feat(mirage): add dynamic device naming via manifest and annotations #363
Conversation
✅ Deploy Preview for urunc canceled.
|
|
| var manifest Solo5Manifest | ||
| // Attempt to find the start of the JSON object '{' | ||
| jsonStart := strings.Index(string(data), "{") | ||
| if jsonStart == -1 { | ||
| return nil, fmt.Errorf("invalid manifest format") | ||
| } | ||
|
|
||
| if err := json.Unmarshal(data[jsonStart:], &manifest); err != nil { | ||
| return nil, err | ||
| } | ||
|
|
||
| return &manifest, nil |
There was a problem hiding this comment.
The note doesn't contain json. See https://github.com/Solo5/solo5/blob/dabc69fd89b8119449ec4088c54b458d4ccc851b/include/mft_abi.h for the format, or https://git.robur.coop/robur/ocaml-solo5-elftool/src/branch/main/lib/solo5_elftool.ml#L73-L146 for code that parses the format.
If you want json you can use solo5-elftool query-manifest $executable assuming solo5-elftool is in $PATH. This adds an external dependency though.
There was a problem hiding this comment.
@reynir Thanks for catching this! You are absolutely right
I was incorrectly assuming the manifest section contained JSON, but it is indeed raw binary data as defined in the ABI.
To avoid introducing an external dependency on solo5-elftool, I have rewritten the implementation to parse the binary data natively in Go. The updated parser now:
Follows the layout defined in mft_abi.h.
Correctly handles the C-struct alignment and padding (specifically the 8-byte alignment for the version and device types).
Includes logic to skip the ELF Note header if present.
| mirageID := m.getMirageDeviceName(ifName, "NET_BASIC", "service") | ||
|
|
||
| netOption := fmt.Sprintf("--net:%s=%s", mirageID, ifName) | ||
| netOption += fmt.Sprintf(" --net-mac:%s=%s", mirageID, mac) |
There was a problem hiding this comment.
Not sure what the security model is, but you may consider enforcing the constraint that device names are alphanumerical (and at most a fixed length which I don't remember). Otherwise you can inject arbitrary strings here.
There was a problem hiding this comment.
I have updated getMirageDeviceName to enforce strict validation:
Alphanumeric Check: The resolved name is validated against a regex (^[a-zA-Z0-9_]+$).
Fallback: If the name contains invalid characters, it safely falls back to the default name (e.g., storage or service) rather than passing the raw string.
codesmith25103
force-pushed
the
Issue315
branch
from
5aed176 to
fd0bf6f
Compare
Previously, urunc hardcoded MirageOS network interfaces to 'service' and block devices to 'storage'. This caused failures for unikernels that defined different interface names in their Solo5 manifest. This commit introduces dynamic device discovery and mapping: - Parsed .note.solo5.manifest from ELF binary for auto-detection. - Added support for urunc.dev/mirage-net-map annotations. - Updated UnikernelParams to pass binary path and annotations. This ensures compatibility with diverse MirageOS unikernels. Fixes: urunc-dev#315 Signed-off-by: Sankalp <sankalp25103@gmail.com>
codesmith25103
force-pushed
the
Issue315
branch
from
fd0bf6f to
3844f3c
Compare
3 participants
Previously, urunc hardcoded MirageOS network interfaces to 'service'
and block devices to 'storage'. This caused failures for unikernels
that defined different interface names in their Solo5 manifest.
This commit introduces dynamic device discovery and mapping:
This ensures compatibility with diverse MirageOS unikernels.
Fixes: #315