merge master -> feature/wsl-for-apps#14537
Merged
benhillis merged 24 commits intofeature/wsl-for-appsfrom Mar 27, 2026
Merged
Conversation
* test: enable virtiofs tests and enable WSLG during testing * test fix --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Addresses Dependabot alerts #10 and #11. The Microsoft.NETCore.App.Runtime packages (win-x64 and win-arm64) at version 10.0.0 are vulnerable to a denial of service via out-of-bounds read when decoding malformed Base64Url input (CVSS 7.5 High). Bumped to 10.0.4 which includes the fix. Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: WSL notice <noreply@microsoft.com>
…ipt (#14424) * Ship initrd.img in MSI using build-time generation via tar.exe Replace the install-time CreateInitrd/RemoveInitrd custom actions with a build-time step that generates initrd.img using the Windows built-in tar.exe (libarchive/bsdtar) and ships it directly in the MSI. The install-time approach had a race condition: wsl.exe could launch before the CreateInitrd custom action completed, causing ERROR_FILE_NOT_FOUND for initrd.img. Changes: - Add CMake custom command to generate initrd.img via tar.exe --format=newc - Add initrd.img as a regular file in the MSI tools component - Remove CreateInitrd/RemoveInitrd custom actions from WiX, DllMain, and wslinstall.def - Remove CreateCpioInitrd helper and its tests (no longer needed) - Update pipeline build targets to build initramfs instead of init * pr feedback * more pr feedback * switch to using a powershell script instead of tar.exe * powershell script feedback * hopefully final pr feedback --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
…uire a call to the service (#14380) * virtiofs: update logic so querying virtiofs mount source does not require a call to the service * more pr feedback * use std::filesystem::read_symlink * pr feedback and use canonical path in virtiofs symlink * make sure canonical path is always used --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* VirtioProxy: Add IPv6 address, gateway, and route support - Add PreferredIpv6Address field and GetBestGatewayV6* methods to NetworkSettings - Extend GetHostEndpointSettings() to discover IPv6 unicast address and gateway - Add UpdateIpv6Address() using ModifyGuestEndpointSettingRequest<IPAddress> - Push IPv6 default route to guest via UpdateDefaultRoute(AF_INET6) - Remove AF_INET6 early return in ModifyOpenPorts, use INETADDR_PORT() - Add EndpointRoute::DefaultRoute() static factory - Pass client_ip_ipv6 in devicehost options (not yet parsed by devicehost) - Remove gateway_ip from devicehost options (only needed for DHCP) - Include IPv6 DNS servers in non-tunneling DNS settings - Add ConfigurationV6 and DnsResolutionAAAA tests * cleanup and add more ipv6 tests * added test coverage and minor updates * clang format * pr feedback * format source * pr feedback * test fixes --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Initial work * . * pr feedback and add unit test * minor tweaks an fix use after free in logging statement * implement PR feedback * hopefully final pr feedback * pr feedback in test function * Address PR feedback: add try/catch to TrackPort and PortZeroBind queue push --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
There were instructions already on how to install tcpdump in WSL, but iptables are also needed for the log collection to be complete, so this PR adds instructions on how to also install iptables. Co-authored-by: Andre Muezerie <andremue@linux.microsoft.com>
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Move all supported Ubuntu images to the new format We backported the build pipeline so all current LTSes come out in the new tar-based format * Remove the appx based distros All WSL users can run tar-based distros by now, right? There is no benefit in maintaining both formats.
- Allow VirtioProxy to keep EnableDnsTunneling=true in config, but clear socket-specific options (BestEffortDnsParsing, DnsTunnelingIpAddress) - Suppress dedicated DNS tunneling hvsocket for VirtioProxy; tunneling is handled through the VirtioNetworking device host instead - Set DnsTunneling flag on VirtioNetworkingFlags so the device host knows to tunnel DNS - Expand SWIOTLB kernel cmdline to cover VirtioFs and VirtioProxy - Bump DeviceHost package to 1.1.39-0 - Add VirtioProxy DNS test coverage for tunneling on/off - Skip GuestPortIsReleasedV6 on Windows 10 Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Refactor: trim unnecessary DLL deps from COMMON_LINK_LIBRARIES - Split MSI/Wintrust install functions from wslutil.cpp into install.cpp - Remove MI.lib, wsldeps.lib, msi.lib, Wintrust.lib, computecore.lib, computenetwork.lib, Iphlpapi.lib from COMMON_LINK_LIBRARIES - Add per-target MSI_LINK_LIBRARIES, HCS_LINK_LIBRARIES, SERVICE_LINK_LIBRARIES - Delay-load msi.dll and WINTRUST.dll for wsl.exe and wslg.exe - Result: wslhost, wslrelay, wslcsdk, testplugin lose msi/wintrust startup imports; wsl.exe and wslg.exe defer msi/wintrust loading until actually needed; wslservice is the only target that imports computecore/computenetwork/Iphlpapi * minor fixes to install.cpp that were caught during PR * move to wsl::windows::common::install namespace --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* detach terminal before running mount -a * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * use _exit on error before execv in child process to avoid unintentional resource release * Add regression test * Fix clang format issue * fix all clang format issue * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> * resolve ai comments * move test to unit test * Fix string literal * Overwrite fstab to resolve pipeline missing file issue --------- Co-authored-by: Feng Wang <wangfen@microsoft.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
…pipeline is running on (#14492)
* test: Add arm64 test distro support * update unit test baseline * more test baseline updates --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* test: remove duplicated DNS test coverage * format source --------- Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: WSL localization <noreply@microsoft.com>
…ith DNS over TCP (#14532) Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
…ts (#14531) Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Merges latest master changes into feature/wsl-for-apps, bringing in updates across devops automation, WSL client behavior, networking/DNS-tunneling handling, init process spawning, tests, and localization resources.
Changes:
- Make automated PR creation support a configurable target (base) branch and update pipelines accordingly.
- Add/adjust WSL behavior and tests (reject
--uninstallarguments; add fstab/interactive-mount regression test). - Update WSL init process creation to optionally detach from controlling terminal (
setsid()), and refresh dependencies/localization resources.
Reviewed changes
Copilot reviewed 34 out of 35 changed files in this pull request and generated 23 comments.
Show a summary per file
| File | Description |
|---|---|
| tools/devops/create-change.py | Adds target_branch CLI arg and uses it as the PR base branch. |
| .pipelines/wsl-build-notice.yml | Passes the triggering branch name to create-change.py as PR base. |
| .pipelines/wsl-build-nightly-localization.yml | Same as above for localization PR creation. |
| test/windows/UnitTests.cpp | Adds InteractiveMount and UninstallRejectsArguments test coverage. |
| test/windows/Common.cpp | Fixes formatting in a test failure message (missing spaces). |
| src/windows/common/WslClient.cpp | Rejects extra args for --uninstall and prints a localized message. |
| src/windows/service/exe/WslCoreVm.cpp | Tightens DNS-tunneling support assertion (now NAT/Mirrored only). |
| src/windows/service/exe/HcsVirtualMachine.cpp | Removes DNS-tunneling flag enablement for VirtioProxy networking. |
| src/windows/common/CMakeLists.txt | Updates common library sources list (but currently introduces a duplicate). |
| src/linux/init/util.h | Extends UtilCreateProcessAndWait signature with DetachTerminal option. |
| src/linux/init/util.cpp | Implements DetachTerminal via setsid() and uses _exit() in child error paths. |
| src/linux/init/config.cpp | Calls UtilCreateProcessAndWait(..., /*DetachTerminal*/ true) when mounting fstab. |
| packages.config | Bumps Microsoft.WSL.DeviceHost NuGet version. |
| localization/strings/en-US/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/en-GB/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/cs-CZ/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/da-DK/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/de-DE/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/es-ES/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/fi-FI/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/fr-FR/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/hu-HU/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/it-IT/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/ja-JP/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/ko-KR/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/nb-NO/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/nl-NL/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/pl-PL/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/pt-PT/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/pt-BR/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/ru-RU/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/sv-SE/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/tr-TR/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/zh-CN/Resources.resw | Adds MessageUninstallNoArguments. |
| localization/strings/zh-TW/Resources.resw | Adds MessageUninstallNoArguments. |
Comment on lines
+6622
to
+6625
| // Don't keep the original fstab as it can be missing on the pipeline. | ||
| DistroFileChange fstab(L"/etc/fstab", false); | ||
| fstab.SetContent(L"none /mnt/ttytest hang 0 0\n"); | ||
|
|
There was a problem hiding this comment.
This test relies on /mnt/ttytest existing inside the distro. If it doesn’t, mount -a may fail before invoking the /sbin/mount.hang helper, making the test ineffective or environment-dependent. Create the mount point explicitly (or use an existing directory) before restarting the distro so the mount helper is guaranteed to run.
| <comment>{FixedPlaceholder="{}"}Command line arguments, file names and string inserts should not be translated</comment> | ||
| </data> | ||
| <data name="MessageUninstallNoArguments" xml:space="preserve"> | ||
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> |
There was a problem hiding this comment.
This locale resource is introducing MessageUninstallNoArguments with an English value. Please provide a localized translation for this locale (or omit the entry here to fall back to the en-US resource).
Suggested change
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> | |
| <value>{} nepřijímá žádné argumenty. K odregistrování distribuce použijte místo toho {}.</value> |
| <comment>{FixedPlaceholder="{}"}Command line arguments, file names and string inserts should not be translated</comment> | ||
| </data> | ||
| <data name="MessageUninstallNoArguments" xml:space="preserve"> | ||
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> |
There was a problem hiding this comment.
This locale resource is introducing MessageUninstallNoArguments with an English value. Please provide a localized translation for this locale (or omit the entry here to fall back to the en-US resource).
Suggested change
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> | |
| <value>{} ei ota mitään argumentteja. Poista jakelu rekisteröinnistä käyttämällä sen sijaan {}.</value> |
| <comment>{FixedPlaceholder="{}"}Command line arguments, file names and string inserts should not be translated</comment> | ||
| </data> | ||
| <data name="MessageUninstallNoArguments" xml:space="preserve"> | ||
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> |
There was a problem hiding this comment.
This locale resource is introducing MessageUninstallNoArguments with an English value. Please provide a localized translation for this locale (or omit the entry here to fall back to the en-US resource).
Suggested change
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> | |
| <value>{} ne prend aucun argument. Pour annuler l’inscription d’une distribution, utilisez {} à la place.</value> |
| <comment>{FixedPlaceholder="{}"}Command line arguments, file names and string inserts should not be translated</comment> | ||
| </data> | ||
| <data name="MessageUninstallNoArguments" xml:space="preserve"> | ||
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> |
There was a problem hiding this comment.
This locale resource is introducing MessageUninstallNoArguments with an English value. Please provide a localized translation for this locale (or omit the entry here to fall back to the en-US resource).
Suggested change
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> | |
| <value>{} nem fogad el argumentumokat. Egy disztribúció regisztrációjának megszüntetéséhez használja helyette a(z) {} parancsot.</value> |
| <comment>{FixedPlaceholder="{}"}Command line arguments, file names and string inserts should not be translated</comment> | ||
| </data> | ||
| <data name="MessageUninstallNoArguments" xml:space="preserve"> | ||
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> |
There was a problem hiding this comment.
This locale resource is introducing MessageUninstallNoArguments with an English value. Please provide a localized translation for this locale (or omit the entry here to fall back to the en-US resource).
Suggested change
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> | |
| <value>{} tar ingen argumenter. Hvis du vil fjerne registreringen av en distribusjon, bruker du {} i stedet.</value> |
| <comment>{FixedPlaceholder="{}"}Command line arguments, file names and string inserts should not be translated</comment> | ||
| </data> | ||
| <data name="MessageUninstallNoArguments" xml:space="preserve"> | ||
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> |
There was a problem hiding this comment.
This locale resource is introducing MessageUninstallNoArguments with an English value. Please provide a localized translation for this locale (or omit the entry here to fall back to the en-US resource).
Suggested change
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> | |
| <value>{} nie przyjmuje żadnych argumentów. Aby wyrejestrować dystrybucję, użyj zamiast tego {}.</value> |
| <comment>{FixedPlaceholder="{}"}Command line arguments, file names and string inserts should not be translated</comment> | ||
| </data> | ||
| <data name="MessageUninstallNoArguments" xml:space="preserve"> | ||
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> |
There was a problem hiding this comment.
This locale resource is introducing MessageUninstallNoArguments with an English value. Please provide a localized translation for this locale (or omit the entry here to fall back to the en-US resource).
Suggested change
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> | |
| <value>{} tar inte några argument. Om du vill avregistrera en distribution använder du {} i stället.</value> |
| <comment>{FixedPlaceholder="{}"}Command line arguments, file names and string inserts should not be translated</comment> | ||
| </data> | ||
| <data name="MessageUninstallNoArguments" xml:space="preserve"> | ||
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> |
There was a problem hiding this comment.
This locale resource is introducing MessageUninstallNoArguments with an English value. Please provide a localized translation for this locale (or omit the entry here to fall back to the en-US resource).
Suggested change
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> | |
| <value>{} не принимает аргументы. Чтобы отменить регистрацию дистрибутива, используйте {}.</value> |
| <comment>{FixedPlaceholder="{}"}Command line arguments, file names and string inserts should not be translated</comment> | ||
| </data> | ||
| <data name="MessageUninstallNoArguments" xml:space="preserve"> | ||
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> |
There was a problem hiding this comment.
This locale resource is introducing MessageUninstallNoArguments with an English value. Please provide a localized translation for this locale (or omit the entry here to fall back to the en-US resource).
Suggested change
| <value>{} does not take any arguments. To unregister a distribution, use {} instead.</value> | |
| <value>{} bağımsız değişken almaz. Bir dağıtımın kaydını silmek için bunun yerine {} kullanın.</value> |
OneBlue
approved these changes
Mar 26, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This change merges the latest changes from the main branch into the wsla feature branch.