mirror of
https://github.com/Ascend/ascend-docker-runtime.git
synced 2025-10-31 17:42:37 +08:00
Match-id-508211299ab9ae50c24590730e7e4082f0df6e28
This commit is contained in:
BianTanggui
@@ -24,6 +24,8 @@
|
||||
#include "logger.h"
|
||||
|
||||
#define DECIMAL 10
|
||||
#define MAX_ARGC 1024
|
||||
#define MAX_ARG_LEN 1024
|
||||
|
||||
struct CmdArgs {
|
||||
char devices[BUF_SIZE];
|
||||
@@ -52,6 +54,11 @@ static bool DevicesCmdArgParser(struct CmdArgs *args, const char *arg)
|
||||
Logger("args, arg pointer is null!", LEVEL_ERROR, SCREEN_YES);
|
||||
return false;
|
||||
}
|
||||
if (strlen(arg) > MAX_ARG_LEN) {
|
||||
Logger("argument value too long!", LEVEL_ERROR, SCREEN_YES);
|
||||
return false;
|
||||
}
|
||||
|
||||
for (size_t iLoop = 0; iLoop < strlen(arg); iLoop++) {
|
||||
if ((isdigit(arg[iLoop]) == 0) && (arg[iLoop] != ',')) {
|
||||
Logger("failed to check devices.", LEVEL_ERROR, SCREEN_YES);
|
||||
@@ -76,7 +83,7 @@ static bool PidCmdArgParser(struct CmdArgs *args, const char *arg)
|
||||
Logger("args, arg pointer is null!", LEVEL_ERROR, SCREEN_YES);
|
||||
return false;
|
||||
}
|
||||
args->pid = strtol(optarg, NULL, DECIMAL);
|
||||
args->pid = strtol(arg, NULL, DECIMAL);
|
||||
const char* pidMax = "/proc/sys/kernel/pid_max";
|
||||
const size_t maxFileSzieMb = 10; // max 10MB
|
||||
if (!CheckExternalFile(pidMax, strlen(pidMax), maxFileSzieMb, true)) {
|
||||
@@ -206,6 +213,7 @@ static bool CheckWhiteList(const char* fileName)
|
||||
for (size_t iLoop = 0; iLoop < WHITE_LIST_NUM; iLoop++) {
|
||||
if (strcmp(mountWhiteList[iLoop], fileName) == 0) {
|
||||
fileExists = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (!fileExists) {
|
||||
@@ -309,12 +317,6 @@ static int ParseOneCmdArg(struct CmdArgs *args, char indicator, const char *valu
|
||||
}
|
||||
}
|
||||
|
||||
if (i == NUM_OF_CMD_ARGS) {
|
||||
char* str = FormatLogMessage("unrecognized cmd arg: indicate char: %c, value: %s.", indicator, value);
|
||||
Logger(str, LEVEL_ERROR, SCREEN_YES);
|
||||
free(str);
|
||||
return -1;
|
||||
}
|
||||
bool isOK = g_cmdArgParsers[i].parser(args, value);
|
||||
if (!isOK) {
|
||||
char* str = FormatLogMessage("failed while parsing cmd arg, indicate char: %c, value: %s.", indicator, value);
|
||||
@@ -491,13 +493,16 @@ int Process(int argc, char **argv)
|
||||
Logger("argv pointer is null!", LEVEL_ERROR, SCREEN_YES);
|
||||
return -1;
|
||||
}
|
||||
if (argc > MAX_ARGC) {
|
||||
Logger("too many arguments!", LEVEL_ERROR, SCREEN_YES);
|
||||
return -1;
|
||||
}
|
||||
int c;
|
||||
int ret;
|
||||
int optionIndex;
|
||||
struct CmdArgs args = {0};
|
||||
|
||||
Logger("runc start prestart-hook ...", LEVEL_INFO, SCREEN_YES);
|
||||
while ((c = getopt_long(argc, argv, "d:p:r:o:f:i", g_cmdOpts, &optionIndex)) != -1) {
|
||||
while ((c = getopt_long(argc, argv, "d:p:r:o:f:i", g_cmdOpts, NULL)) != -1) {
|
||||
ret = ParseOneCmdArg(&args, (char)c, optarg);
|
||||
if (ret < 0) {
|
||||
Logger("failed to parse cmd args.", LEVEL_ERROR, SCREEN_YES);
|
||||
|
||||
@@ -347,7 +347,7 @@ bool GetFileSubsetAndCheck(const char *basePath, const size_t basePathLen)
|
||||
}
|
||||
if (ptr->d_type == DT_REG) { // 文件
|
||||
const size_t maxFileSzieMb = 10; // max 10 MB
|
||||
if (!(base, strlen(base), maxFileSzieMb)) {
|
||||
if (!CheckFileSubset(base, strlen(base), maxFileSzieMb)) {
|
||||
return false;
|
||||
}
|
||||
} else if (ptr->d_type == DT_LNK) { // 软链接
|
||||
|
||||
@@ -142,12 +142,11 @@ static bool DeclareDcmiApiAndCheck(void **handle)
|
||||
Logger("dlopen failed.", LEVEL_ERROR, SCREEN_YES);
|
||||
return false;
|
||||
}
|
||||
char pLinkMap[sizeof(struct link_map)] = {0};
|
||||
struct link_map *pLinkMap;
|
||||
int ret = dlinfo(*handle, RTLD_DI_LINKMAP, &pLinkMap);
|
||||
if (ret == 0) {
|
||||
struct link_map* pLink = *(struct link_map**)pLinkMap;
|
||||
const size_t maxFileSzieMb = 10; // max 10 mb
|
||||
if (!CheckAExternalFile(pLink->l_name, strlen(pLink->l_name), maxFileSzieMb, true)) {
|
||||
if (!CheckAExternalFile(pLinkMap->l_name, strlen(pLinkMap->l_name), maxFileSzieMb, true)) {
|
||||
Logger("check sofile failed.", LEVEL_ERROR, SCREEN_YES);
|
||||
return false;
|
||||
}
|
||||
|
||||
@@ -10,7 +10,8 @@ require (
|
||||
)
|
||||
|
||||
replace (
|
||||
huawei.com/mindx/common/hwlog => codehub-dg-y.huawei.com/MindX_DL/AtlasEnableWarehouse/common-utils.git/hwlog v0.0.3
|
||||
huawei.com/mindx/common/cache => codehub-dg-y.huawei.com/MindX_DL/AtlasEnableWarehouse/common-utils.git/cache v0.0.2
|
||||
huawei.com/mindx/common/hwlog => codehub-dg-y.huawei.com/MindX_DL/AtlasEnableWarehouse/common-utils.git/hwlog v0.0.10
|
||||
huawei.com/mindx/common/utils => codehub-dg-y.huawei.com/MindX_DL/AtlasEnableWarehouse/common-utils.git/utils v0.0.6
|
||||
mindxcheckutils => ../mindxcheckutils
|
||||
)
|
||||
|
||||
@@ -243,6 +243,9 @@ var getContainerConfig = func() (*containerConfig, error) {
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to parse OCI spec: %v", err)
|
||||
}
|
||||
if len(ociSpec.Process.Env) > maxCommandLength {
|
||||
return nil, fmt.Errorf("too many items in spec file")
|
||||
}
|
||||
// when use ctr->containerd. the rootfs in config.json is a relative path
|
||||
rfs := ociSpec.Root.Path
|
||||
if !filepath.IsAbs(rfs) {
|
||||
|
||||
@@ -8,7 +8,8 @@ require (
|
||||
)
|
||||
|
||||
replace (
|
||||
huawei.com/mindx/common/hwlog => codehub-dg-y.huawei.com/MindX_DL/AtlasEnableWarehouse/common-utils.git/hwlog v0.0.3
|
||||
huawei.com/mindx/common/cache => codehub-dg-y.huawei.com/MindX_DL/AtlasEnableWarehouse/common-utils.git/cache v0.0.2
|
||||
huawei.com/mindx/common/hwlog => codehub-dg-y.huawei.com/MindX_DL/AtlasEnableWarehouse/common-utils.git/hwlog v0.0.10
|
||||
huawei.com/mindx/common/utils => codehub-dg-y.huawei.com/MindX_DL/AtlasEnableWarehouse/common-utils.git/utils v0.0.6
|
||||
mindxcheckutils => ../../../mindxcheckutils
|
||||
)
|
||||
|
||||
@@ -10,19 +10,20 @@ import "C"
|
||||
import (
|
||||
"fmt"
|
||||
"math"
|
||||
"mindxcheckutils"
|
||||
"unsafe"
|
||||
)
|
||||
|
||||
const (
|
||||
// RetError return error when the function failed
|
||||
retError = -1
|
||||
// hiAIMaxCardNum is the max number of cards
|
||||
hiAIMaxCardNum = 64
|
||||
// hiAIMaxDeviceNum is the max number of devices in a card
|
||||
hiAIMaxDeviceNum = 4
|
||||
|
||||
// dcmiMaxVdevNum is max number of vdevice, value is from driver specification
|
||||
dcmiMaxVdevNum = 16
|
||||
|
||||
// maxErrorCodeCount is the max number of error code
|
||||
hiAIMaxCardNum = 16
|
||||
coreNumLen = 32
|
||||
deviceNum = 4294967295 // vfg_id表示指定虚拟设备所属的虚拟分组ID,默认自动分配,默认值为0xFFFFFFFF,转换成10进制为4294967295。
|
||||
vfgID = 4294967295 // vfg_id表示指定虚拟设备所属的虚拟分组ID,默认自动分配,默认值为0xFFFFFFFF,转换成10进制为4294967295。
|
||||
)
|
||||
|
||||
// NpuWorker Dcmi worker
|
||||
@@ -31,10 +32,16 @@ type NpuWorker struct {
|
||||
|
||||
// Initialize dcmi lib init
|
||||
func (w *NpuWorker) Initialize() error {
|
||||
if err := C.dcmiInit_dl(); err != C.SUCCESS {
|
||||
cDlPath := C.CString(string(make([]byte, int32(C.PATH_MAX))))
|
||||
defer C.free(unsafe.Pointer(cDlPath))
|
||||
if err := C.dcmiInit_dl(cDlPath); err != C.SUCCESS {
|
||||
errInfo := fmt.Errorf("dcmi lib load failed, , error code: %d", int32(err))
|
||||
return errInfo
|
||||
}
|
||||
dlPath := C.GoString(cDlPath)
|
||||
if _, err := mindxcheckutils.RealFileChecker(dlPath, true, false, mindxcheckutils.DefaultSize); err != nil {
|
||||
return err
|
||||
}
|
||||
if err := C.dcmi_init(); err != C.SUCCESS {
|
||||
errInfo := fmt.Errorf("dcmi init failed, , error code: %d", int32(err))
|
||||
return errInfo
|
||||
@@ -81,7 +88,7 @@ func GetDeviceNumInCard(cardID int32) (int32, error) {
|
||||
errInfo := fmt.Errorf("get device count on the card failed, error code: %d", int32(err))
|
||||
return retError, errInfo
|
||||
}
|
||||
if deviceNum <= 0 {
|
||||
if deviceNum <= 0 || deviceNum > hiAIMaxDeviceNum {
|
||||
errInfo := fmt.Errorf("the number of chips obtained is invalid, the number is: %d", int32(deviceNum))
|
||||
return retError, errInfo
|
||||
}
|
||||
@@ -110,8 +117,8 @@ func (w *NpuWorker) CreateVDevice(cardID, deviceID int32, coreNum string) (int32
|
||||
createInfo.vdev_id = C.uint(math.MaxUint32)
|
||||
var deviceCreateStr C.struct_dcmi_create_vdev_res_stru
|
||||
deviceCreateStr = C.struct_dcmi_create_vdev_res_stru{
|
||||
vdev_id: C.uint(deviceNum),
|
||||
vfg_id: C.uint(deviceNum),
|
||||
vdev_id: C.uint(vfgID),
|
||||
vfg_id: C.uint(vfgID),
|
||||
}
|
||||
deviceCreateStrArr := [coreNumLen]C.char{0}
|
||||
for i := 0; i < len(coreNum); i++ {
|
||||
|
||||
@@ -6,7 +6,10 @@
|
||||
#ifndef __DCMI_INTERFACE_API_H__
|
||||
#define __DCMI_INTERFACE_API_H__
|
||||
#include <stddef.h>
|
||||
#define _GNU_SOURCE
|
||||
#include <link.h>
|
||||
#include <dlfcn.h>
|
||||
#include <limits.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
@@ -21,6 +24,7 @@ void *dcmiHandle;
|
||||
#define FUNCTION_NOT_FOUND (-99998)
|
||||
#define SUCCESS (0)
|
||||
#define ERROR_UNKNOWN (-99997)
|
||||
#define SO_NOT_CORRECT (-99996)
|
||||
#define CALL_FUNC(name, ...) if (name##_func == NULL) {return FUNCTION_NOT_FOUND;}return name##_func(__VA_ARGS__)
|
||||
#define DCMI_VDEV_FOR_RESERVE (32)
|
||||
struct dcmi_create_vdev_out {
|
||||
@@ -86,13 +90,24 @@ int dcmi_get_device_logicid_from_phyid(unsigned int phyid, unsigned int *logicid
|
||||
}
|
||||
|
||||
// load .so files and functions
|
||||
int dcmiInit_dl(void)
|
||||
int dcmiInit_dl(char *dl_path)
|
||||
{
|
||||
dcmiHandle = dlopen("libdcmi.so", RTLD_LAZY | RTLD_GLOBAL);
|
||||
if (dcmiHandle == NULL) {
|
||||
fprintf (stderr, "%s\n", dlerror());
|
||||
return SO_NOT_FOUND;
|
||||
}
|
||||
struct link_map *pLinkMap;
|
||||
int ret = dlinfo(dcmiHandle, RTLD_DI_LINKMAP, &pLinkMap);
|
||||
if (ret != 0) {
|
||||
fprintf(stderr, "dlinfo sofile failed :%s\n", dlerror());
|
||||
return SO_NOT_CORRECT;
|
||||
}
|
||||
|
||||
size_t path_size = strlen(pLinkMap->l_name);
|
||||
for (int i = 0; i < path_size && i < PATH_MAX; i++) {
|
||||
dl_path[i] = pLinkMap->l_name[i];
|
||||
}
|
||||
|
||||
dcmi_init_func = dlsym(dcmiHandle, "dcmi_init");
|
||||
|
||||
|
||||
@@ -11,8 +11,9 @@ require (
|
||||
)
|
||||
|
||||
replace (
|
||||
huawei.com/mindx/common/cache => codehub-dg-y.huawei.com/MindX_DL/AtlasEnableWarehouse/common-utils.git/cache v0.0.2
|
||||
github.com/prashantv/gostub => github.com/prashantv/gostub v1.0.1-0.20191007164320-bbe3712b9c4a
|
||||
huawei.com/mindx/common/hwlog => codehub-dg-y.huawei.com/MindX_DL/AtlasEnableWarehouse/common-utils.git/hwlog v0.0.3
|
||||
huawei.com/mindx/common/hwlog => codehub-dg-y.huawei.com/MindX_DL/AtlasEnableWarehouse/common-utils.git/hwlog v0.0.10
|
||||
huawei.com/mindx/common/utils => codehub-dg-y.huawei.com/MindX_DL/AtlasEnableWarehouse/common-utils.git/utils v0.0.6
|
||||
mindxcheckutils => ../mindxcheckutils
|
||||
)
|
||||
|
||||
@@ -138,6 +138,7 @@ func addHook(spec *specs.Spec) error {
|
||||
if spec.Hooks == nil {
|
||||
spec.Hooks = &specs.Hooks{}
|
||||
}
|
||||
|
||||
needUpdate := true
|
||||
for _, hook := range spec.Hooks.Prestart {
|
||||
if strings.Contains(hook.Path, hookCli) {
|
||||
@@ -238,6 +239,10 @@ func modifySpecFile(path string) error {
|
||||
return fmt.Errorf("failed to unmarshal oci spec file %s: %v", path, err)
|
||||
}
|
||||
|
||||
if len(spec.Process.Env) > maxCommandLength || len(spec.Hooks.Prestart) > maxCommandLength {
|
||||
return fmt.Errorf("too many items in spec file. ")
|
||||
}
|
||||
|
||||
if err = addHook(&spec); err != nil {
|
||||
return fmt.Errorf("failed to inject hook: %v", err)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user