- Render byte counts with FormatBytes instead of a bogus 's' suffix.
- Drop the '/total' when current exceeds Docker's estimated total so the progress never displays over 100%.
distributions.yml and modern-distributions.yml only check out the repo and run
python validators, so they get contents: read.
winget.yml runs on release: published and forwards a precomputed artifact URL
to wingetcreate using the WINGET_TOKEN secret (an external token). It does not
checkout the repo and does not call any GitHub API endpoint, so it gets
permissions: {} (no scopes needed).
This brings the three workflows in line with the other workflows in this repo
that already declare explicit permissions.
Signed-off-by: Arpit Jain <arpitjain099@gmail.com>
* Add --timestamps, --since, and --until flags to wslc container logs
Wire up the existing WSLCLogsFlagsTimestamps flag and Since/Until parameters
from the IWSLCContainer::Logs COM interface to the CLI. Previously these were
hardcoded to 0/disabled despite the backend already supporting them.
Changes:
- Add Timestamps (flag, -t), Since (value), Until (value) argument types
- Add ULONGLONG validation for --since and --until
- Register new args on the container logs command
- Pass timestamps flag and since/until values through to the COM call
- Add localization strings with {Locked} comments for the new flags
- Add 8 command-line parsing unit test cases
- Add 6 end-to-end test methods covering timestamps, since, until,
combined usage, and short flag (-t)
Usage:
wslc container logs --timestamps mycontainer
wslc container logs --since 1700000000 mycontainer
wslc container logs --until 1700001000 mycontainer
wslc container logs -t -f --since 0 --tail 50 mycontainer
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add localization placeholders for new log flag strings
Add WSLCCLI_TimestampsArgDescription, WSLCCLI_SinceArgDescription, and
WSLCCLI_UntilArgDescription to all 21 non-en-US locale files with English
placeholder values. These will be translated by the localization team.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Pooja Trivedi <trivedipooja@microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Improves virtiofs and VirtioProxy performance by giving each virtio
device its own SWIOTLB aperture instead of sharing a single global
pool. The guest kernel reserves a contiguous physical range at boot,
publishes the (base, size), and the host programs a matching
per-device aperture in wsldevicehost.
1. The WSL kernel allocates a contiguous range at boot
(alloc_contig_pages with __GFP_DMA32 | __GFP_ZERO) and exposes
the chosen physical (base, size) under
/sys/bus/vmbus/drivers/hv_pci/swiotlb_{base,size}
2. mini_init (WSL2) and the WSLC init handler read those sysfs files
and return the values in LX_INIT_GUEST_CAPABILITIES and
WSLC_GET_GUEST_CAPABILITIES_RESULT respectively.
3. WslCoreVm::ReadGuestCapabilities and
WSLCVirtualMachine::ReadGuestCapabilities capture the values.
WSLC forwards them to wslservice via the new
HcsVirtualMachine::ApplyGuestCapabilities IDL method (with a
WSLCGuestCapabilities struct so future kernel-published values
can be added without bumping the interface IID).
4. Both VM owners format "swiotlb=0x{base:x},{size}" once into
m_swiotlbOption and pass it verbatim to AddGuestDevice /
AddSharePath for every virtiofs share and virtio-net adapter
(VirtioProxy networking). wsldevicehost consumes the token and
creates the per-device SWIOTLB aperture.
If the kernel does not publish the sysfs files (older kernel) both
values come back as zero, the host omits the device-options token,
and the WSL2 path emits a one-time user warning via
MessageSwiotlbKernelUnsupported so users understand why performance
is degraded. (The WSLC path always uses the bundled kernel, so the
warning does not apply there.)
Other changes:
* Bump Microsoft.WSL.Kernel to 6.18.26.3-1, which is the first
official kernel that publishes the hv_pci swiotlb_{base,size}
sysfs files this PR consumes.
* Bump Microsoft.WSL.DeviceHost to 1.2.29-0 for the device-side
SWIOTLB aperture support.
* Default pool sizing moves to helpers::ComputeDefaultSwiotlbConfig
and is only requested on the kernel command line when a virtio
device that needs bounce buffers (VirtioFs / Virtio9p /
VirtioProxy) is in use.
* Telemetry: emit GuestKernelInfo / WSLCReadGuestCapabilities /
WSLCApplyGuestCapabilities events with the kernel-chosen base
and size so we can validate the handshake in CI.
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The Guardian CodeSign post-analysis scans the entire source checkout and
flags every in-repo .ps1 as unsigned (17 errors, breaking the release
build). Two prior attempts to filter the findings via the documented
ob_sdl_codeSignValidation_excludes variable - at pipeline-level
(b011cf77) and at the package job's variables block (PR #40653) - were
both silently ignored.
Disable the auto-scan on the package job; the msixbundle and nupkg
outputs are explicitly signed AND verified by the EsrpCodeSigning tasks
in the same job (SigntoolVerify / NuGetVerify operations), so signing
coverage on the actual release artifacts is preserved. The build_x64 /
build_arm64 jobs keep codesign validation enabled.
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Windows interop in every running WSL2 distro silently breaks whenever a
sibling systemd-enabled distro shuts down, surfacing to users as:
/bin/bash: line 1: /mnt/c/Windows/system32/cmd.exe:
cannot execute binary file: Exec format error
Root cause: `systemd-shutdown` calls `disable_binfmt()` during clean
shutdown, which writes `-1` to `/proc/sys/fs/binfmt_misc/status`.
binfmt_misc is a single kernel-global registry shared across the WSL VM
(distros do not isolate it via a user namespace), so that one write wipes
every entry -- including WSLInterop -- for every running distro.
Fix: each per-distro init bind-mounts a read-only file over
`/proc/sys/fs/binfmt_misc/status` in its own mount namespace before
exec'ing the distro's init. systemd-shutdown's wipe write then fails with
EROFS; systemd logs a warning and continues normally (its
`binfmt_mounted_and_writable()` helper deliberately tolerates this
case). Per-entry unregister (`echo -1 > .../<name>`) and runtime
registration (`echo ... > .../register`) target different files and are
unaffected, so callers retain full control over their own binfmt entries.
`LockBinfmtStatusReadOnly` is idempotent: it bails early if binfmt_misc
isn't mounted, no-ops if `/status` already resolves to our lock file,
and recovers from a stale foreign mount via `umount2(MNT_DETACH)`
followed by a retry. The existing `[boot] protectBinfmt` wsl.conf key
(default true) now controls the bind-mount and acts as a kill switch for
users who want to manage binfmt_misc themselves.
WSLInterop is also re-registered from mini_init with the `F`
(fix-binary) flag so the interpreter is opened at registration time and
remains valid across mount namespaces.
Tests:
* `BinfmtStatusIsLocked` -- mechanism test: `/status` is its own
mountpoint, writes fail with EROFS, WSLInterop survives the wipe
attempt, /register and per-entry unregister still work, and the
`protectBinfmt=false` kill switch removes the bind-mount.
* `BinfmtSurvivesDistroTermination` -- end-to-end regression test:
imports a systemd-enabled peer distro, terminates it, and asserts
that the primary distro's Windows interop still works.
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The Guardian CodeSign post-analysis in the package job is failing on
in-repo .ps1 scripts (collect-wsl-logs.ps1, deploy/*.ps1, etc.) that
are not shipped and don't need signing.
PR #40541 fixed this for the build job and added the exclusion as a
pipeline-level variable, but the package job in package-stage.yml
declares its own variables block and OneBranch's SDL injection only
honors ob_sdl_* variables at job scope, so the pipeline-level value
isn't applied.
Add ob_sdl_codeSignValidation_excludes: -|**\*.ps1 to the package job's
variables, mirroring what build-job.yml does.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix message handling and variable assignment
* Fix message handling and variable assignment
Fix missing newline at end of file.
* Remove unused MESSAGE_HEADER variable in init.cpp
* Add job objects to terminate child processes on VM shutdown
Add JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE job objects to ensure that child
processes spawned by the service (wsldevicehost, wslhost.exe, wslrelay.exe)
are terminated when the VM shuts down. This prevents lingering processes
from holding DLLs locked during package upgrades.
Changes:
- DeviceHostProxy: Create a job object and assign the COM device host
process to it in RegisterDeviceHost.
- WslCoreVm: Create a per-VM job object and pass it to LaunchDebugConsole,
LaunchKdRelay, LaunchPortRelay, and WslCoreInstance.
- SubProcess: Add SetJobObject() which uses PROC_THREAD_ATTRIBUTE_JOB_LIST
to assign the process to the job at creation time.
- helpers: Add optional JobObject parameter to Launch* functions.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* wslc: add job object for child processes spawned by wslcsession
Follow-up to the per-VM job object work: WSLCVirtualMachine::LaunchPortRelay
spawns wslrelay.exe directly via SubProcess. Without a per-VM job object,
if wslcsession.exe crashes or is force-killed before signaling
m_vmTerminatingEvent, the spawned wslrelay.exe is orphaned and keeps
wslrelay.exe locked.
Create a JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE job in WSLCVirtualMachine::Initialize
and pass it to LaunchPortRelay via SubProcess::SetJobObject, matching the
pattern used in WslCoreVm.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* fix formatting
* wslc: reorder job object before port relay pipes
Member destruction order is reverse of declaration order. Declare
m_processJobObject before m_portRelayChannelRead/Write so the pipes
are destroyed first and the job object (which kills wslrelay.exe) is
destroyed last.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Factor out CreateKillOnCloseJob() helper
Replace four near-identical CreateJobObject + SetInformationJobObject
blocks with a single helpers::CreateKillOnCloseJob() call:
- WslCoreVm
- DeviceHostProxy
- WSLCVirtualMachine
- WSLCSessionManager
Addresses code review feedback from JohnMcPMS.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Share memory reduction logic between WSL2 and WSLC
Extract the memory compaction and cache reclaim thread into
StartMemoryReductionThread() in util.cpp. WSLC now runs the same
idle-based compaction and drop_caches logic that WSL2 uses, improving
page reporting efficiency and reducing host memory pressure.
- Add StartMemoryReductionThread() and MemoryReductionMode to util.h/cpp
- WSL2 main.cpp delegates to shared implementation
- WSLC WSLCInit.cpp calls StartMemoryReductionThread(DropCache)
- Remove duplicated GetUserCpuTime/GetMemoryInUse from main.cpp
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Remove MemoryReductionMode enum, use LX_MINI_INIT_MEMORY_RECLAIM_MODE directly
Address PR review feedback:
- Remove redundant MemoryReductionMode enum and use the existing wire enum
LX_MINI_INIT_MEMORY_RECLAIM_MODE directly, eliminating the unsafe static_cast
that could have swapped Gradual/DropCache behavior.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Start memory reduction thread after WSLC chroot
ProcessMessages may MS_MOVE /proc into the chroot target before invoking
chroot(); starting the thread before that window risked failing path
lookups under /proc. Defer the thread start until the first successful
chroot, guarded by a once_flag so subsequent mount messages don't re-start.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address PR review feedback on memory reduction helpers
* GetUserCpuTime: harden /proc/stat parsing. read() returning 0 left
Buffer empty (Result <= 0 was treated as success), and either
strtok_r call could return nullptr on a short/malformed first line,
causing strtoll(nullptr, ...) to crash. Now check both Result > 0
and that each token is non-null, returning -1 on any anomaly.
* RECLAIM_PATH: build from CGROUP_MOUNTPOINT (already defined in
util.h) so the cgroup root is defined in one place. Drop the dead
duplicate #define from main.cpp now that the only consumer lives
in util.cpp.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Pooja Trivedi <poojatrivedi@gmail.com>
* CLI: Add container prune command
Implement the 'wslc container prune' command to remove all stopped
containers. The backend IWSLCSession::PruneContainers API already
exists; this adds the CLI frontend.
Changes:
- ContainerPruneCommand: new command class with --session arg
- ContainerService::Prune(): service layer using RAII PruneResult
- PruneContainers task: prints pruned container IDs and reclaimed space
- PruneContainersResult model struct
- 3 localization strings (desc, long desc, space reclaimed)
- CLI parsing unit tests in CommandLineTestCases.h
- E2E tests: help, no-stopped, stopped, running-preserved, multi-stopped
- Updated container help output test to include prune subcommand
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address PR review: use shared helpers in prune tests
- Add StdoutContainsSubstring() to WSLCExecutionResult for reusable
substring matching (per reviewer suggestion to move to WSLCExecutor)
- Replace manual container list loops with VerifyContainerIsNotListed()
and VerifyContainerIsListed() helpers
- Use exact localized string match for zero-reclaimed-space assertion
- Remove private VerifyStdoutContains helper (now in WSLCExecutor)
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Container Prune e2 test: Fix clang formatting errors
* Fix PruneContainers call to match 3-parameter interface
Remove extra argument that doesn't match the IWSLCSession::PruneContainers
signature (Filters, FiltersCount, Result).
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address Copilot review feedback
- Rename Containers -> PrunedContainers in PruneContainersResult for clarity
- Add reserve() before loop to avoid repeated reallocations
- Add per-test cleanup in ClassSetup to prevent flaky tests from leftovers
- Assert pruned container IDs appear in prune output
- Remove hardcoded English strings; use localization API for assertions
- Simplify StdoutContainsSubstring to search raw buffer directly
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Pooja Trivedi <trivedipooja@microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Touchdown/lsbuild requires the `_locComment_text=` suffix (not `_locComment=`) for inline string-level lock comments. With the previous syntax, the produced .lcg intermediary contained malformed Dev comments (e.g. unbalanced `}` and truncated `{Locked=` rules), so the {Locked=...} tokens were not being honored.
Also add lock comments to <displayName> and <description>, which previously had no locking applied.
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Align docker_schema with bundled dockerd v25.0.3 (API v1.44)
WSLC talks to a bundled dockerd v25.0.3 (Docker API v1.44). Several entries
in docker_schema.h drifted toward documented-but-not-shipped types or were
defensive in the wrong way. None of these are observable user-facing bugs
on a stock daemon today, but each is a latent crash or misbehavior waiting
on the right wire payload from a third-party driver, future daemon, or
TTY exec.
Authoritative source: https://github.com/moby/moby/tree/v25.0.3/api
Schema fixes:
* ContainerState enum: prepend {Unknown, nullptr} so an unrecognized state
string from the daemon falls back to Unknown rather than silently
decoding as the first map entry (Created).
* HostConfig.ShmSize: change std::optional<ULONGLONG> -> std::int64_t.
Docker's wire type is signed int64 and 0 already means "use daemon
default", so the optional indirection added nothing.
* Volume.Status: change optional<map<string,string>> ->
optional<map<string, nlohmann::json>>. Docker's wire schema is
map[string]any; third-party volume drivers may publish numbers, bools,
or nested objects which would currently throw type_error during deserialize.
* Image.Size, InspectImage.Size: change uint64_t -> int64_t to match the
daemon's int64 wire type. Cast at consumer sites that feed ULONGLONG
ABI fields.
* CreateExec / StartExec ConsoleSize: replace
NLOHMANN_DEFINE_TYPE_INTRUSIVE_* with explicit to_json that omits the
field when empty. Docker treats an empty array as an explicit 0x0
console for TTY execs; we were unconditionally serializing [].
* CreatedContainer.Name: removed (Docker's POST /containers/create
response only contains Id and Warnings; Name is supplied as a query
parameter, not echoed back). Switched to WITH_DEFAULT for parity with
surrounding types.
Doc:
* Updated two API doc URL references from v1.52 to v1.44 with a note
about the bundled dockerd version.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* wslc: align Size/ShmSize types with docker int64 end-to-end
Per PR review: replace boundary static_casts with consistent signed
64-bit types across IDL, SDK, service models, and CLI schema. Mirrors
the existing MemoryBytes/NanoCpus precedent.
- IDL: WSLCImageInformation.Size, WSLCContainerOptions.ShmSize -> LONGLONG
- SDK: WslcImageInfo.sizeBytes -> int64_t
- Models: ImageInformation::Size, ContainerOptions::ShmSize -> int64_t
- Schema: InspectImage::Size -> int64_t
- Launcher: m_shmSize/SetShmSize -> int64_t
- Validation: GetMemorySizeFromString returns int64_t
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* cloudtest: skip WSLC test suite on Windows Server images
The WSLC TAEF job consistently times out on Windows Server images
because of a VMBus PowerOff hang during VM teardown on Server SKUs.
Skip the wslc TAEF group on Server images until the host issue is
resolved. The wsl1 and wsl2 groups continue to run on Server. Client
images (rs_prerelease, win11-23h2, win10-22h2) are unchanged and still
run all three groups.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address review feedback: dereference loop variable in IN_LIST check
Use "${image}" instead of bare image in the IN_LIST condition for
clarity and to avoid relying on if() implicit variable lookup.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* .pipelines: skip WSLC test job on Server images
Companion change to the cloudtest/CMakeLists.txt skip: tag the
fe_release image as `server: true` and gate the WSLC test job on
`image.server` so the pipeline does not try to load a TestMap.xml
that is no longer generated for the WS22+wslc combination.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Picks up the fix for GUI app icons disappearing from the Start menu
on Azure Linux 3 system distros. The system distro upgrade in WSLg
1.0.72 brought in librsvg 2.58, which lazily spawns a rayon thread
pool the first time it has to render a complex SVG icon. Those
worker threads share fs_struct with weston's app-list enumeration
thread and break the subsequent setns(CLONE_NEWNS) into the user
distro's mount namespace, causing every app processed after the
first complex-icon one to fall off the Start menu.
Fixed in microsoft/weston-mirror#162; rolled into Microsoft.WSLg
1.0.77.
Fixes microsoft/wslg#1444
Fixes#40538
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
