Merge pull request #340 from mythi/manual

help dependabot
confidential-containers · Feb 5, 2024 · e176414 · e176414
2 parents 1bc085f + 8733a10
commit e176414
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 34 deletions.
diff --git a/docs/shim-rune.md b/docs/shim-rune.md
@@ -15,7 +15,7 @@ Kubernetes can launch Pod and OCI-compatible containers with one shim per Pod.
 
 ## Goals
 
-- Implements [Containerd Runtime V2 (Shim API)](https://github.com/containerd/containerd/tree/main/runtime/v2)
+- Implements [Containerd Runtime V2 (Shim API)](https://github.com/containerd/containerd/tree/96bf529cbf55940ddb96bb8adc8be51b11922ebb/core/runtime/v2)
 - Use `rune` OCI runtime to manage container
 - Launch agent enclave container during PodSandbox creation
 - Complete PullImage with agent enclave container with ttrpc communication

diff --git a/src/runtime-boot/init/Cargo.lock b/src/runtime-boot/init/Cargo.lock
diff --git a/src/runtime-boot/init/Cargo.toml b/src/runtime-boot/init/Cargo.toml
@@ -8,5 +8,5 @@ edition = "2018"
 libc = "0.2.152"
 serde = { version = "1.0.195", features = ["derive"] }
 serde_json = "1.0.111"
-nix = { version = "0.26" }
-anyhow = { version = "1.0", default-features = false }
+nix = { version = "0.27.1", features = ["mount"] }
+anyhow = { version = "1.0", default-features = false }
diff --git a/src/runtime-boot/init/src/main.rs b/src/runtime-boot/init/src/main.rs
@@ -7,9 +7,7 @@ use libc::syscall;
 use nix::mount::MsFlags;
 use std::env;
 use std::error::Error;
-use std::fs;
 use std::fs::File;
-use std::io::prelude::*;
 use std::io::{ErrorKind, Read};
 
 use anyhow::Result;
@@ -22,6 +20,7 @@ fn main() -> Result<(), Box<dyn Error>> {
 
     // Mount the image
     const SYS_MOUNT_FS: i64 = 363;
+    const KEY_FILE: &str = "/tmp/key.txt";
 
     let ret = match agent_boot {
         true => {
@@ -50,7 +49,6 @@ fn main() -> Result<(), Box<dyn Error>> {
                 eprintln!("Error mounting keys: {}", err);
             });
 
-            let KEY_FILE: &str = "/tmp/key.txt";
             // Get the key of FS image
             let key = {
                 let key_str = load_key(KEY_FILE)?;
@@ -81,7 +79,6 @@ fn main() -> Result<(), Box<dyn Error>> {
                 hostfs_target: std::ptr::null(),
                 envp: envp.as_ptr(),
             };
-            let key_null_ptr: *const i8 = std::ptr::null();
             unsafe { syscall(SYS_MOUNT_FS, key_ptr, &rootfs_config) }
         }
     };