firecracker-microvm
diff --git a/‎.buildkite/pipeline_pr.py‎
Lines changed: 2 additions & 2 deletions b/‎.buildkite/pipeline_pr.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎.cargo/config‎ renamed to ‎.cargo/config.toml‎ b/‎.cargo/config‎ renamed to ‎.cargo/config.toml‎
diff --git a/‎Cargo.toml‎
Lines changed: 0 additions & 1 deletion b/‎Cargo.toml‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎deny.toml‎
Lines changed: 1 addition & 6 deletions b/‎deny.toml‎
Lines changed: 1 addition & 6 deletions
diff --git a/‎docs/device-api.md‎
Lines changed: 6 additions & 0 deletions b/‎docs/device-api.md‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎rust-toolchain.toml‎
Lines changed: 1 addition & 1 deletion b/‎rust-toolchain.toml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/acpi-tables/src/aml.rs‎
Lines changed: 3 additions & 3 deletions b/‎src/acpi-tables/src/aml.rs‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎src/cpu-template-helper/src/main.rs‎
Lines changed: 1 addition & 1 deletion b/‎src/cpu-template-helper/src/main.rs‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/jailer/src/env.rs‎
Lines changed: 11 additions & 15 deletions b/‎src/jailer/src/env.rs‎
Lines changed: 11 additions & 15 deletions
diff --git a/‎src/seccompiler/src/backend.rs‎
Lines changed: 22 additions & 40 deletions b/‎src/seccompiler/src/backend.rs‎
Lines changed: 22 additions & 40 deletions
@@ -28,10 +28,10 @@
 changed_files = get_changed_files()
 
 # run sanity build of devtool if Dockerfile is changed
-if any(x.name == "Dockerfile" for x in changed_files):
+if any(x.parent.name == "devctr" for x in changed_files):
     pipeline.build_group_per_arch(
         "🐋 Dev Container Sanity Build",
-        "./tools/devtool -y build_devctr",
+        "./tools/devtool -y build_devctr && DEVCTR_IMAGE_TAG=latest ./tools/devtool test -- integration_tests/functional/test_api.py",
     )
 
 if any(
 
@@ -13,7 +13,6 @@ missing_debug_implementations = "warn"
 [workspace.lints.clippy]
 ptr_as_ptr = "warn"
 undocumented_unsafe_blocks = "warn"
-cast_lossless = "warn"
 cast_possible_truncation = "warn"
 cast_possible_wrap = "warn"
 cast_sign_loss = "warn"
 
@@ -1,4 +1,5 @@
 [licenses]
+version = 2
 allow = [
     "MIT",
     "Apache-2.0",
@@ -8,12 +9,6 @@ allow = [
     "OpenSSL"
 ]
 
-# Lint level for licenses considered copyleft
-copyleft = "deny"
-
-# The lint level for crates which do not have a detectable license
-unlicensed = "deny"
-
 [[bans.deny]]
 name = "serde_derive"
 version = ">1.0.171, < 1.0.184"
@@ -125,6 +125,12 @@ specification:
 |                        | track_dirty_pages |    O     |       O        |      O       |        O         |     O      |      O       |
 |                        | vcpu_count        |    O     |       O        |      O       |        O         |     O      |      O       |
 
+## Known device limitations
+
+If more than 64 devices are configured for a VM in total on aarch64, only first
+64 of them are functional
+([related issue](https://github.com/firecracker-microvm/firecracker/issues/4207)).
+
 ## Instance Actions
 
 All instance actions can be found in the [Swagger](https://swagger.io)
 
@@ -11,7 +11,7 @@
 # allowlisted using a toolchain that requires it, causing the A/B-test to
 # always fail.
 [toolchain]
-channel = "1.76.0"
+channel = "1.79.0"
 targets = ["x86_64-unknown-linux-musl", "aarch64-unknown-linux-musl"]
 profile = "minimal"
 
@@ -262,15 +262,15 @@ pub type Usize = usize;
 
 impl Aml for Usize {
     fn append_aml_bytes(&self, bytes: &mut Vec<u8>) {
-        if *self <= u8::max_value().into() {
+        if *self <= u8::MAX.into() {
             TryInto::<u8>::try_into(*self)
                 .unwrap()
                 .append_aml_bytes(bytes)
-        } else if *self <= u16::max_value().into() {
+        } else if *self <= u16::MAX.into() {
             TryInto::<u16>::try_into(*self)
                 .unwrap()
                 .append_aml_bytes(bytes)
-        } else if *self <= u32::max_value() as usize {
+        } else if *self <= u32::MAX as usize {
             TryInto::<u32>::try_into(*self)
                 .unwrap()
                 .append_aml_bytes(bytes)
 
@@ -299,7 +299,7 @@ mod tests {
 
     #[test]
     fn test_template_strip_command() {
-        let files = vec![generate_sample_template(), generate_sample_template()];
+        let files = [generate_sample_template(), generate_sample_template()];
 
         let mut args = vec!["cpu-template-helper", "template", "strip", "-p"];
         let paths = files
 
@@ -80,29 +80,25 @@ fn dup2(old_fd: libc::c_int, new_fd: libc::c_int) -> Result<(), JailerError> {
 // manner to the fork syscall. The libc wrapper prevents use of a NULL stack pointer, so we will
 // call the syscall directly.
 fn clone(child_stack: *mut libc::c_void, flags: libc::c_int) -> Result<libc::c_int, JailerError> {
-    // Clone parameters order is different between x86_64 and aarch64.
-    #[cfg(target_arch = "x86_64")]
-    return SyscallReturnCode(
+    SyscallReturnCode(
         // SAFETY: This is safe because we are using a library function with valid parameters.
         libc::c_int::try_from(unsafe {
+            // Note: the order of arguments in the raw syscall differs between platforms.
+            // On x86-64, for example, the parameters passed are `flags`, `stack`, `parent_tid`,
+            // `child_tid`, and `tls`. But on On x86-32, and several other common architectures
+            // (including score, ARM, ARM 64) the order of the last two arguments is reversed,
+            // and instead we must pass `flags`, `stack`, `parent_tid`, `tls`, and `child_tid`.
+            // This difference in architecture currently doesn't matter because the last 2
+            // arguments are all 0 but if this were to change we should add an attribute such as
+            // #[cfg(target_arch = "x86_64")] or #[cfg(target_arch = "aarch64")] for each different
+            // call.
             libc::syscall(libc::SYS_clone, flags, child_stack, 0, 0, 0)
         })
         // Unwrap is needed because PIDs are 32-bit.
         .unwrap(),
     )
     .into_result()
-    .map_err(JailerError::Clone);
-    #[cfg(target_arch = "aarch64")]
-    return SyscallReturnCode(
-        // SAFETY: This is safe because we are using a library function with valid parameters.
-        libc::c_int::try_from(unsafe {
-            libc::syscall(libc::SYS_clone, flags, child_stack, 0, 0, 0)
-        })
-        // Unwrap is needed because PIDs are 32-bit.
-        .unwrap(),
-    )
-    .into_result()
-    .map_err(JailerError::Clone);
+    .map_err(JailerError::Clone)
 }
 
 #[derive(Debug, thiserror::Error)]
 
@@ -554,7 +554,7 @@ impl SeccompRule {
         offset: &mut u8,
     ) {
         // Tries to detect whether prepending the current condition will produce an unjumpable
-        // offset (since BPF jumps are a maximum of 255 instructions, which is std::u8::MAX).
+        // offset (since BPF jumps are a maximum of 255 instructions, which is u8::MAX).
         if offset.checked_add(CONDITION_MAX_LEN + 1).is_none() {
             // If that is the case, three additional helper jumps are prepended and the offset
             // is reset to 1.
@@ -1010,15 +1010,15 @@ mod tests {
         let rules = vec![allow_syscall_if(
             libc::SYS_ioctl,
             vec![SeccompRule::new(
-                vec![Cond::new(2, SeccompCmpArgLen::Qword, Eq, std::u64::MAX).unwrap()],
+                vec![Cond::new(2, SeccompCmpArgLen::Qword, Eq, u64::MAX).unwrap()],
                 SeccompAction::Allow,
             )],
         )];
         // check syscalls that are supposed to work
         validate_seccomp_filter(
             rules.clone(),
             || unsafe {
-                libc::ioctl(0, 0, std::u64::MAX);
+                libc::ioctl(0, 0, u64::MAX);
             },
             false,
         );
@@ -1064,16 +1064,16 @@ mod tests {
         let rules = vec![allow_syscall_if(
             libc::SYS_ioctl,
             vec![SeccompRule::new(
-                vec![Cond::new(2, SeccompCmpArgLen::Qword, Ge, u64::from(std::u32::MAX)).unwrap()],
+                vec![Cond::new(2, SeccompCmpArgLen::Qword, Ge, u64::from(u32::MAX)).unwrap()],
                 SeccompAction::Allow,
             )],
         )];
         // check syscalls that are supposed to work
         validate_seccomp_filter(
             rules.clone(),
             || unsafe {
-                libc::ioctl(0, 0, u64::from(std::u32::MAX));
-                libc::ioctl(0, 0, u64::from(std::u32::MAX) + 1);
+                libc::ioctl(0, 0, u64::from(u32::MAX));
+                libc::ioctl(0, 0, u64::from(u32::MAX) + 1);
             },
             false,
         );
@@ -1118,29 +1118,23 @@ mod tests {
         let rules = vec![allow_syscall_if(
             libc::SYS_ioctl,
             vec![SeccompRule::new(
-                vec![Cond::new(
-                    2,
-                    SeccompCmpArgLen::Qword,
-                    Gt,
-                    u64::from(std::u32::MAX) + 10,
-                )
-                .unwrap()],
+                vec![Cond::new(2, SeccompCmpArgLen::Qword, Gt, u64::from(u32::MAX) + 10).unwrap()],
                 SeccompAction::Allow,
             )],
         )];
         // check syscalls that are supposed to work
         validate_seccomp_filter(
             rules.clone(),
             || unsafe {
-                libc::ioctl(0, 0, u64::from(std::u32::MAX) + 11);
+                libc::ioctl(0, 0, u64::from(u32::MAX) + 11);
             },
             false,
         );
         // check syscalls that are not supposed to work
         validate_seccomp_filter(
             rules,
             || unsafe {
-                libc::ioctl(0, 0, u64::from(std::u32::MAX) + 10);
+                libc::ioctl(0, 0, u64::from(u32::MAX) + 10);
             },
             true,
         );
@@ -1178,30 +1172,24 @@ mod tests {
         let rules = vec![allow_syscall_if(
             libc::SYS_ioctl,
             vec![SeccompRule::new(
-                vec![Cond::new(
-                    2,
-                    SeccompCmpArgLen::Qword,
-                    Le,
-                    u64::from(std::u32::MAX) + 10,
-                )
-                .unwrap()],
+                vec![Cond::new(2, SeccompCmpArgLen::Qword, Le, u64::from(u32::MAX) + 10).unwrap()],
                 SeccompAction::Allow,
             )],
         )];
         // check syscalls that are supposed to work
         validate_seccomp_filter(
             rules.clone(),
             || unsafe {
-                libc::ioctl(0, 0, u64::from(std::u32::MAX) + 10);
-                libc::ioctl(0, 0, u64::from(std::u32::MAX) + 9);
+                libc::ioctl(0, 0, u64::from(u32::MAX) + 10);
+                libc::ioctl(0, 0, u64::from(u32::MAX) + 9);
             },
             false,
         );
         // check syscalls that are not supposed to work
         validate_seccomp_filter(
             rules,
             || unsafe {
-                libc::ioctl(0, 0, u64::from(std::u32::MAX) + 11);
+                libc::ioctl(0, 0, u64::from(u32::MAX) + 11);
             },
             true,
         );
@@ -1238,29 +1226,23 @@ mod tests {
         let rules = vec![allow_syscall_if(
             libc::SYS_ioctl,
             vec![SeccompRule::new(
-                vec![Cond::new(
-                    2,
-                    SeccompCmpArgLen::Qword,
-                    Lt,
-                    u64::from(std::u32::MAX) + 10,
-                )
-                .unwrap()],
+                vec![Cond::new(2, SeccompCmpArgLen::Qword, Lt, u64::from(u32::MAX) + 10).unwrap()],
                 SeccompAction::Allow,
             )],
         )];
         // check syscalls that are supposed to work
         validate_seccomp_filter(
             rules.clone(),
             || unsafe {
-                libc::ioctl(0, 0, u64::from(std::u32::MAX) + 9);
+                libc::ioctl(0, 0, u64::from(u32::MAX) + 9);
             },
             false,
         );
         // check syscalls that are not supposed to work
         validate_seccomp_filter(
             rules,
             || unsafe {
-                libc::ioctl(0, 0, u64::from(std::u32::MAX) + 10);
+                libc::ioctl(0, 0, u64::from(u32::MAX) + 10);
             },
             true,
         );
@@ -1307,8 +1289,8 @@ mod tests {
                 vec![Cond::new(
                     2,
                     SeccompCmpArgLen::Qword,
-                    MaskedEq(u64::from(std::u32::MAX)),
-                    std::u64::MAX,
+                    MaskedEq(u64::from(u32::MAX)),
+                    u64::MAX,
                 )
                 .unwrap()],
                 SeccompAction::Allow,
@@ -1318,8 +1300,8 @@ mod tests {
         validate_seccomp_filter(
             rules.clone(),
             || unsafe {
-                libc::ioctl(0, 0, u64::from(std::u32::MAX));
-                libc::ioctl(0, 0, std::u64::MAX);
+                libc::ioctl(0, 0, u64::from(u32::MAX));
+                libc::ioctl(0, 0, u64::MAX);
             },
             false,
         );
@@ -1364,7 +1346,7 @@ mod tests {
         let rules = vec![allow_syscall_if(
             libc::SYS_ioctl,
             vec![SeccompRule::new(
-                vec![Cond::new(2, SeccompCmpArgLen::Qword, Ne, std::u64::MAX).unwrap()],
+                vec![Cond::new(2, SeccompCmpArgLen::Qword, Ne, u64::MAX).unwrap()],
                 SeccompAction::Allow,
             )],
         )];
@@ -1380,7 +1362,7 @@ mod tests {
         validate_seccomp_filter(
             rules,
             || unsafe {
-                libc::ioctl(0, 0, std::u64::MAX);
+                libc::ioctl(0, 0, u64::MAX);
             },
             true,
         );