meta-virtualization

mirror of git://git.yoctoproject.org/meta-virtualization.git synced 2025-08-21 08:22:00 +02:00

History

Bruce Ashfield c2aab39117 crun: update to 1.21 Bumping crun to version 1.21-216-ge922e422, which comprises the following commits: aa082854 tests: install catatonit package 405d2a2c libcrun: setup /dev/console as a symlink to pty instead of bind mount 1203dadc Fix regression on Windows WSL 4db005a5 Fix incorrectly set cpu.max when quota is -1. f231b79a krun: check `kconf->handle{_sev}` exists before unloading 910eb16b utils: normalize S_ISDIR() result to 0 or 1 91732ac0 libcrun: add crun_error_get_errno 7d618b7a status: simplify libcrun_status_check_directories b34f613e status: add cleanup_free 7407bbc9 Revert "chroot_realpath: do not return non-existing paths" 1412f0a8 test: bump containerd version 82b75fa4 cfg.mk: prohibit usage of sprintf af163aa5 container: use snprintf instead of sprintf 07eef8ac container: use xasprintf instead of sprintf c3c19280 error: replace sprintf with snprintf 4666e880 cgroup: replace sprintf with snprintf c212049d seccomp: replace sprintf with snprintf 9bb4e901 linux, utils: use snprintf instead of sprintf 4353d55a status: use snprintf instead of sprintf 271f7f50 intelrdt: use snprintf instead of sprintf fd118c15 cgroup-setup: drop unused variable 4dbe7549 configure.ac: fix variable name a95034a4 linux: ensure fstype is not NULL d462c1cf tests: improve error messages in start tests f2ae65db tests: improve error messages in seccomp tests 6b3485f3 tests: improve error messages in rlimits tests dffbeadd tests: improve error messages in resources tests 8f518ee2 tests: improve error messages in oci_features tests 2bfc81bd tests: improve error messages in limits tests 9b164379 tests: improve error messages in hostname tests 39b374d5 tests: improve error messages in exec tests dbd25dcc tests: improve error messages in domainname tests 57769eee tests: improve error messages in devices tests 77fc894f tests: improve error messages in exec tests be391abb tests: improve error messages in mounts tests d212647d tests: improve error messages in capabilities tests c3bac03c tests: improve error reporting f62dcc21 tests: fix mount of tmpfs d318fa1a tests: recreate tests root for each test 21e860c7 fix rootless option parsing 7b825680 container: create missing errors 64fbacab python: reset pointer after asprintf failure cfcb839a run, create: deduplicate code 957a6518 linux: add `src-nofollow` & `dest-nofollow` options 044c89d2 run, create: align implementations 0479ae73 libcrun: prefer waitpid_ignore_stopped NULL argument 88f45286 criu: reject unsupported 'src-nofollow' option 602d0e14 linux: add argument nofollow to is_bind_mount ae0ecdd7 mountflags: add `dest-nofollow` and `src-nofollow` options af39d913 linux: refactor mount fd handling in do_mounts c77a1807 linux: add `nofollow` option to `get_bind_mount` c8d042b3 linux: remove duplicate close of rootfsfd 91d202a2 linux: drop unuseful variable c1671bd0 github: show the diff for the check job 6c24739d src: improve dlopen error message 33602a51 Packit/TMT: disable centos-stream-10-x86_64 tests b1133e95 TMT: include podman checkpoint system tests fddb3042 Revert "criu: rename a variable" 97fd76bf Fixup "criu: support mounts where dest is a symlink" 379524f0 krun: Determine flavor from VM config tree 7d1d15d7 krun: Configure VM with pre-parsed config tree 13fcca9e krun: Add function to parse krun VM config fbd8ea8f tests: add new tests to test_pid 3241e2c7 tests: add new test_uid_gid.py tests 4f173407 tests: add new test_devices.py tests 0b8455ea tests: add ischar, isblock, isfifo commands to init 9056ec3b tests: add openwronly command to init 42e5bc61 tests: report the correct exit status for ls 07374bb6 crun: expose net devices feature 006c7aa1 libcrun: advertise net devices support ba0ec5a7 linux: add support for network devices fe8f3277 tests: add ip command to init 64a2e0e1 linux: Update rootfsfd when rootfs is replaced 7de03e62 linux: safe_openat reopens root 2e210bdc linux: use rootfsfd directly from container data e9d159f7 linux: store rootfsfd under private data only 953a8c49 utils: crun_safe_ensure_at opens empty paths 372446d7 tests: fix unused variable 9ddddfb0 test: fix mount to test 040cb2e7 linux: include errno check in UNLIKELY macro b337c9d3 libocispec: update from upstream 37dacae3 linux: do_mount: simplify 0f74f03f linux: use ALL_PROPAGATIONS_NO_REC 7f686825 intelrdt: add support for generic schemata update ca40dac7 ci: show git status 2ad0b600 libocispec: sync from upstream 558419b2 utils: do not use stack for lens array 174963dc criu: avoid malloc in prepare_restore_mounts e0b01580 criu: support mounts where dest is a symlink 55498c1f criu: rename a variable 880b7ee3 criu: allow mount type to be NULL a9c1f024 criu: reuse is_bind_mount b4b29088 Fix python call to `libcrun_get_verbosity` c1e72c10 tests/test_checkpoint_restore.py: fixup e5d2489d criu restore: create --work-path 157a673d criu checkpoint: error message fixup 91aa3683 criu: validate --parent-path 0dceab0c tests: add --work-path to criu test 90ef9732 criu: create --work-path directory 1fa86492 nix: update nixpkgs b9796420 linux: improve cgroup2 mount error message b679e7f7 linux: move unified_cgroup_path to private_data ffbfb6f3 Fix getcwd error handling 8c0075b5 linux: use syscall getcwd return value to set error 99c7b959 crun: Fix the binary name in the Usage info 19b4c254 Revert "Packit: Disable osh_diff_scan" dd8e1af5 Packit: Disable osh_diff_scan 5ec1f2ab Revert "Disable criu support on riscv64" bdd62e17 krun.1: regenerate 739a2bff build-aux/release.sh: fix shellcheck warnings 5c14c0dc make shellcheck: add more files f1cf3b35 tests/run_all_tests.sh: fix shellcheck issues d084c9b5 ci: bump shellcheck to v0.10.0 10e312d5 ci: improve shellcheck job 1e518be6 crun.1: fix "CPU controller" table rendering e7f8dc33 github: use ubuntu-latest for shellcheck 10db1f7a utils: Mark base64 table as non-string data 245d2edf ci: Add awk dependency to test containers 51958b39 ci: Add awk dependency 9adca806 Packit/TMT: run shellcheck tests on fedora envs 6e1ef464 ShellCheck: resolve warnings in TMT test script 7b910ea2 TMT: Simplify plans 9b395e9a build(deps): bump uraimo/run-on-arch-action from 3.0.0 to 3.0.1 9f2604ac linux: remove unused preprocessor directives 21e0179b linux: fix definition of CLONE_NEWCGROUP 684b2540 linux: fix definition of CLONE_NEWTIME 3e9b1c4a linux: fix definition of CLONE_NEWTIME on Centos 9 fc3ae8e2 krun: stop using set_workdir dfb649b3 linux: fix error leak from sync fd 8cb44cd6 container: don't leak error 0d760a96 linux: fix error leak 3649947b linux: make error messages more uniform 75e74bf7 container: make error messages more uniform 9774d59a utils: make error messages more uniform b656f67f cgroup: fix quoting for file names in error messages 6d4f5387 tests: configure additional IDs for the containers user 3b2e2a13 tests, podman: fix ginkgo installation c359fbd8 krun: return dlerror string when library is not found 285574fe tests: add tests for "crun mounts" b5a566bf crun: expose mounts command 196ad5e4 container: add/rm mounts API for a running container 4a27212a linux: move prepare_mount to its only caller c1c5232d linux: split code to new function c7337717 linux: refactor code in a new function 9acf13d6 tests: fix function signature 05277835 status: report better error on ENOENT c6197431 libcrun, krun: use existing error e229c129 seccomp plugins and seccomp receivers cannot be declared at the same time 18af4515 src: remove unused variables 10269840 NEWS: tag 1.21 84828c65 krun: bump vcpu limit to 16 079f95d0 krun: implement support for external kernels a7a178a1 krun: consolidate configuration file definitions 059445af utils: getsubidrange returns negative value on errors ff054fe7 maybe_chown_std_streams: ignore EBADF 3adcc2c7 utils: set_home_env returns negative value on errors f4973d7a tests: move cwd tests to the correct file 53f1c0bc if the container main process and console socket do not need a terminal, the terminal fd is not created 2f7c9b88 console socket client is initialized only when the user declares terminal. 132c793a krun: fix error message 8675bafa krun: create context after loading the library a5cb511d cpuset: fix handling of absent subcgroup d2b824ca krun: stop using krun_set_exec b09aa67d krun: make krun config file world readable 459595b6 container: ignore SIGWINCH without tty c954b1b6 criu: use a process to initialize the cgroup 959cc6c4 cgroup: extend function e3866cc5 cgroup: fix ownership of dfd in read_pids_cgroup Bumping libocispec to latest, which comprises the following commits: 9d1955f sources.py: fix unconditional return in map value clone 9937df4 ocispec: rename judge_complex to is_compound_type 61b922d ocispec: add support for string->object maps abae290 ocispec: remove explicit inheritance from object d67f492 helpers: rename CombinateName to HierarchicalName 55a0a9c helpers: rename Unite class to SchemaNode 809b047 runtime-spec: update to latest upstream revision d455ad0 image-spec: update to latest upstream revision 30a27d7 github: update action ed23e6a runtime-spec: sync from upstream 412ce10 image-spec: sync from upstream Bumping runtime-spec to version v1.2.1-11-g82cca47, which comprises the following commits: afd830f principles: fix typo d2f4f90 config-linux: add schemata field to IntelRdt (#1230) 27cb002 docs: fix typo (#1285) 0ed7cf6 docs: add missing backticks for code formatting e935f99 Define Linux Network Devices (#1271) df100de add systemd-nspawn to implementations.md 95a651f Add back +dev 524fc0e Release v1.2.1 221c198 Fix description of errnoRet in Seccomp 9de64c0 config-linux: update for libseccomp v2.6.0 1df9fa9 zos updates - add zos namespaces, remove zos devices This PR proposes updates to the OCI runtime spec with z/OS platform-specific details, including adding namespaces, adding noNewPrivileges flag, and removing devices. These changes are currently in use by the IBM z/OS Container Platform (zOSCP) product - details can be found here: https://www.ibm.com/products/zos-container-platform. 131ae4c Correct `prestart` hook description in summary (#1275) b9e8fdb Add support for windows CPU affinity b37b687 ci: Add a github actions workflow for lint 8cfc407 specs-go: sync SCMP_ARCH_* constants with libseccomp main (#1229) 9ceba9f update http links to https Bumping image-spec to version v1.1.1-6-g64294bd, which comprises the following commits: aca17c0 Clarify that canonical JSON is not a requirement 1809845 Bump back to +dev 147f9c1 Release v1.1.1 4fecf47 Add blake3 as a registered/supported hash algorithm 81e457e Fix grammar nit 60acaac Document extensibility of the image layout 4dcf962 Document Go version policy 6a277dd Add `cache-dependency-path` to avoid setup-go warning 00584ff Reduce maintenance burden by letting setup-go track our Go versions 85abb94 Manifests may contain multiple digest algorithms aa533a0 Delete project documentation 03306ac Hard link limitations in union filesystems cee95e9 Ignore uname/gname where uid/gid are supported Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>	2025-07-07 11:42:27 -04:00
..
crun_git.bb	crun: update to 1.21	2025-07-07 11:42:27 -04:00

Bruce Ashfield c2aab39117 crun: update to 1.21

Bumping crun to version 1.21-216-ge922e422, which comprises the following commits:

    aa082854 tests: install catatonit package
    405d2a2c libcrun: setup /dev/console as a symlink to pty instead of bind mount
    1203dadc Fix regression on Windows WSL
    4db005a5 Fix incorrectly set cpu.max when quota is -1.
    f231b79a krun: check `kconf->handle{_sev}` exists before unloading
    910eb16b utils: normalize S_ISDIR() result to 0 or 1
    91732ac0 libcrun: add crun_error_get_errno
    7d618b7a status: simplify libcrun_status_check_directories
    b34f613e status: add cleanup_free
    7407bbc9 Revert "chroot_realpath: do not return non-existing paths"
    1412f0a8 test: bump containerd version
    82b75fa4 cfg.mk: prohibit usage of sprintf
    af163aa5 container: use snprintf instead of sprintf
    07eef8ac container: use xasprintf instead of sprintf
    c3c19280 error: replace sprintf with snprintf
    4666e880 cgroup: replace sprintf with snprintf
    c212049d seccomp: replace sprintf with snprintf
    9bb4e901 linux, utils: use snprintf instead of sprintf
    4353d55a status: use snprintf instead of sprintf
    271f7f50 intelrdt: use snprintf instead of sprintf
    fd118c15 cgroup-setup: drop unused variable
    4dbe7549 configure.ac: fix variable name
    a95034a4 linux: ensure fstype is not NULL
    d462c1cf tests: improve error messages in start tests
    f2ae65db tests: improve error messages in seccomp tests
    6b3485f3 tests: improve error messages in rlimits tests
    dffbeadd tests: improve error messages in resources tests
    8f518ee2 tests: improve error messages in oci_features tests
    2bfc81bd tests: improve error messages in limits tests
    9b164379 tests: improve error messages in hostname tests
    39b374d5 tests: improve error messages in exec tests
    dbd25dcc tests: improve error messages in domainname tests
    57769eee tests: improve error messages in devices tests
    77fc894f tests: improve error messages in exec tests
    be391abb tests: improve error messages in mounts tests
    d212647d tests: improve error messages in capabilities tests
    c3bac03c tests: improve error reporting
    f62dcc21 tests: fix mount of tmpfs
    d318fa1a tests: recreate tests root for each test
    21e860c7 fix rootless option parsing
    7b825680 container: create missing errors
    64fbacab python: reset pointer after asprintf failure
    cfcb839a run, create: deduplicate code
    957a6518 linux: add `src-nofollow` & `dest-nofollow` options
    044c89d2 run, create: align implementations
    0479ae73 libcrun: prefer waitpid_ignore_stopped NULL argument
    88f45286 criu: reject unsupported 'src-nofollow' option
    602d0e14 linux: add argument nofollow to is_bind_mount
    ae0ecdd7 mountflags: add `dest-nofollow` and `src-nofollow` options
    af39d913 linux: refactor mount fd handling in do_mounts
    c77a1807 linux: add `nofollow` option to `get_bind_mount`
    c8d042b3 linux: remove duplicate close of rootfsfd
    91d202a2 linux: drop unuseful variable
    c1671bd0 github: show the diff for the check job
    6c24739d src: improve dlopen error message
    33602a51 Packit/TMT: disable centos-stream-10-x86_64 tests
    b1133e95 TMT: include podman checkpoint system tests
    fddb3042 Revert "criu: rename a variable"
    97fd76bf Fixup "criu: support mounts where dest is a symlink"
    379524f0 krun: Determine flavor from VM config tree
    7d1d15d7 krun: Configure VM with pre-parsed config tree
    13fcca9e krun: Add function to parse krun VM config
    fbd8ea8f tests: add new tests to test_pid
    3241e2c7 tests: add new test_uid_gid.py tests
    4f173407 tests: add new test_devices.py tests
    0b8455ea tests: add ischar, isblock, isfifo commands to init
    9056ec3b tests: add openwronly command to init
    42e5bc61 tests: report the correct exit status for ls
    07374bb6 crun: expose net devices feature
    006c7aa1 libcrun: advertise net devices support
    ba0ec5a7 linux: add support for network devices
    fe8f3277 tests: add ip command to init
    64a2e0e1 linux: Update rootfsfd when rootfs is replaced
    7de03e62 linux: safe_openat reopens root
    2e210bdc linux: use rootfsfd directly from container data
    e9d159f7 linux: store rootfsfd under private data only
    953a8c49 utils: crun_safe_ensure_at opens empty paths
    372446d7 tests: fix unused variable
    9ddddfb0 test: fix mount to test
    040cb2e7 linux: include errno check in UNLIKELY macro
    b337c9d3 libocispec: update from upstream
    37dacae3 linux: do_mount: simplify
    0f74f03f linux: use ALL_PROPAGATIONS_NO_REC
    7f686825 intelrdt: add support for generic schemata update
    ca40dac7 ci: show git status
    2ad0b600 libocispec: sync from upstream
    558419b2 utils: do not use stack for lens array
    174963dc criu: avoid malloc in prepare_restore_mounts
    e0b01580 criu: support mounts where dest is a symlink
    55498c1f criu: rename a variable
    880b7ee3 criu: allow mount type to be NULL
    a9c1f024 criu: reuse is_bind_mount
    b4b29088 Fix python call to `libcrun_get_verbosity`
    c1e72c10 tests/test_checkpoint_restore.py: fixup
    e5d2489d criu restore: create --work-path
    157a673d criu checkpoint: error message fixup
    91aa3683 criu: validate --parent-path
    0dceab0c tests: add --work-path to criu test
    90ef9732 criu: create --work-path directory
    1fa86492 nix: update nixpkgs
    b9796420 linux: improve cgroup2 mount error message
    b679e7f7 linux: move unified_cgroup_path to private_data
    ffbfb6f3 Fix getcwd error handling
    8c0075b5 linux: use syscall getcwd return value to set error
    99c7b959 crun: Fix the binary name in the Usage info
    19b4c254 Revert "Packit: Disable osh_diff_scan"
    dd8e1af5 Packit: Disable osh_diff_scan
    5ec1f2ab Revert "Disable criu support on riscv64"
    bdd62e17 krun.1: regenerate
    739a2bff build-aux/release.sh: fix shellcheck warnings
    5c14c0dc make shellcheck: add more files
    f1cf3b35 tests/run_all_tests.sh: fix shellcheck issues
    d084c9b5 ci: bump shellcheck to v0.10.0
    10e312d5 ci: improve shellcheck job
    1e518be6 crun.1: fix "CPU controller" table rendering
    e7f8dc33 github: use ubuntu-latest for shellcheck
    10db1f7a utils: Mark base64 table as non-string data
    245d2edf ci: Add awk dependency to test containers
    51958b39 ci: Add awk dependency
    9adca806 Packit/TMT: run shellcheck tests on fedora envs
    6e1ef464 ShellCheck: resolve warnings in TMT test script
    7b910ea2 TMT: Simplify plans
    9b395e9a build(deps): bump uraimo/run-on-arch-action from 3.0.0 to 3.0.1
    9f2604ac linux: remove unused preprocessor directives
    21e0179b linux: fix definition of CLONE_NEWCGROUP
    684b2540 linux: fix definition of CLONE_NEWTIME
    3e9b1c4a linux: fix definition of CLONE_NEWTIME on Centos 9
    fc3ae8e2 krun: stop using set_workdir
    dfb649b3 linux: fix error leak from sync fd
    8cb44cd6 container: don't leak error
    0d760a96 linux: fix error leak
    3649947b linux: make error messages more uniform
    75e74bf7 container: make error messages more uniform
    9774d59a utils: make error messages more uniform
    b656f67f cgroup: fix quoting for file names in error messages
    6d4f5387 tests: configure additional IDs for the containers user
    3b2e2a13 tests, podman: fix ginkgo installation
    c359fbd8 krun: return dlerror string when library is not found
    285574fe tests: add tests for "crun mounts"
    b5a566bf crun: expose mounts command
    196ad5e4 container: add/rm mounts API for a running container
    4a27212a linux: move prepare_mount to its only caller
    c1c5232d linux: split code to new function
    c7337717 linux: refactor code in a new function
    9acf13d6 tests: fix function signature
    05277835 status: report better error on ENOENT
    c6197431 libcrun, krun: use existing error
    e229c129 seccomp plugins and seccomp receivers cannot be declared at the same time
    18af4515 src: remove unused variables
    10269840 NEWS: tag 1.21
    84828c65 krun: bump vcpu limit to 16
    079f95d0 krun: implement support for external kernels
    a7a178a1 krun: consolidate configuration file definitions
    059445af utils: getsubidrange returns negative value on errors
    ff054fe7 maybe_chown_std_streams: ignore EBADF
    3adcc2c7 utils: set_home_env returns negative value on errors
    f4973d7a tests: move cwd tests to the correct file
    53f1c0bc if the container main process and console socket do not need a terminal, the terminal fd is not created
    2f7c9b88 console socket client is initialized only when the user declares terminal.
    132c793a krun: fix error message
    8675bafa krun: create context after loading the library
    a5cb511d cpuset: fix handling of absent subcgroup
    d2b824ca krun: stop using krun_set_exec
    b09aa67d krun: make krun config file world readable
    459595b6 container: ignore SIGWINCH without tty
    c954b1b6 criu: use a process to initialize the cgroup
    959cc6c4 cgroup: extend function
    e3866cc5 cgroup: fix ownership of dfd in read_pids_cgroup

Bumping libocispec to latest, which comprises the following commits:

    9d1955f sources.py: fix unconditional return in map value clone
    9937df4 ocispec: rename judge_complex to is_compound_type
    61b922d ocispec: add support for string->object maps
    abae290 ocispec: remove explicit inheritance from object
    d67f492 helpers: rename CombinateName to HierarchicalName
    55a0a9c helpers: rename Unite class to SchemaNode
    809b047 runtime-spec: update to latest upstream revision
    d455ad0 image-spec: update to latest upstream revision
    30a27d7 github: update action
    ed23e6a runtime-spec: sync from upstream
    412ce10 image-spec: sync from upstream

Bumping runtime-spec to version v1.2.1-11-g82cca47, which comprises the following commits:

    afd830f principles: fix typo
    d2f4f90 config-linux: add schemata field to IntelRdt (#1230)
    27cb002 docs: fix typo (#1285)
    0ed7cf6 docs: add missing backticks for code formatting
    e935f99 Define Linux Network Devices (#1271)
    df100de add systemd-nspawn to implementations.md
    95a651f Add back +dev
    524fc0e Release v1.2.1
    221c198 Fix description of errnoRet in Seccomp
    9de64c0 config-linux: update for libseccomp v2.6.0
    1df9fa9 zos updates - add zos namespaces, remove zos devices This PR proposes updates to the OCI runtime spec with z/OS platform-specific details, including adding namespaces, adding noNewPrivileges flag, and removing devices. These changes are currently in use by the IBM z/OS Container Platform (zOSCP) product - details can be found here: https://www.ibm.com/products/zos-container-platform.
    131ae4c Correct `prestart` hook description in summary (#1275)
    b9e8fdb Add support for windows CPU affinity
    b37b687 ci: Add a github actions workflow for lint
    8cfc407 specs-go: sync SCMP_ARCH_* constants with libseccomp main (#1229)
    9ceba9f update http links to https

Bumping image-spec to version v1.1.1-6-g64294bd, which comprises the following commits:

    aca17c0 Clarify that canonical JSON is not a requirement
    1809845 Bump back to +dev
    147f9c1 Release v1.1.1
    4fecf47 Add blake3 as a registered/supported hash algorithm
    81e457e Fix grammar nit
    60acaac Document extensibility of the image layout
    4dcf962 Document Go version policy
    6a277dd Add `cache-dependency-path` to avoid setup-go warning
    00584ff Reduce maintenance burden by letting setup-go track our Go versions
    85abb94 Manifests may contain multiple digest algorithms
    aa533a0 Delete project documentation
    03306ac Hard link limitations in union filesystems
    cee95e9 Ignore uname/gname where uid/gid are supported

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>

2025-07-07 11:42:27 -04:00

crun_git.bb

crun: update to 1.21

2025-07-07 11:42:27 -04:00