| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
The recipe only has file:// SRC_URI entries which unpack directly into
UNPACKDIR, not a ${BP} subdirectory. The new do_qa_unpack QA check in
insane.bbclass warns when S doesn't exist after unpack. Set S explicitly
to satisfy the check.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
OE-Core made changes to the way dummy providers work, update the
container-dummy-provides to match them. It now needs a hint in layer.conf
to make the core components aware of the presence of the dummy recipe.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the build with recent glibc and picks up the following fixes:
2597434ae Release LXC 6.0.6
d128f134d cmd/lxc-user-nic: prevent OOB read in name_is_in_groupnames
c43aeaaed lxc/network: define netlink uAPI constants for link properties
42b43b31c lxc/network: save/restore physical network interfaces altnames
810f44ba0 lxc/network: optimize netdev_get_mtu
5e68a7a63 meson.build: fix open_how include with glibc-2.43+
540f9e2bc meson.build: fix openat2 include typo, fix with glibc-2.43 +FORTIFY
01b9e35a7 lxc: added support OpenRC init system
885496ccc src/confile: fix values of lxc.cap.keep and lxc.cap.drop
99c3206c7 tests/lxc-attach: ensure no data corruption happens during heavy IO on pts
b964611b3 lxc/{terminal, file_utils}: ensure complete data writes in ptx/peer io handlers
d6ccb9abe github: test io_uring-based event loop
0448c9dd2 build: update Makefile and meson.build
aa4212023 Improve the dbus scope creation error handling
f9e73517e cgfsng: fix reboots when using dbus
2072ea4c7 copy_rdepends: Don't fail on missing source file
c7eac1180 start: Respect lxc.init.groups also in new user namespace
8ed8145d6 start: Remove outdated comment about group dropping
e9921c3d7 build(deps): bump actions/upload-artifact from 5 to 6
97a2e4af5 Added documentation on unprivileged LXC containers
59a30025e added doc for --rbduser
54d323a2d added "--rbduser" option in "lxc-create -B rbd"
a262afb5d Fallback to XDG_RUNTIME_DIR when /run not found
d7068a338 checkonfig: Fixed compatible with toybox/gunzip
4cc343edf Initial changes without testing
bdce7a634 Enumerated all values in array
edc57196f meson: add meson option for running doxygen in build
058be42aa build: Check if P_PIDFD is defined
099089971 Ensure do_lxcapi_unfreeze returns false when getstate errors
f9ff9ea2a build(deps): bump actions/checkout from 5 to 6
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the build against the lastest glibc, and we get a
few other bug fixes as well:
1c72306b1f domain: move vmtrace_alloc_buffer() invocation in vcpu_create()
999c6fadf7 vpci/msix: check for BARs enabled in vpci_make_msix_hole
8f3b637591 x86/ucode: Support discrete modules being CPIO archives
805e2b8ada x86/pv: Don't assume that INT $imm8 instructions are two bytes long
93614ffa48 x86/MCE: restore CPU vendor reporting to the outside world
e10f3ad869 tools/ocaml: fix 32-bit truncation bug in stub_xc_domain_setmaxmem()
1879637505 tools/sd-notify.h: Include string.h too
76dc2d6071 systemd: fall back to default system-sleep dir without systemd-devel
52356ca655 xenstored: Add newline to error message
4a7d2f18e5 libxl: constify some local variables for building with glibc 2.43
8061625411 tools/xenstored: fix live update
6adc1004f7 libxl: Fix device_add QMP calls with QEMU 9.2 and newer
55bb6db081 xen/cpufreq: fix usages of align_timer() in the on-demand governor
ae0708e940 xen/cpufreq: fix adjusting of sampling window on early exit
4778574053 common/domctl: xsm update for get_domain_state access
615199f05b VT-d: fix off-by-one when handling extra RMRR ranges
a7380f1437 xen: add non-executable stack note uniformly
14db25be36 xen/x86: fix usage of [[:blank:]] with BSD grep
99bd17462d EFI: Fix relocating ESRT for dom0
afaf4e7b50 SUPPORT.md: extend "lifetime"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping xen to version RELEASE-4.21.0-61-g1c72306b1f, which comprises the following commits:
1c72306b1f domain: move vmtrace_alloc_buffer() invocation in vcpu_create()
999c6fadf7 vpci/msix: check for BARs enabled in vpci_make_msix_hole
8f3b637591 x86/ucode: Support discrete modules being CPIO archives
805e2b8ada x86/pv: Don't assume that INT $imm8 instructions are two bytes long
93614ffa48 x86/MCE: restore CPU vendor reporting to the outside world
e10f3ad869 tools/ocaml: fix 32-bit truncation bug in stub_xc_domain_setmaxmem()
1879637505 tools/sd-notify.h: Include string.h too
76dc2d6071 systemd: fall back to default system-sleep dir without systemd-devel
52356ca655 xenstored: Add newline to error message
4a7d2f18e5 libxl: constify some local variables for building with glibc 2.43
8061625411 tools/xenstored: fix live update
6adc1004f7 libxl: Fix device_add QMP calls with QEMU 9.2 and newer
55bb6db081 xen/cpufreq: fix usages of align_timer() in the on-demand governor
ae0708e940 xen/cpufreq: fix adjusting of sampling window on early exit
4778574053 common/domctl: xsm update for get_domain_state access
615199f05b VT-d: fix off-by-one when handling extra RMRR ranges
a7380f1437 xen: add non-executable stack note uniformly
14db25be36 xen/x86: fix usage of [[:blank:]] with BSD grep
99bd17462d EFI: Fix relocating ESRT for dom0
afaf4e7b50 SUPPORT.md: extend "lifetime"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
crun ships a GNUmakefile that aborts with "You must run ./autogen.sh &&
./configure" when make clean is invoked before configure has run. The
autotools_preconfigure prefunc triggers this when rebuilding (e.g. via
multiconfig where sstate hash changes cause reconfiguration).
Set CLEANBROKEN = "1" to skip the make clean in autotools_preconfigure.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
do_fetch_containers runs as a postfunc of do_fetch and needs skopeo
from the native sysroot. However, DEPENDS only gates
do_prepare_recipe_sysroot which runs after do_fetch, so with a clean
tmp/ directory skopeo-native may not be built when do_fetch runs.
Add an explicit do_fetch[depends] on skopeo-native:do_populate_sysroot
when remote containers are configured so the ordering is correct.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move FEATURE_PACKAGES_container-registry from container-image-host.bb
to meta-virt-container.inc so it is available to all image recipes.
image.bbclass check_image_features() auto-discovers FEATURE_PACKAGES_*
variables as valid image features (line 72), so defining the variable
globally is sufficient — no IMAGE_FEATURES[validitems] needed.
This avoids the signature pollution that IMAGE_FEATURES[validitems]
causes when set globally, while allowing container-registry to be
used as an IMAGE_FEATURES value in any image recipe.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The kcfg sysroot search path (type=kmeta) was being injected
unconditionally, which caused fragment conflicts for linux-yocto kernels
that already have their own kernel-cache meta branch. The injected
search path would roll back fragments to an older set.
Make the injection conditional and fix the root cause:
- kernel_cache_feature() now checks SRC_URI for type=kmeta entries.
Kernels with kernel-cache get short paths (e.g. cfg/container.scc)
that resolve directly via the kernel-cache's search path. Kernels
without kernel-cache get the sysroot-relative ../../ paths as before.
- distro_cond_feature() now passes d.getVar('SRC_URI') instead of an
empty string, so kernel_cache_feature() can actually see whether the
kernel has a kernel-cache.
- SRC_URI append and inject_kcfg_search_path prefunc skip when
type=kmeta is already present.
- Remove unused kernel_cache_cond_feature() which was the original
conditional implementation but was never wired up.
This restores the original design intent from commit 5c212911
("allow conditional use of yocto-cfg-fragments"): kernel-cache is
the first choice for fragment resolution, sysroot is the fallback.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
bc293057 bcm-2xxx-rpi: Fix configuration audit warnings (LEDS, BACKLIGHT)
8ef043d5 kver: bumping to v6.18.16
104a5c9d bcm-2xxx-rpi: Add raspberry pi5 config and add input feature by default
9b173d3a genericarm64: drop CONFIG_PINCTRL_SM8350_LPASS_LPI
0b1ea0e5 genericarm64.cfg: enable CONFIG_INTERCONNECT_QCOM_QCS8300
2fa1b419 genericarm64-pinctrl.cfg: enable CONFIG_PINCTRL_QCS8300
53f6a3a8 kver: bumping to v6.18.13
98a36302 cfgs/nfc: create an intel-nfc-vendor specific feature
6350b56a netfilter.cfg: enable NF_CONNTRACK_SNMP
a425fdd0 pmem.cfg: enable DEV_DAX and DEV_DAX_HMEM
70eeaeff genericarm64.scc: enable TRANSPARENT_HUGEPAGE support
d62a1267 security-arm64.cfg: rename CFI_CLANG to CFI
b925ef94 security-arm64.cfg: correctly enable KASAN
1fdb98a4 security-arm64.cfg: add comment for ARM64_BTI_KERNEL
6d8bf6f0 security.cfg: move RANDOMIZE_MEMORY to x86_64
18fcb6dc arm.scc: move ARM_CPUIDLE to arm only
7e1d9b2b numa_x86_64.scc: move x86_64 config from numa.cfg to numa_x86_64.cfg
e93e999e sound.cfg: split SND_SOC_WM8731 to I2C and SPI variants
5a567776 sound_x86.scc: take over x86 configs from sound.scc
1ae7ce94 genericarm64.cfg: enable MTD NAND ECC support
15d48f71 genericarm64.cfg: enable TI MTD NAND support
40a67254 genericarm64-serial.cfg: set SERIAL_8250_CONSOLE to y
5ee6148e qemu-kvm.cfg: remove extra space
9f780417 firmware.cfg: whitespace fixes
bc221187 genericarm64.cfg: fix CONFIG_PM_DEVFREQ_EVENT
aef69bf3 Revert "genericarm64.scc: enable OP-TEE support"
6f597e1a genericarm64.cfg: enable SCSI support for HiSilicon etc
f1f313cf genericarm64.scc: enable RPMB support
a4565911 genericarm64.scc: enable GNSS support
391566e2 gnss.scc: add feature
d40a455d genericarm64.cfg: enable more bus drivers
20e41104 genericarm64.cfg: enable PCI_PASID support
0b2967f5 genericarm64.scc: enable NFC support
2643b37e nfc-vendor.scc: move Intel configs to nfc-vendor-intel.cfg
b1d00b01 genericarm64.scc: enable RFKILL LED, INPUT and GPIO
92610953 rfkill-extra.scc: add fragment for RFKILL LEDs, input and GPIO support
fc7d5f45 bluetooth.cfg: enable BT_LEDS support
f18ec272 genericarm64.scc: enable HSR
79fa2c17 hsr.scc: add feature for High-availability Seamless Redundancy (HSR & PRP)
1313923a genericarm64.scc: enable Time Sensitive Networking
e190eeff intel-x86.scc: enable hibernation with feature
c941f4ee genericarm64.scc: enable hibernation support
ce5c6d9d hibernation.scc: add feature
83620a7d bluetooth-usb.cfg: enable MediaTek and RealTek support
cf6e1261 bluetooth-hw.cfg: enable BT_MTK
ffdd0769 genericarm64.cfg: enable Microchip PHY support
9e9536d1 features/iommu: remove CONFIG_INTEL_IOMMU_FLOPPY_WA=y
61265288 genericarm64.cfg: enable CONFIG_QCA808X_PHY
8e6a09c7 kver: bumping to v6.18.11
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the global IMAGE_FEATURES[validitems] registration entirely.
Setting it in layer.conf or a globally-inherited bbclass changes the
varflag value, which gets pulled into the signature of every recipe
that depends on IMAGE_FEATURES — causing yocto-check-layer signature
change failures.
Image recipes that use the container-registry feature already set
IMAGE_FEATURES[validitems] locally (e.g. container-image-host.bb).
Users who want the feature in their own images add the one-liner:
IMAGE_FEATURES[validitems] += "container-registry"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Avoid a yocto-check-layer issue:
qemu-system-native:do_recipe_qa: 05c723e48cb4253cb80f1e5dcb63767b266c72cf8a83d3d7ff36a6622e43eb50 -> 7f42888db4f5572303288c58ad79c5267fa81da05a3a71288f91f309b50ed614
bitbake-diffsigs --task qemu-system-native do_recipe_qa --signature 05c723e48cb4253cb80f1e5dcb63767b266c72cf8a83d3d7ff36a6622e43eb50 7f42888db4f5572303288c58ad79c5267fa81da05a3a71288f91f309b50ed614
NOTE: Reconnecting to bitbake server...
basehash changed from 1b770ad4a9b79d38c928331d17651d3d66a6ebc45822c336d7ab98bfa8ebfd94 to 6bc5e5507534603aa6f6ab862ab27ef9c0b9ffcfaa9922d7ef25cb563fab6ab9
Variable PACKAGECONFIG value changed:
"fdt alsa kvm pie slirp png pixman sdl virglrenderer epoxy {++}" (whitespace changed)
but moving the whitespace into the added option.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Move the container-registry IMAGE_FEATURES[validitems] registration
from layer.conf into meta-virt-container-cfg.bbclass where it can be
gated on DISTRO_FEATURES. The validitems varflag is now only registered
when vcontainer or virtualization is in DISTRO_FEATURES.
layer.conf is parsed before distro features are known, so inline
Python cannot be used there. The bbclass is loaded via USER_CLASSES
(deferred parsing) and already handles container profile configuration.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
While we need the buildpaths QA skip due to the 3rd party
nature of some bundles, we don't need the installed-vs-shipped.
There's no reason why a bundled guest isn't packaging all its
files (or deleting them).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Somehow we have two similar registry recipes that were developed
from a different pont of view.
We don't need both.
container-registry-index is the mature, QA-compliant version
that also generates the standalone container-registry.sh helper
script.
container-registry-populate is an older, simpler version that
does only the push, so we drop it here
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This recipe can't be built without the main recipe, which is
in meta-oe meta-webserver.
Fix a S assigment, so it'll parse
And then skip if meta-webserver isn't in bblayers (not in
collections).
This will ensure that world builds don't try and pick it up
when processing meta-virt.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
to match the image recipe from XEN_GUEST_BUNDLES
Fixes:
ERROR: Nothing PROVIDES 'xen-guest-image-minimal'
xen-guest-image-minimal was skipped: using DISTRO 'distro', which is missing required DISTRO_FEATURES: 'xen'
in bitbake world builds
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We've terrorized the users of meta-virt for long enough with
the warning about the virtualization distro feature not
being set.
Modern OE has the features_check capability so recipes and
functionality that need the distro feature to be set can
just check it themselves. No need to warn over and over
again.
For now, it just default to off, but the check can be
completely removed in the future (since it does cause some
parse time overhead).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The upgrade of binutils in OE core broke the xen build on
arm64 due to unsupported instructions.
We cherry-pick a patch from xen master to fix the issue.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Block backfill features not needed by container runtime environments.
OE-core's DISTRO_FEATURES_BACKFILL auto-appends these to DISTRO_FEATURES
unless explicitly listed here. Without this, gobject-introspection-data
enables python3-pygobject (which DEPENDS on cairo), and wayland enables
pygobject's cairo PACKAGECONFIG — both are masked in vruntime builds.
We are using:
ISTRO_FEATURES_BACKFILL_CONSIDERED = "pulseaudio gobject-introspection-data opengl ptest multiarch wayland vulkan"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping xen to version RELEASE-4.21.0-42-gafaf4e7b50, which comprises the following commits:
afaf4e7b50 SUPPORT.md: extend "lifetime"
056103e7ad xen: Use MFLAGS for silent-mode detection
867b7d3f97 xen/kexec: return error code for unknown hypercalls
d2a6413550 x86/domain: adjust limitation on shared_info allocation below 4G
6228ea8acd xen/mm: allow deferred scrub of physmap populate allocated pages
15cd2b8f1b xen/mm: remove aliasing of PGC_need_scrub over PGC_allocated
39c90c8dee PCI: handle PCI->PCIe bridges as well in free_pdev()
74b26c53d3 x86/EFI: correct symbol table generation with older GNU ld
3f4bf1e876 x86/amd: Fold another DE_CFG edit into amd_init_de_cfg()
8d7a0f8661 build/non-x86: fix symbol lookup in presence of build-id
25db82b062 symbols: don't omit "end" symbols upon mixed code / data aliases
fc024ebf24 symbols: ensure sorting by value yields reproducible outcome
b75f39c692 flask: fix gcov build with gcc14+
8cb60ba236 PCI: handle PCI->PCIe bridges as well in alloc_pdev()
4e3c9c2eca x86/CPU: extend is_forced_cpu_cap()'s "reach"
b3f59203a5 x86/time: deal with negative deltas in get_s_time_fixed()
bc63b09ecc xen/domain: Disallow XENMEM_claim_pages on dying domains
97593f78ea symbols: don't use symbols-dummy
ee66c42166 symbols: re-number intermediate files
3146587dbc x86/spec-ctrl: Fix incomplete IBPB flushing during context switch
41b9ae5d7e x86/shadow: don't overrun trace_emul_write_val
2872cd3121 cirrus-ci: introduce FreeBSD 15.0-RELEASE as "current" version
c692a6786b x86: fix incorrect return value for has_if_pschange_mc
fe0d896902 x86/PVH: mark pvh_setup_mmcfg() __init
82fe260552 xen/mm: move adjustment of claimed pages counters on allocation
b579e832de x86/hvm: be more strict with XENMAPSPACE_gmfn source types
e39831f590 xen/mm: reject XENMEM_claim_pages when using LLC coloring
f805b61268 x86/AMD: avoid REP MOVSB for Zen3/4
11f9427100 vPCI: avoid bogus "overlap in extended cap list" warnings
7ab1f4939a xen/x86: Pass TPM ACPI table to PVH dom0
1cacccbace x86/mm: update log-dirty bitmap when manipulating P2M
7990330478 x86/pod: fix decrease_reservation() clearing of M2P entries
16e22efbde x86/amd: Fix race editing DE_CFG
81e71ef34f x86/amd: Stop updating the Zenbleed mitigation dynamically
ba9142efd7 x86/vhpet: Fix sanitization of legacy IRQ route
747d10b76f x86/msix: fix incorrect refcount decrease in msixtlb
c7e69564e5 x86/ucode: Fix error handling during parallel ucode load
5d002b7470 x86emul/test: correct compiler checking and avoid it when merely cleaning
6adf28094f xen: Fix EFI buildid alignment
653a3dd92a x86emul/test: extend cleaning of generated files
3d966b5f13 kconfig: remove references to docs/misc/kconfig{,-language}.txt files
14ad692e3b update Xen version to 4.21.1-pre
06af9ef229 Update to Xen 4.21
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping xen to version RELEASE-4.21.0-42-gafaf4e7b50, which comprises the following commits:
afaf4e7b50 SUPPORT.md: extend "lifetime"
056103e7ad xen: Use MFLAGS for silent-mode detection
867b7d3f97 xen/kexec: return error code for unknown hypercalls
d2a6413550 x86/domain: adjust limitation on shared_info allocation below 4G
6228ea8acd xen/mm: allow deferred scrub of physmap populate allocated pages
15cd2b8f1b xen/mm: remove aliasing of PGC_need_scrub over PGC_allocated
39c90c8dee PCI: handle PCI->PCIe bridges as well in free_pdev()
74b26c53d3 x86/EFI: correct symbol table generation with older GNU ld
3f4bf1e876 x86/amd: Fold another DE_CFG edit into amd_init_de_cfg()
8d7a0f8661 build/non-x86: fix symbol lookup in presence of build-id
25db82b062 symbols: don't omit "end" symbols upon mixed code / data aliases
fc024ebf24 symbols: ensure sorting by value yields reproducible outcome
b75f39c692 flask: fix gcov build with gcc14+
8cb60ba236 PCI: handle PCI->PCIe bridges as well in alloc_pdev()
4e3c9c2eca x86/CPU: extend is_forced_cpu_cap()'s "reach"
b3f59203a5 x86/time: deal with negative deltas in get_s_time_fixed()
bc63b09ecc xen/domain: Disallow XENMEM_claim_pages on dying domains
97593f78ea symbols: don't use symbols-dummy
ee66c42166 symbols: re-number intermediate files
3146587dbc x86/spec-ctrl: Fix incomplete IBPB flushing during context switch
41b9ae5d7e x86/shadow: don't overrun trace_emul_write_val
2872cd3121 cirrus-ci: introduce FreeBSD 15.0-RELEASE as "current" version
c692a6786b x86: fix incorrect return value for has_if_pschange_mc
fe0d896902 x86/PVH: mark pvh_setup_mmcfg() __init
82fe260552 xen/mm: move adjustment of claimed pages counters on allocation
b579e832de x86/hvm: be more strict with XENMAPSPACE_gmfn source types
e39831f590 xen/mm: reject XENMEM_claim_pages when using LLC coloring
f805b61268 x86/AMD: avoid REP MOVSB for Zen3/4
11f9427100 vPCI: avoid bogus "overlap in extended cap list" warnings
7ab1f4939a xen/x86: Pass TPM ACPI table to PVH dom0
1cacccbace x86/mm: update log-dirty bitmap when manipulating P2M
7990330478 x86/pod: fix decrease_reservation() clearing of M2P entries
16e22efbde x86/amd: Fix race editing DE_CFG
81e71ef34f x86/amd: Stop updating the Zenbleed mitigation dynamically
ba9142efd7 x86/vhpet: Fix sanitization of legacy IRQ route
747d10b76f x86/msix: fix incorrect refcount decrease in msixtlb
c7e69564e5 x86/ucode: Fix error handling during parallel ucode load
5d002b7470 x86emul/test: correct compiler checking and avoid it when merely cleaning
6adf28094f xen: Fix EFI buildid alignment
653a3dd92a x86emul/test: extend cleaning of generated files
3d966b5f13 kconfig: remove references to docs/misc/kconfig{,-language}.txt files
14ad692e3b update Xen version to 4.21.1-pre
06af9ef229 Update to Xen 4.21
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Our runc is now sufficiently far ahead of the oci-image-tools
such that they aren't compatible.
But
They can still be made to work with a runc generated spec.
Update the comments to show a flow that works if using runc
directly is desired.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bumping buildah to version v1.43.0-1-gbbc4bd12f, which comprises the following commits:
0158b5b31 [release-1.43] Bump Buildah to v1.43.0
f40d38a2f [release-1.43] fix source test
07b8495c8 [release-1.43] Bump common 0.67.0, image 5.39.1, storage 1.62.0
7178b10ac [release-1.43] Bump dest branch in cirrus to 1.43
acca15722 fix(build): make --tag oci-archive:xxx.tar work with simple images
40b5e371e test: do not untar archive into fs when checking file names
45b48af90 tests: use cached images instead of fedoraproject.org
662aa1598 chroot.bats(chroot with overlay root): ensure we can overlay
3877dc97d Run: don't try to encode SystemContext with json
c0cc97255 [release-1.42] Bump Buildah to v1.42.2
307d1a3a4 [release-1.42] Bump runc to v1.3.4
de21106b6 [release-1.42] Bump Buildah to v1.42.1
f0700c546 [release-1.42] bump runc to v1.3.3 - CVE-2025-52881
22cd531e9 RPM: build with sequoia on F43+
1ba41f035 Bump to Buildah v1.42.0
c23bf6bf1 Bump to storage v1.61.0, image v5.38.0, common v0.66.0
858a514ff fix(deps): update module github.com/openshift/imagebuilder to v1.2.19
a0bc52535 fix(deps): update module github.com/openshift/imagebuilder to v1.2.18
4caee77d1 copier: ignore user.overlay.* xattrs
5a849d176 commit: always return the config digest as the image ID
92b342392 fix(deps): update module golang.org/x/crypto to v0.43.0
114aa3d8c fix(deps): update module golang.org/x/sys to v0.37.0
58f0f862b fix(deps): update module github.com/docker/docker to v28.5.1+incompatible
65929b93a fix(deps): update module github.com/moby/buildkit to v0.25.1
31cb2af46 fix(deps): update module github.com/opencontainers/runc to v1.3.2
8efc91385 fix(deps): update module github.com/docker/docker to v28.5.0+incompatible
ceff05295 fix(deps): update module github.com/moby/buildkit to v0.25.0
b7961ac34 fix(deps): update github.com/containers/luksy digest to 2cf5bc9
a654d3534 Make some test files different from each other
82702b493 Revert "fix(deps): update module github.com/cyphar/filepath-securejoin to v0.5.0"
3748cda03 Also run integration tests with the Sequoia backend
c9c1d764c Allow users to build against podman-sequoia in non-default locations
e3468665b fix(deps): update module github.com/cyphar/filepath-securejoin to v0.5.0
5bb6d9e48 .cirrus.yml: Test Vendoring bump golang
e3f55fec6 vendor: bump go.podman.io/{common,image,storage} to main
6d0c9ed7e fix(deps): update module golang.org/x/crypto to v0.42.0
fbe61f730 fix(deps): update module github.com/docker/docker to v28.4.0+incompatible
881f14f01 fix(deps): update module github.com/moby/buildkit to v0.24.0
bea03a01d fix(deps): update module github.com/spf13/pflag to v1.0.10
dcb6da097 fix(deps): update module github.com/fsouza/go-dockerclient to v1.12.2
477dd3563 fix(deps): update module github.com/opencontainers/runc to v1.3.1
296a8f3eb fix(deps): update module github.com/opencontainers/cgroups to v0.0.5
1c384c959 fix(deps): update module golang.org/x/sync to v0.17.0
9cd4768bd tests/run.bats: "run masks" test: accept "unreadable" masked directories
a18468f70 Run: create parent directories of mount targets with mode 0755
6e4d1ca83 tests/run.bats: "run masks" test: accept "unreadable" masked directories
af18a2ea6 New VM images
42d6b68db Suppress a linter warning
7aedebdcc modernize: JSON doesn't do "omitempty" structs, so stop asking
802b06979 modernize: use maps.Copy() instead of iterating over a map to copy it
16680a4df modernize: use strings.CutPrefix/SplitSeq/FieldsSeq
ebc9b4049 Update expected/minimum version of Go to 1.24
76c18c897 chroot: use $PATH when finding commands
02e42929f [skip-ci] Update actions/stale action to v10
95591dbc8 Update module github.com/ulikunitz/xz to v0.5.15 [SECURITY]
dd4f9fcd6 Update go.sum
7c0c647d6 New VM images
ac8573525 Update module github.com/openshift/imagebuilder to v1
3acceccf6 Update module github.com/spf13/cobra to v1.10.1
a0a9ac638 Switch common, storage and image to monorepo.
c448438ef Update module github.com/stretchr/testify to v1.11.1
57c9d52c6 Update module go.etcd.io/bbolt to v1.4.3
c4cfbcda8 Handle tagged+digested references when processing --all-platforms
fc8d43482 Update module github.com/stretchr/testify to v1.11.0
b436176d4 Add --transient-store global option
fc748f85a Support "--imagestore" global flags
a20e25136 Commit: don't depend on MountImage(), because .imagestore
13db28cdb Adding mohanboddu as community manager to MAINTAINERS.md
69a50588c Rework how we decide what to filter out of layer diffs
bf2cbe164 Note that we have to build `true` first for the sake of its tests
473656b9d copier.Stat(): return owner UID and GID if available
738fa0d3c copier.Get(): ensure that directory entries end in "/"
9461dd61d copier.Get(): strip user and group names from entries
fd498cbf5 imagebuildah.Executor/StageExecutor: check numeric --from= values
fceb8d9ed Losen the dependency on go-connections/tlsconfig
e78c0ad5a fix(deps): update module golang.org/x/crypto to v0.41.0
b49f0e2a5 fix(deps): update module golang.org/x/term to v0.34.0
494fd9dfa fix(deps): update module github.com/docker/go-connections to v0.6.0
4912cf45d fix(deps): update module golang.org/x/sys to v0.35.0
2ae2ec75b copy: assume a destination with basename "." is a directory
e31b04729 generatePathChecksum: ignore ModTime, AccessTime and ChangeTime
3e92772f6 fix(deps): update module github.com/seccomp/libseccomp-golang to v0.11.1
11e32da8d fix(deps): update module github.com/containers/common to v0.64.1
70d0451b8 History should note unset-label, timestamp, and rewrite-timestamp
7cecaa79e pkg/cli.GenBuildOptions(): don't hardwire optional bools
7cf2b7fb7 fix(deps): update module github.com/containers/image/v5 to v5.36.1
fb6ce9d07 imagebuildah.StageExecutor.Execute: commit more "no instructions" cases
0d1d1a4df fix(deps): update module github.com/containers/storage to v1.59.1
87f60f60c Only suppress "noted" items when not squashing
27c40b3db Reap stray processes
b271aecf4 fix(deps): update github.com/containers/luksy digest to 8fccf78
06207266f fix(deps): update module github.com/docker/docker to v28.3.3+incompatible
f949a49ab Restore the default meaning of `--pull` (should be `always`).
ff07ebc3e Test that pulled up parent directories are excluded at commit
7d302c38d Exclude pulled up parent directories at commit-time
95013b363 copier.Ensure(): also return parent directories
8807a0097 copier.MkdirOptions: add ModTimeNew
e729f60d5 fix(deps): update module github.com/containers/common to v0.64.0
cce5f9c32 Bump to Buildah v1.42.0-dev
8b5354ee8 fix(deps): update module github.com/spf13/pflag to v1.0.7
7a986ebcf CI: make runc tests non-blocking
2df30a83c build,add: add support for corporate proxies
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
README-xen.md:
- Add vxn and containerd integration section describing all execution
paths (containerd, vxn standalone, vdkr/vpdmn, native Docker/Podman)
- Add memory requirements section explaining QB_MEM_VALUE=1024 is
insufficient for vxn/vctr and documenting qemuparams="-m 4096"
- Add runtime tests section with build prerequisites, test commands,
and skip behavior
- Fix x86-64 runqemu command to include qemuparams="-m 4096"
vxn/README.md:
- Add testing section referencing the pytest runtime test suite
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New test_xen_runtime.py boots xen-image-minimal via runqemu and verifies:
- Xen hypervisor running (xl list, dmesg, Dom0 memory cap)
- Bundled guest autostart (alpine visible in xl list)
- vxn standalone (vxn run --rm alpine echo hello)
- containerd/vctr integration (ctr pull + vctr run)
Uses pexpect-based XenRunner with module-scoped fixture (boot once,
run all tests). TERM=dumb set after login to suppress terminal UI
from ctr/vxn progress bars. Free memory check skips vxn/vctr tests
gracefully when insufficient Xen memory available.
Also registers 'boot' marker in conftest.py and documents build
prerequisites, test options and skip behavior in README.md.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
DAEMON_SHARE_DIR was referenced in the CA certificate copy and idle
watchdog paths but never assigned, causing 'cp: cannot create regular
file /ca.crt: Permission denied' when starting the daemon.
Create the share directory under DAEMON_SOCKET_DIR and register it
as a 9p mount, matching the path expected by daemon_run().
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add TestXenImageMinimalX86Config test class verifying:
- QB_CPU_KVM host passthrough for Xen CPUID filtering
- QB_MEM_VALUE override (not QB_MEM which can't override bbclass)
- dom0_mem in both QB_XEN_CMDLINE_EXTRA and WKS syslinux config
- vgabios SAVANNAH_GNU_MIRROR usage
Update Alpine recipe tests for per-arch checksums (name=${ALPINE_ARCH})
and S variable. Add qemux86-64 build and boot section to README-xen.md.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix several issues found during x86-64 Xen testing:
- xen-image-minimal: use -cpu host for KVM to avoid Xen CPUID
filtering stripping AVX/AVX2 from x86-64-v3 builds, causing
illegal instruction crashes in Dom0
- xen-image-minimal: use QB_MEM_VALUE (not QB_MEM) to properly
override the hard assignment in qemuboot-xen-defaults.bbclass
- xen-image-minimal: set dom0_mem=512M via QB_XEN_CMDLINE_EXTRA
- qemuboot-xen-x86-64.cfg: add dom0_mem=512M to static syslinux
config so guest autostart has memory available
- vgabios: use ${SAVANNAH_GNU_MIRROR} for reliable downloads
- alpine-xen-guest-bundle: add per-architecture checksums for
aarch64 and x86_64 tarballs, fix S variable warning
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a host-side OCI image cache at ~/.vxn/images/ for the vdkr/vpdmn
standalone Xen path. Images pulled via skopeo are stored in a
content-addressed layout (refs/ symlinks + store/ OCI dirs) so
subsequent runs hit the cache without network access.
New commands on Xen: pull, images, rmi, tag, inspect, image <subcmd>.
The run path is unchanged — cache integration into hv_prepare_container
is deferred to a follow-up.
Also fix Docker iptables conflict: when docker-moby and vxn-docker-config
coexist on Dom0, Docker's default FORWARD DROP policy blocks DHCP for
Xen DomU vifs on xenbr0. Adding "iptables": false to daemon.json
prevents Docker from modifying iptables since VM-based containers
manage their own network stack.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Add vdkr/vpdmn as Dom0 target packages with Xen auto-detection,
native Docker/Podman config sub-packages, and OCI runtime fixes
for Docker compatibility (JSON logging, root.path, kill --all,
monitor PID lifecycle).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Use setsid -c to establish a controlling terminal for the container
shell, fixing "can't access tty; job control turned off" and enabling
Ctrl-C signal delivery. Run in a subshell so setsid() succeeds without
forking (PID 1 is already a session leader).
Remove [vxn] diagnostic markers from interactive output now that
terminal mode is working. Suppress mount warning on read-only input
disk.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The containerd shim's Create RPC hung indefinitely because go-runc
captures the OCI runtime's stdout via a pipe, and cmd.Wait() blocks
until all holders of the pipe's write end close it. The background
monitor subshell inherited this pipe fd and held it open, preventing
the shim from ever proceeding to ReceiveMaster() or calling Start.
Fix by closing inherited stdout/stderr in the terminal-mode monitor
with exec >/dev/null before entering the domain poll loop. Non-terminal
mode is unaffected because the shim configures IO via FIFO dup2, where
cmd.Wait() only waits for process exit.
Additional changes for terminal mode support:
- vxn-sendtty: set PTY to raw mode (cfmakeraw) before sending fd
- vxn-oci-runtime: wait up to 5s for xenconsoled PTY, capture sendtty
return code, write persistent debug file to /root/vxn-tty-debug,
log every runtime invocation, remove stale debug logging
- vxn-init.sh: add [vxn] diagnostic markers for terminal visibility,
suppress kernel console messages early in interactive mode
- vcontainer-preinit.sh: suppress kernel messages in quiet mode
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Update SUMMARY and DESCRIPTION to note that runx is unmaintained
(upstream dormant since 2022) and that vxn provides the same Xen DomU
container functionality with pluggable hypervisor backends. go-build
is the serial FD handler companion to runx and is similarly superseded.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Add 'vxn' to DISTRO_FEATURES in vruntime.conf to enable Xen PV guest
kernel configuration. When set, linux-yocto_virtualization.inc includes
vxn.cfg which enables Xen PVH frontend drivers and the 9p Xen transport
(NET_9P_XEN). The base 9p stack comes from the existing vcontainer
feature via cfg/container.scc.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add xen-guest-cross-install.bbclass for bundling Xen guest images into
Dom0 host images at build time. Supports per-guest configuration via
varflags (memory, vcpus, vif, kernel extra), custom config files,
external/pre-built guests, and autostart via /etc/xen/auto/ symlinks.
Also add example-xen-guest-bundle recipe as a template, and simplify
xen-guest-image-minimal by removing the old XEN_GUEST_AUTO_BUNDLE
do_deploy mechanism in favor of the new class-based approach.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Install vxn-init.sh alongside the existing init scripts in both vdkr
and vpdmn rootfs images. The Xen backend selects it at boot via the
vcontainer.init=/vxn-init.sh kernel command line parameter. Add
file-checksums tracking so rootfs rebuilds when the script changes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Add 'bundle' command to the vcontainer CLI for creating OCI runtime
bundles from container images. Pulls the image via skopeo, extracts
layers into rootfs/, resolves entrypoint/cmd/env from OCI config, and
generates config.json. Supports command override via -- separator.
Only available on the Xen (vxn) backend.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Make preinit and guest init scripts hypervisor-agnostic:
- vcontainer-preinit.sh: add vcontainer.init= cmdline parameter for
init script selection and vcontainer.blk= for block device prefix
(QEMU uses /dev/vda, Xen uses /dev/xvda)
- vdkr-init.sh, vpdmn-init.sh: use NINE_P_TRANSPORT variable for 9p
mount transport (virtio for QEMU, xen for Xen)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Add vrunner-backend-qemu.sh implementing the hypervisor interface for
QEMU (arch setup, KVM detection, disk/network/9p options, VM lifecycle,
QMP control). Register backend scripts in vcontainer-native and
vcontainer-tarball recipes so they are available in both build-time
and standalone tarball contexts.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add shell-based OCI runtime (vxn-oci-runtime) that enables containerd
to manage Xen DomU containers through the standard runc shim. Non-terminal
container output flows back to ctr via the shim's pipe mechanism.
New files:
- vxn-oci-runtime: OCI runtime (create/start/state/kill/delete/features/logs)
- vxn-sendtty.c: SCM_RIGHTS helper for terminal mode PTY passing
- containerd-shim-vxn-v2: PATH trick wrapper for runc shim coexistence
- containerd-config-vxn.toml: CRI config (vxn default, runc fallback)
- vctr: convenience wrapper injecting --runtime io.containerd.vxn.v2
Key design:
- Monitor subprocess uses wait on xl console (not sleep-polling) for
instant reaction when domain dies, then extracts output markers and
writes to stdout (shim pipe -> containerd FIFO -> ctr client)
- cmd_state checks monitor PID liveness (not domain status) to prevent
premature cleanup race that killed monitor before output
- cmd_delete always destroys remnant domains (no --force needed)
- Coexists with runc: /usr/libexec/vxn/shim/runc symlink + PATH trick
Verified: vctr run --rm, vctr run -d, vxn standalone, vxn daemon mode.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per-container DomU lifecycle:
- run -d: per-container DomU with daemon loop and PTY-based IPC
- ps: show Running vs Exited(code) via ===STATUS=== PTY query
- exec/stop/rm: send commands to per-container DomU
- logs: retrieve entrypoint output from running DomU
- Entrypoint death detection with configurable grace period
- Graceful error messages for ~25 unsupported commands
- Command quoting fix: word-count+cut preserves internal spaces
Memres (persistent DomU for fast container dispatch):
- vxn memres start/stop/status/list for persistent DomU management
- vxn run auto-dispatches to memres via xl block-attach + RUN_CONTAINER
- Guest daemon loop handles ===RUN_CONTAINER===: mount hot-plugged
xvdb, extract OCI rootfs, chroot exec entrypoint, unmount, report
- Falls back to ephemeral mode when memres is occupied (PING timeout)
- Xen-specific memres list shows xl domains and orphan detection
Tested: vxn memres start + vxn run --rm alpine echo hello +
vxn run --rm hello-world both produce correct output.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
| |
To avoid check layer issues, and distros without systemd trying
to build this package group, add a check and requirement for
systemd to be defined.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix several issues preventing non-interactive mode (vxn --no-daemon run)
from showing clean container output:
- Fix console capture: check DAEMON_MODE instead of DAEMON_SOCKET in Xen
backend so ephemeral runs use xl console capture instead of the daemon
socat bridge (DAEMON_SOCKET is always set, DAEMON_MODE is only "start"
for actual daemon launches)
- Fix race condition: add post-loop marker detection after VM exits,
with 2s delay for xl console to flush its buffer
- Add stdbuf -oL to xl console for line-buffered output
- Suppress mke2fs stdout (was only redirecting stderr)
- Suppress kernel console messages during VM lifecycle in non-verbose mode
- Fix grep -P (Perl regex) for BusyBox compatibility in exit code parsing
- Preserve temp directory on failure for debugging
- Fix hardcoded "QEMU" in error messages to "VM"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vxn runs OCI containers as Xen DomU guests — the VM IS the container.
No Docker/containerd runs inside the guest; the init script directly
mounts the container rootfs and execs the entrypoint via chroot.
Host-side (Dom0):
- vxn.sh: Docker-like CLI wrapper (sets HYPERVISOR=xen)
- vrunner-backend-xen.sh: Xen xl backend for vrunner
- hv_prepare_container(): pulls OCI images via skopeo,
resolves entrypoint from OCI config using jq on host
- xl create for VM lifecycle (PVH on aarch64, PV on x86_64)
- Bridge networking with iptables DNAT for port forwards
- Console capture via xl console for ephemeral mode
Guest-side (DomU):
- vxn-init.sh: mounts container rootfs from input disk,
extracts OCI layers, execs entrypoint via chroot
- Supports containers with or without /bin/sh
- grep/sed fallback for OCI config parsing (no jq needed)
- Daemon mode with command loop on hvc1
- vcontainer-init-common.sh: hypervisor detection, head -n fix
- vcontainer-preinit.sh: init selection via vcontainer.init=
Build system:
- vxn-initramfs-create.inc: assembles boot blobs from vruntime
multiconfig, injects vxn-init.sh into rootfs squashfs
- vxn_1.0.bb: Dom0 package with scripts + blobs
- nostamp on install/package chain (blobs from DEPLOY_DIR
are untracked by sstate)
- vxn.cfg: Xen PV kernel config fragment
Tested: vxn -it --no-daemon run --rm hello-world
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add 3rd-party guest import section to README-xen.md covering
import types, kernel modes, Alpine example, and how to add
custom import handlers.
Add test_xen_guest_bundle.py with 46 pytest tests covering
bbclass structure, import handlers, kernel modes, license
warning, Alpine recipe, and README content.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Fetches Alpine Linux 3.23 minirootfs tarball and uses the
xen-guest-bundle import system (rootfs_dir type) to create a
128MB ext4 disk image. Packages as an autostarting PV guest
using the shared host kernel.
Install into a Dom0 image with:
IMAGE_INSTALL:append:pn-xen-image-minimal = " alpine-xen-guest-bundle"
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add extensible import system to convert fetched source formats
(tarballs, qcow2, etc.) into Xen-ready disk images at build time.
Built-in import types:
- rootfs_dir: extracted directory → ext4 via mkfs.ext4 -d
- qcow2: QCOW2 → raw via qemu-img convert
- ext4/raw: copy passthrough
Per-guest varflags control the import:
XEN_GUEST_SOURCE_TYPE[guest] = "rootfs_dir"
XEN_GUEST_SOURCE_FILE[guest] = "alpine-rootfs"
XEN_GUEST_IMAGE_SIZE[guest] = "128"
Also adds three kernel modes for resolve_bundle_kernel():
- (not set): shared host kernel from DEPLOY_DIR_IMAGE
- "path": custom kernel, checks UNPACKDIR then DEPLOY_DIR_IMAGE
- "none": HVM guest, omits kernel= from config
Native tool dependencies and fakeroot are resolved automatically
at parse time. External guests emit a single license warning at
do_compile time (prefunc, not parse-time).
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New bbclass that creates installable packages bundling Xen guest
images (rootfs + kernel + config). When installed via IMAGE_INSTALL
into a Dom0 image that inherits xen-guest-cross-install, guests are
automatically deployed by merge_installed_xen_bundles().
Features:
- Parse-time dependency generation from XEN_GUEST_BUNDLES
- Per-guest varflags for memory, vcpus, vif, extra, disk, name
- Custom config file support via XEN_GUEST_CONFIG_FILE varflag
- Explicit rootfs/kernel path overrides for external guests
- Manifest-based packaging for cross-install integration
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
The recipe sets REQUIRED_DISTRO_FEATURES:class-native but never
inherits features_check, so the requirement was silently ignored.
OE-core now has an unhandled-features-check QA test that catches
this and fails the build.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
