Merge pull request #2219 from balajiv113/grpc-fixes

Fix for GRPC frame too large and context closed warning
lima-vm · Feb 23, 2024 · 0b0f0f1 · 0b0f0f1
2 parents 81482b1 + aa13dc0
commit 0b0f0f1
Show file tree

Hide file tree

Showing 4 changed files with 59 additions and 5 deletions.
diff --git a/pkg/guestagent/api/client/client.go b/pkg/guestagent/api/client/client.go
@@ -4,8 +4,6 @@ import (
 	"context"
 	"net"
 
-	"google.golang.org/grpc/credentials/insecure"
-
 	"github.com/lima-vm/lima/pkg/guestagent/api"
 	"google.golang.org/grpc"
 	"google.golang.org/protobuf/types/known/emptypb"
@@ -20,7 +18,7 @@ func NewGuestAgentClient(dialFn func(ctx context.Context) (net.Conn, error)) (*G
 		grpc.WithContextDialer(func(ctx context.Context, target string) (net.Conn, error) {
 			return dialFn(ctx)
 		}),
-		grpc.WithTransportCredentials(insecure.NewCredentials()),
+		grpc.WithTransportCredentials(NewCredentials()),
 	}
 
 	clientConn, err := grpc.Dial("", opts...)

diff --git a/pkg/guestagent/api/client/credentials.go b/pkg/guestagent/api/client/credentials.go
@@ -0,0 +1,51 @@
+package client
+
+import (
+	"context"
+	"net"
+
+	"google.golang.org/grpc/credentials"
+)
+
+// NewCredentials returns a lima credential implementing credentials.TransportCredentials.
+func NewCredentials() credentials.TransportCredentials {
+	return &secureTC{
+		info: credentials.ProtocolInfo{
+			SecurityProtocol: "local",
+		},
+	}
+}
+
+// secureTC is the credentials required to establish a lima guest connection.
+type secureTC struct {
+	info credentials.ProtocolInfo
+}
+
+func (c *secureTC) Info() credentials.ProtocolInfo {
+	return c.info
+}
+
+func (*secureTC) ClientHandshake(_ context.Context, _ string, conn net.Conn) (net.Conn, credentials.AuthInfo, error) {
+	return conn, info{credentials.CommonAuthInfo{SecurityLevel: credentials.PrivacyAndIntegrity}}, nil
+}
+
+func (*secureTC) ServerHandshake(conn net.Conn) (net.Conn, credentials.AuthInfo, error) {
+	return conn, info{credentials.CommonAuthInfo{SecurityLevel: credentials.PrivacyAndIntegrity}}, nil
+}
+
+func (c *secureTC) Clone() credentials.TransportCredentials {
+	return &secureTC{info: c.info}
+}
+
+func (c *secureTC) OverrideServerName(serverNameOverride string) error {
+	c.info.ServerName = serverNameOverride
+	return nil
+}
+
+type info struct {
+	credentials.CommonAuthInfo
+}
+
+func (info) AuthType() string {
+	return "local"
+}
diff --git a/pkg/hostagent/hostagent.go b/pkg/hostagent/hostagent.go
@@ -16,6 +16,9 @@ import (
 	"sync"
 	"time"
 
+	"google.golang.org/grpc/codes"
+	"google.golang.org/grpc/status"
+
 	"github.com/lima-vm/lima/pkg/driver"
 	"github.com/lima-vm/lima/pkg/driverutil"
 	"github.com/lima-vm/lima/pkg/networks"
@@ -595,7 +598,7 @@ func (a *HostAgent) watchGuestAgentEvents(ctx context.Context) {
 		if err == nil {
 			if err := a.processGuestAgentEvents(ctx, client); err != nil {
 				if !errors.Is(err, context.Canceled) {
-					logrus.WithError(err).Warn("connection to the guest agent was closed unexpectedly", err)
+					logrus.WithError(err).Warn("guest agent events closed unexpectedly", err)
 				}
 			}
 		} else {
@@ -658,6 +661,9 @@ func (a *HostAgent) processGuestAgentEvents(ctx context.Context, client *guestag
 	}
 
 	if err := client.Events(ctx, onEvent); err != nil {
+		if status.Code(err) == codes.Canceled {
+			return context.Canceled
+		}
 		return err
 	}
 	return io.EOF

diff --git a/pkg/vz/network_darwin.go b/pkg/vz/network_darwin.go
@@ -79,7 +79,6 @@ func (v *QEMUPacketConn) Read(b []byte) (n int, err error) {
 	size := binary.BigEndian.Uint32(header)
 	reader := io.LimitReader(v.unixConn, int64(size))
 	_, err = reader.Read(b)
-
 	if err != nil {
 		logrus.Errorln("Failed to read packet", err)
 	}