Mirror of git.yoctoproject.org/meta-virtualization https://git.enea.com/cgit/linux/meta-virtualization.git/atom?h=kirkstone 2025-11-19T23:28:22+00:00 2025-11-19T23:28:22+00:00 Vijay Anusuri vanusuri@mvista.com 2025-11-10T11:30:49+00:00 urn:sha1:4da521b4440f57b10ba70091ee0e31b1085e665e Upstream-Status: Backport from https://github.com/containerd/containerd/commit/c575d1b5f4011f33b32f71ace75367a92b08c750 Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2025-11-19T23:28:22+00:00 Vijay Anusuri vanusuri@mvista.com 2025-11-10T11:30:48+00:00 urn:sha1:9f4afbb21a91eab9917a25811f1d2ba7d223e071 Upstream-Status: Backport from https://github.com/containerd/containerd/commit/0450f046e6942e513d0ebf1ef5c2aff13daa187f Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2025-10-14T01:57:54+00:00 Theo GAIGE tgaige.opensource@witekio.com 2025-10-02T08:05:07+00:00 urn:sha1:16155ae737d96f0f53721ad7270c3fe19729d496 Upstream-Status: Backport from https://github.com/containerd/containerd/commit/9639b9625554183d0c4d8d072dccb84fedd2320f Signed-off-by: Theo GAIGE <tgaige.opensource@witekio.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2023-04-12T17:02:37+00:00 Chen Qi Qi.Chen@windriver.com 2023-03-29T09:38:15+00:00 urn:sha1:4ffd2f78e56f35f3f4180c3cbd9a6ceed8859bb4 1.6.19 is the latest release for 1.6 branch. This upgrade fixes CVEs such as CVE-2023-25173 and CVE-2023-25153. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2023-02-15T20:10:57+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2023-02-14T09:09:45+00:00 urn:sha1:a7413c5d7568ce91b809ed11f84305b1afb468bb Bumping containerd to version v1.6.12-2-gccfc27e30, which comprises the following commits: 3595dd04b fix: check for tmpfs when evaluating if userxattr should be used 1899ebcd8 Prepare release notes for v1.6.12 ec5acd4c1 CRI stream server: Fix goroutine leak in Exec 9743dbae8 [release/1.6] update to go1.18.9 3d24d97ba Prepare release notes for v1.6.11 bb96b21e5 fix: support simultaneous create diff for same parent snapshot 15b541238 Fix order of operations when setting lease labels 9fdf713e5 Added nullptr checks to pkg/cri/server and sbserver 56593cca5 cri: add pod uid annotation 8ec051a6b [release/1.6] go.mod: use golang_protobuf_extensions v1.0.4 e639ecd7c Prepare release notes for v1.6.10 5af8d89ce overlayutils: Add fastpath for userxattr check Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2022-12-22T15:28:08+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2022-12-12T07:58:53+00:00 urn:sha1:181a754d136b458a33ef73a576989b3f1b40ffd9 Bumping containerd to version v1.6.9-12-g6c41694da, which comprises the following commits: 5af8d89ce overlayutils: Add fastpath for userxattr check 303f608dd [release/1.6] update to Go 1.18.8 to address CVE-2022-41716 3f9f9508d ctr export strictly match default platform df73acad5 [release/1.6] go.mod: Bump hcsshim to v0.9.5 658490b78 ctr import: strictly match platform 4907b4d72 Migrate away from GitHub actions set-output f1493f665 Prepare release notes for v1.6.9 346412f5a adding support of CAP_BPF and CAP_PERFMON 99578d1fc Update mailmap a956d8415 Add logging volume metrics to Containerd CRI plugin 29e2dea50 fix pusher concurrent close channel 8a9d69385 [release/1.6] Stats() shouldn't assume s.container is non-nil a9adc7938 cri: PodSandboxStatus should tolerate missing task b66eb726a migrate from k8s.gcr.io to registry.k8s.io 5b40993a5 [release/1.6] upgrade containerd/continuity from v0.2.2 to v0.3.0 f2376e659 Update container with sandbox metadata after NetNS is created 06f82efef archive: validate digests before use 28324c529 [release/1.6] Update go 1.18.7, addresses CVE-2022-2879, CVE-2022-2880, CVE-2022-41715 0aeeb62cb [release/1.6] update golangci-lint to v1.19.0 7db9d1f76 Fix linter warnings 4dc932e62 [release/1.6] gofmt with go1.19 7b8d679ad [release/1.6] integration: remove use of deprecated io/ioutil 926b9c72f retry request on writer reset b9a35c6af Add integration tests with failpoint 1f29fac48 Persist container and sandbox if resource cleanup fails, like teardownPodNetwork a85709c6c integration: simplify CNI-fp and add README.md d89a8d223 pkg/failpoint: add FreeBSD link and update pkg doc b0ce2965a integration: Add injected failpoint testing for RunPodSandbox a7f956d86 integration: CNI bridge wrapper with failpoint 07c479471 pkg/failpoint: add DelegatedEval API 4a5bc05aa runtime/v2/shim: return if error in load plugin 71ee7de24 bin/ctr,integration: new runc-shim with failpoint 3e2e77849 runtime/v2: manager supports server interceptor cb935bf49 pkg/failpoint: init failpoint package 2fdfd564c make xattr EPERM non-fatal in createTarFile 89e49609d remotes/docker/config: Skipping TLS verification for localhost b720be2ce remove stray .zuul.yaml 6b30bc4b4 .zuul: remove the zuul because it is offline 0f7e258ee Set grpc code for unimplemented cri-api methods fb753e5cd update intergration 6ee5bb7ea bump cri-api ae8598615 ContainerStatus to return container resources d3c7e31c8 Update CRI-API 5b44c5271 vendor: golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd 3507d600b update runc binary to v1.1.4 1efd8b947 ci: remove GOPROXY environment variable due to https://github.com/go-yaml/yaml/issues/887 Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2022-12-22T15:28:08+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2022-12-12T07:58:49+00:00 urn:sha1:f67902ddfd9d1e7bab4537e0bf0ffe78e31b1069 restructure the containerd source layout to avoid symlinking vendor dependencies. This avoid go recording paths in the final binaries. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2022-12-22T15:28:08+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2022-12-12T07:58:47+00:00 urn:sha1:7c811b31dc34d666bfc06f4a55e5f0df77b88818 We get the following QA warning on build: WARNING: containerd-opencontainers-v1.6.8+gitAUTOINC+579a6380ec-r0 do_package_qa: QA Issue: File /usr/bin/containerd-shim-runc-v2 in package containerd-opencontainers contains reference to TMPDIR File /usr/bin/containerd-ctr in package containerd-opencontainers contains reference to TMPDIR File /usr/bin/containerd-shim-runc-v1 in package containerd-opencontainers contains reference to TMPDIR File /usr/bin/containerd in package containerd-opencontainers contains reference to TMPDIR File /usr/bin/containerd-shim in package containerd-opencontainers contains reference to TMPDIR [buildpaths] This is the first step in fixing the QA warning, by dropping our debug patch, passing -trimpath and not defining GO_DEBUG. This leaves a final reference similar to: path _/opt/poky/build/tmp/work/core2-64-poky-linux/containerd-opencontainers/v1.6.8+gitAUTOINC+579a6380ec-r0/git/src/import/cmd/ctr That is being stored in the .rodata of the binaries. Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2022-12-22T15:28:08+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2022-12-12T07:58:46+00:00 urn:sha1:9c1fb8f49b7bf3b92d60518e6daa0925009b7c1d Bumping containerd to version v1.6.8-8-g579a6380e, which comprises the following commits: 1efd8b947 ci: remove GOPROXY environment variable due to https://github.com/go-yaml/yaml/issues/887 0448673af Do not append []string{""} to command to preserve Docker compatibility 5c230ece0 Fix cleanup in critest ed9d3dc37 oci: WithDefaultUnixDevices(): remove tun/tap from the default devices 3364f411e Prepare release notes for v1.6.8 390920429 release workflow: remove Go setup action cf48ba6e8 release workflow: increase timeout to 30 minutes 57873e652 release: rollback Ubuntu to 18.04 (except for riscv64) eccb82f6d Update release build timeout to 20 minutes 6a854d4b5 Update mailmap 61612e1a2 Prepare release notes for 1.6.7 d199ee462 Update golang to 1.17.13 0578d20c5 Change os.Stderr reassign for Windows service 12cae4961 Update Vagrant CI to macos-12 bc4091aae chore: bump macos runner version cb73bd050 Windows HostProcess container CRI stats test ac388525a Add validations for Windows HostProcess CRI configs 0007f40fe [release/1.6] go.mod: Bump hcsshim to v0.9.4 c9607e78c Update Fedora version to 36 2952b66c0 CI: add riscv64 builds 6b2dc9a37 release/Dockerfile: update Ubuntu to 22.04 for supporting riscv64 745dc07c4 seccomp: support riscv64 c2f841f21 Create ppc64le release 86b55bd8d seccomp: allow clock_settime64 when CAP_SYS_TIME is added f3da3e51f allow ptrace(2) by default for kernel >= 4.8 aa1101068 [release/1.6] update golang to 1.17.12 37dfc5c9d [release/1.6] Fix WWW-Authenticate parsing Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> 2022-08-04T03:05:32+00:00 Bruce Ashfield bruce.ashfield@gmail.com 2022-07-07T12:57:13+00:00 urn:sha1:bb9187d34d8f0d5bc1078a2b838bec0407aa33f4 Bumping containerd to version v1.6.6-10-g4e92d8e7e, which comprises the following commits: 37dfc5c9d [release/1.6] Fix WWW-Authenticate parsing fa2016d58 [release/1.6] Downgrade MinGW to version 10.2.0 99c56d217 ctr: fix label args used in NewContainer 51de785f8 [release/1.6] Make building static binaries simpler 2ea4e6348 update runc binary to v1.1.3 61213742a Prepare release notes for v1.6.6 f92068350 Implicitly discard the input to drain the reader 2eb67213b [release/1.6] Limit the response size of ExecSync 185e87275 Prepare release notes for v1.6.5 5c9c83d3e [release/1.6] update golang to 1.17.11 fdcdc27bc update go-cni/for cni update fixing plugins that don't respond with version e33b9e709 archive: add human-readable hint to Lchown error 3bb5a9d19 config: improve config v1 deprecation message 6eff5b6c0 [release/1.6] go.mod: Bump hcsshim to 0.9.3 f1d2d9260 [release/1.6] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad 9f99be51b [release/1.6] update golang to 1.17.10 246a1b42e vendor: github.com/opencontainers/runc v1.1.2 43717e03a update runc binary to v1.1.2 82a77be2d reverts removal of parallel run from critest 06bdfeb67 Allow git commands in Vagrantfile 70839a344 Bug fix for mount path handling 1520bae0f update critools to v1.24 0d1d2953b Prepare release notes for 1.6.4 42d691fe6 Bump opencontainers/selinux from 1.10.0 to 1.10.1 e9f22e008 Update go-cni to v1.1.5 be4909e95 cri: close fifos when container is deleted baa386dc0 Prepare release notes for v1.6.3 e8da82adc tracing: fix panic on startup when configured 1764ea9a2 CRI: improve image pulling performance 9cd76d465 [release/1.6] update golang to 1.17.9 c09cc1242 check for duplicate nspath possibilities fe6ba62ce metrics/cgroups: fix deadlock issue in Add during Collect 8b81a7843 [release/1.6] go.mod: update image-spec to merge-commit of v1 into main f2ba2041b update runc binary to v1.1.1 b736b4dab go.mod: github.com/opencontainers/runc v1.1.1 72f1e58c7 CI: add Rocky Linux 8 7ede40c5c [release/1.6] vendor: github.com/containerd/imgcrypt v1.1.4 5538be6cf cgroup2: monitor OOMKill instead of OOM to prevent missing container OOM events da35c19da Test turning off golang CI lint cache a0213573b Add nolint:staticcheck to platform-specific calls ad0036ed6 Update prometheus client vendor c7bbf316f Mount devmapper xfs file system with "nouuid" option. a1de89c3e Make the temp mount as ready only in container WithVolumes 82a12edf2 moving up to go-cni v1.1.4 28b44826b native: fix deadlock from leaving transactions open 8461dd6e5 Prepare release notes for v1.6.2 91800c4e9 Add static checks to shim for Windows ca51d7f85 Update go.mod go version 765df6609 [release/1.6] remove empty go mod to allow building for go 1.18 e9af80859 Fix the Inheritable capability defaults. 7c929318a Update TestNormalize to only test Windows 06985e7d0 Upgrade golangci-lint and its GitHub Action b13d3e05c cri: relax test for system without hugetlb Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>