2cf2a1945e
Bumping crun to version 1.20-53-g4d6eae2e, which comprises the following commits:
107214b1 build(deps): bump uraimo/run-on-arch-action from 2.8.1 to 3.0.0
c954b1b6 criu: use a process to initialize the cgroup
959cc6c4 cgroup: extend function
e3866cc5 cgroup: fix ownership of dfd in read_pids_cgroup
0f16ced1 linux: set subsystem_path before use in error
6ed12c63 linux: remove dead code
6c049b81 criu: hide feature if dlopen is not present
73d00079 tests: map all IDs into the user namespace
0037d567 ci: fail on "sudo make check"
f82ead82 tests: fix test_resources_unified_invalid_controller()
37213555 utils: improve error message if path not executable
5f5454b5 utils: do not use hardcoded path buffer
4948e451 utils: check for eaccess existence
410f0d53 container: pass down executable path to custom handler
bb56343c utils: move error handling inside find_executable()
a77702c0 tests: do a shallow git clone for podman
f941be48 error: silence compiler warning
b8b25ea1 Prevent dlopen() for CRIU in static link'ed binary
990b5f68 krun: fix libkrun_unload
79b7e6b3 libcrun: use an hash map to lookup the key
51fa411b libcrun: move annotations handling to a separate struct
9abef0da linux: fix dup error
14d5baa4 README: add CentOS Stream 9 & 10, rm 8
e735b4bc krun: fix libkrun_exec return value
90a321c6 container, error: update error handling
620b91b5 utils: fix PATH lookup
48470009 Downstream Fedora: fix gating config
7949fbc6 tests: disable new test that does not use the runtime
7f76fcd4 utils: add missing crun_error_release()
6598c99b utils: add O_NOFOLLOW
9c9a76ac NEWS: tag 1.20
0aec82c2 krun: fix CVE-2025-24965
793188c2 krun: initialize bool
ac956685 utils: add O_WRONLY to WRITE_FILE_DEFAULT_FLAGS
dcf4f78b utils: drop rootfs_len from safe_openat function
de33f0a8 utils: write_file_at_with_flags uses safe_write
c460b253 utils: safe_write uses size_t for the buffer length
12778089 utils: drop function write_file_with_flags
f1ef3bb4 utils: move write_file* wrappers to utils.h
3e2344b0 utils: fix partial writes with write_file_at_with_flags
7930c13d krun: drop unused variable
f7987aa9 linux, mono: remove unneeded crun_error_release()
b548479c utils: reduce memory consumption in safe_readlinkat
3b653170 chroot_realpath: remove dead code
17135c1b chroot_realpath: do not return non-existing paths
7ab1acd3 container: fix error after read
490d5502 linux, utils: remove dead code crun_ensure_file*()
432a66d9 status: validate container id
73bcfabb status: report errors from get_state_directory_status_file
30d22ba3 status: report errors from get_run_directory
873db607 status: report errors from libcrun_get_state_directory
f5e7718c linux: improve error writing to net.ipv4.ping_group_range
5c35f278 tests: make python script executable
5b51cca8 github: disable aarch64, ppc64le and s390x build
84d50992 github: cat config.log on configure failures
7aa2cd85 github: add r/w permissions
4f823090 github: show apt-get output
2d08f586 exec: always call setsid
b788f338 scheduler: ignore ENOSYS when resetting affinity mask
e292c9e9 src/linux: handle EINVAL during pidfd_open gracefully
869804f4 TMT: account for environments on internal testing farm ranch
65484cb9 TMT: Replace `adjust` with `prepare` conditionals
a4dcb9c6 cgroup: Show the absolute path to cgroup.controllers when a controller is not available
179686b7 Revert "cgroup: remove tun/tap from the default allow list"
68e8d9ab test: use wasm32-wasip1 instead of wasm32-wasi
3158e491 criu: improve error handling for CRIU function calls
3cd9c2c9 criu: do not set network_lock if not specified
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|---|---|---|
| classes | ||
| conf | ||
| docs | ||
| dynamic-layers | ||
| files | ||
| lib/oeqa/runtime/cases | ||
| recipes-containers | ||
| recipes-core | ||
| recipes-demo | ||
| recipes-devtools | ||
| recipes-extended | ||
| recipes-graphics/xorg-xserver | ||
| recipes-kernel | ||
| recipes-networking | ||
| scripts | ||
| wic | ||
| .gitignore | ||
| COPYING.MIT | ||
| MAINTAINERS | ||
| meta-virt-roadmap.txt | ||
| README.md | ||
| SECURITY.md | ||
meta-virtualization
This layer provides support for building Xen, KVM, Libvirt, and associated packages necessary for constructing OE-based virtualized solutions.
The bbappend files for some recipes (e.g. linux-yocto) in this layer need to have 'virtualization' in DISTRO_FEATURES to have effect. To enable them, add in configuration file the following line.
DISTRO_FEATURES:append = " virtualization"
If meta-virtualization is included, but virtualization is not enabled as a distro feature a warning is printed at parse time:
You have included the meta-virtualization layer, but
'virtualization' has not been enabled in your DISTRO_FEATURES. Some bbappend files
may not take effect. See the meta-virtualization README for details on enabling
virtualization support.
If you know what you are doing, this warning can be disabled by setting the following variable in your configuration:
SKIP_META_VIRT_SANITY_CHECK = 1
Depending on your use case, there are other distro features in meta-virtualization that may also be enabled:
- xen: enables xen functionality in various packages (kernel, libvirt, etc)
- kvm: enables KVM configurations in the kernel and autoloads modules
- k8s: enables kubernets configurations in the kernel, tools and configuration
- aufs: enables aufs support in docker and linux-yocto
- x11: enable xen and libvirt functionality related to x11
- selinux: enables functionality in libvirt and lxc
- systemd: enable systemd services and unit files (for recipes for support)
- sysvinit: enable sysvinit scripts (for recipes with support)
- seccomp: enable seccomp support for packages that have the capability.
Dependencies
This layer depends on:
URI: git://github.com/openembedded/openembedded-core.git branch: master revision: HEAD prio: default
URI: git://github.com/openembedded/meta-openembedded.git branch: master revision: HEAD layers: meta-oe meta-networking meta-filesystems meta-python
Required for Xen XSM policy: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Required for Ceph: URI: git://git.yoctoproject.org/meta-cloud-services branch: master revision: HEAD prio: default
Required for cri-o: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Community / Colaboration
Repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/ Mailing list: https://lists.yoctoproject.org/g/meta-virtualization IRC: libera.chat #meta-virt channel
Maintenance
Send pull requests, patches, comments or questions to meta-virtualization@lists.yoctoproject.org
Maintainer: Bruce Ashfield bruce.ashfield@gmail.com see MAINTAINERS for more specific information
When sending single patches, please using something like: $ git send-email -1 -M --to meta-virtualization@lists.yoctoproject.org --subject-prefix='meta-virtualization][PATCH'
License
All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe (.bb file) unless otherwise stated.