nitro: Update architecture #497
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
tylerfanelli
requested review from
MatiasVara,
jakecorrenti,
mtjhrc and
slp
as code owners
tylerfanelli
force-pushed
the
nitro-update
branch
2 times, most recently
from
922794b to
d6ba220
Compare
Separate the network proxy into its own module since it will largely be a separate process only responsible for facilitating network traffic between the host and guest. Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
To modularize the task of writing the enclave's arguments (rootfs, exec path, etc) to the guets via vsock, create a writer specifically tasked with writing the arguments to the enclave. This will allow for better extensibility when other arguments (network, storage, attestation credentials, etc) would like to be given to the enclave's initramfs. Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
To modularize the task of reading the enclave's arguments (rootfs, exec path, etc) from the host via vsock, create a "reader" module specifically tasked with reading the arguments from the host. Arguments added to libkrun's writer can now include a counterpart for the initramfs's reader module for better extensibility in adding arguments such as network, storage, and attestation credentials. Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
Rather than automatically initializing the network proxy within the enclave initramfs, add an optional argument signaling that the enclave should set up the network proxy. This essentially makes network access within the enclave optional, which may be desirable for applications intended to be disconnected for privacy/security reasons. Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
The guest will indicate to the host that its internal network proxy is ending by closing the proxy vsock. When this is encountered, end the host's listener thread, as there is nothing more to read. Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
Originally; when the enclave application ended, there would be no explicit closing of the vsock file descriptor within the enclave network proxy. With this, the host network proxy process never ended and was essentially a zombie. When the application ends, send a signal (via an eventfd) to the guest network proxy, which will read this signal and explicitly close the proxy file descriptors. This will signal to the krun-nitro proxy that the guest proxy has ended and it itself should close the file descriptors and exit as well. Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
When the host network proxy receives the "shutdown signal" from the guest's vsock, it must signal to the passt listener thread that it must also end the stream and exit. Add a sender/receiver channel in which the host network vsock listener notifies the passt listener to exit before it itself exits. Upon receiving this message, the passt proxy can then exit. Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
Rather than spawning an entire process for network proxying, delegate this task to a singular thread. Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
Instead of returning the CID immediately in krun_start_enter, follow the traditional behavior of the API by waiting until the microVM "terminates" to return from the function with an error code. Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
Rather than requiring the process calling the krun APIs to establish different threads for observing enclave output, use the krun_set_console_output API to indicate where enclave output should be written. An "enclave output proxy" is established to monitor the enclave's output vsock and forwarding it to the file path specified by the krun console output API. Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
Remove the krun_nitro_set_image API, as the nitro module now uses an environment variable (or default path location) to fetch the EIF file. Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
Existing libkrun APIs can be used to produce the same behavior that the nitro-specific start flags API can. Instead of keeping a nitro-specific API, remove it and use an existing API to achieve the same behavior. Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
The example's exec path can be taked from the default argv. These two values should match. Signed-off-by: Tyler Fanelli <tfanelli@redhat.com>
tylerfanelli
force-pushed
the
nitro-update
branch
from
d6ba220 to
aa200cc
Compare
jakecorrenti
approved these changes
Jan 7, 2026
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a broad update that adds:
krun_start_enterbehavior to somewhat match standard libkrun (not returning until enclave exits).cc/ @jakecorrenti