79db703e34
Bumping runc to version v1.2.0-149-g610aa88a, which comprises the following commits:
06f1e076 libct: speedup process.Env handling
6171da60 libct/configs: add HookList.SetDefaultEnv
c49b8916 tests: add test to check StartContainer hook env
390641d1 libct/int: improve TestExecInEnvironment
9a545947 libct/int: add BenchmarkExecInBigEnv
a69d289f build(deps): bump google.golang.org/protobuf from 1.36.1 to 1.36.2
061483b6 build(deps): bump golang.org/x/net from 0.33.0 to 0.34.0
48ad17f4 build(deps): bump golang.org/x/sys from 0.28.0 to 0.29.0
83350c24 libct/system: rm Fexecve
c0abf76e Update README.md
f8483049 build(deps): bump google.golang.org/protobuf from 1.36.0 to 1.36.1
57462491 libct/configs/validate: add IOPriority.Class validation
7334ee01 libct/configs: rm IOPrioClassMapping
5d3942ee libct: unify IOPriority setting
ec465d39 utils: simplify newProcess
2dc3ea4b libct: simplify setIOPriority/setupScheduler calls
93091e6a libct: don't pass SpecState to init unless needed
8afeb583 libct: add/use configs.HasHook
171c4149 refactor init and setns process
5855ba53 build(deps): bump github.com/cilium/ebpf from 0.17.0 to 0.17.1
e809db84 build(deps): bump github.com/cilium/ebpf from 0.16.0 to 0.17.0
c2b11a63 build(deps): bump golang.org/x/net from 0.32.0 to 0.33.0
71327d7f build(deps): bump github.com/cyphar/filepath-securejoin
af929228 RELEASES: add formal release policy for runc
21c0968b remove broken fuzzer from oss-fuzz build script
9468986a ci: use a specific ubuntu version
e845f4be ci: bump golangci-lint to v1.62
705382ac build(deps): bump google.golang.org/protobuf from 1.35.2 to 1.36.0
394f4c3b Re-add tun/tap to default device rules
b15fcc1b keyring: update @kolyshkin key expiry
5a838ccb tests/cmd/sd-helper: switch from configs to cgroups
a56f85f8 libct/*: switch from configs to cgroups
04041f21 libct/cgroups/*: switch from configs to cgroups
ae477f15 libct/configs: move cgroup stuff to libct/cgroups
85c7c99d libct/cg/fs2: fix some revive linter warnings
66fe7db3 Move test helper binaries
47dc1858 Add runc_nocriu build tag
c487840f Remove main package dependency on criurpc
2f1b6626 deps: update to github.com/cyphar/filepath-securejoin@v0.3.5
c0044c7a cgroup: ebpf: make unexpected errors in haveBpfProgReplace louder
9bc6753d cgroups: ebpf: also check for ebpf.ErrNotSupported
dea0e04d cgroups: ebpf: use link.Anchor to check for BPF_F_REPLACE support
d5694eed build(deps): bump golang.org/x/net from 0.31.0 to 0.32.0
ec7e90b3 build(deps): bump golang.org/x/sys from 0.27.0 to 0.28.0
66969827 Switch to github.com/moby/sys/capability v0.4.0
fe73f1a9 libct/cap: switch to lazy init
cdee1b38 libct/cap: preallocate slices
b7da1673 build(deps): bump google.golang.org/protobuf from 1.35.1 to 1.35.2
fffc165d tests: add test for 'weird' external namespace joining
fadc55eb nsenter: implement a two-stage join for setns
a97d7cb2 nsenter: refuse to join unknown namespaces
49bee5c4 cfmt: use the Linux { a, b } decl style
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|---|---|---|
| classes | ||
| conf | ||
| docs | ||
| dynamic-layers | ||
| files | ||
| lib/oeqa/runtime/cases | ||
| recipes-containers | ||
| recipes-core | ||
| recipes-demo | ||
| recipes-devtools | ||
| recipes-extended | ||
| recipes-graphics/xorg-xserver | ||
| recipes-kernel | ||
| recipes-networking | ||
| scripts | ||
| wic | ||
| .gitignore | ||
| COPYING.MIT | ||
| MAINTAINERS | ||
| meta-virt-roadmap.txt | ||
| README.md | ||
| SECURITY.md | ||
meta-virtualization
This layer provides support for building Xen, KVM, Libvirt, and associated packages necessary for constructing OE-based virtualized solutions.
The bbappend files for some recipes (e.g. linux-yocto) in this layer need to have 'virtualization' in DISTRO_FEATURES to have effect. To enable them, add in configuration file the following line.
DISTRO_FEATURES:append = " virtualization"
If meta-virtualization is included, but virtualization is not enabled as a distro feature a warning is printed at parse time:
You have included the meta-virtualization layer, but
'virtualization' has not been enabled in your DISTRO_FEATURES. Some bbappend files
may not take effect. See the meta-virtualization README for details on enabling
virtualization support.
If you know what you are doing, this warning can be disabled by setting the following variable in your configuration:
SKIP_META_VIRT_SANITY_CHECK = 1
Depending on your use case, there are other distro features in meta-virtualization that may also be enabled:
- xen: enables xen functionality in various packages (kernel, libvirt, etc)
- kvm: enables KVM configurations in the kernel and autoloads modules
- k8s: enables kubernets configurations in the kernel, tools and configuration
- aufs: enables aufs support in docker and linux-yocto
- x11: enable xen and libvirt functionality related to x11
- selinux: enables functionality in libvirt and lxc
- systemd: enable systemd services and unit files (for recipes for support)
- sysvinit: enable sysvinit scripts (for recipes with support)
- seccomp: enable seccomp support for packages that have the capability.
Dependencies
This layer depends on:
URI: git://github.com/openembedded/openembedded-core.git branch: master revision: HEAD prio: default
URI: git://github.com/openembedded/meta-openembedded.git branch: master revision: HEAD layers: meta-oe meta-networking meta-filesystems meta-python
Required for Xen XSM policy: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Required for Ceph: URI: git://git.yoctoproject.org/meta-cloud-services branch: master revision: HEAD prio: default
Required for cri-o: URI: git://git.yoctoproject.org/meta-selinux branch: master revision: HEAD prio: default
Community / Colaboration
Repository: https://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/ Mailing list: https://lists.yoctoproject.org/g/meta-virtualization IRC: libera.chat #meta-virt channel
Maintenance
Send pull requests, patches, comments or questions to meta-virtualization@lists.yoctoproject.org
Maintainer: Bruce Ashfield bruce.ashfield@gmail.com see MAINTAINERS for more specific information
When sending single patches, please using something like: $ git send-email -1 -M --to meta-virtualization@lists.yoctoproject.org --subject-prefix='meta-virtualization][PATCH'
License
All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe (.bb file) unless otherwise stated.