firecracker icon indicating copy to clipboard operation
firecracker copied to clipboard

Published 20 hours ago verified publisher icon firecracker-microvm

Mechanism to catch unversioned Firecracker state struct changes

Open acatangiu opened this issue 5 years ago • 2 comments

acatangiu avatar May 04 '20 08:05 acatangiu

We either need to move this issue to the versionize repository or create a mechanism in Firecracker to verify that structs implementing versionize were not changed.

alsrdn avatar May 03 '22 08:05 alsrdn

I would look at options to ensure state format is an invariant when serializing/deserializing the same version (meaning the version of all structs that make up the state) of Firecracker, but some support needs to be provided by the versionize crates. For starters, you can have a test that builds FC with a special flag which enables versionize to compute the hash of the compile time metadata. Then traverse the state and write all of these versions and hashes of all structs from the state and save them to disk. You would then just compare these versus the "gold values" commited in the repo.

sandreim avatar May 03 '22 10:05 sandreim

Firecracker is no longer using versionize, having replace it with serde in https://github.com/firecracker-microvm/firecracker/pull/4230. Closing this issue as no longer applicable

roypat avatar Jan 29 '24 11:01 roypat