* Prototype
* Save state
* Save state
* Save state
* Save state
* Save state
* Save state
* Remove zeroing
* Apply PR feedback
* Add test coverage
* Format
* Add test coverage for null handles
Implements `WslcCanRun` using existing primitives. Updates the component flag names to help better describe their meaning and adds comments to further do so.
Also changes the error returned when we cannot create a `WSLASessionManager` and WSL is installed at a version below the minimum for WSLC support.
* Save state
* Add test coverage
* Rename method
* Require input handle in the service
* Apply PR feedback
* Format
* Apply PR feedback + update tests
* Format
* Validate empty host path in VolumeMount::Parse
When parsing volume mount specs without a mode suffix (e.g. ':container'),
the host path validation was skipped, producing a VolumeMount with an empty
host path. This would propagate to MountWindowsFolder('') and produce a
confusing error.
Add validation after computing m_hostPath to reject empty host paths with
a clear error message in all cases.
* add test coverage
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
GetState/GetInitProcess/GetId/GetName could race with DisconnectComWrapper:
the cache check saw empty, then disconnect populated the cache and nulled
the impl, so the forwarded call failed with RPC_E_DISCONNECTED even though
the cached value was now available.
Fix by removing the upfront cache check and instead calling through to the
impl first. If the call fails with RPC_E_DISCONNECTED, fall back to the
cache which DisconnectComWrapper guarantees is populated.
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Clean up Docker container on Create() failure
If InspectContainer or the WSLCContainerImpl constructor throws after
CreateContainer succeeds, the Docker container is permanently orphaned
with no way to manage it through WSLC APIs.
Add a scope_exit to delete the Docker container on failure, released
on success.
* pr feedback (capture by value)
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Use weak_ptr in m_trackedProcesses so WatchForExitedProcesses can safely
lock a reference and call OnExited() outside m_trackedProcessesLock.
weak_ptr avoids a circular reference: the vector no longer prevents
VMProcessControl destruction, so the destructor's OnProcessReleased
cleanup runs normally. Expired entries are also pruned in OnProcessReleased.
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
When the TtyMaster fd is non-blocking, write() can return fewer bytes than
requested (partial write). The existing code only handled the EAGAIN/EWOULDBLOCK
case by buffering into pendingStdin, but silently dropped data on successful
partial writes.
Add handling for 0 < bytesWritten < bytesRead to buffer the unwritten bytes
into pendingStdin, matching the existing retry logic.
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
WaitForMultipleObjects has a 64-handle limit. The accept thread uses
1 handle for the exit event, leaving room for 63 port mappings.
Reject new port mappings with ERROR_TOO_MANY_OPEN_FILES when the limit
is reached, rather than crashing the relay thread. Existing mappings
continue to work.
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
std::stoul returns unsigned long (32-bit on Windows), truncating Content-Length
values >4GB. This corrupts the socket stream for large image save/export
operations.
Replace with std::stoull to parse as 64-bit unsigned.
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
WSLCDeleteImageFlagsForce (from WSLCDeleteImageFlags enum) was used instead
of WSLCDeleteFlagsForce (from WSLCDeleteFlags enum). Both values are currently
1, so no functional issue today, but this is a type confusion that will break
silently if either enum changes.
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Build.SourceBranchName only returns the last segment after '/', breaking
branches with slashes (e.g. user/benhill/loc_fix -> loc_fix). Use
Build.SourceBranch with refs/heads/ stripped instead.
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Allow clients to continue reading stdout/stderr and querying state from containers after they've been deleted, by caching the read-only data in the com wrapper.
* Save state
* Save state
* Handle issues during pull
* Disable the pull tests
* Update the CLI tests
* Format
* Fix legacy index logic
* Add test coverage for failed PullImage()
* Update test/windows/WSLCTests.cpp
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* test: enable virtiofs tests and enable WSLG during testing (#14387)
* test: enable virtiofs tests and enable WSLG during testing
* test fix
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* chore(distributions): Almalinux auto-update - 20260311 14:52:02 (#14404)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* Fix CVE-2026-26127: bump .NET runtime from 10.0.0 to 10.0.4 (#14421)
Addresses Dependabot alerts #10 and #11. The Microsoft.NETCore.App.Runtime
packages (win-x64 and win-arm64) at version 10.0.0 are vulnerable to a
denial of service via out-of-bounds read when decoding malformed Base64Url
input (CVSS 7.5 High). Bumped to 10.0.4 which includes the fix.
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Notice change from build: 141806547 (#14423)
Co-authored-by: WSL notice <noreply@microsoft.com>
* Ship initrd.img in MSI using build-time generation via powershell script (#14424)
* Ship initrd.img in MSI using build-time generation via tar.exe
Replace the install-time CreateInitrd/RemoveInitrd custom actions with a
build-time step that generates initrd.img using the Windows built-in
tar.exe (libarchive/bsdtar) and ships it directly in the MSI.
The install-time approach had a race condition: wsl.exe could launch
before the CreateInitrd custom action completed, causing
ERROR_FILE_NOT_FOUND for initrd.img.
Changes:
- Add CMake custom command to generate initrd.img via tar.exe --format=newc
- Add initrd.img as a regular file in the MSI tools component
- Remove CreateInitrd/RemoveInitrd custom actions from WiX, DllMain,
and wslinstall.def
- Remove CreateCpioInitrd helper and its tests (no longer needed)
- Update pipeline build targets to build initramfs instead of init
* pr feedback
* more pr feedback
* switch to using a powershell script instead of tar.exe
* powershell script feedback
* hopefully final pr feedback
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* virtiofs: update logic so querying virtiofs mount source does not require a call to the service (#14380)
* virtiofs: update logic so querying virtiofs mount source does not require a call to the service
* more pr feedback
* use std::filesystem::read_symlink
* pr feedback and use canonical path in virtiofs symlink
* make sure canonical path is always used
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* virtio networking: add support for ipv6 (#14350)
* VirtioProxy: Add IPv6 address, gateway, and route support
- Add PreferredIpv6Address field and GetBestGatewayV6* methods to NetworkSettings
- Extend GetHostEndpointSettings() to discover IPv6 unicast address and gateway
- Add UpdateIpv6Address() using ModifyGuestEndpointSettingRequest<IPAddress>
- Push IPv6 default route to guest via UpdateDefaultRoute(AF_INET6)
- Remove AF_INET6 early return in ModifyOpenPorts, use INETADDR_PORT()
- Add EndpointRoute::DefaultRoute() static factory
- Pass client_ip_ipv6 in devicehost options (not yet parsed by devicehost)
- Remove gateway_ip from devicehost options (only needed for DHCP)
- Include IPv6 DNS servers in non-tunneling DNS settings
- Add ConfigurationV6 and DnsResolutionAAAA tests
* cleanup and add more ipv6 tests
* added test coverage and minor updates
* clang format
* pr feedback
* format source
* pr feedback
* test fixes
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Track `bind` syscall when port is 0 (#14333)
* Initial work
* .
* pr feedback and add unit test
* minor tweaks an fix use after free in logging statement
* implement PR feedback
* hopefully final pr feedback
* pr feedback in test function
* Address PR feedback: add try/catch to TrackPort and PortZeroBind queue push
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Add iptables to list of apps to install in WSL (#14459)
There were instructions already on how to install tcpdump in WSL, but
iptables are also needed for the log collection to be complete, so this
PR adds instructions on how to also install iptables.
Co-authored-by: Andre Muezerie <andremue@linux.microsoft.com>
* Update Microsoft.WSL.DeviceHost to version 1.1.39-0 (#14460)
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Moves all Ubuntu distros to the tar-based format (#14463)
* Move all supported Ubuntu images to the new format
We backported the build pipeline so all current LTSes come out in the new tar-based format
* Remove the appx based distros
All WSL users can run tar-based distros by now, right?
There is no benefit in maintaining both formats.
* Enable DNS tunneling for VirtioProxy networking mode (#14461)
- Allow VirtioProxy to keep EnableDnsTunneling=true in config, but clear
socket-specific options (BestEffortDnsParsing, DnsTunnelingIpAddress)
- Suppress dedicated DNS tunneling hvsocket for VirtioProxy; tunneling
is handled through the VirtioNetworking device host instead
- Set DnsTunneling flag on VirtioNetworkingFlags so the device host
knows to tunnel DNS
- Expand SWIOTLB kernel cmdline to cover VirtioFs and VirtioProxy
- Bump DeviceHost package to 1.1.39-0
- Add VirtioProxy DNS test coverage for tunneling on/off
- Skip GuestPortIsReleasedV6 on Windows 10
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* test: disable LoopbackExplicit due to OS build 29555 regression (#14477)
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Refactor: trim unnecessary DLL deps from COMMON_LINK_LIBRARIES (#14426)
* Refactor: trim unnecessary DLL deps from COMMON_LINK_LIBRARIES
- Split MSI/Wintrust install functions from wslutil.cpp into install.cpp
- Remove MI.lib, wsldeps.lib, msi.lib, Wintrust.lib, computecore.lib,
computenetwork.lib, Iphlpapi.lib from COMMON_LINK_LIBRARIES
- Add per-target MSI_LINK_LIBRARIES, HCS_LINK_LIBRARIES, SERVICE_LINK_LIBRARIES
- Delay-load msi.dll and WINTRUST.dll for wsl.exe and wslg.exe
- Result: wslhost, wslrelay, wslcsdk, testplugin lose msi/wintrust startup imports;
wsl.exe and wslg.exe defer msi/wintrust loading until actually needed;
wslservice is the only target that imports computecore/computenetwork/Iphlpapi
* minor fixes to install.cpp that were caught during PR
* move to wsl::windows::common::install namespace
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Fix wsl stuck when misconfigured cifs mount presents (#14466)
* detach terminal before running mount -a
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* use _exit on error before execv in child process to avoid unintentional resource release
* Add regression test
* Fix clang format issue
* fix all clang format issue
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* resolve ai comments
* move test to unit test
* Fix string literal
* Overwrite fstab to resolve pipeline missing file issue
---------
Co-authored-by: Feng Wang <wangfen@microsoft.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Update localization and notice scripts to target the branch that the pipeline is running on (#14492)
* test: Add arm64 test distro support (#14500)
* test: Add arm64 test distro support
* update unit test baseline
* more test baseline updates
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* test: remove duplicated DNS test coverage (#14522)
* test: remove duplicated DNS test coverage
* format source
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Fix: Fail and warn the user when --uninstall is given parameters (#14524)
Fail and warn the user when --uninstall is given parameters.
* Localization change from build: 142847827 (#14525)
Co-authored-by: WSL localization <noreply@microsoft.com>
* virito net: revert to previous DNS behavior while we debug an issue with DNS over TCP (#14532)
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* devicehost: update to latest devicehost nuget with tracing improvements (#14531)
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* fix merge issues
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: AlmaLinux Autobot <107999298+almalinuxautobot@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Blue <OneBlue@users.noreply.github.com>
Co-authored-by: WSL notice <noreply@microsoft.com>
Co-authored-by: Daman Mulye <daman_mulye@hotmail.com>
Co-authored-by: Andre Muezerie <108841174+andremueiot@users.noreply.github.com>
Co-authored-by: Andre Muezerie <andremue@linux.microsoft.com>
Co-authored-by: Carlos Nihelton <carlos.santanadeoliveira@canonical.com>
Co-authored-by: Feng Wang <wang6922@outlook.com>
Co-authored-by: Feng Wang <wangfen@microsoft.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
