Select Git revision
Search by author
- Any Author
- authors
-
autociadmin
autociadmin
-
chenzeyuan
chenzeyuan
-
余良海 yulianghai
-
兰梦
lanmeng
-
冯春林 fengchunlin
-
刘华 liuhua
-
刘壮 liuzhuang
-
刘杨 liuyang
-
刘涛 liutao
-
刘涛 liutao02
-
刘潇航 liuxiaohang
-
刘硕 liushuo
-
刘祖强
liuzuqiang
-
刘福涛 liufutao
-
刘震宇 liuzhenyu
-
唐鲁严
tangluyan
-
夏凯旋
xiakaixuan
-
奚云飞 xiyunfei
-
孙檬
sunmeng
-
季炜 jiwei
- Nov 16, 2021
-
-
Bruce Ashfield authored
Bumping moby to version v20.10.10-9-g7bd682c48c, which comprises the following commits: 7677aeafd7 TestBuildUserNamespaceValidateCapabilitiesAreV2: cleanup daemon storage 34eb6fbe60 testutil: daemon.Cleanup(): cleanup more directories c7edd308ad [20.10] Update Go to 1.16.10 6611c72b65 cmd/dockerd: create panic.log file without readonly flag 4b9a3dac46 Fix race in TestCreateServiceSecretFileMode, TestCreateServiceConfigFileMode acb4f263b3 Fix racey TestHealthKillContainer 59d2a2c397 dockerd-rootless.sh: Fix variable not double quotes cause unexpected behavior 2c6aa5aad9 Remove needless check 3285c27503 Fix log statement 'failed to exit' timeout accuracy a4bcd4c64f docker daemon container stop refactor bed624fdc9 docker kill: fix bug where failed kills didnt fallback to unix kill 80b7e8b5d7 buildkit: normalize build target and local platform c2b9a32875 vendor: Update go-winio to v0.4.20 c580a02873 [20.10] Update Go to 1.16.9 129a2000cf [20.10] update containerd binary to v1.4.11 6835d15f55 [20.10] update containerd binary to v1.4.10 5730c139f7 Bump swarmkit to get fix for rollback 59f10e3435 quota: adjust build-tags to allow build without CGO fa78afebcf Update Go to 1.16.8 567c01f6d1 seccomp: add support for "clone3" syscall in default policy 07728cd2bd update runc binary to v1.0.2 964768f200 cmd/dockerd: add the link of "the documentation" 80f1169eca chrootarchive: don't create parent dirs outside of chroot 93ac040bf0 Lock down docker root dir perms. b0c0b73798 bump up rootlesskit to v0.14.4 decb56ac89 Update Go to 1.16.7 Bumping docker-cli to version v20.10.10, which comprises the following commits: 9989fdbc4 Update most links in docs to use https by default 0e20c1fd2 Update Go to 1.16.9 1c0927a04 Dockerfile: update tonistiigi/xx to 1.0.0-rc.2, add XX_VERSION arg 82f9d5921 info: skip client-side warning about seccomp profile on API >= 1.42 adb01ca79 docs: some minor touch-ups in checkpoint reference 8260476a0 docs: remove trailing space to fix generated YAML format bce2e1f95 docs: create.md: typo fix 44064f51c Fix typo in documentation - build.md 292779add Add doc for BUILDKIT_PROGRESS env var f2e79b826 docs: use "console" code-hint for shell examples fa46b9236 docs: rewrite reference docs for --stop-signal and --stop-timeout 400f81089 experimental: fix broken link to "checkpoint and restore" page c72057c8d docs: move checkpoint/restore doc from experimental into reference 77db97d59 Use private network address for default-address-pools setting in daemon.json example cbf0d2b7b docs: fix some broken anchors d0014a86b docs: fix description of restart-delay to mention max (1 minute) 6c1c8b55a docs: fix search results by filterd is-official 44fdac11f Update Go to 1.16.8 061051c24 docs: add missing redirect, and remove /go/experimental redirect 2012fbf11 Update Go to 1.16.7 42d1c0275 registry: ensure default auth config has address Signed-off-by:Bruce Ashfield <bruce.ashfield@gmail.com>
-
- Nov 12, 2021
-
-
Bruce Ashfield authored
OEcore has recently added a QA check for directories that should be empty. libvirt (via meson) creates some localsstate directories for the various components. These trigger the QA check and break the build. We still have some non-volatile localstate (/var) scenarios, and not seeing a distro feature that controls the QA check, and/or to coordinate the removal of the populated directories, we inhibit the QA check. In a boot with a volatile /var, the directories will be overlayed and no harm will come, in a non-volatile scenario, they'll be visible and no harm will come. Signed-off-by:
-
- Nov 11, 2021
-
-
Ross Burton authored
Signed-off-by:
Ross Burton <ross.burton@arm.com> Signed-off-by:
-
Bruce Ashfield authored
Bumping kubernetes to version v1.22.4-rc.0-26-ga82c1e72259, which comprises the following commits: a1bc265ce68 Fixed unit test SELinux support 9286d722d5e Add shortcut for SELinux detection 8ddc2963808 Don't guess SELinux support on error 24b725f29f1 Use separate pathSpec for local and remote to properly handle cleaning paths 3bf2248bda7 [go1.16] Update to go1.16.10 bd146ab0e1b Automated cherry pick of #105122: added keys for structured logging (#105137) 98ad7ac4ef4 Update debian, debian-iptables, setcap images to pick up CVE-2021-33910 fixes b9236d7cd4a Fixing how EndpointSlice Mirroring handles Service selector transitions 9e778cb6ede Fix race condition in logging when request times out dee25f4db12 Remove nodes with Cluster Autoscaler taint from LB backends. e565102bce7 Support cgroupv2 in node problem detector test 33b5f0f1eaf Update CHANGELOG/CHANGELOG-1.22.md for v1.22.3 39f5a506c81 Release commit for Kubernetes v1.22.4-rc.0 c9203682049 Release commit for Kubernetes v1.22.3 6765a52acd9 Free APF seats for watches handled by an aggregated apiserver. dd8563b0184 Run storage hostpath e2e test client pod as privileged fc580a41252 support more than 100 disk mounts on Windows 176ba1d5236 [go1.16] Update to go1.16.9 cdfd8141855 Clear initial UDP conntrack entries for loadBalancerIPs b30f24e2579 Verifying the auth headers are set for upgraded aggregated API requests 0dfe8e33143 apiserver aggregator upgrade unit test 36a9689ce81 Aggregator uses the regular transport even if the request requires upgrades 5fb05afd9f8 Fix PreferNominatedNode test 410c0413757 Remove Error Message Check Dynamic PV Tests fcb66167905 go fmt 82cd11e646e Add e2e test to verify kubelet restart behaviour 8fa5ff3712c kubelet: set terminated podWorker status for terminated pods bc392586f01 Fix quota controller hotloop in integration tests af46778d58d remove StartedPodsErrorsTotal metrice message 13d852c73dc Copy VolumeSnapshotContent annotations in snapshottable.go test ae10967d23f Fix bugs in e2e pod test 60e425c9009 Ensure terminal pods maintain terminal status c44db53f2c2 Do not sync Waiting statuses for Terminated pods 4ca2cee155c Adds CancelRequest function to CommandHeadersRoundTripper cd94fec74c9 Fixes kubectl command headers which hangs on kubectl run 60ee69c79bb Revert "Build non-static binaries with PIE buildmode" e989925e232 Ignore VMs in vmss delete backend pools 407cc91f95a Fix CSR test to accept certs shorter than the requested duration 6bf5db2e3f7 fix: skip not found nodes when reconciling LB backend address pools 3ceb7b87649 fix: consolidate logs for instance not found error e15dcbe404c Remove a duplicate StorageClass creation call 6763300949a Update Containerd version - GCE Windows a135518af00 e2e scheduling priorities: do not reference control loop variable cc1eb760389 storege e2etest: Delete restored PVC/Pod in snapshottable 614988c6626 pkg/kubelet/cm/memorymanager: Fix ErrorS key/value pair 2f850d636e8 v1.22: Fix test flake in old svc registry 20fa03d60ea 'New' Event namespace validate failed 2ff2780dcc5 kubelet: Handle UID reuse in pod worker a6539a662cd Add test for recreating a static pod 2d9957274a4 Update CHANGELOG/CHANGELOG-1.22.md for v1.22.2 9f314ed137d Release commit for Kubernetes v1.22.3-rc.0 8b5a1914753 Release commit for Kubernetes v1.22.2 4fa7cdfa93c Refine locking in API Priority and Fairness config controller b23fffb83ed kube-controller-manager: properly check generic ephemeral volume feature 38c7182897c Fix null JSON round tripping aeff924339a Propagate conversion errors a69920a9588 integration test b7854d5f1c9 fix 104329: check for headless before trying to release the ClusterIPs d8ead0e1c7b fix detach disk issue on deleting node c948d8cc53b kubelet: fix sandbox creation error suppression when pods are quickly deleted Signed-off-by:
-
- Nov 09, 2021
-
-
Bruce Ashfield authored
5.15 is tested as a kernel now, so we add the .inc to enable fragments. Signed-off-by: -
Bruce Ashfield authored
Switching to lopper 1.0 brings us a more standard setuptools based project for install and packaging. This update also fixes the experimental update to master-next, which was incomplete and broken. The only signficant user visible change with this update is that lopper.py is now 'lopper' and any calling recipes need to be updated accordingly. Signed-off-by:
-
- Nov 08, 2021
-
-
Bruce Ashfield authored
Bumping k3s to version v1.22.3+k3s1, which comprises the following commits: 61a2aab25e Upgrade containerd e1883d0537 Bump klipper-lb image for arm fix 5eb13b6ba6 Fix log/reap reexec 259ceb452c Fix other uses of NewForConfigOrDie in contexts where we could return err cc23fce0a7 Watch the local Node object instead of get/sleep looping 6349aed8e8 Block scheduler startup on untainted node when using embedded CCM db8f54e6af Update to v1.22.3 (#4348) 46eea2f10a Revert "Add ability to reconcile bootstrap data between datastore and disk (#3398)" 9a4ca5978b reset buffer after use (#4279) (#4329) c9f6fa0be0 remove integration test 07f844cf95 Copy old bootstrap buffer data for use during migration (#4215) 48355dce10 Add ability to reconcile bootstrap data between datastore and disk (#3398) 84e9b829e0 Update peer address when running cluster-reset 06b8639068 Bump klipper-helm version f98934980d Added configuration input to etcd-snapshot (#4280) (#4281) 7ede7d2e7c Update to the newest flannel 971854c15b Refactor log and reaper exec to omit MAINPID 3988edef25 Add containerd ready channel to delay etcd node join b65bcdf963 Bump klog fork version 7c78e1c802 [Release-1.22] - Add etcd s3 timeout (#4207) (#4230) c10a0a2163 Fix race condition in cloud provider 6193b1af97 Display cluster tls error only in debug mode (#4200) 737f722315 set transport to skip verify if se skip flag passed (#4102) (#4103) Signed-off-by: -
Richard Neill authored
Adds the following kernel modules for k3s: * xt-physdev * xt-nflog * xt-limit * nfnetlink-log Without them, the k3s network-policy-controller reports failures in the log related to iptables-restore. Signed-off-by:
Richard Neill <richard.neill@arm.com> Signed-off-by:
-
Martin Jansa authored
Signed-off-by:
Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by:
-
Martin Jansa authored
* remove the incorrect comment about SRCREV being 1.7.0 * and add +git because the old SRCREV wasn't matching with 1.8.0 tag as well * add -Wno-error=format-security to work around build failures with newer ncurses-6.3 like: | ../git/ui/ui.c:45:32: error: format not a string literal and no format arguments [-Werror=format-security] | 45 | mvprintw(LINES - 1, 0, footer); | | ^~~~~~ Signed-off-by:
-
- Nov 07, 2021
-
-
Martin Jansa authored
* fixes: KERNEL_FEATURES:append += is not a recommended operator combination, please replace it. Signed-off-by:
-
Martin Jansa authored
Signed-off-by:
-
- Nov 05, 2021
-
-
Bruce Ashfield authored
Signed-off-by:
-
- Nov 04, 2021
-
-
Bruce Ashfield authored
bitbake is going to start warning about the combination of += and :append, which is rarely correct. We can use use :append and add the space. Signed-off-by:
-
- Nov 03, 2021
-
-
Bruce Ashfield authored
Signed-off-by: -
Bruce Ashfield authored
Signed-off-by: -
Martin Jansa authored
* apply the same also for recipes using PKG_NAME starting with github.com which the conversion script doesn't update automatically Signed-off-by:
-
Bruce Ashfield authored
master has become main in the runtime spec, so we update our recipe to match. Signed-off-by: -
Bruce Ashfield authored
runtime-spec has moved to main instead of master, so we tweak our branch name to match. Signed-off-by:
-
- Nov 02, 2021
-
-
Bruce Ashfield authored
github is removing git:// access, and fetches will start experiencing interruptions in service, and eventually will fail completely. bitbake will also begin to warn on github src_uri's that don't use https. So we convert the meta-virt instances to use protocol=https (done using the oe-core contrib conversion script) Signed-off-by: -
Bruce Ashfield authored
As introduced in the oe-core post: https://lists.openembedded.org/g/openembedded-core/message/157623 SRC_URIs without an explicit branch will generate warnings, and eventually be an error. We run the provided conversion script to make sure that meta-virt is ready for the change. Signed-off-by:
-
Edward Pickup authored
Update the SHA in recipes for xen and xen-tools to use the latest releases; update xen 4.14 to xen 4.14.3 release, update xen 4.15 to 4.15.1 release, and xen 4.16 to the current master version. Add a comment to each recipe indicating which version of Xen is used in recipe. Do not apply patches that have been merged/solved in Xen and remove patch files not needed anymore. Create a test package to pack new tests introduced in 4.16. Add a depencency to util-linux-prlimit, as the xen 4.16 x86 requires prlimit, without this boot of dom0 fails. Signed-off-by:
Edward Pickup <Edward.Pickup@arm.com> Signed-off-by:
-
Xu, Yanfei authored
update to 4.0.11 1.drop two patches that have been integrated to upstream repo. 2.drop tests-add-no-validate-when-using-download-template.patch because it is no longer appropriate as the "download" has been replaced with "busybox" 3.fix the apply failure of templates-use-curl-instead-of-wget.patch 4.update lxc from 4.0.10 to 4.0.11 Signed-off-by:
Yanfei Xu <yanfei.xu@windriver.com> Signed-off-by:
-
- Oct 28, 2021
-
-
Kai Kang authored
Update ceph to latest 15.x version: * remove 0001-add-missing-include-for-atomic-bool.patch which has been fixed in upstream * update patch to support python 3.10 * add gawk to RDEPENDS that script 'rgw-gap-list-comparator' requires it Signed-off-by:
Kai Kang <kai.kang@windriver.com> Signed-off-by:
-
- Oct 21, 2021
-
-
Kamil Dziezyk authored
Include the xt-statistic kernel module required by K3S for iptables configuration. Signed-off-by:
Kamil Dziezyk <kamil.dziezyk@arm.com> Change-Id: I7592261c65c7c0831ce553ee907fba9e3e458b6f Signed-off-by:
-
Kamil Dziezyk authored
Update k3s.service with the latest changes from install.sh script. Add k3s-killall.sh script to stop all of the K3s containers and reset the containerd state. The killall script cleans up containers, K3s directories, and networking components while also removing the iptables chain with all the associated rules. The cluster data will not be deleted. Signed-off-by:
-
Bruce Ashfield authored
Podman requires nsenter (for obvious reasons) .. and while this dependency is normally satisfied on images (via busybox), it is possible to build a minimal container image that excludes busybox .. and hence will not have nsenter present. Rather than making this a hard rdepends on util-linux-nsenter, we use a variable: VIRTUAL-RUNTIME_base-utils-nsenter, which can either be set to busybox or util-linux-nsenter (the current default). The VIRTUAL-RUNTIME_base-utils- format follows similarly named OEcore providers and variables .. which the exception that there is no entry in the preferred providers file there, and there's no package created called busybox-nsenter (but perhaps there could be in the future). Signed-off-by: -
Bruce Ashfield authored
Like many other projects, umoci has switch to main instead of master. (and then deleted master) We change our branch specification to main, so the fetcher can once again find our desired SRCREV. Signed-off-by:
-
- Oct 20, 2021
-
-
Bruce Ashfield authored
Our storage.conf is a bit stale and is throwing warnings during load (due to thin provisioning changing). We refreshin it from the skopeo repository. Signed-off-by: -
Bruce Ashfield authored
recipes that use multiple SCMs in the SRC_URI, must supply SRCREV_FORMAT or SRCPV triggers an expansion error. While this isn't fatal during the build, it can cause issues with setscene (and possibly) other tasks failing, which then leads to no sstate re-use, etc. Signed-off-by: -
Bruce Ashfield authored
recipes that use multiple SCMs in the SRC_URI, must supply SRCREV_FORMAT or SRCPV triggers an expansion error. While this isn't fatal during the build, it can cause issues with setscene (and possibly) other tasks failing, which then leads to no sstate re-use, etc. Signed-off-by: -
Bruce Ashfield authored
recipes that use multiple SCMs in the SRC_URI, must supply SRCREV_FORMAT or SRCPV triggers an expansion error. While this isn't fatal during the build, it can cause issues with setscene (and possibly) other tasks failing, which then leads to no sstate re-use, etc. Signed-off-by: -
Bruce Ashfield authored
recipes that use multiple SCMs in the SRC_URI, must supply SRCREV_FORMAT or SRCPV triggers an expansion error. While this isn't fatal during the build, it can cause issues with setscene (and possibly) other tasks failing, which then leads to no sstate re-use, etc. Signed-off-by: -
Bruce Ashfield authored
recipes that use multiple SCMs in the SRC_URI, must supply SRCREV_FORMAT or SRCPV triggers an expansion error. While this isn't fatal during the build, it can cause issues with setscene (and possibly) other tasks failing, which then leads to no sstate re-use, etc. Signed-off-by:
-
- Oct 19, 2021
-
-
Kai Kang authored
According to oe-core commit 8e26252b45 layer.conf: Extend recipes not to install without explict dependencies pkgconfig-native is not deployed in sysroot by default any more. Inherit pkgconfig.bbclass to make it available for ceph. Signed-off-by:
-
- Oct 18, 2021
-
-
Bruce Ashfield authored
Bumping image-spec to version v1.0.1-97-g54a822e, which comprises the following commits: fc4df0a Fix very minor oversight in config example 08dd547 media-types.md: clarify differences from Docker media types 170393e Embedded other platform fields in image spec ebb32fd Use registry.example.com as example default registry 0e20f8a Add CPU variant to image config a2b7b2f expected type/subtype test for descriptors should have comment that references failure, not success 875b7e5 pullapprove: remove defunct config 3b938ac Drop link to OCI scope table ee4bfe1 Add background to png images eaa222c image.base.ref.name -> image.base.name based on stevvooe's feedback 4221034 CODEOWNERS: switching from pullapprove to github builtin 4feeaac Describe how index manifests should work with base image annotations a25f547 Removing Link Introduction 54bc9b7 Fix typo b619890 Makefile: switch to the new OCI container image 9ed9683 adding github workflow to render docs and lint 87bb9f8 Create EMERITUS.md to recognize old maintainers 71ccc68 Add standard base image annotations c435dd5 Remove Keyang Xie as a maintainer a4ddb1f MAINTAINERS: update jonboulle email address 37e228a Update vbatts email address in MAINTAINERS 5f0d52c Replace Jason B with Jon J in image-spec maintainers 4366201 pandoc: point to a joint OCI org image 8211213 fixed typo in image-layout 78c42f4 Remove go4.org dependency 43022b9 MAINTAINERS: remove Brandon Philips @philips 8c25739 mediatype of layers should be application/vnd.oci.image.layer.v1.tar+gzip c3a73dc zstd: add constants to specs-go/v1 d420390 README.md: return to one-sentence-per-line format ea8062d Reference "org" repo for meeting info 1a29e86 media-types: Define layer media types suffix '+zstd' 042b4d7 Run tests with go 1.12 3d3783d Fix linting error bd4f8fc annotations.md: Fix a small typo c5f603f Fix table header grammar in annotations Signed-off-by: -
Bruce Ashfield authored
Bumping runtime-spec to version v1.0.2-71-gab23082, which comprises the following commits: 411082c add youki to implementations.md 6641127 alphabetize the implementation list. 15f418e fix the lifecycle reference in the states listing f0ac327 defs-zos: [Fix] prevent schema parsers from hitting recursion-loop while resolving types. cc7f6ec config-linux: Add Intel RDT CMT and MBM Linux support c83b45e Introduce zos as platform. 0c021c1 config-linux: clarify the handling of ClosID RDT parameter 9e65944 config-linux: fix indentation on IntelRdt 0f84938 schema/defs-linux: Fix inconsistencies with seccomp notify 7c549cb seccomp: Add missing const for seccomp notify action 58798e7 Add Seccomp Notify support 8c363e8 Proposal: runtime should ignore capabilities that cannot be granted f02cd4a config-linux: mark memory.kernel[TCP] as NOT RECOMMENDED 76f7818 README: Fix broken link for charter f7ef278 seccomp: allow to override default errno return code ec964df seccomp: expect error with invalid errnoRet 2978430 config-linux: fix personality link e9429bb Makefile: Fix golint URL used in go get 8f65443 travis: fix go_import_path 3866eec MAINTAINERS: update vbatts email 2fe0475 Add support for SCMP_ACT_KILL_THREAD fd895fb Change all references from whitelist to allowed 11bfea2 Fix int64 and uint64 type value ranges 57a316b docs: Added enclave OCI runtime rune to implementations 938cf9f Update seccomp architectures to support RISCV64 d3f079a config.go: make umask a pointer a02a293 Update State structure to use the new ContainerState type 7571d3d cgroup: add cgroup v2 support 66ad83f Use dedicated type for Container State 89419f0 Add State status constants to spec-go 09fc3b4 Remove superfluous 'an' 0e72101 Add Giuseppe Scrivano as runtime spec maintainer 6042999 Define State for container and runtime namespace a9f1170 Add seccomp kill process d759f35 MAINTAINERS: Add @cyphar as maintainer f9df045 seccomp: fix go-specs for errnoRet 3bfcde2 seccomp: allow to override errno return code 1ac6f8d specs-go: bump master back to -dev c4ee7d1 specs-go: update version to 1.0.2 ce773cb ChangeLog: changes v1.0.1...v1.0.2 5ef5c78 Makefile: avoid SELinux for making docs d22e8e0 *: release process is duplicated in RELEASES.md 41c3e47 Review (tianon) 9be9595 Clarify case with pre-configured Intel RDT closID 76c0da2 config-linux: describe more about rootfs mount propagation 353ddcb config-linux: add SHOULD to linux.namespaces.type 37fab77 Fix typo in RELEASES.md baa7978 remove unneeded indent a87fe24 Makefile: no DCO with git-validation on travis bacc285 MAINTAINERS: remove philips d5bfb2b MAINTAINERS: remove Vishnu dda13dc PullApprove: No need for 3 DCO checks 12fd09a RELEASE: document how to do the release c166268 Add create-container, create-runtime and start-container hooks e6e17ad schema: drop id from umask fac34e2 schema: fix indentation 03c526b schema: add missing definition for personality 2b844a0 Add support for SCMP_ACT_LOG 66f4ffa Add new seccomp action. d1ef109 config-linux: support seccomp flags ff32f02 implementations.md: fix repository for crun 23c4be2 Update meeting info section to point to "org" repo 78ab98c Fix markdown escape in config-linux 5cc25d0 Add Linux personality support 234aa0b config-linux: Add Memory cgroup's use_hierarchy 6b04c63 config: add "umask" field to POSIX "user" section dba5778 config: Collapse extensibility to a single MUST 574182a schema/defs-linux: change weight type to uint16 ec0fc3d runtime: Clarify ociVersion as based on the state schema Signed-off-by: -
Bruce Ashfield authored
The criu-dev branch is not constant/consistent, so we switch to main for our SRCREV specification. At the same time, we bump to 3.16.1, which comprises the following commits: 4a1731891 criu: Version 3.16.1 62b377957 Makefile: add shellcheck test/others/libcriu/*.sh 59d0dfba9 test/libcriu: print logs on fail 53bf82bcf test/libcriu: add test case for join-ns a8c5efe4c libcriu: define log level constants 5ec2a6aaa libcriu: add join_ns API f2cdb062a Makefile: install criu-ns only with python3 a15a63fce criu-ns: change python shebang to python3 000ea8266 criu: Version 3.16 8567a0952 ci: Update openj9 container images 0b2a7223b mount: fix double-dump file system bug bea9580e3 gitignore: add build directory 4db8ef15c podman-test: use crun from git repository 6a15dbdef lib: install images/rpc.pb-c.h c6b5e7d92 sk-unix: fix prep_unix_sk_cwd root and cwd restoring f0e968ffe binfmt_misc: restore current work directory after restoring mnt ns 776f3cff7 autofs: restore current work directory after restoring mnt ns 45409c35d mount: use swich_mnt_ns/restore_mnt_ns helpers to simplify code f79d15c44 binfmt_misc: restore current work directory after restoring mnt ns eea63587e namespaces: add helpers to switch/restore mnt ns 41f448968 remove tls parameter description if without GnuTLS support d87922099 kerndat: create separate netns for has_nftables_concat check aa772bf28 zdtm: fix network lock tests when run with --norst 9838d34de criu: use unique table names for nftables based locking ca3e3c50b inventory: save network lock method to reuse in restore cd1570b15 zdtm: add ipv6 variants of net_lock_socket_* tests 212db1d9a zdtm: add nftables per-socket locking test 826d3d740 criu: add nftables connection locking/unlocking 6e59b2bd7 zdtm: add iptables per-socket locking test c15327656 zdtm: add nftables network namespace locking test 19cc0bfa6 criu: add nftables netns-wide locking/unlocking f246ca56c criu: rename iptables network locking/unlocking functions e9d24a2ba cr-check: add check for nftables based network locking b85fad797 cr-service: add network_lock option to RPC and libcriu 2e30db5c3 criu: add --network-lock option to allow nftables alternative ef7af1dd1 Run 'make indent' on criu/include/plugin.h cf2b67375 workflows/lint: show changes 03cdbc4c0 criu/config: fix use-after-free in parse_join_ns 546a6dfd0 configs: fix used after free cases 399a53a43 lsm: do not print a warning if no LSM has been detected 960f26f90 files-reg: do not print a warning if a file has no build_id 90e175d52 zdtm/pthread_timers: make sure glibc allocated SIGEV_THREAD's stack dd0e66149 ci: fix 'crit.sh: 3: source: not found' e936a0f8a docker-test: refactor test scenario 78eb0dabf dump: suspend/resume lsm on pre-dump 5dc373385 util: add run_command() 9422383b6 zdtm/apparmor_stacking: don't include optional AppArmor namespace separator dc4c3cd48 apparmor: actually enable suspend for AppArmor ea1c89147 lsm: handle SELinux LSM correctly 06b5d2fa8 tests: add a test for apparmor_stacking 8723e3f99 check: add a feature test for apparmor_stacking 8d992a680 lsm: support checkpoint/restore of stacked apparmor profiles 0db135ac4 util: add rm -rf function 6085c37ba lsm: change when LSM profiles are collected e2a45d786 ci: extend lint run to run 'make indent' 70833bcf2 Run 'make indent' on header files 93dd984ca Run 'make indent' on all C files 1e26f170c criu: introduce clang-format to format source code cc2317ea4 zdtm: fix indentation in Makefile wait_stop target d62e747e9 ci: fix Fedora Rawhide b32c8c6fe posix-timers: fix getoverrun error handling 01fa34f1e ci: use pre-installed Podman 918901439 zdtm/pthread_timers: require ns_pid feature and add non-ns test e1b1547c8 posix-timers: fallback notify thread id encoding for non-pidns and non-nspid 91d7203b8 proc_parse: make nspid field optional a692a0d0a kerndat: Check that "/proc/[pid]/status" file has NS{pid, ..} lines 64f0012e4 zdtm: add a test for SIGEV_THREAD timers 7eab5a7dc timers: save tid from a task pid namespace 61e1334ab proc_parse: get a thread ID in a thread pidns from /proc/pid/status 80079fbb0 criu: dump and restore notify_thread_id of posix timer 6be9345fb criu-ns: add support for 'check' action 868bffba4 criu-ns: add top-level conditional execution f70605ef1 criu-ns: update script name in help message f472e2590 Documentation: Add man page for criu-ns 8891e51cd make: install criu-ns 4a9bcd884 zdtm: prioritize /lib/* dependencies in some tests 00ca2b519 scripts/build: add a docker file for archlinux 694eafa1f protobuf: remove leading underscores from protobuf structs efb9fccd4 cgroup: cgroup_contains has to update the mask for cgroupv2 ac27562f0 ci: add msgque test case to crit-recode 7e86519fe lib: fix crit-recode msgque errors in Jenkins 503488597 ci/openj9: run mrproper before make 7ff785e1d zdtm: make --sbs also stop on each pre-dump/snap iteration 07316d15a restore: cleanup cgroup properly in error path 8f2b8c7be scripts: run lint also on criu-ns bd648cc8d ci: also test tcp stream crit recoding fa9acb9dc lib: fix broken crit-recode test 0ca36c95e ci: combine cross compile container definitions 2ebb1c741 crit: fix error on memfd files parsing f57e45df5 cr-service: move pidfd_store initialization to cr-service f7cd25400 pidfd_store: tidy up interface and hide unneeded details 083f0822e pidfd_store: move pidfd_store to a separate file d55f34ed7 test/ci: sync netns_lock test and its --post-start hook b290df9a6 test/jenkins: fix netns_lock test multiple iterations failure 75feb9635 ci: fix mips64el-cross test f3cb15660 Keep inherit-fd strings alive until task restore d3ce492cc pycrit: fix the broken of cli the `crit show xxx.img` 093fb0c87 Add test for new --lsm-mount-context option 64dd64e50 Enable changing of mount context on restore 5be71273f Remove unnecessary whitespace fc7705a13 zdtm: add network namespace locking test 0cf79a360 test: remove exec test 1a197d4d8 criu: add unit testing for config file parser 45bde968a test: add tests for configuration file parsing f695e6e10 config: make configuration file parser more robust 381d2e88f criu: add cleanup_free attribute 031a8d790 bfd: loop through read()/write() when the action is incomplete 24bc08365 ci: disable some tests on CentOS 7 63ca464bc ci: remove old workarounds 6ef01d3e6 ci: switch CentOS 7 test to Cirrus CI 1fbe87624 ci: disable -x during print_env() b4c7267b0 zdtm: allow ignore taint via environment variable a92833818 scripts/vagrant: Use vagrant 2.2.16 eda3ac2ff scripts/vagrant: Use Fedora 34 87ea13f6b add PKG_CONFIG default in a few more places 6db0f95db crtools: improve error handling on signal setting 2967bed64 build: respect $PKG_CONFIG settings 81a68ad3b docker-test: use latest containerd release 638e53c95 zdtm/tun_ns: add per-test dependencies 9d9ec73dd test: skip time namespaced tests on <= 5 e42083aa8 ci: update docker test matrix ebc74668f cr_options: handle the case where __dest == __src in SET_CHAR_OPTS d0511319e github: Add templates for new issues and pull requests 3c10d3335 criu(8): document --join-ns option 80ee4f8ae kdat: make uffd_open return errno from syscall separately a8525c07d ci: no longer avoid overlayfs 2aa4185a6 test/others: refactor loop process 2b78d95e6 test/others: drop '_exit' function 34410b9e7 test: add a test to check that sigtrap handlers are restored b310fbd31 ksigset: fix a typo in ksigdelset c1b2d194e mem/pidfd: fix poll retry error checking 1c08709cd zdtm: add pidfd store based pid reuse test ea0dc7807 zdtm: add --pidfd-store option in RPC mode e79131e8c criu: add pidfd based pid reuse detection for RPC clients ba882893c cr-check: add ability to check if pidfd_store feature is supported e3c9c3429 cr-service: add pidfd_store_sk option to rpc.proto a9508c986 criu: check if pidfd_getfd syscall is supported 30e8d8cad criu: check if pidfd_open syscall is supported 5d08f975a kerndat: Handle non-root mode when checking uffd 8c303d1a6 test/others/crit: add test for 'x' e39300109 lib/cli.py: Open explore file as a binary c8973d426 test/zdtm: check that a penging SIGTRAP handled properly 61c7cc5a9 parasite: don't block SIGTRAP ed58fb221 test: create new tls certificates 6beeabcd4 zdtm: add sk-unix-dgram-ghost test case 2609e98ee sk-unix: ghost: fix deadlock between peer_fle->stage and fds wake up 655610e09 ci: remove hack for netns-nft zdtm test ddefbbff1 zdtm: add combined nftables/iptables netns-nft-ipt test 4696e61ed zdtm: skip static/netns-nft test if nftables feature isn't supported d8821d9a8 net: skip iptables dump if it has nft backend and nft dump is supported e26949cfe lsm: handle half initialized SELinux setups e2c352e4f tools.mk: Use Python 3 by default 177e4b4ba mips: remove empty gitignore 22142eedf mips: coding style fixes 99a6a17c2 Allow systemcfg proc file to be dumped 731cafa85 logging: pr_perror() -> pr_msg() when execvp fails in action scripts and others 24bdfa72d net: add a #define for increased compatiblity with old distributions 29c34386b restore: fix error message when fork fails f10425e05 criu: end pr_(err|warn|msg|info|debug) with \n 96b7178ba Whitespace at EOL cleanup and check 7ea20e8f5 criu: make sure to use pr_perror to show errno 10c619adb test/zdtm: pr_err / pr_perror fixes dca0eb5b4 test/others/bers: use pr_perror e326889c0 criu/mount.c: fix \n in pr_debug 2166d4748 scripts: fix shellcheck warnings 5f3631916 Makefile: amend lint with pr_perror/fail checks 4cd23083b test/zdtm: don't pass errno to fail() 12a2bd0ed test/zdtm: don't use %m with fail b20694835 test/zdtm: don't use \n with fail() 9cbcaaed3 test/zdtm: don't use errno for pr_perror 865a5e951 test/zdtm: don't use pr_perror where errno is unset d55a65e93 criu: don't use errno for pr_error f3be776cc Drop \n from pr_perror 5e3b07b95 test/zdtm: check that restore can handle precreated veth devices f60f24bfb kerndat: check whether IFLA_NEW_IFINDEX is supported 3ca09f5c9 ci: exclude lazy-thp for remote pages over tls 6c77d7226 Makefile: docker-test don't use interactive tty 27b9ed53e Makefile: update excluded tests for docker-test 5d8ecee0a docker-test: use host cgroup & network ns e3c0fa701 Dockerfile: add missing test dependencies 3074b6d5a Dockerfile: re-build criu after clean f432186e7 Dockerfile: use 'git clean' before build 264b4a8d2 tiny fix on function dump_empty_fs cdb0d4270 net: allow restoring of precreated veth devices e3b694392 scripts/build: drop obsolete ENV1 variable eb5726c44 images: re-license as Expat license (so-called MIT) 9c18c63d2 ci: enable crit tests in CI b78c4e071 test: fix crit test and extend it 13e6e6899 lib: also handle extra pipe data correctly bf9e502c6 lib: print nice error if crit gets wrong input bf80fee4f lib: correctly handle stdin/stdout (Python 3) 9635d6496 criu: Replace faccessat with fstatat when using AT_SYMLINK_NOFOLLOW flag 96c1351d8 criu: Throw error when parent path is provided but invalid 8dc7ce3e7 cr-service: fix CRIU_REQ_TYPE__FEATURE_CHECK RPC request b82f222d6 lib: fix crit-recode fix for Python 2 228e510d2 ci: move CentOS 8 based test to Cirrus 069d92e51 Use a real VM instead of a privileged container 90e03b1a1 pstree: don't change sid/gid-s if current sid/gid is the same 248b77367 lib: correctly handle padding of dump images abe3405b2 lib: fromstring() and tostring() are deprecated c10aae8f6 criu-ns: Merge comparisons with 'in' 5f59a7cc3 criu-ns: Add unsupported msg for restore-sibling 797422986 criu-ns: Handle restore-detached option 6b375ed75 criu-ns: Pass arguments to run_criu() 55a0557db criu-ns: Close namespace fd before raise 0e024bfce criu-ns: Extract set namespace functions a80f08c2e criu-ns: Remove unused _umount 6fd59abc8 criu-ns: Use documentation strings f8556f947 criu-ns: Extract wait for process into a function a08aa4406 criu-ns: Extract mount new /proc into a function a0a02c73e criu-ns: Remove space before/after bracket 8f69a58e0 criu-ns: Convert indentation to spaces f3d071461 ci: run zdtm/transition/pid_reuse with pre-dumps in ci tests 288adfc59 ci: remove ccache setup 2e0107ead ci: run recode tests on more input files 71013465b lib: fix recode errors seen in Jenkins c84dddf2f ci: remove '-Wl,-z,now' workaround ed0f4608f lib/cli.py: Open out file as a binary a433943a7 docker-test: set log file path 046cad8bf docker-test: use containerd v1.5.0-beta.0 25f378083 ci: move Travis CI Docker tests to GitHub Actions 7e6a1a701 pstree: check for pid collision before switching to new sid/gid bb5bad532 test: move vt test to minor 65 on s390x c66ca3aa2 zdtm/fpu03: Add .desc file to omit running on !x86 a87c61fe8 Revert "compel: add -ffreestanding to force gcc not to use builtin memcpy, memset" 1bac3a64b s390: Purge stale comment 39b7252c6 fault-injection: Run fpu corruption tests 21e3c5307 compel: Provide compel_set_task_ext_regs() 3613b6f15 compel: Store extended registers set in the thread context 7af06af10 zdtm/fpu03: Add a test to check fpu C/R in a thread 6c879c3c8 zdtm/fpu00: Simplify ifdeffery e2e8be37f x86/compel/fault-inject: Add a fault-injection for corrupting extended regset 327e14933 namespaces: properly handle errors of snprintf ffb848e6d x86: Use PTRACE_GET_THREAD_AREA instead of sys_get_thread_area() 72dc32850 ci/compat: Check if tests are 32-bit ELFs 10fe08c37 github/stale: separate labels with commas without following spaces ff38944b9 ci: fix Fedora rawhide CI failures 79b3893ec plugin: check for plugin path truncation 878223560 sk-unix: check whether a socket name is NULL before printing it 9582a44ce bug: add __builtin_unreachable in BUG_ON_HANDLER 4eb43dc4d test: fix test compilation on rawhide 6f8e67135 zdtm: Add javaTests output to .gitignore 7b3eb03ab test: Reduce verbosity of mvn output ae143161b javaTests: Add --file-locks option 56d7dbd7c file-lock: Add space in error message 950805bf1 ci: use runc instead of crun for podman tests 719e42fe1 seccomp: initialize seccomp_mode in all cases 2dc65a636 zdtm: add second fifo_upon_unix test 1f2e10771 zdtm: add fifo upon unix socket test case 7c5c81366 sk-unix: rework unix_resolve_name d0308e5ec sk-unix: make criu respect existing files while restoring ghost unix socket fd 49889baa2 files-reg: rework strip_deleted 129cc7fbc files: Don't forget on stripping deleted postfix on linked files 3a4bffc14 ci: move coverage run to github 6be56e92c test/zdtm: check that locks are not dumped if --file-locks isn't set 7b5e7166e dump: dump has to fail if there is locks and --file-locks isn't set 37c09f890 ci: move compat tests to Github Actions 246c37ad3 README.md: remove unused badges; add a few new badges fad9f805c README.md: remove trailing whitespaces 67ce4e46c ci: move asan and image streamer test to github f983a55e6 vdso: fix segmentation fault caused by char pointer array 909ce55d8 Tell podman to use vfs as storage-driver f4c5937ca ci: move Fedora Rawhide based tests away from Travis ed7cefe21 ci: factor out Fedora Rawhide CI setup 95c4a8b40 ci: skip bpf tests on vagrant bb2078f36 ci: upgrade vagrant and Fedora version da2c83d87 ci: fix syntax error in stale.yml fc5ba7de7 zdtm: handle a case when a test vma is merged with another one d74353d77 util: zero the events pointer to avoid its double free 540141c7c namespaces: handle errors of snprintf b83a1dd95 ci: also use clang for compel-host-bin baad84efb ci: run aarch64 compile tests on Drone 95df2524c zdtm: cleanup thread-bomb test error handling and printing 50a96e9fa ci: move vagrant test to cirrus ci f04e8517c workflows/stale: Don't close issue that has labels 'new feature' or 'enhancement' 2721d865f fsnotify: rework redundant code c4f176b1e mount: adjust log level for mnt_is_dir 3fd3a376f mount: adjust log level for get_clean_mnt 8c53627dd dump: at exit do not call timing_stop if stats are not initialized c405a0116 coverity: get_service_fd() is passed to a parameter that cannot be negative 6ff51fd8d restore: warning: Value stored to 'ret' is never read 0bb3d8586 memfd: use PROC_SELF instead of getpid in __open_proc 34024dfdc util: move open_proc_self_fd to service_fd 068672f39 servicefd: don't move service fds in case they remain in the same place 5364ca3da compel/test: Fix warn_unused_result 8aba7ae9f compel: Fix missing loff_t in Alpine cffbeffed ci: Enable compel testing fbb21b404 compel/test: Add main makefile ae686848b compel/test: Resolve missing includes c7544894f dump/ppc64,arm,mips: sanitize the ERESTART_RESTARTBLOCK -> EINTR transition 0cbfba778 github: auto-close stale issues and pull requests fabd5be38 zdtm: look up iptables in /sbin and /usr/sbin 797f41e8a test/zdtm_ct: Run zdtm.py in the host time namespace f736b8750 ci: Alpine's busybox based free does not understand -h d2ed60b60 namespaces: don't set rst on error in switch_ns_by_fd 94fb7c36a ci: move alpine based tests to github actions a28947bb8 ci: give an overview of the current CI environment 70088b66c ci: add Circle CI definition a719a2f49 CONTRIBUTING.md: add component prefix to the subject example adfec67c0 .gitignore: Remove qemu-user-static 82bddc4b2 scripts/Docerfile.centos8: Use 'powertools' repo name 898329b30 x86/asm: fix compile error in bitops.h 371d9c83d others/ns_ext: restore a process out of PID namespaces into the host PID namespace eb9ed1aaf cr-restore: setup external pidns only for root task c5064eda1 namespaces: make root_ns_mask more consistent c629525ca cr-restore: make CLONE_NEWPID flag in clone_flags more consistent 98fbb766d compel/handle-elf: override unexpected precalculated addresses 6a7bb0b9f docs: fix simple typo, clietn -> client b023f0ab5 vim: remove wrong 8-space tabs indent from python files 2c89954cc zdtm: on fail with no error also print the tail of the log 9bdae79d0 uffd: check for exited task when reading uffd_msg 3b2202151 uffd: cleanup read error handling in handle_uffd_event 8ca4d6e5b cr-restore: Properly inspect status in sigchld_process() 00bd72f32 ci: remove special handling for mips 2d68627dc CI: remove centos7 from Travis 5bb4406e9 ci: use graviton2 for arm64 tests on Travis fb21643b2 tls: Add logging within send/recv callbacks b28eb7b2d compel/log: Provide %u specifier parsing c39ed518f compel/log: Stop parsing at unknown format specifier b93fe2b2d vdso: Let zero-terminator in vdso_symbol_length 528ce2598 uffd: handle xrealloc() failure 56a70ff99 uffd: fix 'double free detected in tcache 2' 7db0c7c02 ci: add CentOS 8 based CI run b0676302f ci: switch centos7 to github actions 247523c0c travis: rename centos test to centos7 b6e4dae22 criu-ns: Remove unreachable statement ebea8f560 ci: fix lazy-pages test selection 20a83e77c ci: 'fix' lazy tests 1ecaee67a namespaces: fix 'Declaring variable "path" without initializer' 097c931ed coverity: img_raw_fd() returns a negative number 04d7b7157 sk-unix: ignore coverity chroot() warning cfeb9c10f cr-dump: get_service_fd() is passed to a parameter that cannot be negative ed905a002 util: fix double_close false positive b47cb0539 dump: Potential leak of memory pointed to by 'si' def84b8ef coverity: fix parameter_hidden: declaration hides parameter c98eb0384 restore: Value stored to 'ret' is never read 8e5acdd2d cr-dump: Potential leak of memory pointed to by 'si' cf4fe1fa1 vdso-compat: let coverity know that the function does not return cfcc0b14a coverity: ignore CHECKED_RETURN d0db53297 autofs: Potential leak of memory pointed to by 'token' 9b1921fb7 sk-unix: do not overwrite function parameter 1d403eb18 Use 'is None' instead of '== None' 820525fe8 bfd: remove unused line a02986804 coredump: remove two unused variables 1543527bf lib/py: remove unused variable 7db0bb69e infect: initialize struct to avoid CLANG_WARNING ee048e148 lock: disable clang_analyzer for the LOCK_BUG_ON() macro 70c8c12c6 compel: don't mmap parasite as RWX 6edcef740 cr-restore: Wait child & reap zombies if PID=1 4381043a7 criu-ns: Use PID 1 on restore b2232f7f7 criu-ns: Convert c_char_p strings to bytes object d16033658 criu-ns: Print usage info when no args provided 26371e56f criu-ns: Convert to python3 style print() syntax 72ca9673d python: Replace xrange with range 2598f64fa crns.py: New attempt to have --unshare option 0d691acba CI: distribute CI jobs between CI systems e7cbeddff CI: rename 'travis' to 'ci' Signed-off-by: -
Bruce Ashfield authored
Bumping crun to version 1.2-16-g718b94e, which comprises the following commits: 979f6f0 criu: save the new descriptors after restore cab3d52 crun: chown std streams c68c4ce crun.1.md: fix formatting 62e9ba0 test: bump base and ubuntu to 1.16 for containerd tests 07303d8 exec: support --cgroup 9c96ca4 libcrun: allow to specify sub-cgroup for exec e32af6c cgroup: allow to create missing dirs baa786c exec: use new function 6d70af2 exec: new function libcrun_container_exec_with_options 97c2eac tests: add userns to sd_notify_proxy test 4f6c8e0 NEWS: tag 1.2 aee580f exec: fix containers being wrongly reported as paused 762269c test/criu: enable external ipc,uts,time namespaces e334260 criu: Add support for shared ipc,uts,time ns 1353be8 configure: convert indentation to tabs 44bb0b2 artifacts: add libprotobuf-c-dev for protobuf headers 5b341a1 NEWS: tag 1.1 55d293c .github: add libprotobuf-c-dev 2162435 criu: store external descriptors as JSON string 9c7d928 .github: check tests leave the working dir clean d99bb51 .github: report make check failures 0d64e1d linux: fix fix-test-mount-symlink-not-existing test 7260dc8 tests: fix number of tests b0d64b6 tests: skip caps tests if rootless a538e4e tests: disable exec_additional_gids when rootless b055575 criu: fix save of external descriptors c0f5460 criu: use has_prefix instead of strncmp 0fa5a11 criu: use write_file instead of open+write 1604c54 criu: drop \n from error messages a967d78 criu: fix fd leak f624c93 tests: disable unrelated failing Podman tests ee35311 utils: add new function safe_readlinkat ef24f0c README.md: ./configure.sh → ./configure 3e82d10 tests: add test for c/r with ext namespace 2257680 tests_utils: drop unused variable f41c979 tests: drop unused imports be18607 criu: Add support for external PID namespace 4810ac6 exec: refuse paused container/cgroup 7d35659 cgroup: drop cgroup_mode arg from libcrun_cgroup_is_container_paused 44377aa container: Set primary process to 1 via LISTEN_PID by default if user configuration is missing bc0b3d1 utils: retry openat2 on EAGAIN 8a70bcd cgroup: use cgroup.kill if available c819e9c tests: update Podman to 3.3.0 74543d3 linux: silence two false positives reported by lgtm c1798ad status: check for owner before using it 5399935 utils: NUL terminate readlinkat buffer 2557c81 NEWS: tag 1.0 dad6ef2 crun.1: regenerate 2199d10 tests: update containerd version We also bump the oci/image/runtime spec SRCREVs to ensure that we have all the source dependencies up to date. Signed-off-by: -
Bruce Ashfield authored
The 'autogen.sh' script of crun was fetching dependencies that we already have in our SRC_URI. We want the OE git fetcher to manage the source, not scripts in the source of a package. We grab the two lines out of autogen.sh that we need, and use them directly in the configure_prepend. We also add yajl to the source code dependencies as the package DEPENDS is not enough as crun is explicitly building source that looks for the yajl code. Signed-off-by:
-
