Age | Commit message (Collapse) | Author |
|
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
CVE-2022-4337: openvswitch: Out-of-Bounds Read in Organization Specific TLV
CVE-2022-4338: openvswitch: Integer Underflow in Organization Specific TLV
Reference:
https://github.com/openvswitch/ovs/pull/405
https://github.com/openvswitch/ovs/commit/7490f281f09a8455c48e19b0cf1b99ab758ee4f4
Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Move the xilinx specific bbappend to a wildcard append.
Signed-off-by: Mark Hatle <mark.hatle@kernel.crashing.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The existing 4.16 recipes are the current preferred Xen version, so
per the Xen version update policy, the 4.15 recipes can now be removed.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Update to use the latest stable 4.16 release.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
If the usrmerge DISTRO_FEATURE is enabled, modules should be installed
under /usr/lib instead of /lib. We can handle this by using
${root_prefix} in INSTALL_MOD_PATH.
Signed-off-by: Paul Barker <paul.barker@sancloud.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
This also fix building with clang 1.15
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
cloud-init has been dual licensed for a while. According to the
LICENSE file this package is dual-licensed Apache 2 and GPL 3. This has
been the case since commit b2a9f3361 in 2016. This has applied to every
release since 17.1.
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
cloud-init installs its data in nonarch_libdir, not libdir, so package
that. On non-multilib builds this wouldn't be noticed.
Signed-off-by: Dan McGregor <dan.mcgregor@usask.ca>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Update criu from 3.17 to 3.17.1:
* update file path and remove __pycache__ directory in do_install
* rebase 0002-criu-Change-libraries-install-directory.patch
* backport patches to fix build errors with glibc 2.36.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
rocksdb has been updated to 7.5.3 in meta-oe causing
ceph compilation to fail.
Backport necessary patches to allow ceph to work with
newer versions rocksdb.
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Bumping buildah to version v1.25.0-420-g13622b14, which comprises the following commits:
9c640b00 tag v1.27.2
264c825f Fix broken command completion
be919817 build: support --skip-unused-stages for multi-stage builds
40cd1053 release: bump to v1.27.1
4a8bf740 run: add container gid to additional groups
db8d5921 release: tag v1.27.0
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
meta-selinux has always been a soft dependency of meta-virt, as
such, it isn't in the layer dependencies.
To avoid yocto compat errors, and keep the dependency soft, we
add a skiprecip to udica if meta-selinux is not present.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Bumping kvmtool to latest, which comprises the following commits:
336751f Makefile: Introduce LIBFDT_DIR to specify libfdt location
6c88c26 virtio/rng: Zero-initialize the device
fe21827 virtio/pci: Deassert IRQ line on ISR read
ae22ac7 Makefile: Fix ARCH override
3863f34 Makefile: Add missing build dependencies
6a1f699 arm64: pvtime: Use correct region size
c86ef0b virtio/pci: Remove VIRTIO_PCI_F_SIGNAL_MSI
3d5cefc virtio/pci: Initialize all vectors to VIRTIO_MSI_NO_VECTOR
5fe5eb0 virtio: Add support for modern virtio-mmio
22a0823 virtio: Move MMIO transport to mmio-legacy
b0d56e3 virtio: Add support for modern virtio-pci
930876d virtio: Move PCI transport to pci-legacy
3c8f82b virtio: Prepare for more feature bits
de166e5 virtio/net: Set vhost backend after queue address
73fd136 virtio/pci: Use the correct eventfd for vhost notification
21c9bc7 virtio/pci: Make doorbell offset dynamic
d060729 virtio: Extract init_vq() for PCI and MMIO
c6590f7 virtio/pci: Delete MSI routes
8b91a18 arm64: Allow the user to specify the RAM base address
3f7e48f Introduce kvm__arch_default_ram_address()
a37dad0 arm/arm64: Consolidate RAM initialization in kvm__init_ram()
5e9c654 kvm__arch_init: Remove hugetlbfs_path and ram_size as parameters
a9c24ec builtin_run: Allow standard size specifiers for memory
d6d4220 arm/arm64: Kill the ARM_HIMAP_MAX_MEMORY() macro
1af57dc arm/arm64: Kill the ARM_MAX_MEMORY() macro
cce5a4f arm/arm64: Fail if RAM size is too large for 32-bit guests
abe3f28 builtin-run: Add arch hook to validate VM configuration
28b9625 builtin-run: Rework RAM size validation
9d65519 builtin-run: Always use RAM size in bytes
024c331 Use MB for megabytes consistently
d9fdaad arm: gic: fdt: fix PPI CPU mask calculation
f44af23 virtio/pci: Factor MSI route creation
4842789 virtio/blk: Implement VIRTIO_F_ANY_LAYOUT feature
e74b56e virtio/console: Add VIRTIO_F_ANY_LAYOUT feature
6daffe5 virtio/net: Implement VIRTIO_F_ANY_LAYOUT feature
b231683 virtio/net: Prepare for modern virtio
8b27bcf virtio/net: Offload vnet header endianness conversion to tap
c492534 Add memcpy_fromiovec_safe
902a8ec virtio: Remove set_guest_features() device op
17ad9fd virtio/console: Remove unused callback
867b15c virtio: Fix device-specific config endianness
15e6c4e virtio: Add config access helpers
609ee90 virtio: Support modern virtqueue addresses
fd41cde virtio: Factor virtqueue initialization
a8e397b virtio/vsock: Remove redundant state tracking
3a1e36e virtio: Remove redundant test
7efc262 virtio: Add NEEDS_RESET to the status mask
b4531b2 riscv: Add missing asm/kernel.h header
6f6f384 mips: Do not emulate a serial device
8ec1e8b arm64: Honor --vcpu-affinity for aarch32 guests
1a992bb include: add new virtio uapi header files
e539078 include: update virtio UAPI headers
393e218 util: include virtio UAPI headers in sync
7e22099 update virtio_mmio.h
a68a52c kvmtool: Have stack be not executable on x86
31e0eac virtio: Check for overflows in QUEUE_NOTIFY and QUEUE_SEL
e473028 virtio: Sanitize config accesses
3510a7f virtio/9p: Fix virtio_9p_config allocation size
06e1e6f virtio: Use u32 instead of int in pci_data_in/out
52d4ee7 mmio: Sanitize addr and len
143ffa2 kvmtool: Add WARN_ONCE macro
bc77bf4 stat: Add descriptions for new virtio_balloon stat types
3a13530 virtio/balloon: Fix a crash when collecting stats
324cc09 aarch64: Give up with MTE for AArch32 guest
4639b72 arm64: Add --vcpu-affinity command line argument
1393bda arm64: Add support for KVM_ARM_VCPU_PMU_V3_SET_PMU
083a976 update_headers.sh: Sync ABI headers with Linux v5.18-rc2
0febaae Add cpumask functions
83713e7 arm64: Rework set_pmu_attr()
f57ce44 arm: Make the PMUv3 emulation code arm64 specific
b23aed2 arm: Get rid of the ARM_VCPU_FEATURE_FLAGS() macro
412ee13 arm: Move arch specific VCPU features to the arch specific function
5898515 arm/arm64: pmu.h: Add missing header guards
d9b64eb linux/bitops.h: Include wordsize.h to provide the __WORDSIZE define
443cd88 linux/err.h: Add missing stdbool.h include
5657dd3 aarch64: Add support for MTE
af1b793 update_headers.sh: Sync ABI headers with Linux v5.17
ffa8654 Make --no-pvtime command argument arm specific
faae833 Revert "kvm tools: Filter out CPU vendor string"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
After upgrading from honister to kirkstone the build always failed
during the package_write_ipk step, because the package name has
been overwritten because of the typo in FILES.
While investigating, I discovered another typo in class-devupstream.
Signed-off-by: Guenther Meyer <g.meyer@signum-media.de>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The linkshared is not supported in some machines like riscv64 and
when supported we can use the GO_LINKSHARED instaed.
So export GO_LINKSHARED on the recipe to be available for Makefile.
This is currently only used in libnetwork for the proxy build, but
could be used in additional locations in the future.
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
This is useful for podman system tests.
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
udica provides an (easier) way to generate selnux policies
for containers. since we already have selinux has a dependency
of meta-virt, we might as well make policy creation easier.
See https://github.com/containers/udica, for details on how
to use the tool.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Changing the clone location of kubernetes allows us to remove the
vendor symlink "fix". This reduces the number of TMPDIR references
in the binaries.
kubernetes takes care of most of the rest via using asmflags and
gcflags interally which specify -trimpath, but unfortunately these
flags are being recorded into the binaries and leave us with 4
references to the TMDIR:
-asmflags=all=-trimpath=/opt/poky/build/tmp/work/core2-64-poky-linux/kubernetes/1_v1.24.0+git8b1b4db3834ddf7cf1b97137180f413cb9e2186f-r0/git/src/github.com/kubernetes/kubernetes/_output/local/go/src/k8s.io/kubernetes
-gcflags="all=-trimpath=/opt/poky/build/tmp/work/core2-64-poky-linux/kubernetes/1_v1.24.0+git8b1b4db3834ddf7cf1b97137180f413cb9e2186f-r0/git/src/github.com/kubernetes/kubernetes/_output/local/go/src/k8s.io/kubernetes
-asmflags=all=-trimpath=/opt/poky/build/tmp/work/core2-64-poky-linux/kubernetes/1_v1.24.0+git8b1b4db3834ddf7cf1b97137180f413cb9e2186f-r0/git/src/github.com/kubernetes/kubernetes/_output/local/go/src/k8s.io/kubernetes
-gcflags="all=-trimpath=/opt/poky/build/tmp/work/core2-64-poky-linux/kubernetes/1_v1.24.0+git8b1b4db3834ddf7cf1b97137180f413cb9e2186f-r0/git/src/github.com/kubernetes/kubernetes/_output/local/go/src/k8s.io/kubernetes
We leave these for now, as attempts to remove them have broken
the build, and kubernetes uses 'go install' versus 'go build' to
construct the binaries .. making our normal solutions non functional.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
restructure the containerd source layout to avoid symlinking vendor
dependencies. This avoid go recording paths in the final binaries.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
convert the riddler recipe to a structure that doesn't need a
symlinked vendor directory. go records these links in the binary,
making our output non-reproducible.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The structure of the source code layout that was used by
this recipe required symlinking subirectories of the source
into a location that would be searched by go. While this
fixes the build, and produces a working binary, go stores
the location into the binary itself. Those stored paths
reference the build directory, making the result not
reproducible.
With this change, we create an alternate structure that
doesn't require symlinking and allows go to find the
components during build. This results in a simpler recipe
and binaries without TMPDIR references.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The structure of the source code layout that was used by
this recipe required symlinking subirectories of the source
into a location that would be searched by go. While this
fixes the build, and produces a working binary, go stores
the location into the binary itself. Those stored paths
reference the build directory, making the result not
reproducible.
With this change, we create an alternate structure that
doesn't require symlinking and allows go to find the
components during build. This results in a simpler recipe
and binaries without TMPDIR references.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Pass -trimpath to the build to remove most (but not all)
TMDIR references.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
pass -trimpath to remove most TMPDIR referneces.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Pass -trimpath to the build to avoid references to TMPDIR.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The yq build was broken:
- some repositories have moved from master -> main
- missing dependencies, that were being fetched in the compile task
Correcting these issues fixes yq' build
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Fix the TMDIR QA error by tweaking out patch to add trimpath to
go build calls.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
go-builds compilation is fetching runc as a dependency, we can't
do that in the compilation phase without an exception, or throwing
an error.
We add the runc dependency and fetch it directly into the required
directory. This avoids the build time fetch, and we better control
the revision. win-win.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
pass -trimpath to the umoci build to remove TMPDIR references
in the binaries.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
To fix most of the TMPDIR references, we pass -trimpath to the build
via a new variagle GOBUILDFLAGS.
There are still some debug references to TMDIR, that will be fixed
at a later time.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Skopeo is throwing TMPDIR QA warnings due to paths being built
into the binaries. We fix this by creating a new variable to
pass -trimpath into the build, and also by defining the linker
flags -w -s to strip source/path information from the binaries.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
With this, we build and package docker without QA warnings due to
references to TMPDIR.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
|
|
Variable overrides have stopped working when this specific .inc
file are used. To keep the demo working, we temporarily copy the
exact contents of the .inc file into the recipe .. and all is well.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Symlink the date-time based image name, to just the imagename-oci.
This makes scripting use of the deployed container much simpler.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
This is useful for demonstrating how entry points and functionality
can be delivered in containers
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
We get the following QA warning on build:
WARNING: containerd-opencontainers-v1.6.8+gitAUTOINC+579a6380ec-r0 do_package_qa: QA Issue: File /usr/bin/containerd-shim-runc-v2 in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd-ctr in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd-shim-runc-v1 in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd in package containerd-opencontainers contains reference to TMPDIR
File /usr/bin/containerd-shim in package containerd-opencontainers contains reference to TMPDIR [buildpaths]
This is the first step in fixing the QA warning, by dropping our
debug patch, passing -trimpath and not defining GO_DEBUG.
This leaves a final reference similar to:
path _/opt/poky/build/tmp/work/core2-64-poky-linux/containerd-opencontainers/v1.6.8+gitAUTOINC+579a6380ec-r0/git/src/import/cmd/ctr
That is being stored in the .rodata of the binaries.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
To avoid go embedding references to the build dir into binaries,
we pass -trimpath to the build.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
When executing `k3s --version` the mentioned version
`k3s version dev (HEAD)`. The root cause is, that the BUILD_FLAGS
were not the expected ones. After that patch, the k3s is reporting
the correct version.
Signed-off-by: Vasileios Anagnostopoulos <vasileios.anagnostopoulos@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
There's compilation error when building lxc for ARM/ARM64 BSPs.
The error message is as below:
| ../git/src/lxc/cgroups/cgfsng.c:1234:111: error: incompatible
type for argument 10 of 'sd_bus_call_method_asyncv'
The 10th argument is of type va_list but NULL is supplied, thus causing
compilation error.
So we use sd_bus_call_method_async to replace the asyncv one to
solve this issue.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
The GOBUILDFLAGS patch is replaced by explicitly setting BUILDFLAGS="${GOBUILDFLAGS}"
in the recipe.
Signed-off-by: Pascal Bach <pascal.bach@siemens.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Bumping podman-tui to version v0.5.0-40-g8f2b80f, which comprises the following commits:
95abf3a Bump github.com/containers/podman/v4 from 4.1.1 to 4.2.0
868a762 Bump github.com/containers/buildah from 1.26.4 to 1.27.0
7b02fb5 Bump github.com/containers/buildah from 1.26.2 to 1.26.4
0932c65 Bump github.com/containers/common from 0.48.0 to 0.49.0
7fff27e Fix flaky tests
87589d6 Fix typos
24a3fff Bump github.com/containers/storage from 1.41.0 to 1.42.0
6795a8f Bump github.com/BurntSushi/toml from 1.1.0 to 1.2.0
e4f465b Bump github.com/onsi/gomega from 1.19.0 to 1.20.0
85a603b Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
8829267 Running golangci-lint on pdcs/pods, pcs/containers
d027158 running golangci-lint on pdcs/images
431dbd7 Makefile target to run codespell
2408394 running golangci-lint on pdcs/sysinfo
a4f7c62 running golangci-lint on pdcs/networks
7b35f80 running golangci-lint on pdcs/volumes
9f0fdd5 Bump github.com/containers/buildah from 1.26.1 to 1.26.2
08f96d0 Bump github.com/navidys/tvxwidgets from 0.1.0 to 0.1.1
9a4dfd5 running golangci-lint on pdcs/registry and pdcs/utils
a158603 Makefile - install golangci-lint and codespell tools
843dee3 Bump to v0.6.0-dev
e0db08b Bump to v0.5.0
117087b Bump github.com/spf13/cobra from 1.4.0 to 1.5.0
3e4d6c3 code coverage for network and volume create dialogs
ac570c3 github workflow: adding templates for bug report and features
082cf8e docs: adding security policy
1339a05 Bump github.com/containers/podman/v4 from 4.1.0 to 4.1.1
9f92e1c new feature - image push
666026d Bump github.com/docker/docker
6e50e26 show confirmation dialog in the center of different views
a55466b disk usage dialog table headers color update
8f21399 docs update - Mac build
0d13526 Esc key shall not close dialogs if its dropdown widgets has focus
a957454 docs update - Mac build
d6d81f6 Bump github.com/rs/zerolog from 1.26.1 to 1.27.0
95187ec infobar + help color update for headers
c25c20e using images.GetImage function for image inspect
83b1ac5 new feature - container commit
509532b image history dialog update
a4488bf update button labels based on their function
c15c697 makefile update - darwin build
ce6a55f Bump to v0.5.0-dev
fafb1dc Bump to v0.4.0
bc9c56d running codespell
a23b601 code coverage for ui/utils
36230ca CI setup
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
|
Bumping crun to version 1.5-41-gce7533a, which comprises the following commits:
ad9008b copr: depend on wasmtime-c-api for shared lib
972d595 krun: add support for krun-sev
e539aae tests: fix fedora rawhide mockbuild
559902d autobuild copr rpms with wasmtime support
d39f45d wasmtime: always grant filesystem capability for wrkdir inside container
b937322 wasmtime: inherit argv from handler argument instead of process
477ecc8 crun: restore will work on realpath
1083f9d tests,podman: skip push to local registry with authorization
29599a5 tests: disable login/logout tests
8ff3eba rpm/Makefile: Fix copr build (follow-up on #979)
f5244c7 rpm/Makefile: install all dependencies on mock environments
a37b06a rpm/Makefile: install git-core in tarball-prep
ab18c71 cgroup: change delegate cgroup after cgroupns creation
4716692 cgroup: add new function libcrun_cgroup_enter_finalize
9139896 tests: disable broken test
a45faa2 rpm/Makefile: autobuild rpms on podman-next copr
7ea284f src: make some error messages lower case
43f420a syntax-check: enable prohibit atoi and atof
9920e7b wasmer: move definitions earlier
54e2519 wasmer: drop not needed indentation
54fe445 wasmer: fix errors return code
86f9a5c syntax-check: enable prohibit always true header tests
a07112c syntax-check: enable no period at end of message check
2656de5 maint.mk: update from upstream gnulib
3df1458 linux: fix build with glibc 2.36
14b2102 pidfd: fallback on ENOSYS
fd01ef4 nix: allow to pass extra args to the runtime
a91e905 NEWS: tag 1.5
2c94290 nix: update nix dependencies
76ead7b wasm: add support for running containers using wasmtime
88e8710 python: unset LIBCRUN_RUN_OPTIONS_PREFORK for run
9ceba95 crun: move config_file* to container
639c98f cgroup: add fallback to io.weight
c75b58d wasm,wasmedge: drop support for experimental WasmEdgeProcess
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|