mirror of
https://github.com/microsoft/WSL.git
synced 2026-06-01 01:49:36 -05:00
2.8.7
25 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Kevin Vega
|
34bebd53cc | Add volume listing and pruning functionality (#40457) | ||
|
Blue
|
c9e4671b27 |
Implement the WSLC plugin API (#40521)
* Save state * Save state * Save state * Save state * Save state * Format * Save state * Save state * Format * Save state * Save state * Reorganize tests * Cleanup before review * Add missing file * Apply PR feedback * Apply PR feedback * Format * Apply PR feedback * merge * Apply PR feedback * Format * Apply PR feedback * Use iswalnum() |
||
|
beena352
|
104e05124e | Add container:<name id> network mode for WSLC containers (#40502) | ||
|
Blue
|
d4b49348fb |
Move IO related classes to their own file & namespace (#40534)
* Move IO related classes to their own file & namespace * Add file * Format |
||
|
Kevin Vega
|
17aca91856 | Add container list filters (#40513) | ||
|
David Bennett
|
5a61e777d1 | CLI: Add container stats command (#40500) | ||
|
beena352
|
83e9cfcd89 | Add support for starting a container in multiple networks (#40434) | ||
|
Ben Hillis
|
41498d358d |
Add Uid/Gid/Fixed driver options to WSLC VHD volumes and expose via SDK (#40476)
* Add Uid/Gid/Mode/Fixed driver options to WSLC VHD volumes; expose via SDK
The WSLC named-volume "vhd" driver only supported a single SizeBytes
option, so containers running as a non-root user could not write to
their own persistent volumes (mkfs.ext4 leaves the root owned by
root:root with mode 0755). It also could not produce a fully-allocated
VHD, which some workloads need for predictable I/O.
Service side
============
* Adds new VHD driver options on top of SizeBytes:
- Fixed=true|false pre-allocate the underlying VHD
- Uid=<n> chown the volume root to uid (paired with Gid)
- Gid=<n> chown the volume root to gid (paired with Uid)
- Mode=<octal> chmod the volume root, max 07777, must be > 0
* Extracts a reusable OptionParser helper for typed option parsing
with errno-capture, end-pointer validation, leading-sign rejection,
consumed-key tracking, and a final RejectUnknown() pass. Used by
WSLCVhdVolume's Create and Open paths so persisted metadata is
validated identically on reload.
Public C SDK
============
WslcVhdRequirements grows three new uint32_t fields (uid/gid/mode) and
a WslcVhdRequirementsFlags bitmask. WslcCreateSessionVhdVolume:
* honors WSLC_VHD_TYPE_FIXED (was previously E_NOTIMPL)
* dynamically builds WSLCDriverOption[] based on which flags are set
* rejects unknown type values, unknown flag bits, and mode == 0 with
E_INVALIDARG so future flag additions cannot be silently ignored
by older SDK versions and obvious foot-guns are caught client-side.
WslcSetSessionSettingsVhd does NOT plumb owner/mode/fixed through the
session rootfs VHD path, and now rejects flags != NONE with
E_INVALIDARG instead of silently ignoring them.
WSLC_SESSION_OPTIONS_SIZE bumps 80 -> 96 to match the wider embedded
WslcVhdRequirements; this is an ABI break, callers must recompile.
WinRT projection
================
VhdRequirements gains:
void SetOwner(UInt32 uid, UInt32 gid);
void SetMode(UInt32 mode);
These set the corresponding flag bit and field on the underlying
struct. Pair-based SetOwner avoids the half-set foot-gun that
per-property setters would create.
Tests
=====
* WSLCTests.cpp: NamedVolumeVhdOptionsParseTest covers SizeBytes,
unknown keys, sign rejection, range and base validation; a
positive owner+mode test exercises chown/chmod end-to-end; a
Fixed-allocation test asserts on-disk file_size >= requested size.
* WslcSdkTests.cpp adds invalid-type, fixed-allocation, owner+mode
positive, mode-out-of-range negative, mode==0 negative, unknown
flag negative, and flags=NONE-ignores-uid/gid positive cases.
The WinRT projection has no test infrastructure in the repo and is
not unit-tested; behavior is covered at the C SDK layer that the
projection delegates to.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address Copilot review feedback on PR #40476
Five findings from the Copilot pull-request reviewer:
1. wslcsdk.cpp: WslcCreateSessionVhdVolume unconditionally formatted
options->uid / gid / mode via std::to_string and std::format even
when the corresponding flag was not set. The header documents those
fields as honored only when the flag is set, so a defensive caller
could leave them uninitialized. Reading uninitialized memory is UB.
Now only materialize uid/gid strings when FLAG_OWNER is set, and
mode string when FLAG_MODE is set.
2. wslcsdk.idl: SetOwner/SetMode comments said they 'have no effect'
on a VhdRequirements used with the session rootfs VHD. With the
newly-strict WslcSetSessionSettingsVhd those flags now produce
E_INVALIDARG instead of being silently ignored. Updated the IDL
doc-comments to say the assignment will fail.
3. WSLCVhdVolume.cpp: service-side parser still accepted Mode=0,
leaving direct COM callers (and persisted metadata reload) able
to bypass the SDK-side check. Mode==0 is now rejected by Parse()
for parity across all entry points.
4. WslcSdkTests.cpp: the owner+mode positive case only created and
deleted the volume; nothing actually verified that chown/chmod
were applied. Now mounts the volume into a debian:latest container
and runs 'stat -c %u %g %a /data', asserting the output matches
the requested 65534 65534 750.
5. OptionParser.h: lifetime-contract doc-comment was misleading —
it implied accessors return references into the input map. In
practice only Find() returns a pointer (used internally); the
numeric/bool accessors return parsed values by value. Reworded.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Add Mode=0 negative test for WSLC vhd parser
Reviewer pointed out the service-side Mode parse tests had thorough
coverage for non-octal, too-large, signed, and empty values, but no
explicit case for the documented invalid value Mode=0 (spec is
1..07777). Mode==0 was already rejected by Parse() in the prior
commit; this just locks the behavior in place.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Validate VhdRequirements::SetMode arguments at WinRT boundary
Reviewer noted that the IDL doc-comment promised SetMode rejected
out-of-range/zero values, but the WinRT setter blindly stored the
value and validation only fired hours later inside CreateVolume.
SetMode now throws hresult_invalid_argument for mode == 0 or
mode > 07777 so callers see immediate failure at the API boundary.
SetOwner doesn't need a parallel check — uid/gid are uint32_t and
all values are valid POSIX user/group IDs.
Also tightened the IDL comment to say validation happens at the
setter (not deferred to creation).
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Echo caller-provided value in SizeBytes/Mode validation errors
Reviewer noted the SizeBytes==0 and Mode==0 rejection paths in
VhdVolumeOptions::Parse hard-coded the literal 0 in their error
messages instead of echoing the original input from DriverOpts.
If a caller passed SizeBytes=00 or Mode=000, the error said '0',
diverging from OptionParser's usual 'Invalid value for option
<name>: <original>' wording.
Both keys are guaranteed present in DriverOpts when these checks
fire (Required<> already succeeded for SizeBytes; Mode.has_value()
is the precondition for the Mode check), so .at() will not throw.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Reject mode>07777 in C SDK and trim verbose comments
The C SDK only rejected mode==0; the WinRT setter and the public
header both promise mode<=07777 too. Aligning all three layers so
callers see immediate, consistent E_INVALIDARG.
Also a comment-bloat pass on this PR: kept "why" notes (uid/gid
foot-gun, chmod 0 rationale, c_str lifetime), dropped restatements
of what the code already says.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Move volume Uid/Gid into mkfs -E root_owner; drop Mode option
Per OneBlue review feedback: bake ownership into the ext4 root inode at format
time (mkfs.ext4 -E root_owner=UID:GID) instead of spawning a post-mount chown
helper inside the VM. For a fresh volume the root is the only user-visible
inode so this is equivalent — anything the container later creates inherits
its own uid/gid.
Drop the Mode option entirely. Containers that need non-default permissions
can chmod from inside (it's a per-process concern); the SDK surface stays
minimal. Also drops the now-unused Base parameter from OptionParser.
ABI: WslcVhdRequirements shrinks 40 -> 32 bytes; WSLC_SESSION_OPTIONS_SIZE
96 -> 88. WSLC_VHD_REQ_FLAG_MODE and VhdRequirements::SetMode are removed.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* WSLC: tidy comments and add Ext4Format Uid/Gid contract assert
* wslcsdk.cpp: drop stale 'Owner / mode' wording from VHD-rootfs rejection comment.
* wslcsdk.idl: clarify that owner-on-rootfs fails at property-set time (via SetSessionSettingsVhd), not at session creation.
* WSLCVirtualMachine.cpp::Ext4Format: assert Uid.has_value() == Gid.has_value() so a future caller bypassing the parser can't silently drop ownership.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* WSLC: drop misleading std::move on Ext4Format mkfs args
WSLCProcessLauncher's constructor takes its arguments vector by
const-ref, so std::move(args) here is a no-op and only obscures intent.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* WSLC: trim verbose comments around VHD options
Compress over-explained rationale comments in WSLCVhdVolume.cpp,
WSLCVirtualMachine.cpp, OptionParser.h, wslcsdk.cpp/idl, and the
matching tests. No behavior change.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* WSLC: address reviewer feedback on VHD option parser
* OptionParser.h: include <cerrno> directly so the header is self-contained.
* OptionParser: distinguish unknown keys from invalid values. RejectUnknown
now throws via ThrowUnknown with a new MessageWslcUnknownVolumeOption
string ('Unknown option: ...') instead of the misleading 'Invalid value
for option ...' message.
* WSLCVirtualMachine::Ext4Format: replace WI_ASSERT with THROW_HR_IF so a
paired-Uid/Gid contract violation surfaces as a structured failure
instead of a process-termination assert in production builds.
* WslcSdkTests::SessionCreateVhd: add wil::scope_exit cleanup for the
Fixed-VHD sub-test so a mid-test VERIFY failure can't leak the volume.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
|
||
|
yao-msft
|
4ee78818db | Generate custom container name on empty input (#40432) | ||
|
Ben Hillis
|
b51a8d9d0c |
Fix ListImages test flaky Before/Since filter ordering (#40468)
* Fix ListImages test flaky Before/Since filter ordering The test hardcoded the assumption that debian:latest was created before python:3.12-alpine, but Docker image Created timestamps come from when the image was built in the registry, not when it was pulled or saved. The arm64 test data tars have debian (Mar 16) newer than python (Mar 3), causing the since filter to not return python. Fix by dynamically determining which image is older/newer based on actual Created timestamps, making the test robust against independently updated test data tars. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * format * Address PR feedback: assert Created timestamps are populated and distinct Adds explicit VERIFY checks that debianCreated/pythonCreated are > 0 and not equal before using them to choose the since/before boundary, preventing silent fallthrough or ambiguous Docker filter behavior when both images share a Created timestamp. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> |
||
|
David Bennett
|
50b93bb06e | Add ContainerStats runtime implmentation (#40475) | ||
|
beena352
|
e0f59f947e | align wslc_schema struct names with docker_schema (#40465) | ||
|
Mitchell Levy
|
4b415844c7 |
Update Microsoft.WSL.Kernel to 6.18.26.1 (#40161)
* Update Microsoft.WSL.Kernel to 6.18.26.1-1 * Update tests for Linux 6.18 kernel behavior changes Adjust eventfd size validation, lxtfs writev, and mount option format expectations to match 6.18 kernel behavior. * Update test patterns for new kernel /proc/mounts cache format The kernel now outputs cache=0x5 (hex) instead of cache=5 (decimal) in /proc/mounts for 9p filesystems. Update the ExpectMount patterns in WSLCTests::WindowsMounts and WSLCTests::GPU to match the new format. --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> |
||
|
Blue
|
3e879d65cd |
Add a new API to query the earliest supported client version (#40067)
* Add a new API to query the earliest supported client version * Apply PR feedback * Add test coverage * Apply PR feedback * Apply PR feedback * Update logic * Format |
||
|
Ben Hillis
|
17ba5f1a73 |
Add SKIP_TEST_SERVER macro and skip BuildImageStuckCallbackCancellation (#40448)
Several WSLC tests hang on Windows Server SKUs. Introduce a
SKIP_TEST_SERVER() macro alongside the existing SKIP_TEST_ARM64 /
SKIP_TEST_UNSTABLE helpers, and use it for:
- LoadImage
- ImportImage
- BuildImageStuckCallbackCancellation (newly skipped; was timing
out the wslc fe_release CI session at the 2-hour PhaseTimeout)
This replaces the ad-hoc IsWindowsServer() / SKIP_TEST_UNSTABLE
blocks with TODO comments that were starting to be sprinkled across
the file.
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
|
||
|
Kevin Vega
|
2bd965637b |
Add WSLCVolumes class to track volumes with Docker event-driven synchronization (#40300)
* Fix X Y (#14514) * Rethink image parsing logic (#14496) * Save state * Rethink image parsing to correctly handle different reference formats * Foramt * Fix merge * Apply PR feedback * Format * Apply PR feedback * Use a regex based parser * Format * Reset the test session after termination * Fix test case * Apply PR feedback * Set container cursor (#14516) * Container cursor * Update pull image callback * Clang format * Signal wslcsdk.dll in the release pipeline (#14517) * Add volume alias (#14518) * Add volume alias * Fix Tests * Add DCAT registration remediation (#14450) * Rename image delete to remove and add aliases (#14521) * Rename image delete to remove * Clang format * Handle singular/plural units in FormatRelativeTime * Add more WSLC E2E tests (#14365) * Initial support for WSLC E2E tests * More E2E tests * More E2E tests * WIP * CP exit code fix * Enhance structure * Added E2E file * Clang format * Added E2E test * Enhance structure * Clang format * Update header comment * Update wslc path * Resolving copilot comments * Added E2E test * Pull latest * Addressed comments * Addressed comments * Clang format * Addressed comments * Load image * Addressed comments * Pull latest * Addressed comments * E2E test for wslc container delete * Addressed comments * Resolving copilot comments * Added E2E test * Added E2E test * Added E2E test * Added E2E test * Added E2E test * Added E2E test * Added E2E test * Added E2E test * Added E2E test * Fix test * Added E2E tests * Added E2E tests * Added E2E tests * Added E2E tests * Added E2E tests * Added E2E tests * Added E2E tests * Resolve copilot comment * Clang format * Replace S_OK with 0 * Resolve copilot comment * Addressed comments * Resolve copilot comment * Update test after latest changes * Implement SDK IO callbacks (#14462) Implements `WslcSetProcessSettingsIOCallback` and the use of those inputs for both initial and subsequent processes. A new thread is started to run the `MultiHandleWait` and the container/process objects hold a `shared_ptr` reference to it. The caller must keep one of the objects alive for the callback thread to keep working. * test: add support for ARM64 WSLC testing. (#14519) --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Localization change from build: 142911151 (#14535) Co-authored-by: WSL localization <noreply@microsoft.com> * Initialize environment and add E2E tests with formatting (#14475) * Init env * Added E2E tests * Clang format * WIP * Init tests * Added UT * Added more UT * Added more E2E Tests * Added more E2E Tests * Code enhancement * Added more E2E Tests * Added more E2E Tests * Added more E2E Tests * Clang format * Resolve copilot comment * Addressed comments * Fix test * Addressed comments * merge master -> feature/wsl-for-apps (#14537) * test: enable virtiofs tests and enable WSLG during testing (#14387) * test: enable virtiofs tests and enable WSLG during testing * test fix --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * chore(distributions): Almalinux auto-update - 20260311 14:52:02 (#14404) Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> * Fix CVE-2026-26127: bump .NET runtime from 10.0.0 to 10.0.4 (#14421) Addresses Dependabot alerts #10 and #11. The Microsoft.NETCore.App.Runtime packages (win-x64 and win-arm64) at version 10.0.0 are vulnerable to a denial of service via out-of-bounds read when decoding malformed Base64Url input (CVSS 7.5 High). Bumped to 10.0.4 which includes the fix. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Notice change from build: 141806547 (#14423) Co-authored-by: WSL notice <noreply@microsoft.com> * Ship initrd.img in MSI using build-time generation via powershell script (#14424) * Ship initrd.img in MSI using build-time generation via tar.exe Replace the install-time CreateInitrd/RemoveInitrd custom actions with a build-time step that generates initrd.img using the Windows built-in tar.exe (libarchive/bsdtar) and ships it directly in the MSI. The install-time approach had a race condition: wsl.exe could launch before the CreateInitrd custom action completed, causing ERROR_FILE_NOT_FOUND for initrd.img. Changes: - Add CMake custom command to generate initrd.img via tar.exe --format=newc - Add initrd.img as a regular file in the MSI tools component - Remove CreateInitrd/RemoveInitrd custom actions from WiX, DllMain, and wslinstall.def - Remove CreateCpioInitrd helper and its tests (no longer needed) - Update pipeline build targets to build initramfs instead of init * pr feedback * more pr feedback * switch to using a powershell script instead of tar.exe * powershell script feedback * hopefully final pr feedback --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * virtiofs: update logic so querying virtiofs mount source does not require a call to the service (#14380) * virtiofs: update logic so querying virtiofs mount source does not require a call to the service * more pr feedback * use std::filesystem::read_symlink * pr feedback and use canonical path in virtiofs symlink * make sure canonical path is always used --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * virtio networking: add support for ipv6 (#14350) * VirtioProxy: Add IPv6 address, gateway, and route support - Add PreferredIpv6Address field and GetBestGatewayV6* methods to NetworkSettings - Extend GetHostEndpointSettings() to discover IPv6 unicast address and gateway - Add UpdateIpv6Address() using ModifyGuestEndpointSettingRequest<IPAddress> - Push IPv6 default route to guest via UpdateDefaultRoute(AF_INET6) - Remove AF_INET6 early return in ModifyOpenPorts, use INETADDR_PORT() - Add EndpointRoute::DefaultRoute() static factory - Pass client_ip_ipv6 in devicehost options (not yet parsed by devicehost) - Remove gateway_ip from devicehost options (only needed for DHCP) - Include IPv6 DNS servers in non-tunneling DNS settings - Add ConfigurationV6 and DnsResolutionAAAA tests * cleanup and add more ipv6 tests * added test coverage and minor updates * clang format * pr feedback * format source * pr feedback * test fixes --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Track `bind` syscall when port is 0 (#14333) * Initial work * . * pr feedback and add unit test * minor tweaks an fix use after free in logging statement * implement PR feedback * hopefully final pr feedback * pr feedback in test function * Address PR feedback: add try/catch to TrackPort and PortZeroBind queue push --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Add iptables to list of apps to install in WSL (#14459) There were instructions already on how to install tcpdump in WSL, but iptables are also needed for the log collection to be complete, so this PR adds instructions on how to also install iptables. Co-authored-by: Andre Muezerie <andremue@linux.microsoft.com> * Update Microsoft.WSL.DeviceHost to version 1.1.39-0 (#14460) Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Moves all Ubuntu distros to the tar-based format (#14463) * Move all supported Ubuntu images to the new format We backported the build pipeline so all current LTSes come out in the new tar-based format * Remove the appx based distros All WSL users can run tar-based distros by now, right? There is no benefit in maintaining both formats. * Enable DNS tunneling for VirtioProxy networking mode (#14461) - Allow VirtioProxy to keep EnableDnsTunneling=true in config, but clear socket-specific options (BestEffortDnsParsing, DnsTunnelingIpAddress) - Suppress dedicated DNS tunneling hvsocket for VirtioProxy; tunneling is handled through the VirtioNetworking device host instead - Set DnsTunneling flag on VirtioNetworkingFlags so the device host knows to tunnel DNS - Expand SWIOTLB kernel cmdline to cover VirtioFs and VirtioProxy - Bump DeviceHost package to 1.1.39-0 - Add VirtioProxy DNS test coverage for tunneling on/off - Skip GuestPortIsReleasedV6 on Windows 10 Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * test: disable LoopbackExplicit due to OS build 29555 regression (#14477) Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Refactor: trim unnecessary DLL deps from COMMON_LINK_LIBRARIES (#14426) * Refactor: trim unnecessary DLL deps from COMMON_LINK_LIBRARIES - Split MSI/Wintrust install functions from wslutil.cpp into install.cpp - Remove MI.lib, wsldeps.lib, msi.lib, Wintrust.lib, computecore.lib, computenetwork.lib, Iphlpapi.lib from COMMON_LINK_LIBRARIES - Add per-target MSI_LINK_LIBRARIES, HCS_LINK_LIBRARIES, SERVICE_LINK_LIBRARIES - Delay-load msi.dll and WINTRUST.dll for wsl.exe and wslg.exe - Result: wslhost, wslrelay, wslcsdk, testplugin lose msi/wintrust startup imports; wsl.exe and wslg.exe defer msi/wintrust loading until actually needed; wslservice is the only target that imports computecore/computenetwork/Iphlpapi * minor fixes to install.cpp that were caught during PR * move to wsl::windows::common::install namespace --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Fix wsl stuck when misconfigured cifs mount presents (#14466) * detach terminal before running mount -a * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * use _exit on error before execv in child process to avoid unintentional resource release * Add regression test * Fix clang format issue * fix all clang format issue * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * resolve ai comments * move test to unit test * Fix string literal * Overwrite fstab to resolve pipeline missing file issue --------- Co-authored-by: Feng Wang <wangfen@microsoft.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * Update localization and notice scripts to target the branch that the pipeline is running on (#14492) * test: Add arm64 test distro support (#14500) * test: Add arm64 test distro support * update unit test baseline * more test baseline updates --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * test: remove duplicated DNS test coverage (#14522) * test: remove duplicated DNS test coverage * format source --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Fix: Fail and warn the user when --uninstall is given parameters (#14524) Fail and warn the user when --uninstall is given parameters. * Localization change from build: 142847827 (#14525) Co-authored-by: WSL localization <noreply@microsoft.com> * virito net: revert to previous DNS behavior while we debug an issue with DNS over TCP (#14532) Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * devicehost: update to latest devicehost nuget with tracing improvements (#14531) Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * fix merge issues --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> Co-authored-by: AlmaLinux Autobot <107999298+almalinuxautobot@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Blue <OneBlue@users.noreply.github.com> Co-authored-by: WSL notice <noreply@microsoft.com> Co-authored-by: Daman Mulye <daman_mulye@hotmail.com> Co-authored-by: Andre Muezerie <108841174+andremueiot@users.noreply.github.com> Co-authored-by: Andre Muezerie <andremue@linux.microsoft.com> Co-authored-by: Carlos Nihelton <carlos.santanadeoliveira@canonical.com> Co-authored-by: Feng Wang <wang6922@outlook.com> Co-authored-by: Feng Wang <wangfen@microsoft.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * cleanup: rename wsla -> wslc (#14502) Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * [CLI] Added support for entrypoint (#14552) * Added entrypoint * Enhance tests * Initial wslc settings support (#14548) * Various improvements to interactions with user-provided handles (#14486) * Save state * Add test coverage * Check the event under the lock * Apply PR feedback * Format * Apply PR feedback * Various improvements to PullImage() + custom registry support (#14549) * Save state * Save state * Handle issues during pull * Disable the pull tests * Update the CLI tests * Format * Fix legacy index logic * Add test coverage for failed PullImage() * Update test/windows/WSLCTests.cpp Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Use pre-imported container images in the tests to avoid hitting the API limit (#14561) * Use pre-imported container images in the tests to avoid hitting the API limit * Fix test case * Update test/windows/wslc/e2e/WSLCE2EImageBuildTests.cpp Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Correctly set FileOffsets in WriteHandle (#14562) * Correctly set FileOffsets in WriteHandle * Apply PR suggestions * Update Microsoft.WSL.DeviceHost to version 1.1.48-0 (#14575) Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Allow retrieving state and init process info after container auto remove (#14429) Allow clients to continue reading stdout/stderr and querying state from containers after they've been deleted, by caching the read-only data in the com wrapper. * Fix StateChangedAt mismatch during container recovery from storage (#14482) * Use Docker's FinishedAt timestamp in Transition() to fix StateChangedAt mismatch during container recovery * Extract GetDockerFinishedAt() helper * Address Feedback * Fail if Docker event time is missing * Address copilot feedback * Use Docker stop event timestamp instead of InspectContainer() * Apply copilot feedback * PR Feedback * [WSLC] add WSLC CMake file in NuGet (#14543) Add WSLC SDK Config.cmake file. Enable developers to consume the library with CMake. * win10: remove IsWslSupportInterfacePresent check from wslservice (#14546) Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Fix localization and notice pipelines to use full branch name (#14566) Build.SourceBranchName only returns the last segment after '/', breaking branches with slashes (e.g. user/benhill/loc_fix -> loc_fix). Use Build.SourceBranch with refs/heads/ stripped instead. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Remove the CTests targets from yaml-cpp (#14563) * Fix wrong enum type in DeleteExclusiveLockHeld (#40030) WSLCDeleteImageFlagsForce (from WSLCDeleteImageFlags enum) was used instead of WSLCDeleteFlagsForce (from WSLCDeleteFlags enum). Both values are currently 1, so no functional issue today, but this is a type confusion that will break silently if either enum changes. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Fix Content-Length truncation for Docker responses >4GB (#40033) std::stoul returns unsigned long (32-bit on Windows), truncating Content-Length values >4GB. This corrupts the socket stream for large image save/export operations. Replace with std::stoull to parse as 64-bit unsigned. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * wslc: resolve ContainerRecoveryFromStorage test issue by storing timestamp from docker, not the host (#40038) Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Reject port mappings exceeding 63-port limit in relay (#40035) WaitForMultipleObjects has a 64-handle limit. The accept thread uses 1 handle for the exit event, leaving room for 63 port mappings. Reject new port mappings with ERROR_TOO_MANY_OPEN_FILES when the limit is reached, rather than crashing the relay thread. Existing mappings continue to work. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Add networking mode setting as fallback (#14564) * Fix partial write data loss in TTY stdin relay (#40032) When the TtyMaster fd is non-blocking, write() can return fewer bytes than requested (partial write). The existing code only handled the EAGAIN/EWOULDBLOCK case by buffering into pendingStdin, but silently dropped data on successful partial writes. Add handling for 0 < bytesWritten < bytesRead to buffer the unwritten bytes into pendingStdin, matching the existing retry logic. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Fix deadlock between WatchForExitedProcesses and VMProcessControl destructor (#14567) Use weak_ptr in m_trackedProcesses so WatchForExitedProcesses can safely lock a reference and call OnExited() outside m_trackedProcessesLock. weak_ptr avoids a circular reference: the vector no longer prevents VMProcessControl destruction, so the destructor's OnProcessReleased cleanup runs normally. Expired entries are also pruned in OnProcessReleased. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Clean up Docker container on Create() failure (#40034) * Clean up Docker container on Create() failure If InspectContainer or the WSLCContainerImpl constructor throws after CreateContainer succeeds, the Docker container is permanently orphaned with no way to manage it through WSLC APIs. Add a scope_exit to delete the Docker container on failure, released on success. * pr feedback (capture by value) --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * CLI: Implement --session argument and session targeting (#14368) * Remove options that are not yet implemented (#40044) * Add cancellation to image build (#14453) * wslc: enable virtiofs by default for wslc.exe and wslcsdk (#14559) Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * wslc: fix TOCTOU race in cached COM wrapper getters (#40039) GetState/GetInitProcess/GetId/GetName could race with DisconnectComWrapper: the cache check saw empty, then disconnect populated the cache and nulled the impl, so the forwarded call failed with RPC_E_DISCONNECTED even though the cached value was now available. Fix by removing the upfront cache check and instead calling through to the impl first. If the call fails with RPC_E_DISCONNECTED, fall back to the cache which DisconnectComWrapper guarantees is populated. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Validate empty host path in VolumeMount::Parse (#40031) * Validate empty host path in VolumeMount::Parse When parsing volume mount specs without a mode suffix (e.g. ':container'), the host path validation was skipped, producing a VolumeMount with an empty host path. This would propagate to MountWindowsFolder('') and produce a confusing error. Add validation after computing m_hostPath to reject empty host paths with a clear error message in all cases. * add test coverage --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Update wslc build to look for Containerfile and Dockerfile (#40045) * Save state * Add test coverage * Rename method * Require input handle in the service * Apply PR feedback * Format * Apply PR feedback + update tests * Format * Implement WSLAContainer::Kill() (#14560) * Implement WSLAContainer::Kill() * Add test coverage * Format * Apply PR feedback * Fix a race in `container start -a` for short-lived containers. (#14558) * Localization change from build: 143374899 (#40049) Co-authored-by: WSL localization <noreply@microsoft.com> * [CLI] Add initial support for image saving feature (#14557) * Initial support for image save * Added e2e tests * Added session option * Clang format * Clang format * Addressed comments * CLang format * Change RegistryAuthenticationInformation to optional string (#40053) * Implement SDK CanRun (#14539) Implements `WslcCanRun` using existing primitives. Updates the component flag names to help better describe their meaning and adds comments to further do so. Also changes the error returned when we cannot create a `WSLASessionManager` and WSL is installed at a version below the minimum for WSLC support. * CLI: Create elevated and non-elevated sessions (#40047) * wslc Pretty-print JSON output for inspect and list commands (#40051) * Fix race condition in ContainerLogs test case (#40052) * Add support for build logs (#40054) * CLI: Table Output updates (#14534) * Use COM marshalling to exchange handles (#40056) * Prototype * Save state * Save state * Save state * Save state * Save state * Save state * Remove zeroing * Apply PR feedback * Add test coverage * Format * Add test coverage for null handles * wslc: ensure dns tunneling is disabled with virtioproxy networking mode (#40057) Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Implement SDK inspect and VHD management (#14545) Implements `WslcInspectContainer` and `WslcCreateSessionVhd`; adds `WslcSetContainerSettingsNamedVolumes` so that the VHDs are useful. * CLI: Add Terminate Session command (#40058) * List and inspect named volumes (#14555) * CLI: Add table support to always show header, default true (#40061) * Keep track of handle types in the service (#40062) * Keep track of handle types in the service * Only duplicate on return * Format * Switch DmesgOutput to a WSLCHandle (#40063) * Add repository, tag, ID and created columns to image list output (#40043) * Add port mappings to container list output (#14438) * HostFileShareMode (#40068) * Fix and improve interactive tests (#40069) * Add a DllMain method to wslcsdk and configure tracelogging (#40070) * Add a DllMain method to wslcsdk and configure tracelogging * Explicitely initialize WIL * Fix race condition in ElevatedTokenCanOpenNonElevatedHandles test case (#40071) * Suppress MSI-initiated reboots during Store updates (#40074) When the WSL MSIX package is updated via the Microsoft Store, the WslInstaller service automatically upgrades the MSI package by calling MsiInstallProduct. This call was made with INSTALLUILEVEL_NONE (silent install) but without setting the REBOOT=ReallySuppress property. Per Windows Installer documentation, when a silent install encounters files in use and REBOOT is not suppressed, the system reboots automatically without any user prompt. This could cause unexpected machine restarts after a Store update when WSL binaries (e.g. wslservice.exe) were in use during the upgrade. Every deployment script in the repo already passes /norestart to msiexec (deploy-to-host.ps1, deploy-to-vm.ps1, install-latest-wsl.ps1, test-setup.ps1), but the programmatic MsiInstallProduct path used by the WslInstaller service lacked the equivalent property. This change: - Always appends REBOOT=ReallySuppress to MsiInstallProduct arguments in UpgradeViaMsi, preventing Windows Installer from ever initiating a system restart during install/upgrade. - Switches UninstallViaMsi from MsiConfigureProduct to MsiConfigureProductEx so we can pass REBOOT=ReallySuppress during uninstall as well. - Propagates ERROR_SUCCESS_REBOOT_REQUIRED (3010) to callers instead of swallowing it. User-facing paths (wsl --update, wsl --uninstall) print a reboot-needed message to stderr. The background WslInstaller service silently treats 3010 as success since it has no console. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Don't fail to start a WSLCSession if anonymous volumes are present (#40077) * Don't fail to start a WSLCSession if anonymous volumes are present * Typo * Cleanup diff * Cleanup diff * devicehost: stop re-signing and rely on MSIRMSHUTDOWN for file-in-use handling (#40080) * devicehost: stop re-signing and fix MSI installer failing to replace wsldevicehost.dll * pr feedback * use MSIRMSHUTDOWN = 1 instead of custom action --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Use THROW_HR_WITH_USER_ERROR for TTY console check (#40084) Replace manual PrintMessage + THROW_HR(E_FAIL) with the standard THROW_HR_WITH_USER_ERROR pattern used throughout the codebase. This ensures the error message is properly captured by the ExecutionContext error collection system rather than being printed directly to stderr. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Add week/month/year support to FormatRelativeTime (#40083) * Add week/month/year support to FormatRelativeTime Previously only handled seconds, minutes, hours, and days. Containers older than a week would show e.g. '720 days ago' instead of '2 years ago'. Now matches Docker-style output with weeks, months, and years. Also refactors repeated pluralization logic into a lambda. * Handle timestamp==0 sentinel in FormatRelativeTime Callers pass 0 to mean 'unknown' (e.g. ImageTasks when Created <= 0). Previously this would produce '56 years ago'. Now returns empty string. --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Remove dead code: SetContainerTTYOptions and SetContainerArguments (#40087) Both static functions in ContainerService.cpp are defined but never called from anywhere in the codebase. They appear to be remnants of an earlier implementation before the WSLCContainerLauncher and WSLCProcessLauncher classes took over this responsibility. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Fix callback parameter shadow in CreateInternal (#40086) * Remove unused callback parameter from CreateInternal The IProgressCallback* parameter was always passed as nullptr by both callers. The auto-pull path creates its own PullImageCallback locally. Remove the dead parameter entirely per review feedback. * format --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Allow small timestamp difference in ContainerRecoveryFromStorage test (#40081) * Allow small timestamp difference in ContainerRecoveryFromStorage test * feedback * Localization change from build: 143632468 (#40094) Co-authored-by: WSL localization <noreply@microsoft.com> * Release COM DLLs before installer test MSI operations (#40093) * Release COM DLLs before installer test MSI operations Add PrepareForMsiOperation() that calls CoFreeUnusedLibrariesEx(0) before each msiexec invocation. This releases in-process COM DLLs like wslserviceproxystub.dll loaded by prior test classes, preventing the Restart Manager from detecting the test process as holding file locks and failing the install on older Server SKUs like ni_release. * fix CoFreeUnusedLibrariesEx --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Localize all user-facing wslc.exe CLI strings (#40089) * Localize all user-facing wslc.exe CLI strings Add localization entries for all hardcoded user-facing strings in the WSLC CLI tool: - 38 command description strings (Short + Long for all commands) - 30 argument description strings in ArgumentDefinitions.h - Settings reset confirmation string - All entries added to en-US/Resources.resw with {Locked=...} comments for CLI flags, product names, and technical terms E2E tests updated to use Localization:: calls and dynamic column formatting instead of hardcoded string copies, so they won't go stale when descriptions change. * formatting --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Validate container path is absolute in VolumeMount::Parse (#40085) * Validate container path is absolute in VolumeMount::Parse Add validation that non-empty container paths must start with '/' since they are Linux paths inside the container. This catches cases where Windows drive letter colons (e.g. C:\path) get misinterpreted as the host:container separator, producing invalid container paths like '\hostPath' instead of '/containerPath'. Previously, 'C:\hostPath:ro' would silently parse as host='C', container='\hostPath', mode=ro ΓÇö now it throws a clear error. Updated tests to reflect the new validation and moved previously 'valid' but semantically incorrect cases to the invalid test set. * Also validate host path is absolute, add format hint to error, cover forward-slash cases - Reject non-absolute host paths (catches C:/hostPath where host='C') - Add 'Expected format:' hint to container path error message for consistency - Add forward-slash drive letter cases to invalid test set - Move '::' case to invalid (host=':' is not absolute) * Remove host path is_absolute check to allow future named volumes Per review feedback: named volumes (e.g. 'test_vol:/path') would fail an is_absolute() check on the host path. Keep only the container path validation (must start with '/') which doesn't conflict with named volume identifiers. --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * Localization change from build: 143644543 (#40098) Co-authored-by: WSL localization <noreply@microsoft.com> * Initialize user option support and added E2E tests (#40101) * Init user option support * Init e2e test * Added more E2E Tests * Fix test * Clang format * Fix test * Rename test to UnknownGroup_Fails to reflect actual failure mode Agent-Logs-Url: https://github.com/microsoft/WSL/sessions/0e095692-5673-4e8f-ad7f-47deccb74ec9 Co-authored-by: AmelBawa-msft <104940545+AmelBawa-msft@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> * Add logic to clean up images created during the tests (#40078) * Save state * Format * Log failures * Format * Add response size limit to Docker HTTP client (#40097) SendRequestAndReadResponse accumulates the entire response body into a std::string with no size limit. While all current callers expect small JSON metadata responses, a pathological or malformed response could cause unbounded memory growth. Add a 64 MB limit to prevent OOM. This is generous for JSON metadata (list/inspect/create responses are typically <1 MB) while still catching runaway responses early. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> * [WSLC] Add --workdir / -w option to 'wslc exec' (#40041) * [WSLC] Add --workdir / -w option to 'wslc exec' Adds a --workdir (-w) argument to the exec command that sets the working directory inside the container for the executed process. Wires the value through ContainerOptions into WSLAProcessLauncher::SetWorkingDirectory. Co-authored-by: Pooja Trivedi <trivedipooja@microsoft.com> Co-Authored-By: Claude Sonnet 4.6 * Update test/windows/wslc/CommandLineTestCases.h Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Update test/windows/wslc/CommandLineTestCases.h Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Fix clang formatting issues * Update test/windows/wslc/WSLCCLIExecutionUnitTests.cpp Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Add E2E tests for wslc container exec, including --workdir option - Port existing exec E2E tests from feature branch - Add WSLCE2E_Container_Exec_WorkDir and WSLCE2E_Container_Exec_WorkDir_ShortAlias tests - Update help message in GetAvailableOptions to include -w,--workdir Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Fix clang formatting in WSLCE2EContainerExecTests.cpp Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Validate --workdir is non-empty; add unit and parse test cases - Reject empty or whitespace-only --workdir in Argument::Validate - Add ExecCommand_ParseWorkDirEmptyValue_ThrowsArgumentException unit test - Add empty-workdir failing case to CommandLineTestCases.h Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * Fix clang formatting in CommandLineTestCases.h Co-Authored-By: Claude Sonnet 4.6 * Trim exec E2E tests to --workdir coverage only Remove tests that duplicate existing coverage in WSLCE2EContainerCreateTests.cpp. Keep only the help message test (validates --workdir appears in output) and the two workdir-specific E2E tests. Co-Authored-By: Claude Sonnet 4.6 * Missed change from merge conflict resolution * Fix --workdir whitespace validation to use std::iswspace for full Unicode coverage Agent-Logs-Url: https://github.com/microsoft/WSL/sessions/b21d1a57-bb3f-4a12-84cf-8e414a453890 Co-authored-by: ptrivedi <1638019+ptrivedi@users.noreply.github.com> * Use lambda with wint_t cast in iswspace call to avoid potential UB Agent-Logs-Url: https://github.com/microsoft/WSL/sessions/b21d1a57-bb3f-4a12-84cf-8e414a453890 Co-authored-by: ptrivedi <1638019+ptrivedi@users.noreply.github.com> * Missed change from merge conflict resolution * Address Copilot PR feedback - Revert Version ArgType alias from NO_ALIAS back to L"v" to preserve existing -v short option - Restore WSLCE2EContainerExecTests.cpp lost in merge conflict resolution Co-Authored-By: Pooja Trivedi * Update src/windows/wslc/services/ContainerService.cpp Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Fix ParserTest_StateMachine_PositionalForward: replace -v with -h in flag parse tests The -v short alias was removed from --verbose (changed to NO_ALIAS) to resolve a triple alias conflict with --version and --volume. The parser test cases in the Run argument set still used -v expecting it to resolve to --verbose, but since neither Version nor Volume are in the Run set, -v became unresolvable and caused unexpected parse failures. Replace -v with -h (help flag) in the flag parse test cases to preserve the same combined-flag parsing coverage with a valid short alias. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix E2E exec help test: add --user option after base branch merge After merging feature/wsl-for-apps, the --user argument is now active in ContainerExecCommand (from PR #40101). Update the expected exec help output to include -u,--user. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Pooja Trivedi <trivedipooja@microsoft.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: ptrivedi <1638019+ptrivedi@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Implement wslc session enter (#40088) * Save state * Save state * Save state * Cleanup * Prepare for PR * Cleanup * Validate flags * Apply PR suggestions * Add comment * Remove include * Cleanup diff * Format * Format * Restore session flags * Make VMPortMapping::Unmap idempotent (#40091) * Make VMPortMapping::Unmap idempotent Null out Vm after unmapping so a second call is a no-op. This prevents double-unmap errors when ReleaseRuntimeResources is called from both OnEvent(Stop) and a concurrent Delete(Force) path. * Clear Vm before re-throwing on UnmapPort failure Use a scope_exit to null Vm so that Unmap() is truly idempotent even when UnmapPort() throws. Previously Vm stayed non-null on the failure path, causing subsequent Unmap() calls to retry and throw again. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Correctly handle empty arguments & entrypoint when launching containers (#40122) * Correctly handle empty arguments & entrypoint when launching containers * Apply PR feedback * Add logic to reject invalid flags (#40100) * Add logic to reject invalid flags * Simplify tests * Use macros * Format * Format * wslc: implement dns tunneling for virtio proxy networking mode (#40104) * wslc: implement dns tunneling for virtio proxy networking mode This change implements dnstunneling for the virtio proxy networking mode. For now, this implementation uses the same socket-based approach, but in the fututure this will be moved over to the built-in dns support that is part of the wsldevicehost dll. * wslc: enable DNS tunneling by default for virtio proxy Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Remove unused DNS test helpers VerifyDnsResolutionDig and VerifyDnsResolutionRecordTypes are dead code — VerifyDnsQueries is the superset that covers all record types and TCP/UDP modes. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * [WSLC] Add 'wslc version' subcommand (#14547) * [WSLC] Add 'wslc version' subcommand Adds a 'version' subcommand to the WSLC CLI as an alternative to the existing '--version' flag, following the subcommand pattern used by other WSLC commands. Includes unit tests for command structure and command-line parsing. Co-authored-by: Pooja Trivedi <trivedipooja@microsoft.com> Co-Authored-By: Claude Sonnet 4.6 * [WSLC] Fix E2E help/invalid-command tests after version subcommand addition Update expected help output in WSLCE2EGlobalTests to include the newly added 'version' subcommand, fixing WSLCE2E_HelpCommand and WSLCE2E_InvalidCommand_DisplaysErrorMessage test failures. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> * [WSLC] Add E2E version command test and strengthen unit test - Add WSLCE2E_VersionCommand E2E test in WSLCE2EGlobalTests verifying stdout, empty stderr, and exit code for 'wslc version' - Add assertion to VersionCommand_HasNoArguments unit test to verify only the auto-added --help argument is present Authored-By: Pooja Trivedi <trivedipooja@microsoft.com> Co-Authored-By: Claude Sonnet 4.6 * Mark 'context' as UNREFERENCED_PARAMETER in VersionCommand::ExecuteInternal to avoid build issues * Address PR feedback on wslc version command - Use Localization::WSLCCLI_VersionDesc/LongDesc instead of hard-coded strings; add entries to en-US Resources.resw - Centralize version printing in VersionCommand::PrintVersion(); reuse from RootCommand --version flag - Drop 'v' prefix from version output per OneBlue's feedback - Add 'version' entry to E2E GetAvailableCommands() to fix WSLCE2E_HelpCommand and WSLCE2E_InvalidCommand_DisplaysErrorMessage Co-Authored-By: Pooja Trivedi * Fix build: add missing using namespace wsl::shared Localization::WSLCCLI_VersionDesc() and WSLCCLI_VersionLongDesc() live in wsl::shared::Localization. Without this using directive the compiler cannot resolve the unqualified Localization:: references in VersionCommand.cpp. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Pooja Trivedi <trivedipooja@microsoft.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Add E2E test for --version flag (#40125) * Add E2E test for --version flag Ensures both entry points (the 'version' subcommand and the '--version' flag) are covered by E2E tests, preventing the two paths from drifting. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix newline --------- Co-authored-by: Pooja Trivedi <trivedipooja@microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Update WSLCCreateSession event to critical. (#40065) * Updated event to critical * Updated event * Apply suggestion from @craigloewen-msft * Revert "Apply suggestion from @craigloewen-msft" This reverts commit |
||
|
Kevin Vega
|
fa1d8e617f | Add per-container resource limits and upstream sync workflow (#40384) | ||
|
Ben Hillis
|
5f71bf7ec1 |
Remove DnsTunnelingSocket flag from VirtioNetworking (#40443)
* Remove DnsTunnelingSocket flag from VirtioNetworking Drops the DnsTunnelingSocket virtio networking flag (and the dedicated DNS hvsocket plumbing it carried) in favor of the in-built DnsTunneling path. In virtio proxy mode, DNS queries are now always forwarded by the host virtio proxy itself: Linux's /etc/resolv.conf points at the eth0 gateway IP rather than the listener IP, no DNS hvsocket is opened, and the Linux init does not start a DnsTunnelingManager. Changes: - VirtioNetworking: remove DnsTunnelingSocket enum value, dnsHvsocket constructor parameter, m_dnsTunnelingResolver field, and the DnsResolver.h include. RefreshGuestConnection now uses only the in-built DnsTunneling path. - WslCoreVm: virtio proxy branch unconditionally sets the DnsTunneling flag when DNS tunneling is enabled. message->EnableDnsTunneling is suppressed for virtio proxy mode so Linux init won't open the DNS hvsocket. The pre-accepted dnsTunnelingSocket is dropped on the NAT->VirtioProxy fallback path. - HcsVirtualMachine: WSLC virtio proxy branch likewise switches to the DnsTunneling flag and discards the unused dnsSocketHandle. - Tests: add VirtioProxyTests::DnsTunnelingResolvConfUsesGateway which asserts resolv.conf contains the gateway IP and not the legacy listener IP, confirming the in-built path is in use. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Validate DNS hvsocket before DnsResolver support check Reorder ConfigureNetworking so the caller-provided DnsSocket is validated against the requested feature flag before the LoadDnsResolverMethods call may clear it. Avoids E_INVALIDARG in NAT mode when the support check fails. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Format VirtioNetworking constructor parameter list Wrap the constructor declaration/definition parameter list per the repo's BinPackParameters: false / 130-column style. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Revert manual wrapping; clang-format prefers single-line constructor Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> |
||
|
Ben Hillis
|
29176ed6c2 |
Skip the ImportImage() test on server SKUs (#40440)
ImportImage hits the same hang on Windows Server SKUs that LoadImage was skipped for in #40350. Mirror that workaround here. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> |
||
|
Ben Hillis
|
4fa3cfdd43 |
Fix WSLCTests::ListVms parser for older Windows hcsdiag (#40407)
* Fix WSLCTests::ListVms parser for older Windows hcsdiag The hcsdiag list -raw JSON option is unsupported on the in-box hcsdiag shipped with older Windows builds (e.g. Win10 22H2 / build 19041), where it falls back to printing the help text. With nlohmann::json::parse called in non-throwing mode, this silently produced a discarded value, so ListVms() returned an empty vector and three tests failed in the `vb_release` lab image with "VM with owner 'X' not found": - WSLCTests::VmOwnerMatchesSessionDisplayName - WSLCTests::VmKillTerminatesSession - WSLCTests::VmKillFailsInFlightOperations Switch to parsing the human-readable `hcsdiag list` text output, which is consistent across every supported Windows version (4 comma-separated fields `Type, State, Id, Owner` on the indented detail line). Also log the captured stdout/stderr/exit code via LogInfo so future failures have the raw hcsdiag output captured next to the assertion. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Verify hcsdiag list exit code in WSLCTests::ListVms Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Use HcsEnumerateComputeSystems instead of shelling out to hcsdiag Per PR feedback, call HcsEnumerateComputeSystems directly rather than spawning hcsdiag.exe and parsing its text output. This is what hcsdiag itself does internally, gives us a guaranteed JSON contract from the HCS API (so the previous compatibility issue with older Windows builds and the brittle comma-splitting of the text format both go away), and avoids the extra process launch. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Add ExecutionContext and let JSON parse throw in ListVms Code review feedback: - Wrap the HCS call in ExecutionContext(Context::HCS) for consistency with every other helper in src/windows/common/hcs.cpp. - Drop allow_exceptions=false on the JSON parse: HcsEnumerateComputeSystems returns a guaranteed JSON contract, so any parse failure indicates a real schema/platform problem and should fail loudly rather than be silently treated as 'no VMs found'. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Fix ListVms comment: HcsEnumerateComputeSystems returns all systems Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> |
||
|
beena352
|
8dfa8a7f2f | wslc: add Config (env, cmd, entrypoint, user, workdir) to container inspect output (#40403) | ||
|
beena352
|
3f1007245a | Add WSLCContainerNetworkTypeCustom support (#40311) | ||
|
Ben Hillis
|
d9f6ff8e7a |
Add swap support for WSLC virtual machines (separate ephemeral VHD) (#40375)
* Implement swap VHDX for WSLC virtual machines Create a swap VHD sized to the VM's memory during WSLCVirtualMachine::Initialize(). The VHD is created in the user's temp directory under wslc/, attached to the VM, formatted with mkswap, and activated with swapon. On failure, the VHD is detached and deleted via scope_exit. On success, the file is cleaned up in the destructor after the VM exits. Changes: - Add MemoryMb to WSLCSessionInitSettings IDL and plumb through WSLCSessionManager - Add swap VHD creation/attach/format/enable in WSLCVirtualMachine::Initialize() - Add swap VHD cleanup in WSLCVirtualMachine destructor - Consolidate temp folder under wslc/ (crashes subfolder) - Add SwapConfigured test to verify swap is active in the VM * Use dynamic VHD for swap and make test retry-tolerant - Use dynamic VHD instead of fixed for swap (reduces IO on boot) - Make SwapConfigured test use RetryWithTimeout to handle async swapon Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> |
||
|
Blue
|
58139c50ed |
Implement GPU support (#40371)
* Save state * Merge remote-tracking branch 'origin/feature/wsl-for-apps' into user/oneblue/wslc-gpu * Save state * Save state * Change --gpu flag to --gpus all for GPU container support - Rename --gpu (boolean flag) to --gpus (value argument) matching Docker CLI - Only accept 'all' as value (case-insensitive); display localized error otherwise - Add argument validation in ArgumentValidation.cpp (early rejection) - Add GPU LD_LIBRARY_PATH tests for containers (set, pre-existing, trailing colon) - Add GPU LD_LIBRARY_PATH tests for exec on GPU containers - Add CLI argument validation unit tests for --gpus Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Improve tests * Add SDK test coverage for GPU container support Validate that containers created via the WSLC SDK with both session (WSLC_SESSION_FEATURE_FLAG_ENABLE_GPU) and container (WSLC_CONTAINER_FLAG_ENABLE_GPU) flags have: - /dev/dxg character device available - GPU drivers directory mounted at /usr/lib/wsl/drivers - GPU libraries directory mounted at /usr/lib/wsl/lib - LD_LIBRARY_PATH set correctly for init and exec processes - LD_LIBRARY_PATH appended when pre-existing value is provided - No double colon when pre-existing value has trailing colon Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Add SDK test coverage * Simplify tests * Apply PR feedback * Fix e2e HelpCommand tests for --gpus rename Add --gpus option to expected help output in container create and run e2e tests. The option was renamed from --gpu (flag) to --gpus (value). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> * Update tests * Apply PR suggestions * Update localization --------- Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> |
||
|
Ben Hillis
|
358ab87d40 |
Add WSLC (WSL Containers) feature (#40366)
WSLC is a container runtime built on the Windows Subsystem for Linux, enabling Windows applications to create and manage Linux containers through a native Windows API surface. Key components: - wslc.exe: CLI for managing containers, images, volumes, and networks (build, run, stop, inspect, push/pull from registries) - wslcsession.exe: Per-user Windows service hosting container lifecycle, storage management, and networking - WSLC SDK: C++ and C# client libraries with NuGet packaging for programmatic container management - Container networking: port forwarding, DNS tunneling, virtio networking, and HCN integration - Storage: VHD-backed volumes, virtiofs file sharing, overlayfs layers - GPU passthrough and device host proxy support Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com> Co-authored-by: 1wizkid <richard.fricks@hotmail.com> Co-authored-by: AmirMS <104940545+AmelBawa-msft@users.noreply.github.com> Co-authored-by: beena352 <beenachauhan@microsoft.com> Co-authored-by: Blue <OneBlue@users.noreply.github.com> Co-authored-by: Craig Loewen <crloewen@microsoft.com> Co-authored-by: Darshak Bhatti <47045043+dabhattimsft@users.noreply.github.com> Co-authored-by: David Bennett <dbenne@microsoft.com> Co-authored-by: Feng Wang <wang6922@outlook.com> Co-authored-by: Flor Chacon <14323496+florelis@users.noreply.github.com> Co-authored-by: John Stephens <johnstep@microsoft.com> Co-authored-by: JohnMcPMS <johnmcp@microsoft.com> Co-authored-by: Kevin Vega <40717198+kvega005@users.noreply.github.com> Co-authored-by: Pooja Trivedi <poojatrivedi@gmail.com> Co-authored-by: ramesh-ramn <raman.ramesh@gmail.com> Co-authored-by: Richard Fricks <richfr@microsoft.com> Co-authored-by: yao-msft <50888816+yao-msft@users.noreply.github.com> |