meta-virtualization

mirror of git://git.yoctoproject.org/meta-virtualization.git synced 2025-07-19 12:50:22 +02:00

History

Bruce Ashfield 60c4c54984 runc-docker: update to rc95 Synchronize the 'runc-docker' with the opencontainers variant. This allows the common patch to be used once again, and we refresh our docker specific patch to the new content. Bumping runc to version v1.0.0-rc95-28-gbfcbc947, which comprises the following commits: 37767c05 ci: lint: show all errors in PRs 07ca0be0 : clean up remaining golangci-lint failures 00119c85 integration: add repeated "runc update" test d0f2c25f cgroup2: devices: replace all existing filters when attaching 98a3c0e4 cgroup2: devices: switch to emulator for cgroupv1 parity dcc1cf7c devices: add emulator.Rules shorthand 54904516 libcontainer: fix integration failure in "make test" c7c70ce8 : clean t.Skip messages a95237f8 libctr/cg/systemd: export rangeToBits df0206a6 errcheck: utils 0c65f833 errcheck: signals 3b31e3ea errcheck: tty b45fbd43 errcheck: libcontainer 463ee5e1 errcheck: libcontainer/nsenter 7e7ff872 errcheck: libcontainer/configs a8995053 errcheck: libcontainer/integration b93666eb libct/cg/fs2: setFreezer: wait until frozen 1069e4e9 libct/cg/fs2: optimize setFreezer more 5d193188 libct/cg/fs2: optimize setFreezer 8a7a374f VERSION: back to development b9ee9c63 VERSION: release v1.0.0-rc95 0ca91f44 rootfs: add mount destination validation c61f6062 libcontainer: honor seccomp defaultErrnoRet d519da5e Dockerfile, Vagrantfile.centos7, .github: bats 1.3.0 bdad2859 Dockerfile, Vagrantfile.centos7: use go 1.16 f96530f2 EMERITUS: recognise previous maintainers c73a6626 VERSION: back to development 2c7861bc VERSION: release v1.0.0-rc94 12e9cac9 Vagrantfile.fedora: set Delegate=yes ac70a9a1 tests/int: run rootless_cgroup tests for v2+systemd 601cf582 tests/int/cgroups: don't check for hugetlb 40b97919 tests/int: enable/use requires cgroups_<ctrl> 44fcbfd6 tests/int/helpers: generalize require cgroups_freezer 353f2ad1 tests/int/update.bats: don't set cpuset in setup 4f8ccc5f libct/cg/sd/v2: call initPath from Path 0ed1f802 tests/int/helpers: rm old code af2e03c5 ci/gha: bump shellcheck 0.7.1 -> 0.7.2 2d1bb91d ci/gha: bump shfmt 3.2.0 -> 3.2.4 a7feb423 libct/int: add TestFdLeaksSystemd c7f847ed libct/cg/sd: use global dbus connection 99c5c504 libct/cg/sd: introduce and use getManagerProperty 0fabed76 libct/int/checkpoint_test: use kill(0) for pid check 7eb1405b libct/int/checkpoint_test: use waitProcess helper 72d7a824 libct/int/checkpoint_test: use t.Helper bcca7968 libct/int: simplify/fix showing errors 524abc59 freezer: add delay after freeze e1d842cf libct/intelrdt: fix unit test 541fc19e Makefile: allow overriding go command by environment 06a9ea36 script/release.sh: add -a to force rebuild 91b01682 Update golang.org/x/sys to add linux/ppc support ee4612bc CI: enable Go 1.13 again e2dd9220 go.mod: demote to Go 1.13 45f49e8f libcontainer: avoid using t.Cleanup 1a659bc6 Revert "Makefile: rm go 1.13 workaround" abf12ce0 libc/cg: improve Manager docs 3f659467 libct/cg: make Set accept configs.Resources af0710a0 libct/cg/sd/v2: fix Set argument 850b2c47 libct/cg/fscommon.OpenFile: speed up ro case 71a8aee8 cgroups/systemd: replace deprecated dbus functions 47ef9a10 libct/cg/sd: retry on dbus disconnect 6122bc8b Privatize NewUserSystemDbus 15fee989 libct/cg/sd: add renew dbus connection bacfc2c2 libct/cg/sd: add isDbusError cdbed6f0 libct/cg/sd: add dbus manager 9efd8466 libct/cg/fscommon.OpenFile: reverse checks order 0bee5e0b libct/cg/fs: add GetStats benchmark 7e7eb1c3 CI: update Fedora to 34 d3cee12a cloned_binary: switch from #error to #warning for SYS_memfd_create 23e3794d checkpoint: validate parent path fcd7fe85 libct/cg/fs/freezer: make sure to thaw on failure 0216716c tests/int: add a case for cgroupv2 mount 5ffcc568 tests/int: use bfq test with rootless ff692f28 Fix cgroup2 mount for rootless case 3826db19 libct/rootfs/mountCgroupV2: minor refactor 1e476578 libct/rootfs: introduce and use mountConfig deb8a8dd libct/newInitConfig: nit 2192670a libct/configs/validate: validate mounts 1f1e91b1 libct/specconv: check mount destination is absolute 73f22e7f libcontainer/cgroups/systemd: replace use of deprecated dbus.New() aa622723 tiny fix iterative checkpoint test case ee3b563d Add cfs throttle stats to cgroup v2 6faed0e4 libct/int: use ok(t, err) af3c5699 libct/int: remove unused code 7b802a7d libct/int: better test container names 9f3d7534 logging: enable file/line info if --debug is set ef9922c2 libct/cg: don't return OOMKillCount error when rootless 5cdd9022 libct/cg/fs[2]: fix comments about m.rootless 31dd1e49 tests/int: add rootless + host pidns test case a2050ea4 runc run: fix start for rootless + host pidns 2f1a3ed3 Fix vendored dependencies d15c7bb0 go.mod: github.com/cilium/ebpf v0.5.0 f28a8cc2 ebpf: replace deprecated prog.Attach/prog.Detach 928ef7af libct/nsenter: add json msg escaping 52390d68 Ignore kernel memory settings b7c315ad vendor: bump containerd/console to 1.0.2 b6cdb8ae fix a typo 64bb59f5 nsenter: improve debug logging 6ce2d63a libct/init_linux: retry chdir to fix EPERM c5029c00 tests: fix hello-world tarball name in testdata for arm64 289a3045 go.mod: github.com/moby/sys/mountinfo v0.4.1 4316df8b libcontainer/system: move userns utilities to separate package e7fd383b libcontainer/system: un-export UIDMapInUserNS() 249356a1 libcontainer/system: remove unused GetParentNSeuid() dc52ed25 libcontainer/user: remove outdated MAINTAINERS file 72ecf59c libcontainer/user: fix windows compile error 2515b0c2 libct/user: rm windows code 0596f6e1 libcontainer/devices/device_windows.go: rm b1deba8c libcontainer/configs/config_windows_test.go: rm f1586dbd libcontainer/configs/validate: make Validate() less DRY 4126b807 libcontainer/configs: add missing type for hooknames 48125179 go.mod: github.com/cilium/ebpf v0.4.0 44611630 docs/systemd: add 27bb1bd5 libct/specconv/CreateCgroupConfig: don't set c.Parent default d748280a make release: build/include libseccomp aa6da82c script/release.sh: fix shellcheck warnings 3eb46d89 ci: make static built binary available f0dec0b4 libct/specconv/CreateCgroupConfig: nit 36fe3cc2 tests/int/cpt: fix lazy-pages flakiness 2dd62b3d libct/checkCriuFeatures: rm excessive debug 0e089002 tests/int/checkpoint: close lazy_r fd b09030a5 tests/int/checkpoint: close fds in check_pipes e63df1e6 tests/int: really randomize cgroup/unit names 6e4c5b6e tests/int/cgroups: don't use BUSYBOX_BUNDLE adf733fa vendor: update go-systemd and godbus f09a3e1b tests/int: don't set/use CGROUP_XXX variables 4ecff8d9 start: don't kill runc init too early b1184302 libct/configs/validator: add some cgroup support 0f8d2b6b libct/cg/fs2.Stat: don't look for available controllers 85416b87 libct/cg/fs2.statPids: fall back directly 10f9a982 libct/cg/fs2/getPidsWithoutController: optimize 6121f8b6 libct/cg/fs2.Stat: always call statCpu 9455395b libct/cg/fs2/memory.Stat: add usage for root cgroup a9c47fe7 libct/cg/fs[2]/getMemoryData[V2]: optimize b99ca25a libct/cg/fs2/memory: fix swap reporting 79a8647b libct/int: add TestFdLeaks b3be2b0b libct: close execFifo after start 08b52797 Make test specific to disassembleFilter function 7b3e0bcf Ensure the scratch pipe is read during ExportBPF 62f1f0e4 tests/int/checkpoint: check all logs for errors 346cb359 Revert "tests/checkpoint: show full log lazy pages cpt" c9b3787b script/check-config.sh: add SELinux and AppArmor 5fb831a0 capabilities: WARN, not ERROR, for unknown / unavailable capabilities e49d5da2 go.mod: OCI runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 2726146b runc --debug: more tests 201d60c5 runc run/start/exec: fix init log forwarding race c06f999b libct/logs/test: refactor 688ea99e runc init: fix double call to ConfigureLogs dd6c8d76 main: cast Chmod argument to os.FileMode 69ec21a1 libct/logs.ForwardLogs: use bufio.Scanner 0300299a tests/int/debug.bats: fixups d38d1f9f libcontainer/logs: use int for Config.LogPipeFd ac93746c libct/seccomp: rm IsEnabled 9b2f1e6f runc version: don't use seccomp.IsEnabled c8e0486f Fix oss-fuzz build d76309f9 script/check-config.sh: add CONFIG_SECCOMP_FILTER 997e8942 capabilities.Caps: use a map for capability-types 41f466d8 nsexec.c: fix formatting for netlink defines 522bd641 Fix checking C code formatting 1948b4ce cloned_binary.c: rm redundant comments b67deb56 nsexec.c: rm a block 513d89ee capabilities: use BOUNDING/AMBIENT instead of their alias dd2caace go.mod: runtime-spec v1.0.3-0.20210316141917-a8c4a9ee0f6b a608b7e7 libcontainer/apparmor: use sync.Once for AppArmor detection d6e89248 Fix build-tags in libcontainer/devices f585cec7 libct/cg/v2: always enable TasksAccounting 8c7ece1e fs2: fallback to setting io.weight if io.bfq.weight 74299a1c CI: cache ~/.vagrant.d/boxes 97f2e351 go.mod, libct: bump go-criu to v5, use google.golang.org/protobuf db025aba libct: criuSwrk: only iterate over CriuOpts if debug is set 051646a3 tests: test nested bind mount restore 705b6cc7 Re-create mountpoints during restore Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>	2021-06-14 22:23:19 -04:00
..
0001-runc-Add-console-socket-dev-null.patch	runc: update to 1.0.0-rc92	2020-08-18 03:01:05 +00:00
0001-runc-docker-SIGUSR1-daemonize.patch	runc-docker: update to rc95	2021-06-14 22:23:19 -04:00

Bruce Ashfield 60c4c54984 runc-docker: update to rc95

Synchronize the 'runc-docker' with the opencontainers variant. This
allows the common patch to be used once again, and we refresh our docker
specific patch to the new content.

Bumping runc to version v1.0.0-rc95-28-gbfcbc947, which comprises the following commits:

    37767c05 ci: lint: show all errors in PRs
    07ca0be0 *: clean up remaining golangci-lint failures
    00119c85 integration: add repeated "runc update" test
    d0f2c25f cgroup2: devices: replace all existing filters when attaching
    98a3c0e4 cgroup2: devices: switch to emulator for cgroupv1 parity
    dcc1cf7c devices: add emulator.Rules shorthand
    54904516 libcontainer: fix integration failure in "make test"
    c7c70ce8 *: clean t.Skip messages
    a95237f8 libctr/cg/systemd: export rangeToBits
    df0206a6 errcheck: utils
    0c65f833 errcheck: signals
    3b31e3ea errcheck: tty
    b45fbd43 errcheck: libcontainer
    463ee5e1 errcheck: libcontainer/nsenter
    7e7ff872 errcheck: libcontainer/configs
    a8995053 errcheck: libcontainer/integration
    b93666eb libct/cg/fs2: setFreezer: wait until frozen
    1069e4e9 libct/cg/fs2: optimize setFreezer more
    5d193188 libct/cg/fs2: optimize setFreezer
    8a7a374f VERSION: back to development
    b9ee9c63 VERSION: release v1.0.0-rc95
    0ca91f44 rootfs: add mount destination validation
    c61f6062 libcontainer: honor seccomp defaultErrnoRet
    d519da5e Dockerfile, Vagrantfile.centos7, .github: bats 1.3.0
    bdad2859 Dockerfile, Vagrantfile.centos7: use go 1.16
    f96530f2 EMERITUS: recognise previous maintainers
    c73a6626 VERSION: back to development
    2c7861bc VERSION: release v1.0.0-rc94
    12e9cac9 Vagrantfile.fedora: set Delegate=yes
    ac70a9a1 tests/int: run rootless_cgroup tests for v2+systemd
    601cf582 tests/int/cgroups: don't check for hugetlb
    40b97919 tests/int: enable/use requires cgroups_<ctrl>
    44fcbfd6 tests/int/helpers: generalize require cgroups_freezer
    353f2ad1 tests/int/update.bats: don't set cpuset in setup
    4f8ccc5f libct/cg/sd/v2: call initPath from Path
    0ed1f802 tests/int/helpers: rm old code
    af2e03c5 ci/gha: bump shellcheck 0.7.1 -> 0.7.2
    2d1bb91d ci/gha: bump shfmt 3.2.0 -> 3.2.4
    a7feb423 libct/int: add TestFdLeaksSystemd
    c7f847ed libct/cg/sd: use global dbus connection
    99c5c504 libct/cg/sd: introduce and use getManagerProperty
    0fabed76 libct/int/checkpoint_test: use kill(0) for pid check
    7eb1405b libct/int/checkpoint_test: use waitProcess helper
    72d7a824 libct/int/checkpoint_test: use t.Helper
    bcca7968 libct/int: simplify/fix showing errors
    524abc59 freezer: add delay after freeze
    e1d842cf libct/intelrdt: fix unit test
    541fc19e Makefile: allow overriding go command by environment
    06a9ea36 script/release.sh: add -a to force rebuild
    91b01682 Update golang.org/x/sys to add linux/ppc support
    ee4612bc CI: enable Go 1.13 again
    e2dd9220 go.mod: demote to Go 1.13
    45f49e8f libcontainer: avoid using t.Cleanup
    1a659bc6 Revert "Makefile: rm go 1.13 workaround"
    abf12ce0 libc/cg: improve Manager docs
    3f659467 libct/cg: make Set accept configs.Resources
    af0710a0 libct/cg/sd/v2: fix Set argument
    850b2c47 libct/cg/fscommon.OpenFile: speed up ro case
    71a8aee8 cgroups/systemd: replace deprecated dbus functions
    47ef9a10 libct/cg/sd: retry on dbus disconnect
    6122bc8b Privatize NewUserSystemDbus
    15fee989 libct/cg/sd: add renew dbus connection
    bacfc2c2 libct/cg/sd: add isDbusError
    cdbed6f0 libct/cg/sd: add dbus manager
    9efd8466 libct/cg/fscommon.OpenFile: reverse checks order
    0bee5e0b libct/cg/fs: add GetStats benchmark
    7e7eb1c3 CI: update Fedora to 34
    d3cee12a cloned_binary: switch from #error to #warning for SYS_memfd_create
    23e3794d checkpoint: validate parent path
    fcd7fe85 libct/cg/fs/freezer: make sure to thaw on failure
    0216716c tests/int: add a case for cgroupv2 mount
    5ffcc568 tests/int: use bfq test with rootless
    ff692f28 Fix cgroup2 mount for rootless case
    3826db19 libct/rootfs/mountCgroupV2: minor refactor
    1e476578 libct/rootfs: introduce and use mountConfig
    deb8a8dd libct/newInitConfig: nit
    2192670a libct/configs/validate: validate mounts
    1f1e91b1 libct/specconv: check mount destination is absolute
    73f22e7f libcontainer/cgroups/systemd: replace use of deprecated dbus.New()
    aa622723 tiny fix iterative checkpoint test case
    ee3b563d Add cfs throttle stats to cgroup v2
    6faed0e4 libct/int: use ok(t, err)
    af3c5699 libct/int: remove unused code
    7b802a7d libct/int: better test container names
    9f3d7534 logging: enable file/line info if --debug is set
    ef9922c2 libct/cg: don't return OOMKillCount error when rootless
    5cdd9022 libct/cg/fs[2]: fix comments about m.rootless
    31dd1e49 tests/int: add rootless + host pidns test case
    a2050ea4 runc run: fix start for rootless + host pidns
    2f1a3ed3 Fix vendored dependencies
    d15c7bb0 go.mod: github.com/cilium/ebpf v0.5.0
    f28a8cc2 ebpf: replace deprecated prog.Attach/prog.Detach
    928ef7af libct/nsenter: add json msg escaping
    52390d68 Ignore kernel memory settings
    b7c315ad vendor: bump containerd/console to 1.0.2
    b6cdb8ae fix a typo
    64bb59f5 nsenter: improve debug logging
    6ce2d63a libct/init_linux: retry chdir to fix EPERM
    c5029c00 tests: fix hello-world tarball name in testdata for arm64
    289a3045 go.mod: github.com/moby/sys/mountinfo v0.4.1
    4316df8b libcontainer/system: move userns utilities to separate package
    e7fd383b libcontainer/system: un-export UIDMapInUserNS()
    249356a1 libcontainer/system: remove unused GetParentNSeuid()
    dc52ed25 libcontainer/user: remove outdated MAINTAINERS file
    72ecf59c libcontainer/user: fix windows compile error
    2515b0c2 libct/user: rm windows code
    0596f6e1 libcontainer/devices/device_windows.go: rm
    b1deba8c libcontainer/configs/config_windows_test.go: rm
    f1586dbd libcontainer/configs/validate: make Validate() less DRY
    4126b807 libcontainer/configs: add missing type for hooknames
    48125179 go.mod: github.com/cilium/ebpf v0.4.0
    44611630 docs/systemd: add
    27bb1bd5 libct/specconv/CreateCgroupConfig: don't set c.Parent default
    d748280a make release: build/include libseccomp
    aa6da82c script/release.sh: fix shellcheck warnings
    3eb46d89 ci: make static built binary available
    f0dec0b4 libct/specconv/CreateCgroupConfig: nit
    36fe3cc2 tests/int/cpt: fix lazy-pages flakiness
    2dd62b3d libct/checkCriuFeatures: rm excessive debug
    0e089002 tests/int/checkpoint: close lazy_r fd
    b09030a5 tests/int/checkpoint: close fds in check_pipes
    e63df1e6 tests/int: really randomize cgroup/unit names
    6e4c5b6e tests/int/cgroups: don't use BUSYBOX_BUNDLE
    adf733fa vendor: update go-systemd and godbus
    f09a3e1b tests/int: don't set/use CGROUP_XXX variables
    4ecff8d9 start: don't kill runc init too early
    b1184302 libct/configs/validator: add some cgroup support
    0f8d2b6b libct/cg/fs2.Stat: don't look for available controllers
    85416b87 libct/cg/fs2.statPids: fall back directly
    10f9a982 libct/cg/fs2/getPidsWithoutController: optimize
    6121f8b6 libct/cg/fs2.Stat: always call statCpu
    9455395b libct/cg/fs2/memory.Stat: add usage for root cgroup
    a9c47fe7 libct/cg/fs[2]/getMemoryData[V2]: optimize
    b99ca25a libct/cg/fs2/memory: fix swap reporting
    79a8647b libct/int: add TestFdLeaks
    b3be2b0b libct: close execFifo after start
    08b52797 Make test specific to disassembleFilter function
    7b3e0bcf Ensure the scratch pipe is read during ExportBPF
    62f1f0e4 tests/int/checkpoint: check all logs for errors
    346cb359 Revert "tests/checkpoint: show full log lazy pages cpt"
    c9b3787b script/check-config.sh: add SELinux and AppArmor
    5fb831a0 capabilities: WARN, not ERROR, for unknown / unavailable capabilities
    e49d5da2 go.mod: OCI runtime-spec v1.0.3-0.20210326190908-1c3f411f0417
    2726146b runc --debug: more tests
    201d60c5 runc run/start/exec: fix init log forwarding race
    c06f999b libct/logs/test: refactor
    688ea99e runc init: fix double call to ConfigureLogs
    dd6c8d76 main: cast Chmod argument to os.FileMode
    69ec21a1 libct/logs.ForwardLogs: use bufio.Scanner
    0300299a tests/int/debug.bats: fixups
    d38d1f9f libcontainer/logs: use int for Config.LogPipeFd
    ac93746c libct/seccomp: rm IsEnabled
    9b2f1e6f runc version: don't use seccomp.IsEnabled
    c8e0486f Fix oss-fuzz build
    d76309f9 script/check-config.sh: add CONFIG_SECCOMP_FILTER
    997e8942 capabilities.Caps: use a map for capability-types
    41f466d8 nsexec.c: fix formatting for netlink defines
    522bd641 Fix checking C code formatting
    1948b4ce cloned_binary.c: rm redundant comments
    b67deb56 nsexec.c: rm a block
    513d89ee capabilities: use BOUNDING/AMBIENT instead of their alias
    dd2caace go.mod: runtime-spec v1.0.3-0.20210316141917-a8c4a9ee0f6b
    a608b7e7 libcontainer/apparmor: use sync.Once for AppArmor detection
    d6e89248 Fix build-tags in libcontainer/devices
    f585cec7 libct/cg/v2: always enable TasksAccounting
    8c7ece1e fs2: fallback to setting io.weight if io.bfq.weight
    74299a1c CI: cache ~/.vagrant.d/boxes
    97f2e351 go.mod, libct: bump go-criu to v5, use google.golang.org/protobuf
    db025aba libct: criuSwrk: only iterate over CriuOpts if debug is set
    051646a3 tests: test nested bind mount restore
    705b6cc7 Re-create mountpoints during restore

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>

2021-06-14 22:23:19 -04:00

0001-runc-Add-console-socket-dev-null.patch

runc: update to 1.0.0-rc92

2020-08-18 03:01:05 +00:00

0001-runc-docker-SIGUSR1-daemonize.patch

runc-docker: update to rc95

2021-06-14 22:23:19 -04:00