1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
use thiserror::Error;
/// Typed errors for library boundaries (`thiserror`).
#[derive(Debug, Error)]
pub enum CellosError {
#[error("invalid cell specification: {0}")]
InvalidSpec(String),
/// FC-66 — typed admission rejection for an over-sized `spec.run.argv`.
///
/// Surfaced by the FC-17 admission helper
/// `check_argv_size_within_kernel_cmdline_limit`. The Firecracker host
/// encodes `spec.run.argv` as `cellos.argv=<base64(json_array)>` on the
/// kernel boot cmdline; the kernel cmdline has a 4 KiB hard limit and is
/// silently truncated past that. We budget a 3 KiB cap on the encoded
/// payload (≈1 KiB of headroom for the rest of the cmdline) and reject
/// over-sized argv at admission so callers see a structured error rather
/// than an opaque in-VM boot failure later.
///
/// `encoded_bytes` is the length of the base64-encoded JSON-array form of
/// `argv` (i.e. exactly what the host would write into the cmdline).
/// `limit_bytes` is the static cap (3072) so callers/operators do not have
/// to dig into core to see the budget.
#[error(
"spec.run.argv encoded as base64 is {encoded_bytes} bytes; \
exceeds {limit_bytes}-byte kernel cmdline limit"
)]
ArgvTooLarge {
encoded_bytes: usize,
limit_bytes: usize,
},
#[error("host backend: {0}")]
Host(String),
#[error("event sink: {0}")]
EventSink(String),
#[error("secret broker: {0}")]
SecretBroker(String),
#[error("export sink: {0}")]
ExportSink(String),
#[error("lifecycle: {0}")]
Lifecycle(String),
#[error("inference broker: {0}")]
InferenceBroker(String),
}