Add postinstall stuff

Author: bleggett

src/checkers/mod.rs

@@ -1,6 +1,2 @@
-pub mod byo_kernel;
-pub mod iommu;
-pub mod kernel;
-pub mod numa;
-pub mod pvh;
-pub mod system;
+pub mod postinstall;
+pub mod preinstall;

src/checkers/postinstall/guest_type.rs

@@ -0,0 +1,84 @@
+use crate::helpers::{
+    CheckGroup, CheckGroupCategory, CheckGroupResult, CheckResult,
+    CheckResultValue::{Errored, Failed, Passed},
+    host_executor::HostNamespaceExecutor,
+};
+use async_trait::async_trait;
+use futures::{FutureExt, future::join_all};
+use std::{fs, path::Path};
+
+const GROUP_IDENTIFIER: &str = "guesttype";
+const NAME: &str = "Guest Support Checks";
+
+pub struct GuestTypeChecks {
+    host_executor: HostNamespaceExecutor,
+}
+
+impl GuestTypeChecks {
+    pub fn new(host_executor: HostNamespaceExecutor) -> Self {
+        GuestTypeChecks { host_executor }
+    }
+
+    /// Run all the checkers asynchronously, then
+    /// join and collect the results.
+    pub async fn run_all(&self) -> CheckGroupResult {
+        let results = join_all([self.check_guest_support().boxed()]).await;
+
+        let mut group_result = Passed;
+        for res in results.iter() {
+            // Set group result to Failed if we failed and aren't already in an Errored state
+            if !matches!(group_result, Errored(_)) && matches!(res.result, Failed(_)) {
+                group_result = Failed("".into());
+            }
+
+            if matches!(res.result, Errored(_)) {
+                group_result = Errored("".into());
+            }
+        }
+
+        CheckGroupResult {
+            name: NAME.to_string(),
+            result: group_result,
+            results,
+        }
+    }
+
+    async fn check_guest_support(&self) -> CheckResult {
+        let name = String::from("Guest Type Support");
+        match self
+            .host_executor
+            .spawn_in_host_ns(async {
+                let xen = Path::new("/sys/hypervisor/guest_type");
+                xen.exists() && fs::read_to_string(xen).unwrap_or_default().trim() == "PVH"
+            })
+            .await
+        {
+            Ok(true) => CheckResult::new(&name, Passed),
+            Ok(false) => CheckResult::new(&name, Failed("PVH guests not supported".into())),
+            Err(e) => CheckResult::new(&name, Errored(format!("Error: {}", e))),
+        }
+    }
+}
+
+#[async_trait]
+impl CheckGroup for GuestTypeChecks {
+    fn id(&self) -> &str {
+        GROUP_IDENTIFIER
+    }
+
+    fn name(&self) -> &str {
+        NAME
+    }
+
+    fn description(&self) -> &str {
+        "Supported guest type checks"
+    }
+
+    async fn run(&self) -> CheckGroupResult {
+        self.run_all().await
+    }
+
+    fn category(&self) -> CheckGroupCategory {
+        CheckGroupCategory::Optional("PVH guest support not available on this system".into())
+    }
+}

src/checkers/postinstall/kernel.rs

@@ -0,0 +1,139 @@
+use crate::helpers::{
+    CheckGroup, CheckGroupCategory, CheckGroupResult, CheckResult,
+    CheckResultValue::{Errored, Failed, Passed},
+    host_executor::HostNamespaceExecutor,
+    kernel as khelper,
+};
+
+use async_trait::async_trait;
+use futures::{FutureExt, future::join_all};
+use procfs::sys::kernel;
+
+const GROUP_IDENTIFIER: &str = "kernel";
+const NAME: &str = "Postinstall Kernel Checks";
+
+// Stuff we expect to be available under an Edera host kernel,
+// or a supported BYO kernel.
+const REQUIRED_MODULES: &[&str] = &[
+    "nf_tables",
+    "xen_evtchn",
+    "xen-privcmd",
+    "xen-netback",
+    "xen-pciback",
+    "xen-blkback",
+    "xen-gntdev",
+    "xen-gntalloc",
+];
+
+const KVER_FLOOR_PATCH: u16 = 0;
+const KVER_FLOOR_MINOR: u8 = 15;
+const KVER_FLOOR_MAJOR: u8 = 5;
+
+pub struct PostinstallKernelChecks {
+    host_executor: HostNamespaceExecutor,
+}
+
+impl PostinstallKernelChecks {
+    pub fn new(host_executor: HostNamespaceExecutor) -> Self {
+        PostinstallKernelChecks { host_executor }
+    }
+
+    /// Run all the checkers asynchronously, then
+    /// join and collect the results.
+    pub async fn run_all(&self) -> CheckGroupResult {
+        let results = join_all([self.has_modules().boxed(), self.version_is_good().boxed()]).await;
+
+        let mut group_result = Passed;
+        for res in results.iter() {
+            // Set group result to Failed if we failed and aren't already in an Errored state
+            if !matches!(group_result, Errored(_)) && matches!(res.result, Failed(_)) {
+                group_result = Failed("".into());
+            }
+
+            if matches!(res.result, Errored(_)) {
+                group_result = Errored("".into());
+            }
+        }
+
+        CheckGroupResult {
+            name: NAME.to_string(),
+            result: group_result,
+            results,
+        }
+    }
+
+    async fn version_is_good(&self) -> CheckResult {
+        let name = String::from("Host Kernel Version Is Good");
+        let floor = kernel::Version::new(KVER_FLOOR_MAJOR, KVER_FLOOR_MINOR, KVER_FLOOR_PATCH);
+
+        let passed = khelper::host_kver_above_floor(&self.host_executor, floor).await;
+
+        match passed {
+            Err(e) => CheckResult::new(&name, Errored(e.to_string())),
+            Ok(true) => CheckResult::new(&name, Passed),
+            Ok(false) => CheckResult::new(
+                &name,
+                Failed(String::from("current kernel version is unsupported")),
+            ),
+        }
+    }
+
+    async fn has_modules(&self) -> CheckResult {
+        let name = String::from("Host Has Necessary Modules");
+
+        let required_modules: Vec<String> =
+            REQUIRED_MODULES.iter().map(|s| s.to_string()).collect();
+
+        // Search builtin modules
+        let remaining = match khelper::find_builtins(&self.host_executor, &required_modules).await {
+            Ok(r) => r,
+            Err(e) => {
+                return CheckResult::new(&name, Errored(format!("getting kernel builtins {e}")));
+            }
+        };
+
+        // Search loaded modules
+        let remaining = match khelper::find_loaded(&self.host_executor, &remaining).await {
+            Ok(r) => r,
+            Err(e) => {
+                return CheckResult::new(&name, Errored(format!("getting kernel modules {e}")));
+            }
+        };
+
+        // Search loadable modules
+        let remaining = match khelper::find_loadable(&self.host_executor, &remaining).await {
+            Ok(r) => r,
+            Err(e) => {
+                return CheckResult::new(&name, Errored(format!("getting kernel modules {e}")));
+            }
+        };
+        if !remaining.is_empty() {
+            return CheckResult::new(&name, Failed(format!("missing {:?}", remaining)));
+        }
+
+        CheckResult::new(&name, Passed)
+    }
+}
+
+#[async_trait]
+impl CheckGroup for PostinstallKernelChecks {
+    fn id(&self) -> &str {
+        GROUP_IDENTIFIER
+    }
+
+    fn name(&self) -> &str {
+        NAME
+    }
+
+    fn description(&self) -> &str {
+        "Postinstall kernel validation checks"
+    }
+
+    async fn run(&self) -> CheckGroupResult {
+        self.run_all().await
+    }
+
+    fn category(&self) -> CheckGroupCategory {
+        CheckGroupCategory::Required
+    }
+}

src/checkers/postinstall/mod.rs

@@ -0,0 +1,3 @@
+pub mod guest_type;
+pub mod kernel;
+pub mod services;