutPipe: Pipe? var stderrPipe: Pipe? } private let log: Logger? private let hostStdio: HostStdio private let state: Mutex init( stdio: HostStdio, log: Logger? ) { self.hostStdio = stdio self.log = log self.state = Mutex(State()) } // NOP for non-terminal func attachConsole(fd: Int32) throws {} func create() throws { try self.state.withLock { if let stdinPort = self.hostStdio.stdin { let inPipe = Pipe() $0.stdinPipe = inPipe let type = VsockType( port: stdinPort, cid: VsockType.hostCID ) let stdinSocket = try Socket(type: type, closeOnDeinit: false) try stdinSocket.connect() let pair = IOPair( readFrom: stdinSocket, writeTo: inPipe.fileHandleForWriting, reason: "RuncStandardIO stdin", logger: log ) $0.stdin = pair try pair.relay() } if let stdoutPort = self.hostStdio.stdout { let outPipe = Pipe() $0.stdoutPipe = outPipe let type = VsockType( port: stdoutPort, cid: VsockType.hostCID ) let stdoutSocket = try Socket(type: type, closeOnDeinit: false) try stdoutSocket.connect() let pair = IOPair( readFrom: outPipe.fileHandleForReading, writeTo: stdoutSocket, reason: "RuncStandardIO stdout", logger: log ) $0.stdout = pair try pair.relay() } if let stderrPort = self.hostStdio.stderr { let errPipe = Pipe() $0.stderrPipe = errPipe let type = VsockType( port: stderrPort, cid: VsockType.hostCID ) let stderrSocket = try Socket(type: type, closeOnDeinit: false) try stderrSocket.connect() let pair = IOPair( readFrom: errPipe.fileHandleForReading, writeTo: stderrSocket, reason: "RuncStandardIO stderr", logger: log ) $0.stderr = pair try pair.relay() } } } func getIO() -> Runc.IO { self.state.withLock { Runc.IO( stdin: $0.stdinPipe?.fileHandleForReading, stdout: $0.stdoutPipe?.fileHandleForWriting, stderr: $0.stderrPipe?.fileHandleForWriting ) } } func closeAfterExec() throws { try self.state.withLock { // Close the pipe ends we gave to runc (the child inherited them) if let stdinPipe = $0.stdinPipe { try stdinPipe.fileHandleForReading.close() $0.stdinPipe = nil } if let stdoutPipe = $0.stdoutPipe { try stdoutPipe.fileHandleForWriting.close() $0.stdoutPipe = nil } if let stderrPipe = $0.stderrPipe { try stderrPipe.fileHandleForWriting.close() $0.stderrPipe = nil } } } func resize(size: Terminal.Size) throws { throw ContainerizationError(.unsupported, message: "resize not supported for standard IO") } func close() throws { self.state.withLock { if let stdin = $0.stdin { stdin.close() $0.stdin = nil } if let stdout = $0.stdout { stdout.close() $0.stdout = nil } if let stderr = $0.stderr { stderr.close() $0.stderr = nil } } } func closeStdin() throws { self.state.withLock { if let stdin = $0.stdin { stdin.close() $0.stdin = nil } } } } #endif // os(Linux) ================================================ FILE: vminitd/Sources/vminitd/Server+GRPC.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import Cgroup import Containerization import ContainerizationArchive import ContainerizationError import ContainerizationExtras import ContainerizationNetlink import ContainerizationOCI import ContainerizationOS import Foundation import GRPC import Logging import NIOCore import NIOPosix import SwiftProtobuf private let _setenv = Foundation.setenv #if canImport(Musl) import Musl private let _mount = Musl.mount private let _umount = Musl.umount2 private let _kill = Musl.kill private let _sync = Musl.sync #elseif canImport(Glibc) import Glibc private let _mount = Glibc.mount private let _umount = Glibc.umount2 private let _kill = Glibc.kill private let _sync = Glibc.sync #endif extension ContainerizationError { func toGRPCStatus(operation: String) -> GRPCStatus { let message = "\(operation): \(self)" let code: GRPCStatus.Code = { switch self.code { case .invalidArgument: return .invalidArgument case .notFound: return .notFound case .exists: return .alreadyExists case .cancelled: return .cancelled case .unsupported: return .unimplemented case .unknown: return .unknown case .internalError: return .internalError case .interrupted: return .unavailable case .invalidState: return .failedPrecondition case .timeout: return .deadlineExceeded default: return .internalError } }() return GRPCStatus(code: code, message: message, cause: self) } } extension Initd: Com_Apple_Containerization_Sandbox_V3_SandboxContextAsyncProvider { func setTime( request: Com_Apple_Containerization_Sandbox_V3_SetTimeRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_SetTimeResponse { log.trace( "setTime", metadata: [ "sec": "\(request.sec)", "usec": "\(request.usec)", ]) var tv = timeval(tv_sec: time_t(request.sec), tv_usec: suseconds_t(request.usec)) guard settimeofday(&tv, nil) == 0 else { let error = swiftErrno("settimeofday") log.error( "setTime", metadata: [ "error": "\(error)" ]) throw GRPCStatus(code: .internalError, message: "failed to settimeofday: \(error)") } return .init() } func setupEmulator( request: Com_Apple_Containerization_Sandbox_V3_SetupEmulatorRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_SetupEmulatorResponse { log.debug( "setupEmulator", metadata: [ "request": "\(request)" ]) if !Binfmt.mounted() { throw GRPCStatus( code: .internalError, message: "\(Binfmt.path) is not mounted" ) } do { let bfmt = Binfmt.Entry( name: request.name, type: request.type, offset: request.offset, magic: request.magic, mask: request.mask, flags: request.flags ) try bfmt.register(binaryPath: request.binaryPath) } catch { log.error( "setupEmulator", metadata: [ "error": "\(error)" ]) throw GRPCStatus( code: .internalError, message: "setupEmulator: failed to register binfmt_misc entry: \(error)" ) } return .init() } func sysctl( request: Com_Apple_Containerization_Sandbox_V3_SysctlRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_SysctlResponse { log.debug( "sysctl", metadata: [ "settings": "\(request.settings)" ]) do { let sysctlPath = URL(fileURLWithPath: "/proc/sys/") for (k, v) in request.settings { guard let data = v.data(using: .ascii) else { throw GRPCStatus(code: .internalError, message: "failed to convert \(v) to data buffer for sysctl write") } let setting = sysctlPath .appendingPathComponent(k.replacingOccurrences(of: ".", with: "/")) let fh = try FileHandle(forWritingTo: setting) defer { try? fh.close() } try fh.write(contentsOf: data) } } catch { log.error( "sysctl", metadata: [ "error": "\(error)" ]) throw GRPCStatus( code: .internalError, message: "sysctl: failed to set sysctl: \(error)" ) } return .init() } func proxyVsock( request: Com_Apple_Containerization_Sandbox_V3_ProxyVsockRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_ProxyVsockResponse { log.debug( "proxyVsock", metadata: [ "id": "\(request.id)", "port": "\(request.vsockPort)", "guestPath": "\(request.guestPath)", "action": "\(request.action)", ]) let proxy = VsockProxy( id: request.id, action: request.action == .into ? .dial : .listen, port: request.vsockPort, path: URL(fileURLWithPath: request.guestPath), udsPerms: request.guestSocketPermissions, log: log ) do { try await proxy.start() try await state.add(proxy: proxy) } catch { try? await proxy.close() log.error( "proxyVsock", metadata: [ "error": "\(error)" ]) throw GRPCStatus( code: .internalError, message: "proxyVsock: failed to setup vsock proxy: \(error)" ) } log.info( "proxyVsock started", metadata: [ "id": "\(request.id)", "port": "\(request.vsockPort)", "guestPath": "\(request.guestPath)", ]) return .init() } func stopVsockProxy( request: Com_Apple_Containerization_Sandbox_V3_StopVsockProxyRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_StopVsockProxyResponse { log.debug( "stopVsockProxy", metadata: [ "id": "\(request.id)" ]) do { let proxy = try await state.remove(proxy: request.id) try await proxy.close() } catch { log.error( "stopVsockProxy", metadata: [ "error": "\(error)" ]) throw GRPCStatus( code: .internalError, message: "stopVsockProxy: failed to stop vsock proxy: \(error)" ) } log.info( "stopVsockProxy completed", metadata: [ "id": "\(request.id)" ]) return .init() } func mkdir(request: Com_Apple_Containerization_Sandbox_V3_MkdirRequest, context: GRPC.GRPCAsyncServerCallContext) async throws -> Com_Apple_Containerization_Sandbox_V3_MkdirResponse { log.debug( "mkdir", metadata: [ "path": "\(request.path)", "all": "\(request.all)", ]) do { try FileManager.default.createDirectory( atPath: request.path, withIntermediateDirectories: request.all ) } catch { log.error( "mkdir", metadata: [ "error": "\(error)" ]) throw GRPCStatus(code: .internalError, message: "mkdir: \(error)") } return .init() } func writeFile(request: Com_Apple_Containerization_Sandbox_V3_WriteFileRequest, context: GRPC.GRPCAsyncServerCallContext) async throws -> Com_Apple_Containerization_Sandbox_V3_WriteFileResponse { log.debug( "writeFile", metadata: [ "path": "\(request.path)", "mode": "\(request.mode)", "dataSize": "\(request.data.count)", ]) do { if request.flags.createParentDirs { let fileURL = URL(fileURLWithPath: request.path) let parentDir = fileURL.deletingLastPathComponent() try FileManager.default.createDirectory( at: parentDir, withIntermediateDirectories: true ) } var flags = O_WRONLY if request.flags.createIfMissing { flags |= O_CREAT } if request.flags.append { flags |= O_APPEND } let mode = request.mode > 0 ? mode_t(request.mode) : mode_t(0644) let fd = open(request.path, flags, mode) guard fd != -1 else { let error = swiftErrno("open") throw GRPCStatus( code: .internalError, message: "writeFile: failed to open file: \(error)" ) } let fh = FileHandle(fileDescriptor: fd, closeOnDealloc: true) try fh.write(contentsOf: request.data) } catch { log.error( "writeFile", metadata: [ "error": "\(error)" ]) if error is GRPCStatus { throw error } throw GRPCStatus( code: .internalError, message: "writeFile: \(error)" ) } return .init() } // Chunk size for streaming file transfers (1MB). private static let copyChunkSize = 1024 * 1024 func copy( request: Com_Apple_Containerization_Sandbox_V3_CopyRequest, responseStream: GRPCAsyncResponseStreamWriter, context: GRPC.GRPCAsyncServerCallContext ) async throws { let path = request.path let vsockPort = request.vsockPort log.debug( "copy", metadata: [ "direction": "\(request.direction)", "path": "\(path)", "vsockPort": "\(vsockPort)", "isArchive": "\(request.isArchive)", "mode": "\(request.mode)", "createParents": "\(request.createParents)", ]) do { switch request.direction { case .copyIn: try await handleCopyIn(request: request, responseStream: responseStream) case .copyOut: try await handleCopyOut(request: request, responseStream: responseStream) case .UNRECOGNIZED(let value): throw GRPCStatus(code: .invalidArgument, message: "copy: unrecognized direction \(value)") } } catch { log.error( "copy", metadata: [ "direction": "\(request.direction)", "path": "\(path)", "error": "\(error)", ]) if error is GRPCStatus { throw error } throw GRPCStatus(code: .internalError, message: "copy: \(error)") } } /// Handle a COPY_IN request: connect to host vsock port, read data, write to guest filesystem. private func handleCopyIn( request: Com_Apple_Containerization_Sandbox_V3_CopyRequest, responseStream: GRPCAsyncResponseStreamWriter ) async throws { let path = request.path let isArchive = request.isArchive if request.createParents { let parentDir = URL(fileURLWithPath: path).deletingLastPathComponent() try FileManager.default.createDirectory(at: parentDir, withIntermediateDirectories: true) } // Connect to the host's vsock port for data transfer. let vsockType = VsockType(port: request.vsockPort, cid: VsockType.hostCID) let sock = try Socket(type: vsockType, closeOnDeinit: false) try sock.connect() let sockFd = sock.fileDescriptor // Dispatch blocking I/O onto the thread pool. let rejected: [String] = try await blockingPool.runIfActive { [self] in defer { try? sock.close() } guard isArchive else { let mode = request.mode > 0 ? mode_t(request.mode) : mode_t(0o644) let fd = open(path, O_WRONLY | O_CREAT | O_TRUNC, mode) guard fd != -1 else { throw GRPCStatus( code: .internalError, message: "copy: failed to open file '\(path)': \(swiftErrno("open"))" ) } defer { close(fd) } var buf = [UInt8](repeating: 0, count: Self.copyChunkSize) while true { let n = read(sockFd, &buf, buf.count) if n == 0 { break } guard n > 0 else { throw GRPCStatus( code: .internalError, message: "copy: vsock read error: \(swiftErrno("read"))" ) } var written = 0 while written < n { let w = buf.withUnsafeBytes { ptr in write(fd, ptr.baseAddress! + written, n - written) } guard w > 0 else { throw GRPCStatus( code: .internalError, message: "copy: write error: \(swiftErrno("write"))" ) } written += w } } return [] } let destURL = URL(fileURLWithPath: path) try FileManager.default.createDirectory(at: destURL, withIntermediateDirectories: true) let fileHandle = FileHandle(fileDescriptor: sockFd, closeOnDealloc: false) let reader = try ArchiveReader(format: .pax, filter: .gzip, fileHandle: fileHandle) return try reader.extractContents(to: destURL) } if !rejected.isEmpty { log.info("copy: archive extracted", metadata: ["path": "\(path)", "rejectedCount": "\(rejected.count)"]) for rejectedPath in rejected { log.error("copy: rejected archive path", metadata: ["path": "\(rejectedPath)"]) } } log.debug("copy: copyIn complete", metadata: ["path": "\(path)", "isArchive": "\(isArchive)"]) // Send completion response. try await responseStream.send(.with { $0.status = .complete }) } /// Handle a COPY_OUT request: stat path, send metadata, connect to host vsock port, write data. private func handleCopyOut( request: Com_Apple_Containerization_Sandbox_V3_CopyRequest, responseStream: GRPCAsyncResponseStreamWriter ) async throws { let path = request.path var isDirectory: ObjCBool = false guard FileManager.default.fileExists(atPath: path, isDirectory: &isDirectory) else { throw GRPCStatus(code: .notFound, message: "copy: path not found '\(path)'") } let isArchive = isDirectory.boolValue // Determine total size for single files. var totalSize: UInt64 = 0 if !isArchive { let attrs = try FileManager.default.attributesOfItem(atPath: path) if let size = attrs[.size] as? UInt64 { totalSize = size } } // Send metadata response BEFORE connecting to vsock, so host knows what to expect. try await responseStream.send( .with { $0.status = .metadata $0.isArchive = isArchive $0.totalSize = totalSize }) // Connect to the host's vsock port and dispatch blocking I/O onto the thread pool. let vsockType = VsockType(port: request.vsockPort, cid: VsockType.hostCID) let sock = try Socket(type: vsockType, closeOnDeinit: false) try sock.connect() try await blockingPool.runIfActive { [self] in defer { try? sock.close() } if isArchive { let fileURL = URL(fileURLWithPath: path) let writer = try ArchiveWriter(configuration: .init(format: .pax, filter: .gzip)) try writer.open(fileDescriptor: sock.fileDescriptor) try writer.archiveDirectory(fileURL) try writer.finishEncoding() } else { let srcFd = open(path, O_RDONLY) guard srcFd != -1 else { throw GRPCStatus( code: .internalError, message: "copy: failed to open '\(path)': \(swiftErrno("open"))" ) } defer { close(srcFd) } var buf = [UInt8](repeating: 0, count: Self.copyChunkSize) while true { let n = read(srcFd, &buf, buf.count) if n == 0 { break } guard n > 0 else { throw GRPCStatus( code: .internalError, message: "copy: read error: \(swiftErrno("read"))" ) } var written = 0 while written < n { let w = buf.withUnsafeBytes { ptr in write(sock.fileDescriptor, ptr.baseAddress! + written, n - written) } guard w > 0 else { throw GRPCStatus( code: .internalError, message: "copy: vsock write error: \(swiftErrno("write"))" ) } written += w } } } } log.debug( "copy: copyOut complete", metadata: [ "path": "\(path)", "isArchive": "\(isArchive)", ]) // Send completion response after vsock data transfer is done. try await responseStream.send(.with { $0.status = .complete }) } func mount(request: Com_Apple_Containerization_Sandbox_V3_MountRequest, context: GRPC.GRPCAsyncServerCallContext) async throws -> Com_Apple_Containerization_Sandbox_V3_MountResponse { log.debug( "mount", metadata: [ "type": "\(request.type)", "source": "\(request.source)", "destination": "\(request.destination)", ]) do { let mnt = ContainerizationOS.Mount( type: request.type, source: request.source, target: request.destination, options: request.options ) #if os(Linux) try mnt.mount(createWithPerms: 0o755) return .init() #else fatalError("mount not supported on platform") #endif } catch { log.error( "mount", metadata: [ "error": "\(error)" ]) throw GRPCStatus(code: .internalError, message: "mount: \(error)") } } func umount(request: Com_Apple_Containerization_Sandbox_V3_UmountRequest, context: GRPC.GRPCAsyncServerCallContext) async throws -> Com_Apple_Containerization_Sandbox_V3_UmountResponse { log.debug( "umount", metadata: [ "path": "\(request.path)", "flags": "\(request.flags)", ]) #if os(Linux) // Best effort EBUSY handle. for _ in 0...50 { let result = _umount(request.path, request.flags) if result == -1 { if errno == EBUSY { try await Task.sleep(for: .milliseconds(10)) continue } let error = swiftErrno("umount") log.error( "umount", metadata: [ "error": "\(error)" ]) throw GRPCStatus(code: .invalidArgument, message: "umount: \(error)") } break } return .init() #else fatalError("umount not supported on platform") #endif } func setenv(request: Com_Apple_Containerization_Sandbox_V3_SetenvRequest, context: GRPC.GRPCAsyncServerCallContext) async throws -> Com_Apple_Containerization_Sandbox_V3_SetenvResponse { log.debug( "setenv", metadata: [ "key": "\(request.key)", "value": "\(request.value)", ]) guard _setenv(request.key, request.value, 1) == 0 else { let error = swiftErrno("setenv") log.error( "setEnv", metadata: [ "error": "\(error)" ]) throw GRPCStatus(code: .invalidArgument, message: "setenv: \(error)") } return .init() } func getenv(request: Com_Apple_Containerization_Sandbox_V3_GetenvRequest, context: GRPC.GRPCAsyncServerCallContext) async throws -> Com_Apple_Containerization_Sandbox_V3_GetenvResponse { log.debug( "getenv", metadata: [ "key": "\(request.key)" ]) let env = ProcessInfo.processInfo.environment[request.key] return .with { if let env { $0.value = env } } } func createProcess( request: Com_Apple_Containerization_Sandbox_V3_CreateProcessRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_CreateProcessResponse { log.debug( "createProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "stdin": "Port: \(request.stdin)", "stdout": "Port: \(request.stdout)", "stderr": "Port: \(request.stderr)", ]) do { if !request.hasContainerID { throw ContainerizationError( .invalidArgument, message: "processes in the root of the vm not implemented" ) } var ociSpec = try JSONDecoder().decode( ContainerizationOCI.Spec.self, from: request.configuration ) try ociAlterations(id: request.id, ociSpec: &ociSpec) guard let process = ociSpec.process else { throw ContainerizationError( .invalidArgument, message: "oci runtime spec missing process configuration" ) } let stdioPorts = HostStdio( stdin: request.hasStdin ? request.stdin : nil, stdout: request.hasStdout ? request.stdout : nil, stderr: request.hasStderr ? request.stderr : nil, terminal: process.terminal ) // This is an exec. if let container = await self.state.containers[request.containerID] { try await container.createExec( id: request.id, stdio: stdioPorts, process: process ) } else { // We need to make our new fangled container. // The process ID must match the container ID for this. guard request.id == request.containerID else { throw ContainerizationError( .invalidArgument, message: "init process id must match container id" ) } // Write the etc/hostname file in the container rootfs since some init-systems // depend on it. let hostname = ociSpec.hostname if let root = ociSpec.root, !hostname.isEmpty { let etc = URL(fileURLWithPath: root.path).appendingPathComponent("etc") try FileManager.default.createDirectory(atPath: etc.path, withIntermediateDirectories: true) let hostnamePath = etc.appendingPathComponent("hostname") try hostname.write(toFile: hostnamePath.path, atomically: true, encoding: .utf8) } let ctr = try await ManagedContainer( id: request.id, stdio: stdioPorts, spec: ociSpec, ociRuntimePath: request.hasOciRuntimePath ? request.ociRuntimePath : nil, log: self.log ) try await self.state.add(container: ctr) } return .init() } catch let err as ContainerizationError { log.error( "createProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(err)", ]) throw err.toGRPCStatus(operation: "createProcess: failed to create process") } catch { log.error( "createProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(error)", ]) throw GRPCStatus(code: .internalError, message: "createProcess: failed to create process: \(error)") } } func killProcess( request: Com_Apple_Containerization_Sandbox_V3_KillProcessRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_KillProcessResponse { log.debug( "killProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "signal": "\(request.signal)", ]) do { if !request.hasContainerID { throw ContainerizationError( .invalidArgument, message: "processes in the root of the vm not implemented" ) } let ctr = try await self.state.get(container: request.containerID) try await ctr.kill(execID: request.id, request.signal) return .init() } catch let err as ContainerizationError { log.error( "killProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(err)", ]) throw err.toGRPCStatus(operation: "killProcess: failed to kill process") } catch { log.error( "killProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(error)", ]) throw GRPCStatus(code: .internalError, message: "killProcess: failed to kill process: \(error)") } } func deleteProcess( request: Com_Apple_Containerization_Sandbox_V3_DeleteProcessRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_DeleteProcessResponse { log.debug( "deleteProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", ]) do { if !request.hasContainerID { throw ContainerizationError( .invalidArgument, message: "processes in the root of the vm not implemented" ) } let ctr = try await self.state.get(container: request.containerID) // Are we trying to delete the container itself? if request.id == request.containerID { try await ctr.delete() try await state.remove(container: request.id) } else { // Or just a single exec. try await ctr.deleteExec(id: request.id) } return .init() } catch let err as ContainerizationError { log.error( "deleteProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(err)", ]) throw err.toGRPCStatus(operation: "deleteProcess: failed to delete process") } catch { log.error( "deleteProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(error)", ]) throw GRPCStatus(code: .internalError, message: "deleteProcess: failed to delete process: \(error)") } } func startProcess( request: Com_Apple_Containerization_Sandbox_V3_StartProcessRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_StartProcessResponse { log.debug( "startProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", ]) do { if !request.hasContainerID { throw ContainerizationError( .invalidArgument, message: "processes in the root of the vm not implemented" ) } let ctr = try await self.state.get(container: request.containerID) let pid = try await ctr.start(execID: request.id) return .with { $0.pid = pid } } catch let err as ContainerizationError { log.error( "startProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(err)", ]) throw err.toGRPCStatus(operation: "startProcess: failed to start process") } catch { log.error( "startProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(error)", ]) throw GRPCStatus( code: .internalError, message: "startProcess: failed to start process: \(error)" ) } } func resizeProcess( request: Com_Apple_Containerization_Sandbox_V3_ResizeProcessRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_ResizeProcessResponse { log.debug( "resizeProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", ]) do { if !request.hasContainerID { throw ContainerizationError( .invalidArgument, message: "processes in the root of the vm not implemented" ) } let ctr = try await self.state.get(container: request.containerID) let size = Terminal.Size( width: UInt16(request.columns), height: UInt16(request.rows) ) try await ctr.resize(execID: request.id, size: size) } catch let err as ContainerizationError { log.error( "resizeProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(err)", ]) throw err.toGRPCStatus(operation: "resizeProcess: failed to resize process") } catch { log.error( "resizeProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(error)", ]) throw GRPCStatus( code: .internalError, message: "resizeProcess: failed to resize process: \(error)" ) } return .init() } func waitProcess( request: Com_Apple_Containerization_Sandbox_V3_WaitProcessRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_WaitProcessResponse { log.debug( "waitProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", ]) do { if !request.hasContainerID { throw ContainerizationError( .invalidArgument, message: "processes in the root of the vm not implemented" ) } let ctr = try await self.state.get(container: request.containerID) let exitStatus = try await ctr.wait(execID: request.id) return .with { $0.exitCode = exitStatus.exitCode $0.exitedAt = Google_Protobuf_Timestamp(date: exitStatus.exitedAt) } } catch let err as ContainerizationError { log.error( "waitProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(err)", ]) throw err.toGRPCStatus(operation: "waitProcess: failed to wait on process") } catch { log.error( "waitProcess", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(error)", ]) throw GRPCStatus( code: .internalError, message: "waitProcess: failed to wait on process: \(error)" ) } } func closeProcessStdin( request: Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_CloseProcessStdinResponse { log.debug( "closeProcessStdin", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", ]) do { if !request.hasContainerID { throw ContainerizationError( .invalidArgument, message: "processes in the root of the vm not implemented" ) } let ctr = try await self.state.get(container: request.containerID) try await ctr.closeStdin(execID: request.id) return .init() } catch let err as ContainerizationError { log.error( "closeProcessStdin", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(err)", ]) throw err.toGRPCStatus(operation: "closeProcessStdin: failed to close process stdin") } catch { log.error( "closeProcessStdin", metadata: [ "id": "\(request.id)", "containerID": "\(request.containerID)", "error": "\(error)", ]) throw GRPCStatus( code: .internalError, message: "closeProcessStdin: failed to close process stdin: \(error)" ) } } func ipLinkSet( request: Com_Apple_Containerization_Sandbox_V3_IpLinkSetRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_IpLinkSetResponse { log.debug( "ipLinkSet", metadata: [ "interface": "\(request.interface)", "up": "\(request.up)", ]) do { let socket = try DefaultNetlinkSocket() let session = NetlinkSession(socket: socket, log: log) let mtuValue: UInt32? = request.hasMtu ? request.mtu : nil try session.linkSet(interface: request.interface, up: request.up, mtu: mtuValue) } catch { log.error( "ipLinkSet", metadata: [ "error": "\(error)" ]) throw GRPCStatus(code: .internalError, message: "ip-link-set: \(error)") } return .init() } func ipAddrAdd( request: Com_Apple_Containerization_Sandbox_V3_IpAddrAddRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_IpAddrAddResponse { log.debug( "ipAddrAdd", metadata: [ "interface": "\(request.interface)", "ipv4Address": "\(request.ipv4Address)", ]) do { let socket = try DefaultNetlinkSocket() let session = NetlinkSession(socket: socket, log: log) let ipv4Address = try CIDRv4(request.ipv4Address) try session.addressAdd(interface: request.interface, ipv4Address: ipv4Address) } catch { log.error( "ipAddrAdd", metadata: [ "error": "\(error)" ]) throw GRPCStatus(code: .internalError, message: "failed to set IP address on interface \(request.interface): \(error)") } return .init() } func ipRouteAddLink( request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_IpRouteAddLinkResponse { log.debug( "ipRouteAddLink", metadata: [ "interface": "\(request.interface)", "dstIpv4Addr": "\(request.dstIpv4Addr)", "srcIpv4Addr": "\(request.srcIpv4Addr)", ]) do { let socket = try DefaultNetlinkSocket() let session = NetlinkSession(socket: socket, log: log) let dstIpv4Addr = try CIDRv4(request.dstIpv4Addr) let srcIpv4Addr = request.srcIpv4Addr.isEmpty ? nil : try IPv4Address(request.srcIpv4Addr) try session.routeAdd( interface: request.interface, dstIpv4Addr: dstIpv4Addr, srcIpv4Addr: srcIpv4Addr ) } catch { log.error( "ipRouteAddLink", metadata: [ "error": "\(error)" ]) throw GRPCStatus(code: .internalError, message: "ip-route-add-link: \(error)") } return .init() } func ipRouteAddDefault( request: Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_IpRouteAddDefaultResponse { log.debug( "ipRouteAddDefault", metadata: [ "interface": "\(request.interface)", "ipv4Gateway": "\(request.ipv4Gateway)", ]) do { let socket = try DefaultNetlinkSocket() let session = NetlinkSession(socket: socket, log: log) let ipv4Gateway = try IPv4Address(request.ipv4Gateway) try session.routeAddDefault(interface: request.interface, ipv4Gateway: ipv4Gateway) } catch { log.error( "ipRouteAddDefault", metadata: [ "error": "\(error)" ]) throw GRPCStatus(code: .internalError, message: "failed to set default gateway on interface \(request.interface): \(error)") } return .init() } func configureDns( request: Com_Apple_Containerization_Sandbox_V3_ConfigureDnsRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_ConfigureDnsResponse { let domain = request.hasDomain ? request.domain : nil log.debug( "configureDns", metadata: [ "location": "\(request.location)", "nameservers": "\(request.nameservers)", "domain": "\(domain ?? "")", "searchDomains": "\(request.searchDomains)", "options": "\(request.options)", ]) do { let etc = URL(fileURLWithPath: request.location).appendingPathComponent("etc") try FileManager.default.createDirectory(atPath: etc.path, withIntermediateDirectories: true) let resolvConf = etc.appendingPathComponent("resolv.conf") let config = DNS( nameservers: request.nameservers, domain: domain, searchDomains: request.searchDomains, options: request.options ) let text = config.resolvConf log.debug("writing to path \(resolvConf.path) \(text)") try text.write(toFile: resolvConf.path, atomically: true, encoding: .utf8) log.debug("wrote resolver configuration", metadata: ["path": "\(resolvConf.path)"]) } catch { log.error( "configureDns", metadata: [ "error": "\(error)" ]) throw GRPCStatus(code: .internalError, message: "failed to configure DNS at location \(request.location): \(error)") } return .init() } func configureHosts( request: Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_ConfigureHostsResponse { log.debug( "configureHosts", metadata: [ "location": "\(request.location)" ]) do { let etc = URL(fileURLWithPath: request.location).appendingPathComponent("etc") try FileManager.default.createDirectory(atPath: etc.path, withIntermediateDirectories: true) let hostsPath = etc.appendingPathComponent("hosts") let config = request.toCZHosts() let text = config.hostsFile try text.write(toFile: hostsPath.path, atomically: true, encoding: .utf8) log.debug("wrote /etc/hosts configuration", metadata: ["path": "\(hostsPath.path)"]) } catch { log.error( "configureHosts", metadata: [ "error": "\(error)" ]) throw GRPCStatus(code: .internalError, message: "configureHosts: \(error)") } return .init() } func containerStatistics( request: Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_ContainerStatisticsResponse { log.debug( "containerStatistics", metadata: [ "container_ids": "\(request.containerIds)", "categories": "\(request.categories)", ]) do { // Parse requested categories (empty = all) let categories = Set(request.categories) let wantAll = categories.isEmpty let wantProcess = wantAll || categories.contains(.process) let wantMemory = wantAll || categories.contains(.memory) let wantCPU = wantAll || categories.contains(.cpu) let wantBlockIO = wantAll || categories.contains(.blockIo) let wantNetwork = wantAll || categories.contains(.network) let wantMemoryEvents = wantAll || categories.contains(.memoryEvents) // Get all network interfaces (skip loopback) only if needed let interfaces = wantNetwork ? try getNetworkInterfaces() : [] // Get containers to query let containerIDs: [String] if request.containerIds.isEmpty { containerIDs = await Array(state.containers.keys) } else { containerIDs = request.containerIds } var containerStats: [Com_Apple_Containerization_Sandbox_V3_ContainerStats] = [] for containerID in containerIDs { let container = try await state.get(container: containerID) // Only fetch cgroup stats if needed let cgStats: Cgroup2Stats? if wantProcess || wantMemory || wantCPU || wantBlockIO { cgStats = try await container.stats() } else { cgStats = nil } // Get network stats only if requested var networkStats: [Com_Apple_Containerization_Sandbox_V3_NetworkStats] = [] if wantNetwork { let socket = try DefaultNetlinkSocket() let session = NetlinkSession(socket: socket, log: log) for interface in interfaces { let responses = try session.linkGet(interface: interface, includeStats: true) if responses.count == 1, let stats = try responses[0].getStatistics() { networkStats.append( .with { $0.interface = interface $0.receivedPackets = stats.rxPackets $0.transmittedPackets = stats.txPackets $0.receivedBytes = stats.rxBytes $0.transmittedBytes = stats.txBytes $0.receivedErrors = stats.rxErrors $0.transmittedErrors = stats.txErrors }) } } } // Get memory events only if requested var memoryEvents: MemoryEvents? if wantMemoryEvents { memoryEvents = try await container.getMemoryEvents() } containerStats.append( mapStatsToProto( containerID: containerID, cgStats: cgStats, networkStats: networkStats, memoryEvents: memoryEvents, wantProcess: wantProcess, wantMemory: wantMemory, wantCPU: wantCPU, wantBlockIO: wantBlockIO, wantNetwork: wantNetwork, wantMemoryEvents: wantMemoryEvents ) ) } return .with { $0.containers = containerStats } } catch { log.error( "containerStatistics", metadata: [ "error": "\(error)" ]) throw GRPCStatus(code: .internalError, message: "containerStatistics: \(error)") } } private func swiftErrno(_ msg: Logger.Message) -> POSIXError { let error = POSIXError(.init(rawValue: errno)!) log.error( msg, metadata: [ "error": "\(error)" ]) return error } // NOTE: This is just crummy. It works because today the assumption is // every NIC in the root net namespace is for the container(s), but if we // ever supported individual containers having their own NICs/IPs then this // logic needs to change. We only create ethernet devices today too, so that's // what this filters for as well. private func getNetworkInterfaces() throws -> [String] { let netPath = URL(filePath: "/sys/class/net") let interfaces = try FileManager.default.contentsOfDirectory( at: netPath, includingPropertiesForKeys: nil ) return interfaces .map { $0.lastPathComponent } .filter { $0.hasPrefix("eth") } } private func mapStatsToProto( containerID: String, cgStats: Cgroup2Stats?, networkStats: [Com_Apple_Containerization_Sandbox_V3_NetworkStats], memoryEvents: MemoryEvents?, wantProcess: Bool, wantMemory: Bool, wantCPU: Bool, wantBlockIO: Bool, wantNetwork: Bool, wantMemoryEvents: Bool ) -> Com_Apple_Containerization_Sandbox_V3_ContainerStats { .with { $0.containerID = containerID if wantProcess, let pids = cgStats?.pids { $0.process = .with { $0.current = pids.current $0.limit = pids.max ?? 0 } } if wantMemory, let memory = cgStats?.memory { $0.memory = .with { $0.usageBytes = memory.usage $0.limitBytes = memory.usageLimit ?? 0 $0.swapUsageBytes = memory.swapUsage ?? 0 $0.swapLimitBytes = memory.swapLimit ?? 0 $0.cacheBytes = memory.file $0.kernelStackBytes = memory.kernelStack $0.slabBytes = memory.slab $0.pageFaults = memory.pgfault $0.majorPageFaults = memory.pgmajfault $0.inactiveFile = memory.inactiveFile $0.anon = memory.anon } } if wantCPU, let cpu = cgStats?.cpu { $0.cpu = .with { $0.usageUsec = cpu.usageUsec $0.userUsec = cpu.userUsec $0.systemUsec = cpu.systemUsec $0.throttlingPeriods = cpu.nrPeriods $0.throttledPeriods = cpu.nrThrottled $0.throttledTimeUsec = cpu.throttledUsec } } if wantBlockIO, let io = cgStats?.io { $0.blockIo = .with { $0.devices = io.entries.map { entry in .with { $0.major = entry.major $0.minor = entry.minor $0.readBytes = entry.rbytes $0.writeBytes = entry.wbytes $0.readOperations = entry.rios $0.writeOperations = entry.wios } } } } if wantNetwork { $0.networks = networkStats } if wantMemoryEvents, let events = memoryEvents { $0.memoryEvents = .with { $0.low = events.low $0.high = events.high $0.max = events.max $0.oom = events.oom $0.oomKill = events.oomKill } } } } func sync( request: Com_Apple_Containerization_Sandbox_V3_SyncRequest, context: GRPC.GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_SyncResponse { log.debug("sync") _sync() return .init() } func kill( request: Com_Apple_Containerization_Sandbox_V3_KillRequest, context: GRPCAsyncServerCallContext ) async throws -> Com_Apple_Containerization_Sandbox_V3_KillResponse { log.debug( "kill", metadata: [ "pid": "\(request.pid)", "signal": "\(request.signal)", ]) let r = _kill(request.pid, request.signal) return .with { $0.result = r } } } extension Com_Apple_Containerization_Sandbox_V3_ConfigureHostsRequest { func toCZHosts() -> Hosts { let entries = self.entries.map { Hosts.Entry( ipAddress: $0.ipAddress, hostnames: $0.hostnames, comment: $0.hasComment ? $0.comment : nil ) } return Hosts( entries: entries, comment: self.hasComment ? self.comment : nil ) } } extension Initd { func ociAlterations(id: String, ociSpec: inout ContainerizationOCI.Spec) throws { guard var process = ociSpec.process else { throw ContainerizationError( .invalidArgument, message: "runtime spec without process field present" ) } guard let root = ociSpec.root else { throw ContainerizationError( .invalidArgument, message: "runtime spec without root field present" ) } if ociSpec.linux!.cgroupsPath.isEmpty { ociSpec.linux!.cgroupsPath = "/container/\(id)" } if process.cwd.isEmpty { process.cwd = "/" } // NOTE: The OCI runtime specs Username field is truthfully Windows exclusive, but we use this as a way // to pass through the exact string representation of a username (or username:group, uid:group etc.) a client // may have given us. let username = process.user.username.isEmpty ? "\(process.user.uid):\(process.user.gid)" : process.user.username let parsedUser = try User.getExecUser( userString: username, passwdPath: URL(filePath: root.path).appending(path: "etc/passwd"), groupPath: URL(filePath: root.path).appending(path: "etc/group") ) process.user.uid = parsedUser.uid process.user.gid = parsedUser.gid process.user.additionalGids.append(contentsOf: parsedUser.sgids) process.user.additionalGids.append(process.user.gid) var seenSuppGids = Set() process.user.additionalGids = process.user.additionalGids.filter { seenSuppGids.insert($0).inserted } if !process.env.contains(where: { $0.hasPrefix("PATH=") }) { process.env.append("PATH=\(LinuxProcessConfiguration.defaultPath)") } if !process.env.contains(where: { $0.hasPrefix("HOME=") }) { process.env.append("HOME=\(parsedUser.home)") } // Defensive programming a tad, but ensure we have TERM set if // the client requested a pty. if process.terminal { let termEnv = "TERM=" if !process.env.contains(where: { $0.hasPrefix(termEnv) }) { process.env.append("TERM=xterm") } } ociSpec.process = process } } ================================================ FILE: vminitd/Sources/vminitd/Server.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import Foundation import GRPC import Logging import NIOCore import NIOPosix final class Initd: Sendable { actor State { var containers: [String: ManagedContainer] = [:] var proxies: [String: VsockProxy] = [:] func get(container id: String) throws -> ManagedContainer { guard let ctr = self.containers[id] else { throw ContainerizationError( .notFound, message: "container \(id) not found" ) } return ctr } func add(container: ManagedContainer) throws { guard containers[container.id] == nil else { throw ContainerizationError( .exists, message: "container \(container.id) already exists" ) } containers[container.id] = container } func add(proxy: VsockProxy) throws { guard proxies[proxy.id] == nil else { throw ContainerizationError( .exists, message: "proxy \(proxy.id) already exists" ) } proxies[proxy.id] = proxy } func remove(proxy id: String) throws -> VsockProxy { guard let proxy = proxies.removeValue(forKey: id) else { throw ContainerizationError( .notFound, message: "proxy \(id) does not exist" ) } return proxy } func remove(container id: String) throws { guard let _ = containers.removeValue(forKey: id) else { throw ContainerizationError( .notFound, message: "container \(id) does not exist" ) } } } let log: Logger let state: State let group: EventLoopGroup let blockingPool: NIOThreadPool init(log: Logger, group: EventLoopGroup, blockingPool: NIOThreadPool) { self.log = log self.group = group self.blockingPool = blockingPool self.state = State() } func serve(port: Int) async throws { try await withThrowingTaskGroup(of: Void.self) { group in log.debug("starting process supervisor") ProcessSupervisor.default.setLog(self.log) ProcessSupervisor.default.ready() log.info( "booting gRPC server on vsock", metadata: [ "port": "\(port)" ]) let server = try await Server.start( configuration: .default( target: .vsockAddress(.init(cid: .any, port: .init(port))), eventLoopGroup: self.group, serviceProviders: [self]) ).get() log.info( "gRPC API serving on vsock", metadata: [ "port": "\(port)" ]) group.addTask { try await server.onClose.get() } try await group.next() log.info("closing gRPC server") group.cancelAll() } } } ================================================ FILE: vminitd/Sources/vminitd/StandardIO.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationError import ContainerizationOS import Foundation import Logging import Synchronization final class StandardIO: ManagedProcess.IO & Sendable { private struct State { var stdin: IOPair? var stdout: IOPair? var stderr: IOPair? var stdinPipe: Pipe? var stdoutPipe: Pipe? var stderrPipe: Pipe? } private let log: Logger? private let hostStdio: HostStdio private let state: Mutex init( stdio: HostStdio, log: Logger? ) { self.hostStdio = stdio self.log = log self.state = Mutex(State()) } // NOP func attach(pid: Int32, fd: Int32) throws {} func start(process: inout Command) throws { try self.state.withLock { if let stdinPort = self.hostStdio.stdin { let inPipe = Pipe() process.stdin = inPipe.fileHandleForReading $0.stdinPipe = inPipe let type = VsockType( port: stdinPort, cid: VsockType.hostCID ) let stdinSocket = try Socket(type: type, closeOnDeinit: false) try stdinSocket.connect() let pair = IOPair( readFrom: stdinSocket, writeTo: inPipe.fileHandleForWriting, reason: "StandardIO stdin", logger: log ) $0.stdin = pair try pair.relay() } if let stdoutPort = self.hostStdio.stdout { let outPipe = Pipe() process.stdout = outPipe.fileHandleForWriting $0.stdoutPipe = outPipe let type = VsockType( port: stdoutPort, cid: VsockType.hostCID ) let stdoutSocket = try Socket(type: type, closeOnDeinit: false) try stdoutSocket.connect() let pair = IOPair( readFrom: outPipe.fileHandleForReading, writeTo: stdoutSocket, reason: "StandardIO stdout", logger: log ) $0.stdout = pair try pair.relay() } if let stderrPort = self.hostStdio.stderr { let errPipe = Pipe() process.stderr = errPipe.fileHandleForWriting $0.stderrPipe = errPipe let type = VsockType( port: stderrPort, cid: VsockType.hostCID ) let stderrSocket = try Socket(type: type, closeOnDeinit: false) try stderrSocket.connect() let pair = IOPair( readFrom: errPipe.fileHandleForReading, writeTo: stderrSocket, reason: "StandardIO stderr", logger: log ) $0.stderr = pair try pair.relay() } } } func resize(size: Terminal.Size) throws { throw ContainerizationError(.unsupported, message: "resize not supported") } func close() throws { self.state.withLock { if let stdin = $0.stdin { stdin.close() $0.stdin = nil } if let stdout = $0.stdout { stdout.close() $0.stdout = nil } if let stderr = $0.stderr { stderr.close() $0.stderr = nil } } } func closeStdin() throws { self.state.withLock { if let stdin = $0.stdin { stdin.close() $0.stdin = nil } } } func closeAfterExec() throws { try self.state.withLock { if let stdin = $0.stdinPipe { try stdin.fileHandleForReading.close() $0.stdinPipe = nil } if let stdout = $0.stdoutPipe { try stdout.fileHandleForWriting.close() $0.stdoutPipe = nil } if let stderr = $0.stderrPipe { try stderr.fileHandleForWriting.close() $0.stderrPipe = nil } } } } ================================================ FILE: vminitd/Sources/vminitd/TerminalIO.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationOS import Foundation import LCShim import Logging import Synchronization final class TerminalIO: ManagedProcess.IO & Sendable { private struct State { var stdinSocket: Socket? var stdoutSocket: Socket? var stdin: IOPair? var stdout: IOPair? var parent: Terminal? } private let log: Logger? private let hostStdio: HostStdio private let state: Mutex init( stdio: HostStdio, log: Logger? ) throws { self.hostStdio = stdio self.log = log self.state = Mutex(State()) } func resize(size: Terminal.Size) throws { try self.state.withLock { if let parent = $0.parent { try parent.resize(size: size) } } } func start(process: inout Command) throws { try self.state.withLock { process.stdin = nil process.stdout = nil process.stderr = nil if let stdinPort = self.hostStdio.stdin { let type = VsockType( port: stdinPort, cid: VsockType.hostCID ) let stdinSocket = try Socket(type: type, closeOnDeinit: false) try stdinSocket.connect() $0.stdinSocket = stdinSocket } if let stdoutPort = self.hostStdio.stdout { let type = VsockType( port: stdoutPort, cid: VsockType.hostCID ) let stdoutSocket = try Socket(type: type, closeOnDeinit: false) try stdoutSocket.connect() $0.stdoutSocket = stdoutSocket } } } func attach(pid: Int32, fd: Int32) throws { try self.state.withLock { let containerFd = CZ_pidfd_open(pid, 0) guard containerFd != -1 else { throw POSIXError.fromErrno() } defer { Foundation.close(Int32(containerFd)) } let hostFd = CZ_pidfd_getfd(containerFd, fd, 0) guard hostFd != -1 else { throw POSIXError.fromErrno() } let term = try Terminal(descriptor: Int32(hostFd), setInitState: false) $0.parent = term if let stdinSocket = $0.stdinSocket { let pair = IOPair( readFrom: stdinSocket, writeTo: term, reason: "TerminalIO stdin", logger: log ) try pair.relay(ignoreHup: true) $0.stdin = pair } if let stdoutSocket = $0.stdoutSocket { let pair = IOPair( readFrom: term, writeTo: stdoutSocket, reason: "TerminalIO stdout", logger: log ) try pair.relay(ignoreHup: true) $0.stdout = pair } } } func close() throws { self.state.withLock { if let stdin = $0.stdin { stdin.close() $0.stdin = nil } if let stdout = $0.stdout { stdout.close() $0.stdout = nil } $0.parent = nil } } // NOP func closeAfterExec() throws {} func closeStdin() throws { self.state.withLock { if let stdin = $0.stdin { stdin.close() $0.stdin = nil } } } } ================================================ FILE: vminitd/Sources/vminitd/VsockProxy.swift ================================================ //===----------------------------------------------------------------------===// // Copyright © 2025-2026 Apple Inc. and the Containerization project authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // https://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. //===----------------------------------------------------------------------===// import ContainerizationIO import ContainerizationOS import Foundation import Logging actor VsockProxy { enum Action { case listen case dial } private enum SocketType { case unix case vsock } let id: String private let path: URL private let action: Action private let port: UInt32 private let udsPerms: UInt32? private let log: Logger? private var listener: Socket? private var task: Task<(), Never>? init( id: String, action: Action, port: UInt32, path: URL, udsPerms: UInt32?, log: Logger? = nil ) { self.id = id self.action = action self.port = port self.path = path self.udsPerms = udsPerms self.log = log } } extension VsockProxy { func start() throws { guard listener == nil else { return } log?.debug( "starting proxy", metadata: [ "vport": "\(port)", "uds": "\(path)", "action": "\(action)", ]) switch action { case .dial: try dialHost() case .listen: try dialGuest() } } func close() throws { guard let listener else { return } log?.debug( "stopping proxy", metadata: [ "vport": "\(port)", "uds": "\(path)", "action": "\(action)", ]) try listener.close() if action == .dial { let fm = FileManager.default if fm.fileExists(atPath: path.path) { try fm.removeItem(at: path) } } task?.cancel() self.listener = nil } private func dialHost() throws { let fm = FileManager.default let parentDir = path.deletingLastPathComponent() try fm.createDirectory( at: parentDir, withIntermediateDirectories: true ) let type = try UnixType( path: path.path, perms: udsPerms, unlinkExisting: true ) let oldMask = umask(0) defer { umask(oldMask) } let uds = try Socket(type: type) try uds.listen() listener = uds try acceptLoop(socketType: .unix) } private func dialGuest() throws { let type = VsockType( port: port, cid: VsockType.anyCID ) let vsock = try Socket(type: type) try vsock.listen() listener = vsock try acceptLoop(socketType: .vsock) } private func acceptLoop(socketType: SocketType) throws { guard let listener else { return } let stream = try listener.acceptStream() let task = Task { do { for try await conn in stream { Task { log?.debug( "accepting connection", metadata: [ "vport": "\(port)", "uds": "\(path)", "action": "\(action)", "socketType": "\(socketType)", ]) do { try await handleConn( conn: conn, connType: socketType ) } catch { self.log?.error("failed to handle connection: \(error)") } } } } catch { self.log?.error("failed to accept connection: \(error)") } } self.task = task } private func handleConn( conn: ContainerizationOS.Socket, connType: SocketType ) async throws { try await withCheckedThrowingContinuation { (c: CheckedContinuation) in do { // `relayTo` isn't used concurrently. nonisolated(unsafe) var relayTo: ContainerizationOS.Socket switch connType { case .unix: let type = VsockType( port: port, cid: VsockType.hostCID ) relayTo = try Socket( type: type, closeOnDeinit: false ) case .vsock: let type = try UnixType(path: path.path) relayTo = try Socket( type: type, closeOnDeinit: false ) } try relayTo.connect() // `clientFile` isn't used concurrently. nonisolated(unsafe) var clientFile = OSFile.SpliceFile(fd: conn.fileDescriptor) nonisolated(unsafe) var eofFromClient = false // `serverFile` isn't used concurrently. nonisolated(unsafe) var serverFile = OSFile.SpliceFile(fd: relayTo.fileDescriptor) nonisolated(unsafe) var eofFromServer = false // clean up when any of these conditions apply: // - the client has completely hung up or errored // - the server has completely hung up or errored // - both the client and server have half closed via: // - read hangup on epoll // - EOF on splice let cleanup = { @Sendable [log, port, path, action] in log?.debug( "cleaning up", metadata: [ "vport": "\(port)", "uds": "\(path)", "action": "\(action)", "eofFromClient": "\(eofFromClient)", "eofFromServer": "\(eofFromServer)", "clientFd": "\(clientFile.fileDescriptor)", "serverFd": "\(serverFile.fileDescriptor)", ] ) do { try ProcessSupervisor.default.poller.delete(clientFile.fileDescriptor) try ProcessSupervisor.default.poller.delete(serverFile.fileDescriptor) try conn.close() try relayTo.close() } catch { self.log?.error("Failed to clean up vsock proxy: \(error)") } c.resume() } try! ProcessSupervisor.default.poller.add(clientFile.fileDescriptor, mask: EPOLLIN | EPOLLOUT) { mask in if mask.readyToRead && !eofFromClient { let (fromEof, toEof) = Self.transferData( fromFile: &clientFile, toFile: &serverFile, description: "readyToRead:toServer", log: self.log ) eofFromClient = eofFromClient || fromEof eofFromServer = eofFromServer || toEof } if mask.readyToWrite && !eofFromServer { let (fromEof, toEof) = Self.transferData( fromFile: &serverFile, toFile: &clientFile, description: "readyToWrite:toClient", log: self.log ) eofFromClient = eofFromClient || toEof eofFromServer = eofFromServer || fromEof } if mask.isHangup { eofFromClient = true eofFromServer = true } else if mask.isRhangup && !eofFromClient { // half close, shut down client to server transfer // we should see no more EPOLLIN events on the client fd // and no more EPOLLOUT events on the server fd eofFromClient = true if shutdown(serverFile.fileDescriptor, SHUT_WR) != 0 { self.log?.warning( "failed to shut down client reads", metadata: [ "vport": "\(self.port)", "uds": "\(self.path)", "errno": "\(errno)", "eofFromClient": "\(eofFromClient)", "eofFromServer": "\(eofFromServer)", "clientFd": "\(clientFile.fileDescriptor)", "serverFd": "\(serverFile.fileDescriptor)", ] ) } } if eofFromClient && eofFromServer { return cleanup() } } try! ProcessSupervisor.default.poller.add(serverFile.fileDescriptor, mask: EPOLLIN | EPOLLOUT) { mask in if mask.readyToRead && !eofFromServer { let (fromEof, toEof) = Self.transferData( fromFile: &serverFile, toFile: &clientFile, description: "readyToRead:toClient", log: self.log ) eofFromClient = eofFromClient || toEof eofFromServer = eofFromServer || fromEof } if mask.readyToWrite && !eofFromClient { let (fromEof, toEof) = Self.transferData( fromFile: &clientFile, toFile: &serverFile, description: "readyToWrite:toServer", log: self.log ) eofFromClient = eofFromClient || fromEof eofFromServer = eofFromServer || toEof } if mask.isHangup { eofFromClient = true eofFromServer = true } else if mask.isRhangup && !eofFromServer { // half close, shut down server to client transfer // we should see no more EPOLLIN events on the server fd // and no more EPOLLOUT events on the client fd eofFromServer = true if shutdown(clientFile.fileDescriptor, SHUT_WR) != 0 { self.log?.warning( "failed to shut down server reads", metadata: [ "vport": "\(self.port)", "uds": "\(self.path)", "errno": "\(errno)", "eofFromClient": "\(eofFromClient)", "eofFromServer": "\(eofFromServer)", "clientFd": "\(clientFile.fileDescriptor)", "serverFd": "\(serverFile.fileDescriptor)", ] ) } } if eofFromClient && eofFromServer { return cleanup() } } } catch { c.resume(throwing: error) } } } private static func transferData( fromFile: inout OSFile.SpliceFile, toFile: inout OSFile.SpliceFile, description: String, log: Logger? ) -> (Bool, Bool) { do { let (readBytes, writeBytes, action) = try OSFile.splice(from: &fromFile, to: &toFile) log?.trace( "transferred data", metadata: [ "description": "\(description)", "action": "\(action)", "readBytes": "\(readBytes)", "writeBytes": "\(writeBytes)", "fromFd": "\(fromFile.fileDescriptor)", "toFd": "\(toFile.fileDescriptor)", ] ) if action == .eof { // half close, shut down client to server transfer // we should see no more EPOLLIN events on the client fd // and no more EPOLLOUT events on the server fd if shutdown(toFile.fileDescriptor, SHUT_WR) != 0 { log?.warning( "failed to shut down reads", metadata: [ "description": "\(description)", "errno": "\(errno)", "action": "\(action)", "readBytes": "\(readBytes)", "writeBytes": "\(writeBytes)", "fromFd": "\(fromFile.fileDescriptor)", "toFd": "\(toFile.fileDescriptor)", ] ) } return (true, false) } else if action == .brokenPipe { return (true, true) } return (false, false) } catch { return (true, true) } } }