From e3d960f4fcd91a84067fbbd6293ce271e74a7740 Mon Sep 17 00:00:00 2001 From: Bruce Ashfield Date: Mon, 2 Apr 2018 00:21:58 -0400 Subject: runc: uprev to 1.0.0-rc5 Uprev both variants of runc to v1.0.0-rc5. We drop patches that have made it into the upstream runc, and we also refresh the context of of two others. The docker and opencontainers variants are virtually identical, but we keep the two variants for now to protect against any future forks in the support. The runc-docker SRCREV comes from the docker-ce 18.04 logged commit, while runc-opencontainers is updated to the tip of the master branch. Runtime tested with docker on x86-64. Signed-off-by: Bruce Ashfield --- .../0001-Disable-building-recvtty.patch | 19 +- ...untime-spec-198f23f827eea397d4331d7eb048d.patch | 89 ---------- .../0001-Use-correct-go-cross-compiler.patch | 85 --------- .../0001-runc-docker-SIGUSR1-daemonize.patch | 36 ++-- ...-Remove-Platform-as-no-longer-in-OCI-spec.patch | 75 -------- ...date-memory-specs-to-use-int64-not-uint64.patch | 194 --------------------- recipes-containers/runc/runc-docker_git.bb | 10 +- recipes-containers/runc/runc-opencontainers_git.bb | 4 +- 8 files changed, 30 insertions(+), 482 deletions(-) delete mode 100644 recipes-containers/runc/runc-docker/0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch delete mode 100644 recipes-containers/runc/runc-docker/0001-Use-correct-go-cross-compiler.patch delete mode 100644 recipes-containers/runc/runc-docker/0002-Remove-Platform-as-no-longer-in-OCI-spec.patch delete mode 100644 recipes-containers/runc/runc-docker/0003-Update-memory-specs-to-use-int64-not-uint64.patch diff --git a/recipes-containers/runc/runc-docker/0001-Disable-building-recvtty.patch b/recipes-containers/runc/runc-docker/0001-Disable-building-recvtty.patch index fa1f695b..8de1b170 100644 --- a/recipes-containers/runc/runc-docker/0001-Disable-building-recvtty.patch +++ b/recipes-containers/runc/runc-docker/0001-Disable-building-recvtty.patch @@ -9,18 +9,15 @@ Upstream-status: Inappropriate Makefile | 1 - 1 file changed, 1 deletion(-) -diff --git a/Makefile b/Makefile -index 0fcf508..24f47dc 100644 ---- a/src/import/Makefile -+++ b/src/import/Makefile -@@ -38,7 +38,6 @@ contrib/cmd/recvtty/recvtty: $(SOURCES) +Index: git/src/import/Makefile +=================================================================== +--- git.orig/src/import/Makefile ++++ git/src/import/Makefile +@@ -40,7 +40,6 @@ static: $(SOURCES) - CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . -- CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty + CGO_ENABLED=1 $(GO) build $(EXTRA_FLAGS) -tags "$(BUILDTAGS) netgo cgo static_build" -installsuffix netgo -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . +- CGO_ENABLED=1 $(GO) build $(EXTRA_FLAGS) -tags "$(BUILDTAGS) netgo cgo static_build" -installsuffix netgo -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty release: - @flag_list=(seccomp selinux apparmor static); \ --- -2.7.4 - + script/release.sh -r release/$(VERSION) -v $(VERSION) diff --git a/recipes-containers/runc/runc-docker/0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch b/recipes-containers/runc/runc-docker/0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch deleted file mode 100644 index bcc76fc4..00000000 --- a/recipes-containers/runc/runc-docker/0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch +++ /dev/null @@ -1,89 +0,0 @@ -From e8ef6025a4f48620baf91737cd37eb5e6a40f48c Mon Sep 17 00:00:00 2001 -From: Justin Cormack -Date: Fri, 23 Jun 2017 17:14:59 -0700 -Subject: [PATCH 1/3] Update to runtime spec - 198f23f827eea397d4331d7eb048d9d4c7ff7bee - -Updates memory limits to be int64, and removes Platform from spec. - -Signed-off-by: Justin Cormack ---- - vendor.conf | 2 +- - .../opencontainers/runtime-spec/specs-go/config.go | 23 ++++++---------------- - 2 files changed, 7 insertions(+), 18 deletions(-) - -diff --git a/vendor.conf b/vendor.conf -index e23e7ea7..09a8a924 100644 ---- a/src/import/vendor.conf -+++ b/src/import/vendor.conf -@@ -1,7 +1,7 @@ - # OCI runtime-spec. When updating this, make sure you use a version tag rather - # than a commit ID so it's much more obvious what version of the spec we are - # using. --github.com/opencontainers/runtime-spec 239c4e44f2a612ed85f6db9c66247aa33f437e91 -+github.com/opencontainers/runtime-spec 198f23f827eea397d4331d7eb048d9d4c7ff7bee - # Core libcontainer functionality. - github.com/mrunalp/fileutils ed869b029674c0e9ce4c0dfa781405c2d9946d08 - github.com/opencontainers/selinux v1.0.0-rc1 -diff --git a/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go b/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go -index 8bf8d924..68ab112e 100644 ---- a/src/import/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go -+++ b/src/import/vendor/github.com/opencontainers/runtime-spec/specs-go/config.go -@@ -6,8 +6,6 @@ import "os" - type Spec struct { - // Version of the Open Container Runtime Specification with which the bundle complies. - Version string `json:"ociVersion"` -- // Platform specifies the configuration's target platform. -- Platform Platform `json:"platform"` - // Process configures the container process. - Process *Process `json:"process,omitempty"` - // Root configures the container's root filesystem. -@@ -101,15 +99,6 @@ type Root struct { - Readonly bool `json:"readonly,omitempty"` - } - --// Platform specifies OS and arch information for the host system that the container --// is created for. --type Platform struct { -- // OS is the operating system. -- OS string `json:"os"` -- // Arch is the architecture -- Arch string `json:"arch"` --} -- - // Mount specifies a mount for a container. - type Mount struct { - // Destination is the absolute path where the mount will be placed in the container. -@@ -284,15 +273,15 @@ type LinuxBlockIO struct { - // LinuxMemory for Linux cgroup 'memory' resource management - type LinuxMemory struct { - // Memory limit (in bytes). -- Limit *uint64 `json:"limit,omitempty"` -+ Limit *int64 `json:"limit,omitempty"` - // Memory reservation or soft_limit (in bytes). -- Reservation *uint64 `json:"reservation,omitempty"` -+ Reservation *int64 `json:"reservation,omitempty"` - // Total memory limit (memory + swap). -- Swap *uint64 `json:"swap,omitempty"` -+ Swap *int64 `json:"swap,omitempty"` - // Kernel memory limit (in bytes). -- Kernel *uint64 `json:"kernel,omitempty"` -+ Kernel *int64 `json:"kernel,omitempty"` - // Kernel memory limit for tcp (in bytes) -- KernelTCP *uint64 `json:"kernelTCP,omitempty"` -+ KernelTCP *int64 `json:"kernelTCP,omitempty"` - // How aggressive the kernel will swap memory pages. - Swappiness *uint64 `json:"swappiness,omitempty"` - } -@@ -486,7 +475,7 @@ type WindowsNetwork struct { - EndpointList []string `json:"endpointList,omitempty"` - // Specifies if unqualified DNS name resolution is allowed. - AllowUnqualifiedDNSQuery bool `json:"allowUnqualifiedDNSQuery,omitempty"` -- // Comma seperated list of DNS suffixes to use for name resolution. -+ // Comma separated list of DNS suffixes to use for name resolution. - DNSSearchList []string `json:"DNSSearchList,omitempty"` - // Name (ID) of the container that we will share with the network stack. - NetworkSharedContainerName string `json:"networkSharedContainerName,omitempty"` --- -2.11.0 - diff --git a/recipes-containers/runc/runc-docker/0001-Use-correct-go-cross-compiler.patch b/recipes-containers/runc/runc-docker/0001-Use-correct-go-cross-compiler.patch deleted file mode 100644 index 8f5171ab..00000000 --- a/recipes-containers/runc/runc-docker/0001-Use-correct-go-cross-compiler.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 037c20b3b3ef5e9ead0282aa64f9b88c0c18934d Mon Sep 17 00:00:00 2001 -From: Paul Barker -Date: Thu, 5 Oct 2017 13:14:40 +0000 -Subject: [PATCH] Use correct go cross-compiler - -We need to use '${GO}' as set by OpenEmbedded instead of just 'go'. Just using -'go' will invoke go-native. - -Signed-off-by: Paul Barker -Upstream-status: Inappropriate ---- - Makefile | 20 ++++++++++---------- - 1 file changed, 10 insertions(+), 10 deletions(-) - -diff --git a/Makefile b/Makefile -index 8117892..0fcf508 100644 ---- a/src/import/Makefile -+++ b/src/import/Makefile -@@ -27,18 +27,18 @@ SHELL := $(shell command -v bash 2>/dev/null) - .DEFAULT: runc - - runc: $(SOURCES) -- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc . -+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o runc . - - all: runc recvtty - - recvtty: contrib/cmd/recvtty/recvtty - - contrib/cmd/recvtty/recvtty: $(SOURCES) -- go build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty -+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "-X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -tags "$(BUILDTAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty - - static: $(SOURCES) -- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . -- CGO_ENABLED=1 go build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty -+ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o runc . -+ CGO_ENABLED=1 $(GO) build -i $(EXTRA_FLAGS) -tags "$(BUILDTAGS) cgo static_build" -ldflags "-w -extldflags -static -X main.gitCommit=${COMMIT} -X main.version=${VERSION} $(EXTRA_LDFLAGS)" -o contrib/cmd/recvtty/recvtty ./contrib/cmd/recvtty - - release: - @flag_list=(seccomp selinux apparmor static); \ -@@ -62,15 +62,15 @@ release: - CGO_ENABLED=1; \ - }; \ - echo "Building target: $$output"; \ -- go build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \ -+ $(GO) build -i $(EXTRA_FLAGS) -ldflags "$$ldflags $(EXTRA_LDFLAGS)" -tags "$$tags" -o "$$output" .; \ - done - - dbuild: runcimage - docker run --rm -v $(CURDIR):/go/src/$(PROJECT) --privileged $(RUNC_IMAGE) make clean all - - lint: -- go vet $(allpackages) -- go fmt $(allpackages) -+ $(GO) vet $(allpackages) -+ $(GO) fmt $(allpackages) - - man: - man/md2man-all.sh -@@ -88,7 +88,7 @@ unittest: runcimage - docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localunittest - - localunittest: all -- go test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages) -+ $(GO) test -timeout 3m -tags "$(BUILDTAGS)" ${TESTFLAGS} -v $(allpackages) - - integration: runcimage - docker run -e TESTFLAGS -t --privileged --rm -v $(CURDIR):/go/src/$(PROJECT) $(RUNC_IMAGE) make localintegration -@@ -134,10 +134,10 @@ clean: - validate: - script/validate-gofmt - script/validate-shfmt -- go vet $(allpackages) -+ $(GO) vet $(allpackages) - - ci: validate localtest - - # memoize allpackages, so that it's executed only once and only if used --_allpackages = $(shell go list ./... | grep -v vendor) -+_allpackages = $(shell $(GO) list ./... | grep -v vendor) - allpackages = $(if $(__allpackages),,$(eval __allpackages := $$(_allpackages)))$(__allpackages) --- -2.7.4 - diff --git a/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch b/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch index b3bd0680..9ccbccb2 100644 --- a/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch +++ b/recipes-containers/runc/runc-docker/0001-runc-docker-SIGUSR1-daemonize.patch @@ -29,19 +29,19 @@ Signed-off-by: Jason Wessel utils_linux.go | 2 +- 2 files changed, 51 insertions(+), 5 deletions(-) -diff --git a/src/import/signals.go b/src/import/signals.go -index 910ea1ee..b6a23476 100644 ---- a/src/import/signals.go -+++ b/src/import/signals.go -@@ -6,6 +6,7 @@ import ( +Index: git/src/import/signals.go +=================================================================== +--- git.orig/src/import/signals.go ++++ git/src/import/signals.go +@@ -6,6 +6,7 @@ "os" "os/signal" "syscall" // only for Signal + "strconv" - "github.com/Sirupsen/logrus" "github.com/opencontainers/runc/libcontainer" -@@ -56,9 +57,6 @@ type signalHandler struct { + "github.com/opencontainers/runc/libcontainer/system" +@@ -56,9 +57,6 @@ func (h *signalHandler) forward(process *libcontainer.Process, tty *tty, detach bool) (int, error) { // make sure we know the pid of our main process so that we can return // after it dies. @@ -51,7 +51,7 @@ index 910ea1ee..b6a23476 100644 pid1, err := process.Pid() if err != nil { -@@ -68,12 +66,60 @@ func (h *signalHandler) forward(process *libcontainer.Process, tty *tty, detach +@@ -68,12 +66,61 @@ if h.notifySocket != nil { if detach { h.notifySocket.run(pid1) @@ -110,14 +110,15 @@ index 910ea1ee..b6a23476 100644 + } + return 0, nil + } - // perform the initial tty resize. - tty.resize() - for s := range h.signals { -diff --git a/src/import/utils_linux.go b/src/import/utils_linux.go -index e6d31b35..1bb80a63 100644 ---- a/src/import/utils_linux.go -+++ b/src/import/utils_linux.go -@@ -308,7 +308,7 @@ func (r *runner) run(config *specs.Process) (int, error) { ++ + // Perform the initial tty resize. Always ignore errors resizing because + // stdout might have disappeared (due to races with when SIGHUP is sent). + _ = tty.resize() +Index: git/src/import/utils_linux.go +=================================================================== +--- git.orig/src/import/utils_linux.go ++++ git/src/import/utils_linux.go +@@ -338,7 +338,7 @@ if err != nil { r.terminate(process) } @@ -126,6 +127,3 @@ index e6d31b35..1bb80a63 100644 return 0, nil } r.destroy() --- -2.11.0 - diff --git a/recipes-containers/runc/runc-docker/0002-Remove-Platform-as-no-longer-in-OCI-spec.patch b/recipes-containers/runc/runc-docker/0002-Remove-Platform-as-no-longer-in-OCI-spec.patch deleted file mode 100644 index 7970dec3..00000000 --- a/recipes-containers/runc/runc-docker/0002-Remove-Platform-as-no-longer-in-OCI-spec.patch +++ /dev/null @@ -1,75 +0,0 @@ -From e1146182a8cebb5a6133a9e298a5e4acf99652e9 Mon Sep 17 00:00:00 2001 -From: Justin Cormack -Date: Fri, 23 Jun 2017 17:16:08 -0700 -Subject: [PATCH 2/3] Remove Platform as no longer in OCI spec - -This was never used, just validated, so was removed from spec. - -Signed-off-by: Justin Cormack ---- - libcontainer/specconv/example.go | 5 ----- - spec.go | 14 -------------- - 2 files changed, 19 deletions(-) - -diff --git a/libcontainer/specconv/example.go b/libcontainer/specconv/example.go -index 33134116..d6621194 100644 ---- a/src/import/libcontainer/specconv/example.go -+++ b/src/import/libcontainer/specconv/example.go -@@ -2,7 +2,6 @@ package specconv - - import ( - "os" -- "runtime" - "strings" - - "github.com/opencontainers/runtime-spec/specs-go" -@@ -15,10 +14,6 @@ func sPtr(s string) *string { return &s } - func Example() *specs.Spec { - return &specs.Spec{ - Version: specs.Version, -- Platform: specs.Platform{ -- OS: runtime.GOOS, -- Arch: runtime.GOARCH, -- }, - Root: specs.Root{ - Path: "rootfs", - Readonly: true, -diff --git a/spec.go b/spec.go -index 92d38f57..876937d2 100644 ---- a/src/import/spec.go -+++ b/src/import/spec.go -@@ -7,7 +7,6 @@ import ( - "fmt" - "io/ioutil" - "os" -- "runtime" - - "github.com/opencontainers/runc/libcontainer/configs" - "github.com/opencontainers/runc/libcontainer/specconv" -@@ -131,9 +130,6 @@ func loadSpec(cPath string) (spec *specs.Spec, err error) { - if err = json.NewDecoder(cf).Decode(&spec); err != nil { - return nil, err - } -- if err = validatePlatform(&spec.Platform); err != nil { -- return nil, err -- } - return spec, validateProcessSpec(spec.Process) - } - -@@ -148,13 +144,3 @@ func createLibContainerRlimit(rlimit specs.LinuxRlimit) (configs.Rlimit, error) - Soft: rlimit.Soft, - }, nil - } -- --func validatePlatform(platform *specs.Platform) error { -- if platform.OS != runtime.GOOS { -- return fmt.Errorf("target os %s mismatch with current os %s", platform.OS, runtime.GOOS) -- } -- if platform.Arch != runtime.GOARCH { -- return fmt.Errorf("target arch %s mismatch with current arch %s", platform.Arch, runtime.GOARCH) -- } -- return nil --} --- -2.11.0 - diff --git a/recipes-containers/runc/runc-docker/0003-Update-memory-specs-to-use-int64-not-uint64.patch b/recipes-containers/runc/runc-docker/0003-Update-memory-specs-to-use-int64-not-uint64.patch deleted file mode 100644 index 50a9b7fc..00000000 --- a/recipes-containers/runc/runc-docker/0003-Update-memory-specs-to-use-int64-not-uint64.patch +++ /dev/null @@ -1,194 +0,0 @@ -From 3d9074ead33a5c27dc20bb49457c69c6d2ae6b57 Mon Sep 17 00:00:00 2001 -From: Justin Cormack -Date: Fri, 23 Jun 2017 17:17:00 -0700 -Subject: [PATCH 3/3] Update memory specs to use int64 not uint64 - -replace #1492 #1494 -fix #1422 - -Since https://github.com/opencontainers/runtime-spec/pull/876 the memory -specifications are now `int64`, as that better matches the visible interface where -`-1` is a valid value. Otherwise finding the correct value was difficult as it -was kernel dependent. - -Signed-off-by: Justin Cormack ---- - libcontainer/cgroups/fs/memory.go | 36 +++++++++++++++++------------------- - libcontainer/configs/cgroup_linux.go | 10 +++++----- - update.go | 14 +++++++------- - 3 files changed, 29 insertions(+), 31 deletions(-) - -diff --git a/libcontainer/cgroups/fs/memory.go b/libcontainer/cgroups/fs/memory.go -index da2cc9f8..b739c631 100644 ---- a/src/import/libcontainer/cgroups/fs/memory.go -+++ b/src/import/libcontainer/cgroups/fs/memory.go -@@ -73,14 +73,14 @@ func EnableKernelMemoryAccounting(path string) error { - // until a limit is set on the cgroup and limit cannot be set once the - // cgroup has children, or if there are already tasks in the cgroup. - for _, i := range []int64{1, -1} { -- if err := setKernelMemory(path, uint64(i)); err != nil { -+ if err := setKernelMemory(path, i); err != nil { - return err - } - } - return nil - } - --func setKernelMemory(path string, kernelMemoryLimit uint64) error { -+func setKernelMemory(path string, kernelMemoryLimit int64) error { - if path == "" { - return fmt.Errorf("no such directory for %s", cgroupKernelMemoryLimit) - } -@@ -88,7 +88,7 @@ func setKernelMemory(path string, kernelMemoryLimit uint64) error { - // kernel memory is not enabled on the system so we should do nothing - return nil - } -- if err := ioutil.WriteFile(filepath.Join(path, cgroupKernelMemoryLimit), []byte(strconv.FormatUint(kernelMemoryLimit, 10)), 0700); err != nil { -+ if err := ioutil.WriteFile(filepath.Join(path, cgroupKernelMemoryLimit), []byte(strconv.FormatInt(kernelMemoryLimit, 10)), 0700); err != nil { - // Check if the error number returned by the syscall is "EBUSY" - // The EBUSY signal is returned on attempts to write to the - // memory.kmem.limit_in_bytes file if the cgroup has children or -@@ -106,14 +106,12 @@ func setKernelMemory(path string, kernelMemoryLimit uint64) error { - } - - func setMemoryAndSwap(path string, cgroup *configs.Cgroup) error { -- ulimited := -1 -- -- // If the memory update is set to uint64(-1) we should also -- // set swap to uint64(-1), it means unlimited memory. -- if cgroup.Resources.Memory == uint64(ulimited) { -- // Only set swap if it's enbled in kernel -+ // If the memory update is set to -1 we should also -+ // set swap to -1, it means unlimited memory. -+ if cgroup.Resources.Memory == -1 { -+ // Only set swap if it's enabled in kernel - if cgroups.PathExists(filepath.Join(path, cgroupMemorySwapLimit)) { -- cgroup.Resources.MemorySwap = uint64(ulimited) -+ cgroup.Resources.MemorySwap = -1 - } - } - -@@ -128,29 +126,29 @@ func setMemoryAndSwap(path string, cgroup *configs.Cgroup) error { - // When update memory limit, we should adapt the write sequence - // for memory and swap memory, so it won't fail because the new - // value and the old value don't fit kernel's validation. -- if cgroup.Resources.MemorySwap == uint64(ulimited) || memoryUsage.Limit < cgroup.Resources.MemorySwap { -- if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatUint(cgroup.Resources.MemorySwap, 10)); err != nil { -+ if cgroup.Resources.MemorySwap == -1 || memoryUsage.Limit < uint64(cgroup.Resources.MemorySwap) { -+ if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatInt(cgroup.Resources.MemorySwap, 10)); err != nil { - return err - } -- if err := writeFile(path, cgroupMemoryLimit, strconv.FormatUint(cgroup.Resources.Memory, 10)); err != nil { -+ if err := writeFile(path, cgroupMemoryLimit, strconv.FormatInt(cgroup.Resources.Memory, 10)); err != nil { - return err - } - } else { -- if err := writeFile(path, cgroupMemoryLimit, strconv.FormatUint(cgroup.Resources.Memory, 10)); err != nil { -+ if err := writeFile(path, cgroupMemoryLimit, strconv.FormatInt(cgroup.Resources.Memory, 10)); err != nil { - return err - } -- if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatUint(cgroup.Resources.MemorySwap, 10)); err != nil { -+ if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatInt(cgroup.Resources.MemorySwap, 10)); err != nil { - return err - } - } - } else { - if cgroup.Resources.Memory != 0 { -- if err := writeFile(path, cgroupMemoryLimit, strconv.FormatUint(cgroup.Resources.Memory, 10)); err != nil { -+ if err := writeFile(path, cgroupMemoryLimit, strconv.FormatInt(cgroup.Resources.Memory, 10)); err != nil { - return err - } - } - if cgroup.Resources.MemorySwap != 0 { -- if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatUint(cgroup.Resources.MemorySwap, 10)); err != nil { -+ if err := writeFile(path, cgroupMemorySwapLimit, strconv.FormatInt(cgroup.Resources.MemorySwap, 10)); err != nil { - return err - } - } -@@ -171,13 +169,13 @@ func (s *MemoryGroup) Set(path string, cgroup *configs.Cgroup) error { - } - - if cgroup.Resources.MemoryReservation != 0 { -- if err := writeFile(path, "memory.soft_limit_in_bytes", strconv.FormatUint(cgroup.Resources.MemoryReservation, 10)); err != nil { -+ if err := writeFile(path, "memory.soft_limit_in_bytes", strconv.FormatInt(cgroup.Resources.MemoryReservation, 10)); err != nil { - return err - } - } - - if cgroup.Resources.KernelMemoryTCP != 0 { -- if err := writeFile(path, "memory.kmem.tcp.limit_in_bytes", strconv.FormatUint(cgroup.Resources.KernelMemoryTCP, 10)); err != nil { -+ if err := writeFile(path, "memory.kmem.tcp.limit_in_bytes", strconv.FormatInt(cgroup.Resources.KernelMemoryTCP, 10)); err != nil { - return err - } - } -diff --git a/libcontainer/configs/cgroup_linux.go b/libcontainer/configs/cgroup_linux.go -index 3e0509de..e15a662f 100644 ---- a/src/import/libcontainer/configs/cgroup_linux.go -+++ b/src/import/libcontainer/configs/cgroup_linux.go -@@ -43,19 +43,19 @@ type Resources struct { - Devices []*Device `json:"devices"` - - // Memory limit (in bytes) -- Memory uint64 `json:"memory"` -+ Memory int64 `json:"memory"` - - // Memory reservation or soft_limit (in bytes) -- MemoryReservation uint64 `json:"memory_reservation"` -+ MemoryReservation int64 `json:"memory_reservation"` - - // Total memory usage (memory + swap); set `-1` to enable unlimited swap -- MemorySwap uint64 `json:"memory_swap"` -+ MemorySwap int64 `json:"memory_swap"` - - // Kernel memory limit (in bytes) -- KernelMemory uint64 `json:"kernel_memory"` -+ KernelMemory int64 `json:"kernel_memory"` - - // Kernel memory limit for TCP use (in bytes) -- KernelMemoryTCP uint64 `json:"kernel_memory_tcp"` -+ KernelMemoryTCP int64 `json:"kernel_memory_tcp"` - - // CPU shares (relative weight vs. other containers) - CpuShares uint64 `json:"cpu_shares"` -diff --git a/update.go b/update.go -index 0ea90d60..133be999 100644 ---- a/src/import/update.go -+++ b/src/import/update.go -@@ -124,11 +124,11 @@ other options are ignored. - - r := specs.LinuxResources{ - Memory: &specs.LinuxMemory{ -- Limit: u64Ptr(0), -- Reservation: u64Ptr(0), -- Swap: u64Ptr(0), -- Kernel: u64Ptr(0), -- KernelTCP: u64Ptr(0), -+ Limit: i64Ptr(0), -+ Reservation: i64Ptr(0), -+ Swap: i64Ptr(0), -+ Kernel: i64Ptr(0), -+ KernelTCP: i64Ptr(0), - }, - CPU: &specs.LinuxCPU{ - Shares: u64Ptr(0), -@@ -213,7 +213,7 @@ other options are ignored. - } - for _, pair := range []struct { - opt string -- dest *uint64 -+ dest *int64 - }{ - {"memory", r.Memory.Limit}, - {"memory-swap", r.Memory.Swap}, -@@ -232,7 +232,7 @@ other options are ignored. - } else { - v = -1 - } -- *pair.dest = uint64(v) -+ *pair.dest = v - } - } - r.Pids.Limit = int64(context.Int("pids-limit")) --- -2.11.0 - diff --git a/recipes-containers/runc/runc-docker_git.bb b/recipes-containers/runc/runc-docker_git.bb index f31b82ec..9acfbae4 100644 --- a/recipes-containers/runc/runc-docker_git.bb +++ b/recipes-containers/runc/runc-docker_git.bb @@ -2,15 +2,11 @@ include runc.inc # Note: this rev is before the required protocol field, update when all components # have been updated to match. -SRCREV_runc-docker = "9d6821d1b53908e249487741eccd567249ca1d99" -SRC_URI = "git://github.com/docker/runc.git;nobranch=1;name=runc-docker \ - file://0001-Update-to-runtime-spec-198f23f827eea397d4331d7eb048d.patch \ - file://0002-Remove-Platform-as-no-longer-in-OCI-spec.patch \ - file://0003-Update-memory-specs-to-use-int64-not-uint64.patch \ +SRCREV_runc-docker = "4fc53a81fb7c994640722ac585fa9ca548971871" +SRC_URI = "git://github.com/opencontainers/runc;nobranch=1;name=runc-docker \ file://0001-runc-Add-console-socket-dev-null.patch \ - file://0001-Use-correct-go-cross-compiler.patch \ file://0001-Disable-building-recvtty.patch \ file://0001-runc-docker-SIGUSR1-daemonize.patch \ " -RUNC_VERSION = "1.0.0-rc3" +RUNC_VERSION = "1.0.0-rc5" diff --git a/recipes-containers/runc/runc-opencontainers_git.bb b/recipes-containers/runc/runc-opencontainers_git.bb index a97676b6..73ef4f00 100644 --- a/recipes-containers/runc/runc-opencontainers_git.bb +++ b/recipes-containers/runc/runc-opencontainers_git.bb @@ -1,8 +1,8 @@ include runc.inc -SRCREV = "2e7cfe036e2c6dc51ccca6eb7fa3ee6b63976dcd" +SRCREV = "58415b4b12650291f435db8770cea48207b78afe" SRC_URI = " \ git://github.com/opencontainers/runc;branch=master \ file://0001-Use-correct-go-cross-compiler.patch \ " -RUNC_VERSION = "1.0.0-rc4" +RUNC_VERSION = "1.0.0-rc5" -- cgit v1.2.3-54-g00ecf