Commit f313f81
authored
support firecracker as hypervisor backend (#16)
* feat: add --fc persistent root flag for Firecracker backend selection
Add --fc flag to select Firecracker as hypervisor backend.
Validates mutual exclusion with --windows and rejects cloudimg
(UEFI boot) since Firecracker only supports direct kernel boot.
InitHypervisor dispatches based on config; FC returns stub error
until the backend is implemented.
* feat: add hypervisor/firecracker package skeleton
Create Firecracker backend package with Config (path helpers),
main Firecracker struct (constructor, Inspect, List, Watchable),
and helper utilities (toVM, path functions). Wire up InitHypervisor
to create FC backend when --fc is set. Lifecycle methods are stubs
pending implementation.
* feat: implement Firecracker Create + Start lifecycle
Add FC REST API client (pre-boot config model), Create (COW disk +
device-path cmdline), and Start (launch process → REST API config
sequence → InstanceStart). FC references disks by /dev/vdX path
since it lacks virtio serial support. Update overlay.sh init script
to resolve both device paths and serial names.
* feat: implement Firecracker Stop and Delete
Add Stop (SendCtrlAltDel → SIGTERM → SIGKILL) and Delete
(stop-if-running → cleanup dirs → remove DB record) for the
Firecracker backend. Follows the same patterns as CH.
* feat: implement Firecracker Console with PTY + Unix socket relay
FC binds serial to process stdin/stdout. Create PTY pair at launch:
slave → FC stdin/stdout, master → background relay process. The
relay (self-exec with env var detection) listens on console.sock
and bridges connections to the PTY master. Auto-exits when FC dies.
Console() connects to console.sock, consistent with CH backend.
* feat: implement Firecracker Snapshot, Clone, and Restore
Add full snapshot lifecycle for FC backend:
- Snapshot: pause → PUT /snapshot/create (vmstate+mem) → reflink COW → resume
- Clone: extract → launch new FC → PUT /snapshot/load → reconfigure drives/NICs → resume
- Restore: kill running → extract → new FC → snapshot/load → reconfigure → resume
- Direct: hardlink mem, reflink COW, copy vmstate for local snapshots
FC snapshot/load does not preserve drive/NIC config, so drives and
networks are re-attached after load. Implements hypervisor.Direct
interface for reflink-optimized local snapshot operations.
* feat: add Firecracker detection and install to doctor/check.sh
Add FC_VERSION variable (v1.12.0), firecracker binary detection in
check_binary, and auto-install from GitHub releases in --upgrade mode.
* docs: update README with Firecracker backend documentation
Add --fc flag to global flags, Firecracker section with feature
comparison matrix, limitations, OCI image compatibility notes.
Update requirements, doctor, VM lifecycle, and shutdown behavior
sections to reflect dual-backend support.
* fix: FC launch issues found during e2e testing
- Pre-create FC log file (FC requires O_WRONLY|O_APPEND, no O_CREATE)
- Use underscores in drive/iface IDs (FC rejects hyphens)
- Add vmlinux extraction from vmlinuz (FC needs uncompressed ELF kernel)
- Support zstd and gzip compressed kernels via CLI decompressor
- Fix FC download URL in doctor/check.sh (tarball format)
* fix: address code review findings from /simplify
- Guard boot pointer nil dereference in prepareOCI
- Fix relayBidirectional goroutine leak: buffer 2, close conn, wait
- Optimize ensureVmlinux: check ELF magic (4 bytes) and cache before
reading full vmlinuz into memory
- Extract magic strings to constants (driveIDFmt, ifaceIDFmt,
cowFileName, FC action types, VM state strings)
- Deep-copy SnapshotIDs map in toVM to prevent shared DB mutation
- Return real error from decompressZstd when output is empty
* refactor: extract shared Backend struct and helpers to hypervisor/
Extract ~650 lines of duplicated code from CH and FC backends into
shared hypervisor/ layer:
- Backend struct with BackendConfig interface: provides Inspect, List,
ToVM, ResolveRef(s), LoadRecord, WithRunningVM, UpdateStates,
MarkError, ReserveVM, RollbackCreate, ForEachVM, AbortLaunch
- shared.go: EnterNetns, WaitForSocket, ExtractBlobIDs, BuildIPParams,
PrefixToNetmask, CopyFile, RemoveVMDirs, CleanupRuntimeFiles,
BlobHexFromPath, SocketPath, ConsoleSockPath
- config.HypervisorType enum + switch-case in InitHypervisor
- FC version updated to v1.15.0
* fix: handle CopyFile writable file close error
* fix: address P1/P2 review findings from PR #16
P1 GC: Implement RegisterGC for FC backend — protects blob IDs
referenced by FC VMs from garbage collection, mirroring CH's GC module.
P1 Clone paths: Save cocoon.json metadata (StorageConfigs + BootConfig)
in snapshot tar. Create temporary symlinks from source drive paths to
clone paths before snapshot/load so FC finds drives at expected locations.
Symlinks are cleaned up after load + reconfigure.
P2 Rebuild: Replace fragile rebuildFromSnapshot (searched live VM records)
with self-contained metadata from cocoon.json. Clones no longer depend
on the source VM or any sibling VM existing in the DB.
P2 Console relay: Add 3s timeout on second goroutine wait after client
disconnect to prevent blocking the accept loop when PTY read is stuck.
* fix: GC registers both backends, doctor optional FC, debug rejects --fc
P1: GC now registers ALL hypervisor backends (CH + FC) via
InitAllHypervisors, protecting blobs from both backends on
mixed-backend hosts regardless of --fc flag.
P2: doctor/check.sh treats firecracker as optional — warns instead
of failing when not installed, since it's only needed for --fc.
P3: vm debug rejects --fc with a clear error since it only generates
Cloud Hypervisor launch commands.
* fix: clone always redirects source COW, snapshot stores portable kernel path
P1: createDriveRedirects now unconditionally redirects the source COW
path to the clone's copy. When the source VM is still running, its
cow.raw is renamed to a temporary backup, a symlink is placed, and
after snapshot/load the backup is restored. This prevents FC from
reopening the live source VM's disk state.
P2: saveSnapshotMeta stores the portable vmlinuz path instead of the
host-local vmlinux cache. cloneAfterExtract runs ensureVmlinux on
the clone host to (re)create vmlinux from vmlinuz, making FC
snapshots fully portable across hosts.
* fix: abort clone on redirect failure, store portable relative paths
P2 redirect: createDriveRedirects now returns error. On symlink
failure after backup rename, the backup is immediately restored
and all prior redirects are cleaned up, preventing source VM disk
corruption from a half-installed redirect.
P2 portable paths: snapshot metadata (cocoon.json) now stores paths
relative to root_dir using filepath.Rel. loadSnapshotMeta resolves
them against the local host's root_dir. Snapshots exported from one
host can be imported on another with a different Cocoon directory
layout, as long as the same OCI image has been pulled.
* fix: persist hypervisor type in snapshots, serialize COW redirects
P1: SnapshotConfig now carries a Hypervisor field ("cloud-hypervisor"
or "firecracker") set during Snapshot(). Clone validates that the
snapshot's backend matches the active backend before proceeding,
with a clear error suggesting the correct flag.
P2: COW redirect during clone is now serialized via a per-source-COW
flock (.clone.lock). Concurrent snapshot/restore/clone operations on
the source VM block until the redirect is cleaned up, preventing
them from following the temporary symlink to the wrong disk.
* fix: include source COW path in snapshot metadata
saveSnapshotMeta now stores ALL drive entries (RO layers + RW COW),
not just RO entries. Without the source COW path, createDriveRedirects
had no old→new mapping to redirect, so snapshot/load would reopen
the live source cow.raw (if source VM exists) or fail (if deleted).
* fix: vmstate-aware redirects, COW lock in snapshot/restore, lock dir creation
P1: acquireCOWLock (via lockCOWPath) now creates the parent directory
before locking, fixing ENOENT when source VM has been deleted.
P2: snapshotMeta stores SourceRootDir. vmstatePaths() reconstructs
the original absolute paths baked into FC's vmstate binary.
createDriveRedirects uses vmstate paths as symlink targets, so
cross-host clones redirect at the correct (source host) paths.
P2: COW flock is now taken in Snapshot and Restore too (via shared
lockCOWPath helper), not just Clone. Concurrent snapshot/restore
operations on the source VM are serialized with clone redirects.
* fix: Codex review — GC fail-fast, atomic vmlinux, zstd dep, relay redesign
P1: InitAllHypervisors now returns error instead of silently skipping
failed backends. GC aborts if any hypervisor can't be loaded, preventing
blob deletion when pinning data is incomplete.
P2: ensureVmlinux writes to a temp file and renames atomically,
preventing concurrent readers from observing a truncated kernel cache.
P2: Added zstd to doctor/check.sh binary checks — required by FC's
kernel decompression but was previously an undeclared dependency.
P2: Redesigned console relay to use a single persistent PTY reader
goroutine with broadcaster pattern. Each session subscribes/unsubscribes
via setSink(). No per-session read goroutines on the PTY master,
eliminating stale goroutine data theft after disconnect.
* fix: Codex review round 2 — vmstate paths, optional zstd, stop flags
P1: vmstatePaths() now reconstructs from raw relative paths saved
before local resolution, so cross-host clones correctly redirect
at source-host paths even when root_dir differs.
P2: zstd treated as optional in doctor/check.sh (like firecracker),
warns instead of failing on CH-only hosts.
P3: FC Stop now honors --force (skip SendCtrlAltDel, immediate kill)
and --timeout (wait for guest response before escalating). Added
gracefulStop with SendCtrlAltDel → poll → forceTerminate pattern.
* fix: Codex review round 3 — snapshot Hypervisor field in export, devPath >26
P2: snapshotRecordToConfig now copies the Hypervisor field so
export/import preserves the backend tag. Clone validation works
correctly after a round-trip.
P2: devPath handles >26 drives with Linux-style multi-letter naming
(vda..vdz, vdaa..vdaz, ...) for OCI images with deep layer stacks.
* fix: Codex review round 4 — FC CPU/memory override correctness, zstd install
P1: FC clone/restore now clamp CPU/memory to snapshot's original
values since FC cannot PATCH machine-config after snapshot/load.
Snapshot metadata stores CPU/Memory for clone to use. Prevents
metadata from advertising overrides FC didn't actually apply.
P2: doctor --upgrade now installs zstd via apt-get/yum when missing,
so fresh FC setups don't silently break on zstd-compressed kernels.
* fix: Codex round 5 — set clone VM ID, scope redirects to same-host
P2: Set VM.ID in synthetic VMRecord for clone launchProcess so FC
gets a valid --id flag instead of empty string.
P2: Drive redirects now only apply for same-host clones (where
SourceRootDir matches local rootDir). Cross-host clones skip
redirects entirely — they require the same rootDir layout, and
creating symlinks under a foreign path tree would be incorrect.
* fix: Codex round 6 — cross-host redirects, reject CPU/mem overrides, keep PTY
P1: Always create drive redirects from vmstate paths → local paths,
including cross-host clones. COW flock only on same-host (where
source VM may be running). Cross-host redirects are safe since no
live VM owns those paths on the target host.
P2: FC clone/restore now reject --cpu/--memory overrides with a
clear error instead of silently clamping, since FC cannot PATCH
machine-config after snapshot/load.
P2: Keep PTY master open (intentional fd leak) when console relay
fails, preventing the slave-side hangup that would crash FC's
serial console output during boot.
* fix: Codex round 7 — validate CPU/memory overrides before destructive ops
Move FC CPU/memory override rejection to before any destructive
operations. Clone validates against snapshot metadata before launch.
Restore validates against current VM record before killing the
running VM (via validateRestoreOverrides helper). Prevents downtime
from unsupported override requests.
* remove claude
* fix: Codex round 8 — validate snapshot paths, stable COW lock inode
P1: loadSnapshotMeta now validates all resolved paths stay within
Cocoon's rootDir via validateManagedPath. Prevents path traversal
from tampered cocoon.json in imported snapshot archives that could
rewrite arbitrary host files through drive redirect symlinks.
P2: lockCOWPath no longer removes the lock file after unlock. flock
synchronizes on the inode — removing the file under contention lets
a new caller create a different inode and acquire it immediately,
defeating serialization. The lock file is small and harmless to keep.
* fix: validate snapshot paths against all Cocoon-managed dirs
Path validation now accepts rootDir, runDir, and logDir as valid
managed directories. COW disks live under runDir which may be
outside rootDir (e.g., /var/lib/cocoon/run vs /var/lib/cocoon).
The previous rootDir-only check rejected valid COW paths on
installations with a custom run_dir.
* fix: validate source_root_dir and raw paths, skip RW COW validation
P1: Validate SourceRootDir is absolute (or empty), and all raw
relative paths in cocoon.json have no ".." traversal components.
This prevents tampered archives from using vmstate redirect paths
to create symlinks outside Cocoon-managed directories.
P2: Skip local managed-path validation for RW COW entries since
they are source-host-specific and always replaced by
rebuildCloneStorage. Only RO layer paths (actually used locally)
are validated against the destination host's managed roots.
* fix: validate vmstate redirect targets, allow RW COW with custom run_dir
P1: vmstate redirect paths (from vmstatePaths()) are now validated
against SourceRootDir before createDriveRedirects operates on them.
Prevents tampered archives from targeting arbitrary host files via
drive redirects. Removed validateNoTraversal which was too broad.
P2: Removed traversal check on raw relative paths that rejected
legitimate ".." segments from custom run_dir layouts. RW COW paths
are source-host-specific and skip local managed-root validation
(already in place). Only vmstate targets and local RO/boot paths
are validated.
* fix: validate vmstate RO paths against local roots, skip RW and cross-host
P1: Replaced SourceRootDir-based validation with local managed-root
validation for same-host vmstate RO paths. SourceRootDir is untrusted
from imported archives and no longer used as a security boundary.
Cross-host RO paths are already validated during loadSnapshotMeta.
P2: validateVMStateROPaths skips RW COW entries entirely — they are
source-host-specific and always replaced by rebuildCloneStorage.
Custom run_dir layouts where COW is outside rootDir now work.
* fix: cross-host vmstate validation, DirectRestore overrides and COW lock
P1: validateVMStateROPaths now validates RO paths for both same-host
and cross-host clones against local managed roots. Cross-host RO
blob paths should exist locally if the image was pulled. RW COW
entries remain exempt (source-host-specific, always replaced).
P2: DirectRestore now calls validateRestoreOverrides before killing
the running VM, matching the streamed Restore path.
P2: DirectRestore now takes the COW lock via lockCOWPath to serialize
with concurrent clone redirect operations, matching Restore.
* refactor: simplify FC snapshot to absolute paths, remove cross-layout complexity
Remove all cross-host path translation machinery that caused 5+ rounds
of Codex review findings:
- Removed: SourceRootDir, managedRoots, validateManagedPath,
resolveAndValidateBootPaths, validateVMStateROPaths, vmstatePaths,
rawRelPaths, makeRelative, relative path serialization
- snapshotMeta now stores absolute paths directly
- FC snapshots require same directory layout across hosts (documented)
- COW redirect logic retained for same-host clone (simple, correct)
- COW flock retained for snapshot/restore/clone serialization
- Net deletion: ~192 lines
Document FC snapshot portability requirements in KNOWN_ISSUES.md
and README limitations section.
* fix: validate imported FC snapshot metadata paths against managed dirs
loadSnapshotMeta now takes rootDir and runDir params and validates
all storage/boot paths are under Cocoon-managed directories.
Rejects tampered snapshot archives that reference arbitrary host
files. Simple prefix check — no cross-layout complexity.
* refactor: /simplify findings — clean up FC code quality
- forceTerminate: remove unused hc/vmID params, simplify call sites
- api.go: filepath.Join instead of string concat for snapshot paths
- backend.go: move constants to top of file per convention
- relay.go: guard against invalid fcPid (exit early if <= 0)
- helper.go: extract pidFileName constant, use in config.go
- start.go: close leaked PTY master in fcCmd.Wait goroutine when
relay fails, preventing permanent fd leak on retry
* refactor: extract shared helpers to hypervisor/ layer
Move exact duplicates from CH and FC into shared hypervisor/ package:
- BatchMarkStarted → Backend method (was batchMarkStarted on each)
- CleanStalePlaceholders → Backend method (was on each for GC)
- VerifyBaseFiles → shared.go (CH version is superset, works for both)
- CowSerial → backend.go constant (was in both create.go)
- CreatingStateGCGrace → backend.go constant (was in both gc.go)
* feat: FC balloon support, debug command, capability docs update
- Enable balloon on FC VMs (PUT /balloon with 25% memory, deflate_on_oom,
free_page_reporting) — matches CH behavior, fixes incorrect "No balloon"
in docs
- Debug command now supports --fc: outputs FC launch command + full REST
API curl sequence (machine-config, boot-source, drives, balloon, start)
- Fix CH comparison: CH supports CPU/memory override on clone/restore
- Add TODO for FC PR #5774 (drive_overrides) in clone symlink redirect
- Update KNOWN_ISSUES: PR #5774 tracking, virtio-blk serial explanation
- Update README feature matrix: balloon=Y, add CPU/memory override row
* refactor: use t.Context() instead of context.Background() in utils tests
* refactor: reuse memMiB in balloon calc, remove stale nolint:unparam
* clean up useless
* fix: console relay socket deleted on listener Close
SetUnlinkOnClose(false) before closing the Go listener so the
socket file persists on disk for the relay child process.
Without this, net.UnixListener.Close() removes the socket file,
making console.sock disappear before the relay starts accepting.
* chore: remove test binary, add to gitignore
* feat: FC networking, console fix, snapshot/clone/restore fully working
Network:
- Add SingleQueueNet flag to VMConfig for FC single-queue TAPs
- CNI creates TAPs with IFF_NO_PI when SingleQueueNet is set (FC requires it)
- Set SingleQueueNet in both createVM and prepareClone paths
Console:
- Fix SetUnlinkOnClose(false) so console.sock persists for relay
Snapshot/Clone:
- Use FC network_overrides (v1.14+) during snapshot/load to provide
clone's TAP devices, avoiding TAP flag mismatch
- Skip drive reconfiguration after snapshot/load (FC opens drives via
fd during load, fds survive symlink cleanup)
- Remove unused reconfigureDrives function
Restore:
- Skip drive reconfiguration (same VM, paths unchanged)
- Pass nil network_overrides (same TAP)
COW lock:
- Rewrite lockCOWPath to withCOWPathLocked closure form
- Update all callers (snapshot, clone, restore, direct)
All e2e tests pass: FC create/start/network/console/snapshot/clone/
restore/stop/delete + CH smoke test (no regression).
* fix: mark VM error state on clone restore failure
* fix: prepareClone ctx param order, stale MAC re-read, FirstBooted omitempty
- prepareClone: move ctx before cmd per Go convention
- create_linux.go: re-read link after LinkSetHardwareAddr to get
the actual MAC (link.Attrs() is stale after override)
- types/vm.go: add omitempty to FirstBooted for consistent JSON
- debug.go: normalize nolint comment alignment
* docs: clarify SingleQueueNet as generic TAP flag, not FC-specific
* refactor: remove SingleQueueNet, decide TAP queues at cmd layer
Remove SingleQueueNet from VMConfig — FC queue decision stays at
the cmd layer via tapQueues parameter to initNetwork. The network
layer uses vmCfg.CPU for TAP queues, which initNetwork temporarily
overrides to 1 for FC.
Also add IFF_NO_PI to all TAPs unconditionally — both CH and FC
open TAPs with IFF_NO_PI, so the flag must always be set at
creation time for TUNSETIFF to succeed.
* refactor: unify InitHypervisor and InitAllHypervisors via constructor map
* fix: reject extra NICs on FC clone, use vmlinux in debug output
P2: FC clone now rejects --nics > snapshot NIC count since FC can't
hot-add NICs after snapshot/load (only network_overrides for existing).
P3: Debug command runs EnsureVmlinux to resolve vmlinuz → vmlinux
before printing the FC boot-source curl, so the output is runnable.
Export EnsureVmlinux for use by cmd/vm/debug.go.
* docs: document FC clone guest MAC limitation in KNOWN_ISSUES
* rename utils from shared
* fix: remove duplicate MarkError in clone launch failure path
* refactor: auto-detect hypervisor backend, --fc only for create/run/debug
Add Hypervisor field to types.VM so each VM carries its backend identity.
Move --fc from root PersistentFlags to create/run/debug subcommands only.
Commands like list/inspect/console/stop/rm now auto-detect the backend by
querying all registered backends — no --fc needed for existing VMs.
Clone infers the backend from the snapshot's Hypervisor field.
Snapshot save and list --vm auto-detect from the VM ref.
Status merges watchers from all backends via fan-in channel.
* fix: reject FC clone resource overrides early, add MAC fix hints
Validate --cpu/--memory/--nics overrides at cmd layer before creating
network and VM dirs, avoiding late failure and unnecessary rollback.
Add MAC change instructions to FC clone post-clone hints since FC
vmstate bakes in the source VM's guest MAC.
* refactor: use config.HypervisorFirecracker constant instead of string literal
* fix: add reboot=k to FC kernel cmdline to fix guest reboot/stop hang
FC has no ACPI PM on x86 — the only shutdown/reboot signal path is the
i8042 keyboard controller reset. Without reboot=k, guest reboot hangs
(FC doesn't recognize the signal) and SendCtrlAltDel-based vm stop
times out after 30s before falling back to SIGTERM.
* fix: self-deadlock in GC Collect — use lock-free DB access
GC orchestrator holds the module's flock for the entire cycle. Collect
called LoadRecord which called DB.With → locker.Lock on the same flock,
causing self-deadlock since flock is not re-entrant.
Replace LoadRecord (lock-acquiring) with DB.ReadRaw (lock-free) in both
FC and CH GC Collect. This is safe because the GC orchestrator already
holds the lock, preventing concurrent DB mutations.
* fix: replace IP=dhcp with IP=off in initramfs to fix boot and network issues
IP=dhcp caused three problems:
1. --nics 0 VMs hung forever (dhcpcd retries every 120s with no interface)
2. DHCP network VMs had leases persisted as static configs by
systemd-network-generator, breaking DHCP semantics on reboot
3. Source VMs and cloned VMs had inconsistent network behavior
IP=off tells initramfs to skip networking entirely. Kernel ip= parameters
(when present for static IP networks) override this setting and still
trigger ipconfig. DHCP networks rely on systemd-networkd via the existing
20-wired.network (DHCP=yes) fallback, or cocoon-network's MAC-based
DHCP config generation.
Fixes #17
* fix: skip configure_networking in initramfs when no kernel ip= param
configure_networking probes for devices and waits for udev even when
IP=off, adding ~180s delay on VMs with no NICs. Only call it when a
kernel ip= parameter is present on the cmdline.
* docs: update README and KNOWN_ISSUES for --fc auto-detect and initramfs fixes
- Move --fc from Global Flags to VM Flags (only create/run/debug)
- Update FC examples to show auto-detect for list/console/stop/clone
- Fix debug command description
- Add initramfs IP=off note to DHCP networking section
* minor refactor to fix leaked goroutine
* fix: Android overlay.sh support for FC /dev/vdX paths, code cleanup
- Add /dev/vdX direct path branch to Android overlay.sh resolve_disk()
so FC VMs can find disks (FC has no virtio serial support)
- Skip configure_networking unless kernel ip= param is present
- Extract GC Collect to shared Backend.GCCollect() (was duplicated)
- Fix goroutine leak in mergeWatchChannels (missing ctx.Done check)
* feat: add DHCP fallback to Android network.sh via busybox udhcpc
* fix: persist DHCP gateway for Android netd policy table sync
* fix: use ndc to register network with netd for Android DHCP routing
* fix: destroy stale netd network before creating to avoid ndc conflict
* fix: guard Android network.sh against repeated netd trigger
* fix: unify Android network.sh to use ip route for both static and DHCP
Remove ndc dependency — ndc network interface add causes netd to take
over eth0 and clear existing routes from the main table. Instead:
- Static IP: kernel ip= routes already in main table, copy to policy tables
- DHCP: udhcpc obtains lease and configures main table, then same copy logic
Both paths use ip route replace into legacy_system/legacy_network/local_network
policy tables. Add /proc/1/cmdline fallback for SELinux-restricted /proc/cmdline.
Add guard file to prevent repeated execution on netd restart.
* fix: use /data/local/tmp instead of /tmp for Android SELinux compatibility
* revert: remove Android DHCP support, static IP only
Android netd blocks external route modifications after boot (RTNETLINK:
Network is unreachable). ipconfigstore cannot read gateway without a
pre-existing default route, creating a deadlock. DHCP requires routes
to exist before netd starts, which is only possible with kernel ip=.
Revert to clean static IP-only network.sh. DHCP support requires
redroid-level changes (EthernetService/ConnectivityService integration).
* fix: Android DHCP via EthernetService default DHCP mode
Delete ipconfig.txt (broken STATIC config from ipconfigstore) when no
kernel ip= is present. EthernetService defaults to DHCP mode when no
ipconfig.txt exists, using Android's built-in DhcpClient through the
standard ConnectivityService → netd path. This correctly populates all
policy routing tables without manual ndc or ip route commands.
Static IP path unchanged: ipconfigstore writes correct STATIC config,
network.sh copies routes to policy tables as safety net.1 parent 015a5d0 commit f313f81
65 files changed
Lines changed: 3552 additions & 814 deletions
File tree
- cmd
- core
- others
- snapshot
- vm
- config
- doctor
- hypervisor
- cloudhypervisor
- firecracker
- network/cni
- os-image
- android
- ubuntu
- 22.04
- 24.04-chrome
- 24.04-picoclaw
- 24.04-xface
- 24.04
- snapshot/localfile
- storage/json
- types
- utils
Some content is hidden
Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
47 | 47 | | |
48 | 48 | | |
49 | 49 | | |
50 | | - | |
| 50 | + | |
| 51 | + | |
| 52 | + | |
| 53 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
69 | 69 | | |
70 | 70 | | |
71 | 71 | | |
72 | | - | |
| 72 | + | |
| 73 | + | |
| 74 | + | |
73 | 75 | | |
74 | 76 | | |
75 | 77 | | |
| |||
125 | 127 | | |
126 | 128 | | |
127 | 129 | | |
| 130 | + | |
| 131 | + | |
| 132 | + | |
| 133 | + | |
| 134 | + | |
| 135 | + | |
| 136 | + | |
| 137 | + | |
| 138 | + | |
| 139 | + | |
| 140 | + | |
| 141 | + | |
| 142 | + | |
| 143 | + | |
| 144 | + | |
| 145 | + | |
| 146 | + | |
| 147 | + | |
| 148 | + | |
| 149 | + | |
| 150 | + | |
| 151 | + | |
| 152 | + | |
| 153 | + | |
| 154 | + | |
| 155 | + | |
| 156 | + | |
| 157 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | | - | |
| 3 | + | |
4 | 4 | | |
5 | 5 | | |
6 | 6 | | |
| |||
24 | 24 | | |
25 | 25 | | |
26 | 26 | | |
27 | | - | |
| 27 | + | |
| 28 | + | |
28 | 29 | | |
29 | 30 | | |
30 | 31 | | |
| |||
33 | 34 | | |
34 | 35 | | |
35 | 36 | | |
| 37 | + | |
36 | 38 | | |
37 | | - | |
| 39 | + | |
38 | 40 | | |
39 | 41 | | |
40 | 42 | | |
| |||
85 | 87 | | |
86 | 88 | | |
87 | 89 | | |
| 90 | + | |
88 | 91 | | |
89 | 92 | | |
90 | 93 | | |
| |||
136 | 139 | | |
137 | 140 | | |
138 | 141 | | |
139 | | - | |
| 142 | + | |
140 | 143 | | |
141 | 144 | | |
142 | 145 | | |
| |||
169 | 172 | | |
170 | 173 | | |
171 | 174 | | |
| 175 | + | |
172 | 176 | | |
173 | 177 | | |
174 | 178 | | |
| |||
356 | 360 | | |
357 | 361 | | |
358 | 362 | | |
| 363 | + | |
| 364 | + | |
| 365 | + | |
| 366 | + | |
| 367 | + | |
| 368 | + | |
| 369 | + | |
| 370 | + | |
| 371 | + | |
| 372 | + | |
| 373 | + | |
| 374 | + | |
| 375 | + | |
| 376 | + | |
| 377 | + | |
| 378 | + | |
| 379 | + | |
| 380 | + | |
| 381 | + | |
| 382 | + | |
| 383 | + | |
| 384 | + | |
| 385 | + | |
| 386 | + | |
| 387 | + | |
| 388 | + | |
| 389 | + | |
| 390 | + | |
| 391 | + | |
| 392 | + | |
| 393 | + | |
| 394 | + | |
| 395 | + | |
| 396 | + | |
| 397 | + | |
| 398 | + | |
| 399 | + | |
| 400 | + | |
| 401 | + | |
| 402 | + | |
| 403 | + | |
| 404 | + | |
| 405 | + | |
| 406 | + | |
| 407 | + | |
| 408 | + | |
| 409 | + | |
| 410 | + | |
359 | 411 | | |
360 | 412 | | |
361 | 413 | | |
362 | 414 | | |
363 | 415 | | |
364 | | - | |
365 | | - | |
366 | | - | |
| 416 | + | |
| 417 | + | |
| 418 | + | |
367 | 419 | | |
368 | 420 | | |
369 | 421 | | |
370 | 422 | | |
371 | 423 | | |
372 | 424 | | |
373 | | - | |
374 | | - | |
| 425 | + | |
| 426 | + | |
| 427 | + | |
375 | 428 | | |
376 | 429 | | |
377 | 430 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
15 | 15 | | |
16 | 16 | | |
17 | 17 | | |
| 18 | + | |
18 | 19 | | |
19 | 20 | | |
20 | 21 | | |
| |||
26 | 27 | | |
27 | 28 | | |
28 | 29 | | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
29 | 36 | | |
30 | 37 | | |
31 | 38 | | |
| |||
71 | 78 | | |
72 | 79 | | |
73 | 80 | | |
74 | | - | |
| 81 | + | |
75 | 82 | | |
76 | | - | |
| 83 | + | |
77 | 84 | | |
78 | | - | |
| 85 | + | |
79 | 86 | | |
80 | 87 | | |
81 | 88 | | |
| |||
100 | 107 | | |
101 | 108 | | |
102 | 109 | | |
103 | | - | |
| 110 | + | |
104 | 111 | | |
105 | | - | |
| 112 | + | |
| 113 | + | |
| 114 | + | |
| 115 | + | |
| 116 | + | |
106 | 117 | | |
107 | 118 | | |
108 | 119 | | |
109 | | - | |
| 120 | + | |
| 121 | + | |
| 122 | + | |
| 123 | + | |
| 124 | + | |
| 125 | + | |
| 126 | + | |
| 127 | + | |
| 128 | + | |
| 129 | + | |
| 130 | + | |
| 131 | + | |
| 132 | + | |
| 133 | + | |
| 134 | + | |
| 135 | + | |
| 136 | + | |
| 137 | + | |
| 138 | + | |
| 139 | + | |
| 140 | + | |
| 141 | + | |
| 142 | + | |
| 143 | + | |
| 144 | + | |
| 145 | + | |
| 146 | + | |
| 147 | + | |
| 148 | + | |
| 149 | + | |
| 150 | + | |
| 151 | + | |
| 152 | + | |
| 153 | + | |
| 154 | + | |
| 155 | + | |
| 156 | + | |
| 157 | + | |
| 158 | + | |
| 159 | + | |
| 160 | + | |
| 161 | + | |
| 162 | + | |
| 163 | + | |
| 164 | + | |
| 165 | + | |
| 166 | + | |
| 167 | + | |
| 168 | + | |
| 169 | + | |
| 170 | + | |
| 171 | + | |
| 172 | + | |
| 173 | + | |
| 174 | + | |
| 175 | + | |
| 176 | + | |
| 177 | + | |
| 178 | + | |
| 179 | + | |
| 180 | + | |
| 181 | + | |
| 182 | + | |
| 183 | + | |
110 | 184 | | |
111 | 185 | | |
112 | 186 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
20 | 20 | | |
21 | 21 | | |
22 | 22 | | |
23 | | - | |
| 23 | + | |
24 | 24 | | |
25 | 25 | | |
26 | 26 | | |
| |||
37 | 37 | | |
38 | 38 | | |
39 | 39 | | |
40 | | - | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
41 | 48 | | |
42 | 49 | | |
43 | 50 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
59 | 59 | | |
60 | 60 | | |
61 | 61 | | |
| 62 | + | |
62 | 63 | | |
63 | 64 | | |
64 | 65 | | |
| |||
83 | 84 | | |
84 | 85 | | |
85 | 86 | | |
86 | | - | |
87 | | - | |
| 87 | + | |
| 88 | + | |
88 | 89 | | |
89 | 90 | | |
90 | 91 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
30 | 30 | | |
31 | 31 | | |
32 | 32 | | |
33 | | - | |
| 33 | + | |
| 34 | + | |
34 | 35 | | |
35 | | - | |
| 36 | + | |
36 | 37 | | |
37 | 38 | | |
38 | 39 | | |
39 | 40 | | |
40 | 41 | | |
41 | | - | |
42 | | - | |
43 | 42 | | |
44 | 43 | | |
45 | 44 | | |
| |||
95 | 94 | | |
96 | 95 | | |
97 | 96 | | |
98 | | - | |
| 97 | + | |
99 | 98 | | |
100 | 99 | | |
101 | 100 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
112 | 112 | | |
113 | 113 | | |
114 | 114 | | |
115 | | - | |
| 115 | + | |
116 | 116 | | |
117 | 117 | | |
118 | 118 | | |
| |||
149 | 149 | | |
150 | 150 | | |
151 | 151 | | |
| 152 | + | |
152 | 153 | | |
153 | 154 | | |
154 | 155 | | |
| |||
0 commit comments