MIRRORS/meta-virtualization
1
0
Fork 0
mirror of git://git.yoctoproject.org/meta-virtualization.git synced 2025-07-19 12:50:22 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
1af45b1490
meta-virtualization/recipes-containers/runc
History
Bruce Ashfield 1af45b1490 runc: update to v1.1.0 
Bumping runc to version v1.1.0-1-gd7f7b22a, which comprises the following commits:

    d7f7b22a VERSION: back to development
    067aaf85 VERSION: release runc v1.1.0
    c0e300f1 Refuse to build runc without nsenter
    e155b332 build(deps): bump github.com/checkpoint-restore/go-criu/v5
    5c7e8981 libct/cg: rm go 1.15 compatibility
    4773769c VERSION: back to development
    55df1fc4 VERSION: release v1.1.0-rc.1
    a8f9d5de CHANGELOG: add an in-repo changelog file
    6d2067a4 script/seccomp.sh: fix argc check
    457ca62f script/release_*.sh: fix usage
    c729594c deps: update libseccomp to 2.5.3
    5d779620 tests/int: use update_config in hooks test
    9e798e26 tests/int: ability to specify binary
    97688ddf types/features: clarify MountOptions
    deb0a5f2 Mark `runc features` experimental
    382eba43 Support recursive mount attrs ("rro", "rnosuid", "rnodev", ...)
    ba935a51 Support nosymfollow mount option (kernel 5.10)
    f8c48e46 go.mod: golang.org/x/sys v0.0.0-20211116061358-0a5406a5449c
    acd8f12f release: correctly handle binary signing for "make releaseall"
    d72d057b runc init: avoid netlink message length overflows
    25112dd1 libct/intelrdt: remove unused type
    c4a61aa9 ci: enable extra linters for new code
    520702da Add `runc features` command
    02475d9c .golangci.lint: add unparam linter
    953e56c5 libct/int: runContainer: drop console arg
    6c0bfcb1 libct/cg/fs/blkio_test: ignore unparam warning
    06b3fd9d libct/cg/ebpf: drop finalize return value
    86733013 notify_socket: setupSpec: drop ctx arg and return value
    741568eb libct/cg/devices: addRule: ignore unparam warning
    fc44e3f6 tty: Close: rm return value
    36483465 tty: ClosePostStart: rm return value
    f3f4b6d1 tty: recvtty: rm process arg
    e6318635 tty: rm inheritStdio return value
    d23b8109 checkpoint: rm getDefaultImagePath arg
    dd140401 libct: fixStdioPermissions: rm config arg
    b357bc13 libct/factory: rm id param from loadState
    b950b778 libct/utils: ResolveRootfs: remove
    35d20c4e chown cgroup to process uid in container namespace
    ec0f35bc libct/system/xattrs: remove
    e9ed2000 build(deps): bump github.com/opencontainers/selinux from 1.9.1 to 1.10.0
    e3dd80fa Vagrantfile.fedora: revert excluding systemd
    1da84d1a libct/cg: TestGetHugePageSizeImpl: use t.Run
    1362291a Avoid non-op when the list of `Hooks` is empty
    f13a9325 libct/cg: HugePageSizes: simplify code and test
    39d4c8d5 libct/cg: lazy init for HugePageSizes
    a4d4c4dd libct/cg: GetHugePageSize -> HugePageSizes
    dde509df specconv: do not permit null bytes in mount fields
    50105de1 Fix failure with rw bind mount of a ro fuse
    982b9a1d libct/standard_init: fix linter warning
    643f8a2b libct/specconv: nits
    b247cd39 runc run: fix ro /dev
    029b73c1 libct/spec: replace isValidName regex with a function
    6907beca libct/specconv: remove isSecSuffix regex
    37c5fd55 libct/specconv: make parseMountOptions return Mount
    2c3792ba libct/specconv: make mountFlags and extensionFlags global
    81586e19 libct/specconv: reuse mountPropagationMapping in parseMountOptions
    8fe1e8bf libct/specconv: rm some init allocations
    712157f6 Revert "ci: temporarily disable criu repo gpg check"
    f252eb54 test/int/mount.bats: refer to github issue
    7563a8f0 libct: wrap more unix errors
    db4ad6a7 libcontainer/system: rm Prlimit
    0880c001 .cirrus.yml: silence vagrant up
    b028ecb3 Vagrantfile.fedora: exclude systemd from upgrade
    12a36265 ci/cirrus: update to Go 1.17.3
    02d527d2 go.mod: github.com/moby/sys/mountinfo v0.5.0
    0e21d56e go.mod: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359
    b2d64fed build(deps): bump github.com/checkpoint-restore/go-criu/v5
    a9bb11ec Fix the conversion of sysctl variable dots and slashes
    0f933d54 Rename package validate_test to package validate
    68c2b6a7 runc run: refuse a frozen cgroup
    d08bc0c1 runc run: warn on non-empty cgroup
    dd696235 runc exec: reject paused container unless --ignore-paused
    4b25a4e8 CI: update Fedora to 35
    7324496f tests/int: fix userns for Fedora 35
    05272718 tests/int/cgroups: fix for misc controller
    fc658fb6 build(deps): bump github.com/godbus/dbus/v5 from 5.0.5 to 5.0.6
    972aea3a libct/configs/validate: allow / in sysctl names
    95f8ecdd fix `libcontainer/integration/exec_test.go:1859:8: undefined: ioutil`
    dc473cad build(deps): bump github.com/cilium/ebpf from 0.6.2 to 0.7.0
    8542322d libcontainer: Add unit tests with userns and mounts
    55162941 Remove io/ioutil use
    6a4f4a6a libcontainer/ignoreTerminateErrors: simplify for Go 1.16+
    12e99a0f Require Go >= 1.16
    3d986766 ci/gha: install latest stable Go version
    c5ca778f ci: temporarily disable criu repo gpg check
    81fdc8ce New integration tests for user namespaces bind sources
    9c444070 Open bind mount sources from the host userns
    a80e1217 libct/intelrdt: add Root()
    794cd66d libct/system: Exec: wrap the error
    6eba68de build(deps): bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1
    e395d2dc libct: Init: remove LockOSThread
    916c6a15 libct/cg/fs2: fix GetStats for unsupported hugetlb
    f9667e63 Make DevicesGroup's "TestingSkipFinalCheck" attribute public
    2e0ceaa9 fix createDevices when no Linux section
    fae5d8b5 release: add s390x
    f95063ed Dockerfile: fix for seccomp
    7758d3fb libct/cg/sd/v2: Destroy: remove cgroups recursively
    580e43ec contrib: rm init from bash completion
    0202c398 runc exec: implement --cgroup
    cc15b887 tests: add integration test for cgroups hybrid
    a8435007 cgroups: join cgroup v2 when using hybrid mode
    39914db6 runc exec: don't skip non-existing cgroups
    7d446c63 libct/cg.WriteCgroupProcs: improve errors
    cc1d7466 exec.go: nit
    0d297b71 ci/gha: test criu-dev with latest go
    16aedc31 ci/gha: remove debug info
    3fd1851c CI/GHA: switch to OBS criu repo
    81dc5599 Dockerfile: fix apt-key warning
    2bf560fb Dockerfile: use Debian_11 repo for criu
    99ddc1be libct/cg/fs: rm m.config == nil checks
    57edce46 libct/cg: add Resources=nil unit test
    1af4ed11 libct/cg/sd/v2: move fsMgr init to NewUnifiedManager
    9a2146fa libct/cg/sd/v2: move path init to NewUnifiedManager
    39be6e97 libct/cg/fs2: minor optimization
    b14a6cf9 libct/cg/sd/v1: move path init to NewLegacyManager
    fcc48168 libct/cg/fs: document path removal
    6c5441e5 libct/cg/fs: move paths init to NewManager
    097c6d74 libct/cg: simplify getting cgroup manager
    3c8db638 script/release.sh: update libseccomp to 2.5.2
    f30244ee make release: add cross-build
    23d79aae Makefile: only build runc for static target
    d2b6899e Makefile: fixes for seccompagent
    43b36dc4 Support changing of lsm mount context on restore
    412d68d1 Vendor in go-criu v5.1.0
    163e2523 libct/cg: replace bitset with std math/big library
    6806b2c1 runc delete -f: fix for cg v1 + paused container
    e6928865 libct/cg/fs: refactor
    7d1cb320 libct/cg/fs: rename join to apply
    5c7cb837 libct/cg/fs: micro optimization
    19b542a5 libct/cg/fs: move internal code out of fs.go
    eb09df74 libct/cg/sd/v1: initPaths: minor optimization
    63c84917 libct/cg/sd/v1: optimize initPaths
    c7e0864d libct/cg/sd/v1: factor out initPaths
    dc907e8d libct/cg/sd/v*.go: nit
    d974b22a create, run: amend final errors
    9ba2f65d startContainer: minor refactor
    1545ea69 delete, start: remove newline from errors
    af641cd5 seccomp: Add test using the seccomp agent example
    08659080 build(deps): bump github.com/bits-and-blooms/bitset from 1.2.0 to 1.2.1
    622acd24 build(deps): bump github.com/opencontainers/selinux from 1.8.4 to 1.8.5
    47abdcee ci/gha: update golangci-lint to 1.42.1
    704a1878 contrib/cmd/seccompagent: fix build tags
    49137c2a ci/gha: bump shfmt to 3.3.1
    f1b703fc libct/nsenter/nsexec.c: honor _LIBCONTAINER_LOGLEVEL
    d5ffe83f libct/nsenter/nsexec.c: factor out getenv_int
    d2f49d45 libct/nsenter/nsexec.c: improve bail
    6c4a3b13 runc init: pass _LIBCONTAINER_LOGLEVEL as int
    0a3577c6 utils_linux: simplify newProcess
    51cd519e seccomp agent: Return non-zero on failures
    8b790e4f seccomp agent: Use arch SCMP_ARCH_X86_64
    4a4d4f10 Add support for seccomp actions ActKillThread and ActKillProcess
    4a751b05 seccomp: drop unnecessary const SCMP_ACT_* defines
    72b5c3ca build(deps): bump github.com/godbus/dbus/v5 from 5.0.4 to 5.0.5
    00772cae tests: add functional tests for seccomp notify
    5ae831d9 tests: add functional tests for seccomp
    e21a9ee8 contrib: add sample seccomp agent
    c64aaf0e libcontainer/specconv: extend SetupSeccomp tests
    2b025c01 Implement Seccomp Notify
    4e7aeff6 libcontainer/utils: introduce SendFds
    c55530be vendoring: Use libseccomp with notify support
    64358c4d optimize log: move WriteJSON defer as early as possible
    39d0ee18 script/release.sh: fix for opensuse
    a20c8b29 runc --debug: shorter caller info
    b55b3081 libct/logs: do not show caller in nsexec logs
    c3910e73 libct/logs: parse log level implicitly
    c4826905 libct/logs: test: make more robust
    33dcb994 libct/nsenter/nsenter_test.go: logging nits
    78b27155 libct/nsenter: test: rm misleading comments
    2c46455c libct/nsenter: test: improve TestNsenterChildLogging
    feb1fe11 libct/nsenter: test: fix TestNsenterValidPaths
    3df6a02f libct/nsenter: test: improve newPipe
    347c371b CI: Mark CGO warnings as errors
    d8da0035  *: add go-1.17+ go:build tags
    1b17ec95 libct/cg: rm "unsupported.go" files
    dbb9fc03 libct/*: remove linux build tag from some pkgs
    c5b0be78 Rm build tags from main pkg
    9ff64c3d *: rm redundant linux build tag
    895e0a5c nsenter: fix typo in bail message
    1f5798f7 improve error message when dbus-user-session is not installed
    63944578 tests/int: add a "update cpu period with pod limit set" test
    1b2adcfe libct/cg/v1: workaround CPU quota period set failure
    09b80811 Revert "libct/devices: change devices.Type to be a string"
    538ba846 libct/error.go: rm ConfigError
    6145628f configs/validate: audit all returned errors
    bbcf96f9 libct/cg/devices: stop using regex
    fb629db6 tests/int/helpers: fix shellcheck warnings
    f65276db tests/int/helpers: rm $bundle handling
    b3d14488 Add support for rdma cgroup introduced in Linux Kernel 4.11
    8d8415ee libct/logs: remove ConfigureLogging
    f77fb7a3 init.go, main.go: don't use logs.ConfigureLogging
    93937000 libcontainer/intelrdt: update code comments
    a37a89f4 libct/system: add I and P process states
    f90008ae libct/system.Stat: fix/improve/speedup
    412c6f06 libct/system/proc_test: fix, improve, add benchmark
    74ae9e0f checkpoint: resolve symlink for external bind mount(fix ci broken)
    24d318b8 Dockerfile: switch to bullseye
    9a095e44 libct/cg/sd/v1: add SkipFreezeOnSet knob
    fec49f2a libct/cg/sd/v1: add freezeBeforeSet unit test
    41043673 libct/cg/sd/v1: Fix unnecessary freeze/thaw
    a5871801 ci: add go1.17
    75761bcc Fix codespell warnings, add codespell to ci
    db8330c9 libct/nsenter: fix unused-result warning
    844d6774 CI: Validate compilation without buildtags
    51508210 libct/nsenter: nullify pointer on asprintf error
    2ab6484f libct/nsenter: no need to check size_t less than 0
    f0dbefac .cirrus.yum: retry yum if failed
    814f3ae1 libct/devices: change devices.Type to be a string
    74b5c34e .cirrus.yml: simplify
    77fb9aff build(deps): bump github.com/containerd/console from 1.0.2 to 1.0.3
    bd50e7c4 libct/cg/OpenFile: check cgroupFd on error
    ab577f6f MAINTAINERS: add Sebastiaan van Stijn
    2bab4a56 libct/nsenter: fix logging race in nsexec
    bda1bd7a build(deps): bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4
    c2d9668c libct/cg/OpenFile: fix openat2 vs top cgroup dir
    1b4c30fd libcontainer/intelrdt: always run unit tests
    79d292b9 libcontainer/intelrdt: verify ClosID existence
    17e3b41d libcontainer/intelrdt: support ClosID parameter
    7296dc17 libcontainer/intelrdt: refactor clos path handling
    1cbfe234 libct/cg: rm dead code
    d0c3bc44 libct/cg: GetAllPids: optimize for go 1.16+
    363468d0 libct/cg: improve GetAllPids and readProcsFile
    504271a3 libct/cg: move GetAllPids out of utils.go
    fc99ab7e build(deps): bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3
    0f94799e man/runc-run.8: document --keep option
    cb824629 proposal: add --keep to runc run
    e06465ac ci/cirrus: remove unused code
    120f7406 ci/gha: add latest criu-dev test run
    60e02b4b runc exec: fail with exit code of 255
    18f434e1 script/release.sh: make builds reproducible
    61e201ab makefile: update ldflags and add strip for static builds
    5110bd2f nsenter: remove cgroupns sync mechanism
    7a0302f0 runc init: simplify
    a91ce306 libct/*_test.go: use t.TempDir
    3bc606e9 libct/int: adapt to Go 1.15
    1eeaf113 libct/intelrdt/*_test.go: use t.TempDir
    f6a56f60 libct/cg/fs/*_test.go: use t.TempDir
    2d1645d2 libct/cg/fscommon: drop go 1.13 compatibility
    6215b2f3 ci/gha: drop Go 1.13
    a952b5aa README, go.mod: require go 1.15+
    12a1dccb Revert "libcontainer: avoid using t.Cleanup"
    015fa29a Revert "Revert "Makefile: rm go 1.13 workaround""
    5dd92fd9 libct/seccomp: skip redundant rules
    e44bee10 libct/seccomp: warn about unknown syscalls
    073e085c libct/seccomp: ConvertStringToAction: fix doc
    9f656dbb Do not use Vagrant for CentOS 7/8
    d4480164 tests/rootless.sh: fixup for "update rt" test
    86af5248 tests/int: fix "update rt period and runtime" for rootless
    cc0b1644 README.md: remove abandoned versioning policy
    87bfd20f Evaluate Cirrus CI for Vagrant tests
    a7110262 libct/cg/sd: add TestPodSkipDevicesUpdate
    52dd96db libct/cg/sd: TestFreezePodCgroup: rm explicit freeze
    f2db8798 libct/cg/sd/v1: Set: avoid unnecessary freeze/thaw
    5dc32604 libct/int/TestFreeze: test freeze/thaw via Set
    af1688a5 libct/int: allow subtests
    67cfd3d4 libct/cg/sd/v1: Set: don't overwrite r.Freezer
    d02b0061 ci/gha: run on release-* branches after a push
    57e3c541 cgroupv2: ebpf: ignore inaccessible existing programs
    fe518a06 vendor: update github.com/cilium/ebpf
    3e5c1997 libct/cg/sd: Add freezer tests
    294c4866 libct/cg/fs/freezer.GetState: report current cgroup state
    f33be7cc libct/cg/sd: Don't freeze cgroup on cgroup v2 Set
    d41a273d Update device update tests
    be1d5f83 ci: enable unconvert linter, fix its warnings
    6be088d6 tests/int/dev: add CAP_SYSLOG to /dev/kmsg tests
    9f2a1f4d deps: update to github.com/cyphar/filepath-securejoin@v0.2.3
    24d5daf5 libct/user: fix parsing long /etc/group lines
    226dfab0 libct/user: ParseGroupFilter: use TrimSpace
    120e3a77 libct/user: use []byte more, avoid allocations
    83776dd8 libcontainer: Bail on close(2) failures
    7d479e6b libcontainer: Don't close fds already closed
    e39ad650 retry unix.EINTR for container init process
    c508a7bc libct/rootfs: consolidate utils imports
    1bbeadae tests/int/no_pivot: fix for new kernels
    0229a77a libcontainer/intelrdt: privatize some ids
    8f8dfc49 libcontainer/intelrdt: move NewLastCmdError down
    00d15629 libct/intelrdt: simplify NewLastCmdError
    e0ce428b libct/intelrdt: remove NotFoundError type
    feff2c45 libct/intelrdt: fix potential nil dereference
    82498e3d libct/specconf: remove unneeded checks
    bc96a59d build(deps): bump google.golang.org/protobuf from 1.26.0 to 1.27.1
    70fdc057 Revert "checkpoint: resolve symlink for external bind mount"
    e618c02d libct/stacktrace: remove
    e918d021 libcontainer: rm own error system
    60c647a7 libct/error: rm ConsoleExists
    a7cfb23b *: stop using pkg/errors
    b60e2edf libct/cg: stop using pkg/errors
    a6cc36a8 libct/cg/ebpf: stop using pkg/errors
    f137aaa2 libct/cg/devices: stop using pkg/errors
    ebb08128 .golangci.yml: enable errorlint
    56e47804 *: ignore errorlint warnings about unix.* errors
    f6a0899b *: use errors.As and errors.Is
    5d2a11ad tty.go: don't use pkg/errors, use errors.Is
    c6fed264 libct/keys: stop using pkg/errors
    adbac31d libct: fix errorlint warning about strconv.NumError
    7be93a66 *: fmt.Errorf: use %w when appropriate
    d8ba4128 libct/rootfs: improve some errors
    36aefad4 libct: wrap unix.Mount/Unmount errors
    825335b2 libct/cg/fs2: fix/unify parsing errors
    5a186d39 libct/cg/fs: fix/unify parsing errors
    f813174d libct/cg/fscommon: introduce and use ParseError
    adcd3b44 libct/cg/fs[2]: simplify getting pid stats
    4e330942 libct/cg/fs/stats_util_test: fix errors
    563225d5 libct/StartInitialization: fix errors
    3fee59f9 libct/cg/fs/*_test: simplify errors
    fdf4e90e libct/cg/fscommon.ParseKeyValue: no need to wrap err
    627a06ad Replace fmt.Errorf w/o %-style to errors.New
    242b3283 libct/cg/fscommon: rm unused var
    92e8d9b9 libct/intelrdt: error message nits
    041caf10 VERSION: back to development
    dfc0f069 man/*: revamp
    85aabe23 C/R: let criu use its default if --work-path is not set
    e8bd33ae runc --help: improve log options description
    cf4ecaed runc update: hide --kernel* options
    4065c394 exec: rm --no-subreaper flag
    da22625f checkpoint: resolve symlink for external bind mount

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
2022-02-02 22:45:37 -05:00
..
files runc: update to v1.1.0 2022-02-02 22:45:37 -05:00
runc-docker runc-docker: update to rc95 2021-06-14 22:23:19 -04:00
runc-docker_git.bb runc-docker: update to 1.0.3 2021-12-10 09:42:44 -05:00
runc-opencontainers_git.bb runc: update to v1.1.0 2022-02-02 22:45:37 -05:00
runc.inc virtual/runc: don't rprovide virtual/ 2021-09-06 10:57:17 -04:00