Skip to content

Commit 8f00207

Browse files
author
Manish Ranjan Mahanta
committed
Initial check-in for ETW Name-GUID Mapping code
Signed-off-by: Manish Ranjan Mahanta <mmahanta@microsoft.com>
1 parent 3b9a4af commit 8f00207

8 files changed

Lines changed: 5175 additions & 34 deletions

File tree

internal/oci/uvm.go

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -419,12 +419,14 @@ func SpecToUVMCreateOpts(ctx context.Context, s *specs.Spec, id, owner string) (
419419
if err := handleWCOWSecurityPolicy(ctx, s.Annotations, wopts); err != nil {
420420
return nil, err
421421
}
422-
// If security policy is enable, wopts.ForwardLogs default value should be false
422+
// If security policy is enable, wopts.DisableLogForwarding default value should be true (CWCOW should not allow log forwarding by default)
423423
if wopts.SecurityPolicyEnabled {
424-
wopts.ForwardLogs = false
424+
wopts.DisableLogForwarding = true
425425
}
426426
wopts.LogSources = ParseAnnotationsString(s.Annotations, annotations.LogSources, wopts.LogSources)
427-
wopts.ForwardLogs = ParseAnnotationsBool(ctx, s.Annotations, annotations.ForwardLogs, wopts.ForwardLogs)
427+
wopts.DisableLogForwarding = ParseAnnotationsBool(ctx, s.Annotations, annotations.DisableForwardLogs, wopts.DisableLogForwarding)
428+
wopts.DisableDefaultLogSources = ParseAnnotationsBool(ctx, s.Annotations, annotations.DisableDefaultLogSources, wopts.DisableDefaultLogSources)
429+
428430
return wopts, nil
429431
}
430432
return nil, errors.New("cannot create UVM opts spec is not LCOW or WCOW")

internal/uvm/create_wcow.go

Lines changed: 27 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -70,9 +70,10 @@ type OptionsWCOW struct {
7070
// AdditionalRegistryKeys are Registry keys and their values to additionally add to the uVM.
7171
AdditionalRegistryKeys []hcsschema.RegistryValue
7272

73-
OutputHandlerCreator vmutils.OutputHandlerCreator // Creates an [OutputHandler] that controls how output received over HVSocket from the UVM is handled. Defaults to parsing output as ETW Log events
74-
LogSources string // ETW providers to be set for the logging service
75-
ForwardLogs bool // Whether to forward logs to the host or not
73+
OutputHandlerCreator vmutils.OutputHandlerCreator // Creates an [OutputHandler] that controls how output received over HVSocket from the UVM is handled. Defaults to parsing output as ETW Log events
74+
LogSources string // ETW providers to be set for the logging service
75+
DisableLogForwarding bool // Whether to disable forwarding of logs to the host or not
76+
DisableDefaultLogSources bool // Whether to disable using default log sources
7677
}
7778

7879
func defaultConfidentialWCOWOSBootFilesPath() string {
@@ -111,9 +112,10 @@ func NewDefaultOptionsWCOW(id, owner string) *OptionsWCOW {
111112
SecurityPolicyEnabled: false,
112113
},
113114
},
114-
OutputHandlerCreator: vmutils.ParseGCSLogrus,
115-
ForwardLogs: true, // Default to true for WCOW, and set to false for CWCOW in internal/oci/uvm.go SpecToUVMCreateOpts
116-
LogSources: "",
115+
OutputHandlerCreator: vmutils.ParseGCSLogrus,
116+
DisableLogForwarding: false, // Default to true for WCOW, and set to false for CWCOW in internal/oci/uvm.go SpecToUVMCreateOpts
117+
DisableDefaultLogSources: false,
118+
LogSources: "",
117119
}
118120
}
119121

@@ -291,7 +293,7 @@ func prepareCommonConfigDoc(ctx context.Context, uvm *UtilityVM, opts *OptionsWC
291293
}
292294

293295
maps.Copy(doc.VirtualMachine.Devices.HvSocket.HvSocketConfig.ServiceTable, opts.AdditionalHyperVConfig)
294-
if opts.ForwardLogs {
296+
if !opts.DisableLogForwarding {
295297
key := prot.WindowsLoggingHvsockServiceID.String()
296298
doc.VirtualMachine.Devices.HvSocket.HvSocketConfig.ServiceTable[key] = hcsschema.HvSocketServiceConfig{
297299
AllowWildcardBinds: true,
@@ -562,22 +564,23 @@ func CreateWCOW(ctx context.Context, opts *OptionsWCOW) (_ *UtilityVM, err error
562564
log.G(ctx).WithField("options", log.Format(ctx, opts)).Debug("uvm::CreateWCOW options")
563565

564566
uvm := &UtilityVM{
565-
id: opts.ID,
566-
owner: opts.Owner,
567-
operatingSystem: "windows",
568-
scsiControllerCount: opts.SCSIControllerCount,
569-
vsmbDirShares: make(map[string]*VSMBShare),
570-
vsmbFileShares: make(map[string]*VSMBShare),
571-
vpciDevices: make(map[VPCIDeviceID]*VPCIDevice),
572-
noInheritHostTimezone: opts.NoInheritHostTimezone,
573-
physicallyBacked: !opts.AllowOvercommit,
574-
devicesPhysicallyBacked: opts.FullyPhysicallyBacked,
575-
vsmbNoDirectMap: opts.NoDirectMap,
576-
noWritableFileShares: opts.NoWritableFileShares,
577-
createOpts: opts,
578-
blockCIMMounts: make(map[string]*UVMMountedBlockCIMs),
579-
logSources: opts.LogSources,
580-
forwardLogs: opts.ForwardLogs,
567+
id: opts.ID,
568+
owner: opts.Owner,
569+
operatingSystem: "windows",
570+
scsiControllerCount: opts.SCSIControllerCount,
571+
vsmbDirShares: make(map[string]*VSMBShare),
572+
vsmbFileShares: make(map[string]*VSMBShare),
573+
vpciDevices: make(map[VPCIDeviceID]*VPCIDevice),
574+
noInheritHostTimezone: opts.NoInheritHostTimezone,
575+
physicallyBacked: !opts.AllowOvercommit,
576+
devicesPhysicallyBacked: opts.FullyPhysicallyBacked,
577+
vsmbNoDirectMap: opts.NoDirectMap,
578+
noWritableFileShares: opts.NoWritableFileShares,
579+
createOpts: opts,
580+
blockCIMMounts: make(map[string]*UVMMountedBlockCIMs),
581+
logSources: opts.LogSources,
582+
forwardLogs: !opts.DisableLogForwarding,
583+
disableDefaultLogSources: opts.DisableDefaultLogSources,
581584
}
582585

583586
defer func() {
@@ -617,7 +620,7 @@ func CreateWCOW(ctx context.Context, opts *OptionsWCOW) (_ *UtilityVM, err error
617620
return nil, fmt.Errorf("error while creating the compute system: %w", err)
618621
}
619622

620-
if opts.ForwardLogs {
623+
if !opts.DisableLogForwarding {
621624
// Create a socket that the executed program can send to. This is usually
622625
// used by Log Forward Service to send log data.
623626
uvm.outputHandler = opts.OutputHandlerCreator(opts.ID)
Lines changed: 63 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,63 @@
1+
{
2+
"LogConfig": {
3+
"sources": [
4+
{
5+
"type": "ETW",
6+
"providers": [
7+
{
8+
"providerName": "Microsoft.Windows.HyperV.Compute",
9+
"level": "Information"
10+
},
11+
{
12+
"providerName": "Microsoft-Windows-Guest-Network-Service",
13+
"level": "Information"
14+
},
15+
{
16+
"providerName": "Microsoft.Windows.FileSystem.CimFS",
17+
"level": "Information"
18+
},
19+
{
20+
"providerName": "Microsoft.Windows.FileSystem.UnionFs",
21+
"level": "Information"
22+
},
23+
{
24+
"providerName": "Microsoft-Windows-BitLocker-Driver",
25+
"level": "Information"
26+
},
27+
{
28+
"providerName": "Microsoft-windows-bitlocker-api",
29+
"level": "Information"
30+
},
31+
{
32+
"providerName": "Microsoft.Windows.Security.KeyGuard",
33+
"level": "Information"
34+
},
35+
{
36+
"providerName": "Microsoft.Windows.Security.KeyGuard.Attestation.Verify",
37+
"level": "Information"
38+
},
39+
{
40+
"providerName": "Microsoft.Windows.Containers.Setup",
41+
"level": "Information"
42+
},
43+
{
44+
"providerName": "Microsoft.Windows.Containers.Storage",
45+
"level": "Information"
46+
},
47+
{
48+
"providerName": "Microsoft.Windows.Containers.Library",
49+
"level": "Information"
50+
},
51+
{
52+
"providerName": "Microsoft.Windows.Containers.DynamicImage",
53+
"level": "Information"
54+
},
55+
{
56+
"providerName": "Microsoft.Windows.LogForwardService.Provider",
57+
"level": "Information"
58+
}
59+
]
60+
}
61+
]
62+
}
63+
}

0 commit comments

Comments
 (0)