Sync from SUSE:SLFO:Main libkrun revision 1b03b0e6443d2a0a3b1d904bc6c4a1b9

This commit is contained in:
Adrian Schröter 2024-05-03 15:13:05 +02:00
commit 520078654b
9 changed files with 516 additions and 0 deletions

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

25
_service Normal file
View File

@ -0,0 +1,25 @@
<services>
<service name="obs_scm" mode="disabled">
<param name="scm">git</param>
<param name="revision">v1.4.10</param>
<param name="url">https://github.com/containers/libkrun.git</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="versionrewrite-pattern">v(.*)</param>
</service>
<service name="cargo_vendor" mode="disabled">
<param name="srcdir">libkrun</param>
<param name="update">true</param>
</service>
<service name="cargo_audit" mode="disabled">
<param name="srcdir">libkrun</param>
</service>
<service mode="buildtime" name="tar" />
<service mode="buildtime" name="recompress">
<param name="file">*.tar</param>
<param name="compression">gz</param>
</service>
<service name="set_version" mode="disabled">
</service>
</services>

4
_servicedata Normal file
View File

@ -0,0 +1,4 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/containers/libkrun.git</param>
<param name="changesrevision">74bda657239c1c8a1834e66c10672cc7d46587c6</param></service></servicedata>

5
cargo_config Normal file
View File

@ -0,0 +1,5 @@
[source.crates-io]
replace-with = "vendored-sources"
[source.vendored-sources]
directory = "vendor"

BIN
libkrun-1.4.10.obscpio (Stored with Git LFS) Normal file

Binary file not shown.

286
libkrun.changes Normal file
View File

@ -0,0 +1,286 @@
-------------------------------------------------------------------
Thu Jan 19 08:01:48 UTC 2023 - fcrozat@suse.com
- Update to version 1.4.10:
* Bump version to v1.4.10
* Update kvm-ioctls to 0.12.0
* init: Fix parsing of Env in JSON
- Drop new-kvm-ioctl.patch, merged upstream.
-------------------------------------------------------------------
Mon Jan 16 09:37:08 UTC 2023 - fcrozat@suse.com
- Update to version 1.4.9:
* Remove unnecessary casts
* init: do a case-insensitive check for JSON fields
* Fix kernel command line for non-TEE targets
* snp: measure regions rqequired by FW and PSP
* snp: refactor code to add_region
* cargo: Update to sev 1.0.0
* Add CODEOWNERS file
* examples: Add snp-config-noattest TEE config
* vmm/tee: Merge amd-sev and amd-snp modules
* vmm/resources: kbs_types behind tee flag
* tee: Make TeeConfig required
* vmm: Remove aarch64 config on amdsev function
* vmm/linux/tee: Add amd-snp module
* vmm/linux: Introduce tee module for TEE-specificities
* amdsev: Replace manual ioctls for sev library APIs
* cargo: Point "sev" to upstream git repo
-------------------------------------------------------------------
Mon Dec 05 13:14:11 UTC 2022 - dmueller@suse.com
- Update to version 1.4.8:
* Bump version to v1.4.8
* macos: fix mapped volumes initialization
* Bump version to v1.4.6
* sev: fix a new clippy error
* fs: fix new clippy issue in descriptor_utils
* macos: init: register rosetta in binfmt_misc
* macos: map Rosetta directory if present
* macos: implement the ioctl Rosetta needs
- add new-kvm-ioctl.patch
-------------------------------------------------------------------
Mon Dec 5 08:44:44 UTC 2022 - Dirk Müller <dmueller@suse.com>
- add proper split-provides
- add cargo_audit
-------------------------------------------------------------------
Thu Nov 03 13:16:17 UTC 2022 - predivan@mts.rs
- Update to version 1.4.6:
* Bump version to v1.4.6
* fs/macos: Fix some clippy warnings
* hvf: write reg on sysreg trap
* Bump version to v1.4.5
* sev: Don't use a static initrd size
* sev: Update to the final KBS attestation protocol
* vsock: Fix signal logic in Muxer
* examples/Makefile: Remove launch-tee binary on make clean
-------------------------------------------------------------------
Thu Sep 29 23:42:09 UTC 2022 - Dario Faggioli <dfaggioli@suse.com>
- Switch to a "proper library" packaging layout. Downstreams (namely,
crun) are now able to cope with this. So do it, and get rid of a lot
of RPM lint warnings and errors!
- Make it easier to turn on/off building the SEV-enabled library
* Patches dropped:
not-set-soname-as-it-is-plugin.patch
-------------------------------------------------------------------
Thu Sep 29 09:01:33 UTC 2022 - Dario Faggioli <dfaggioli@suse.com>
- Build the SEV version first, so we don't overwrite the non-SEV
enabled plugin with the SEV one.
-------------------------------------------------------------------
Wed Sep 28 16:45:10 UTC 2022 - dfaggioli@suse.com
- Update to version 1.4.4:
* Bump version to v1.4.4
* fs/macos: drop value mutability in read/write
* fs/macos: avoid deadlock in open_inode
* fs/macos: Fix path replacing on rename dir
* Bump version to v1.4.3
* devices/fs: Drop mutability from FileReadWriteAtVolatile
* fs/macos: keep track of unlinked files
* devices: add missing fence in Queue
* Replace mpsc with crossbeam-channel
* Bump version to v1.4.2
* init: override kernel's HOME and TERM envs
* init: ensure "/dev" is properly mounted
* init: set a default hostname if no env is present
* Makefile: drop library dependency on install
* sev: temporarily vendorize kbs-types
* sev: replace ureq with curl
* Bump version to v1.4.1
* clippy: Derive Eq in addition of PartialEq
* macos: fix symlink ownership and mode attrs
* Makefile: force creation of symlinks on install
* sev: inform the user about progress
* sev: extend TEE config and override VmConfig
* Bump version to v1.4.0
* sev: write zero page and include in measurement
* sev: adopt the tentative KBS attestation protocol
* sev: update sev crate to 0.3
* sev: drop reqwest dependency
* sev: replace attestation_url with tee_config_file
* Bump version to v1.3.0
* init: be permissive with non-ASCII bytes
* init: add support for Entrypoint
* init: deal with missing "/dev"
* init: don't override existing env vars
* libkrun: add krun_set_env()
* sev: don't rely on cmdline_secret size and unlink
* libkrun: remove KRUN_INIT and KRUN_WORKDIR defaults
* init: Add cmdline_secret and config file support
* Bump version to v1.2.3
* macos: use upstream buildah xattr key
* macos: honor flag enabling/disabling xattr
* README.md: add known users and contact sections
-------------------------------------------------------------------
Wed Aug 3 09:01:53 UTC 2022 - Dario Faggioli <dfaggioli@suse.com>
- Reconcile spec file and package content (reference .xz and
get rid of .zst)
-------------------------------------------------------------------
Fri Jul 29 11:12:32 UTC 2022 - fcrozat@suse.com
- Update to version 1.2.2:
* Bump version to v1.2.2
* vsock: remove stray println
-------------------------------------------------------------------
Wed Jun 22 07:36:02 UTC 2022 - dfaggioli@suse.com
- Run services and update vendored dependencies
- Update to version 1.2.1:
* Bump vm-memory dependency from 0.7.0 to 0.8.0
- Update to version to 1.2.0:
* Disable virtio-fs DAX
+ Fixes a bug triggered when using openSUSE images
* vsock: defer TSI proxy removal
-------------------------------------------------------------------
Fri Jun 17 14:23:15 UTC 2022 - dfaggioli@suse.com
- Update to version 1.1.0:
* vsock: restore lost port mapping feature
* vsock: translate errno to macOS to Linux
* vsock: use MSG_NOSIGNAL to avoid SIGPIPE
* vsock: update to nix 0.24.1
* vsock: make accept() and explicit operation
- Update to version to v1.0.0
* Update README.md
* CI: run clippy tests with amd-sev feature too
* Implement virtio-rng device
* vmm: disable test_get_supported_cpuid
* sev: use a different name when building with SEV
* sev: switch to upstream kvm-bindings/ioctls
* Makefile: add versioning to the output library
* arch/aarch64: remove dependency on device_tree
* libkrun: remove unneeded "cc" dependency
- Update to version to 0.2.0
* Replace old vsock with TSIv2's vsock
* macos: operate directly on kqueue in epoll
* utils: Allow Epoll to be cloned
* Replace "logger" crate with env_logger+log
- Patches added:
* not-set-soname-as-it-is-plugin.patch
-------------------------------------------------------------------
Fri May 27 12:23:06 UTC 2022 - dfaggioli@suse.com
- Automatic update of vendored dependencies
- Update to version 0.1.8.
- (From upstream) Bump version to 0.1.8. We're about to introduce
some breaking changes that will lead us to 0.2.0, so let's
release a version now so people can get the latest clean ups
without jumping all the way into 0.2.
- Some changes:
* utils: drop unused functionality
* CI: fail on clippy warnings
* cpuid/logger: remove "fn main" in doctests
* Use vm-memory from crates.io
* Remove unneeded extern declarations
* libkrun: fix clippy warnings
* libkrun: set Rust Edition to 2021
* vmm: fix clippy warnings
* vmm: set Rust Edition to 2021
* kernel: fix clippy warnings
* kernel: set Rust Edition to 2021
* logger: fix clippy warnings
* logger: update code to Rust 2021
* polly: fix clippy warnings
* polly: set Rust Edition to 2021
* utils: fix clippy warnings
* utils: set Rust Edition to 2021
* devices: fix clippy warnings
* devices: set Rust Edition to 2021
* cpuid: fix clippy warnings
* cpuid: update code to Rust 2021
* arch: fix clippy warnings
* arch: update code to Rust 2021
* SEV: Ensure space for BIOS is always reserved
* SEV: Implement support for SEV-ES
* SEV: Increase the RAM of the examples to 2 GiB
* SEV: Add the SEV flag to the Makefiles
* SEV: Add a couple of examples fro libkrun-SEV
* SEV: Automatically detect AMD CPU model
* SEV: Implement support for Remote Attestation
* SEV: Teach init how to open a LUKS volume
* SEV: Add support for initramfs
* SEV: Import virtio-block support from Firecraker
* SEV: Initial plain SEV support
* SEV: Configure MTRR MSR
* SEV: Load qboot into the reset vector
* CI: use default Cargo features on tests
-------------------------------------------------------------------
Fri Aug 6 13:28:37 UTC 2021 - Frederic Crozat <fcrozat@suse.com>
- Don't try follow library policy, libkrun is a plugin.
-------------------------------------------------------------------
Fri Mar 19 02:14:29 UTC 2021 - Dario Faggioli <dfaggioli@suse.com>
- enable only the arch-es that we know are supported (x86_64 and Arm64)
- build fails with old versions of cargo. Set a minimum version
-------------------------------------------------------------------
Fri Mar 19 00:52:32 UTC 2021 - Dario Faggioli <dfaggioli@suse.com>
- fixup the obscpio files for 0.1.7
-------------------------------------------------------------------
Fri Mar 19 00:36:40 UTC 2021 - dfaggioli@suse.com
- Update to version 0.1.7:
* libkrun: Bump version to 0.1.7
* devices/fs: fix listxattr on macOS
* libkrun: Bump version to 0.1.6
* vmm: Add "no-kvmapf" to the kernel command line
* libkrun: Bump version to 0.1.5
* libkrun: Put env vars values between quotes
* init: Fix format warning in printf()
* init: Compile with -Wall
* Makefile: Have init.c as a prerequisite of init
* init: Fix the perror() messages
-------------------------------------------------------------------
Fri Mar 19 00:17:49 UTC 2021 - Dario Faggioli <dfaggioli@suse.com>
- there's no libkrunfw for i586 so exclude it here as well
-------------------------------------------------------------------
Sat Feb 27 04:40:58 UTC 2021 - Dario Faggioli <dfaggioli@suse.com>
- Set all services to disabled
-------------------------------------------------------------------
Thu Feb 18 07:54:29 UTC 2021 - dmacvicar@suse.com
- Update to version v0.1.4:
* libkrun: Put env vars values between quotes
* init: Fix format warning in printf()
* init: Compile with -Wall
* Makefile: Have init.c as a prerequisite of init
* init: Fix the perror() messages
* examples: Introduce the "rootfs" make target
* README: Mention the C Library static on requirements
* libkrun: Fix type of arguments mapped_volumes and port_map
* libkrun: Add support for setting RLIMITs in the guests
* README.md: Add instructions for building under macOS
-------------------------------------------------------------------
Thu Feb 18 00:01:04 UTC 2021 - Duncan Mac-Vicar <duncan@mac-vicar.eu>
- Initial package for 0.1.4
Based on Fedora package from Sergio Lopez <slp@redhat.com>

4
libkrun.obsinfo Normal file
View File

@ -0,0 +1,4 @@
name: libkrun
version: 1.4.10
mtime: 1674077930
commit: 74bda657239c1c8a1834e66c10672cc7d46587c6

163
libkrun.spec Normal file
View File

@ -0,0 +1,163 @@
#
# spec file for package libkrun
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define sev 1
%define descr \
libkrun is a dynamic library that allows programs to easily acquire the\
ability to run processes in a partially isolated environment using KVM Virtualization.\
It integrates a VMM (Virtual Machine Monitor, the userspace side of an Hypervisor) with\
the minimum amount of emulated devices required to its purpose, abstracting most of the\
complexity that comes from Virtual Machine management, offering users a simple C API.
# However sev has been defined, reset it if we're not on x86
%ifnarch x86_64
%define sev 0
%endif
%global rustflags '-Clink-arg=-Wl,-z,relro,-z,now'
Name: libkrun
Version: 1.4.10
Release: 0
Summary: A dynamic library providing KVM-based process isolation capabilities
License: Apache-2.0
URL: https://github.com/containers/libkrun
Source0: libkrun-%{version}.tar.gz
Source1: vendor.tar.xz
Source2: cargo_config
ExclusiveArch: x86_64 aarch64
BuildRequires: cargo >= 1.43.0
BuildRequires: gcc
BuildRequires: glibc-static
BuildRequires: libkrunfw-devel >= 3.6.3
BuildRequires: libopenssl-devel
BuildRequires: patchelf
BuildRequires: rust
%if %{sev}
BuildRequires: libkrunfw-sev-devel >= 3.6.3
%endif
%ifarch aarch64
BuildRequires: libfdt-devel >= 1.6.0
%endif
# For handling the transition from (very) old versions of the packages
Conflicts: libkrun-devel <= 0.1.7
Conflicts: libkrun0 <= 0.1.7
%description
%{summary}
%package -n %{name}1
Summary: A dynamic library providing KVM-based process isolation capabilities
Obsoletes: libkrun <= 1.4.1
%description -n %{name}1
%{descr}
%package devel
Summary: Header files and libraries for libkrun development
Requires: %{name}1 = %{version}-%{release}
%description devel
%{descr}
This package containes the libraries and headers needed to develop programs
that use libkrun Virtualization-based process isolation capabilities.
%if %{sev}
%package sev1
Summary: Dynamic library providing Virtualization-based process isolation capabilities (SEV variant)
Obsoletes: libkrun <= 1.4.1
%description sev1
%{descr}
This package contains the library that enables using AMD SEV to create a
microVM-based Trusted Execution Environment (TEE).
%package sev-devel
Summary: Header files and libraries for libkrun development
Requires: %{name}-devel = %{version}-%{release}
Requires: %{name}-sev1 = %{version}-%{release}
Provides: %{name}:%{_libdir}/libkrun-sev.so
Obsoletes: %{name} < %{version}
%description sev-devel
%{descr}
This package containes the libraries and headers needed to develop programs that
use libkrun-sev Virtualization-based process isolation capabilities.
%endif
%prep
%autosetup -a1
mkdir .cargo
cp %{SOURCE2} .cargo/config
%build
export RUSTFLAGS=%{rustflags}
%make_build
%if %{sev}
%make_build SEV=1
%endif
%install
export RUSTFLAGS=%{rustflags}
%make_install PREFIX=%{_prefix}
%if %{sev}
%make_install SEV=1 PREFIX=%{_prefix}
%endif
%files -n %{name}1
%license LICENSE
%doc README.md
%{_libdir}/libkrun.so.%{version}
%{_libdir}/libkrun.so.1
%files devel
%{_libdir}/libkrun.so
%{_includedir}/libkrun.h
%post -n %{name}1 -p /sbin/ldconfig
%postun -n %{name}1 -p /sbin/ldconfig
%if %{sev}
%files sev1
%license LICENSE
%doc README.md
%{_libdir}/libkrun-sev.so.%{version}
%{_libdir}/libkrun-sev.so.1
%files sev-devel
%{_libdir}/libkrun-sev.so
%post sev1 -p /sbin/ldconfig
%postun sev1 -p /sbin/ldconfig
%endif
%if %{with check}
%check
%cargo_test
%endif
%changelog

BIN
vendor.tar.xz (Stored with Git LFS) Normal file

Binary file not shown.