From 21d918dbeda7489975cfb625cd01f86b9e0a4e21553bf7981c81f19783385b82 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai Date: Thu, 5 May 2022 04:24:51 +0000 Subject: [PATCH 1/4] Accepting request 975024 from home:cyphar:lxc - Update to LXD 4.24. The full upstream changelog is available from: https://discuss.linuxcontainers.org/t/lxd-4-24-has-been-released/13550 boo#1199215 This is the last release before LXD 5.0 (which does not support the Leap 15.3 kernel -- LXD 5.0 requires kernel 5.4 or newer). Thus this will be the last LXD release for Leap 15.3. + lxc file mount and new files API + Cluster event hub role * Reworked lxc storage volume info + AppArmor profiles for image extractors + Grafana dashboard + Degraded startup (missing disk) + restricted.containers.interception project option + core.metrics_authentication server option + Network interface name and MTU in virtual machines + I/O uring support for VM storage + ipv4.neighbor_probe and ipv6.neighbor_probe NIC options OBS-URL: https://build.opensuse.org/request/show/975024 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/lxd?expand=0&rev=105 --- lxd-4.21.tar.gz | 3 --- lxd-4.21.tar.gz.asc | 16 ---------------- lxd-4.24.tar.gz | 3 +++ lxd-4.24.tar.gz.asc | 16 ++++++++++++++++ lxd.changes | 23 +++++++++++++++++++++++ lxd.spec | 8 ++++---- 6 files changed, 46 insertions(+), 23 deletions(-) delete mode 100644 lxd-4.21.tar.gz delete mode 100644 lxd-4.21.tar.gz.asc create mode 100644 lxd-4.24.tar.gz create mode 100644 lxd-4.24.tar.gz.asc diff --git a/lxd-4.21.tar.gz b/lxd-4.21.tar.gz deleted file mode 100644 index 59afc9f..0000000 --- a/lxd-4.21.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7a6745b50a5914d6f7812ee1def103373b38ea4759593302a0eded2787a652ac -size 15786720 diff --git a/lxd-4.21.tar.gz.asc b/lxd-4.21.tar.gz.asc deleted file mode 100644 index 4846cd2..0000000 --- a/lxd-4.21.tar.gz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEYC9WdmPlk7y9FPM4xjiXTWR5LWcFAmGy10wACgkQxjiXTWR5 -LWd17A//fdMawoe2Pnih8G1sHkstk6+Ey4nL7LmAn90bX8Kx9BrjCf9NpZ5HJsK6 -l9MSUYih1Hdgh7lT8TFW8yBV7Ao/dVBr0lqmlp/3RVDgNgJTB5n20bz9Nj/E24nA -yj46gHV7FQJsAvGXav5o1R08FYGRqOvK9w5z4dQbRJbuuDLf0NIdLcEMEsHBJSUK -NdI3ARPP5pngMFM5PSNc2zvdwAsOBkXFNH1xJR6wJl3vhOg0UjZ50No0GqrJgnZb -mLRKFrbcmfToIOvtoa9j7KpdvSnW4xD+MbjAKvk3jfdG8szI6NCpO+8oyv3SBzcP -h0ZBnokVO3P0NeADZN3mtrWYfIE5wht/3C6dq5Hf6OoRPRzfSGj8TzBJD8nESlgr -Po4A3Quc6BhtRNNimf5q/3TT8X33++wChUnK3sOh7RItMEnbYEJbYTD0cBgJ1KPB -JTwWoTs6jO41RMLIjRFwlyzyY72P6JzNBd3lXgTcnyE8l6DALm0z4zKiTcOh1m3b -18VNyKOcCEz+M562gl+ZvjBjDqwe2fBpEsxaUt/38n4BKQM2Hv+s+VTnVX+1apV2 -A0HdlCDNBeDMjN9YXnTZ7o47CVp1F34VkjDZH9XysvOIHsdXYMP1IrCxABktdTPL -OicEwiiN143VKCicLCyBTj0ZoibKsu/q5PtxjWqoTWu4OM6M4xU= -=5FDX ------END PGP SIGNATURE----- diff --git a/lxd-4.24.tar.gz b/lxd-4.24.tar.gz new file mode 100644 index 0000000..76fff45 --- /dev/null +++ b/lxd-4.24.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:97fae15a1826bc73a45cbf8e9adf775fd9702248863b8a5997de5494eaaeb252 +size 17955650 diff --git a/lxd-4.24.tar.gz.asc b/lxd-4.24.tar.gz.asc new file mode 100644 index 0000000..4c0656e --- /dev/null +++ b/lxd-4.24.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEYC9WdmPlk7y9FPM4xjiXTWR5LWcFAmIqyfIACgkQxjiXTWR5 +LWfFihAAl8k6I18h1BQVXMQEdrW2Dtcm7ejlPmKPliseZgt8vvLdoABQ9GQRK3Rf +apkBt3Dc+eFLy9waz8BWo1+X14aXaWYMyDNPea6iEhLcUgrhWYsw7SzmwDIaWaex +c/Wf8C3ZobePmDBzUZ/fLSeuP/Lw77VlOmPpIb8XSHyNbKSSLBHPQcj2Crowh2UL +/w9nsOsKNbg3UTXeEXUce3UheAS2WE9KhJPrQZp+vCBPUbYLNZbRNe5uAbAEm4hL ++WEWlvlA1cQPVYrHkAj1rwk4DA8li7JiyCDilDy6Kww33Qy5rWU3LW2MBCY6uVHX +n4fxSItwZHrC8GtKmcz+YOqtIRI6o6KVluqtB9UnSAlyBaRmSPx/rQybwEQ9Zcex +Hyd0/euL01OegvTdkVr/T3y4PP0I/qZRbomd2GXUF2erGokPPSNwgrQh4SQeJLxa +JSqrIO8ZRPv3G9k0+3b53sSgS/3eTuVMHLBX5yP6nTtFJFJIE+QTXRr0aAheh+lD +9JHBBS1/1+iPZLT93RQBPNiB8NMrtrz1md1REfDc6tQ6UMfcN5jxtVpZi6LorQFm +IBbe9ElOyuethehsBfe7vO1dzi9rIylAJ7d7u53+OV3cM8ejXb32Rjb1ldfoGjGv +wXkijXaVi1114sqPh0kRsHOtitygjsKYSvUJK18TVhvNK4TQkhQ= +=+kth +-----END PGP SIGNATURE----- diff --git a/lxd.changes b/lxd.changes index 3e535af..19532bd 100644 --- a/lxd.changes +++ b/lxd.changes @@ -1,3 +1,26 @@ +------------------------------------------------------------------- +Thu May 5 03:31:24 UTC 2022 - Aleksa Sarai + +- Update to LXD 4.24. The full upstream changelog is available from: + https://discuss.linuxcontainers.org/t/lxd-4-24-has-been-released/13550 + boo#1199215 + + This is the last release before LXD 5.0 (which does not support the Leap 15.3 + kernel -- LXD 5.0 requires kernel 5.4 or newer). Thus this will be the last + LXD release for Leap 15.3. + + + lxc file mount and new files API + + Cluster event hub role + * Reworked lxc storage volume info + + AppArmor profiles for image extractors + + Grafana dashboard + + Degraded startup (missing disk) + + restricted.containers.interception project option + + core.metrics_authentication server option + + Network interface name and MTU in virtual machines + + I/O uring support for VM storage + + ipv4.neighbor_probe and ipv6.neighbor_probe NIC options + ------------------------------------------------------------------- Mon Dec 13 02:46:02 UTC 2021 - Aleksa Sarai diff --git a/lxd.spec b/lxd.spec index 80996ea..fe3d1fb 100644 --- a/lxd.spec +++ b/lxd.spec @@ -1,7 +1,7 @@ # # spec file for package lxd # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -34,7 +34,7 @@ %endif Name: lxd -Version: 4.21 +Version: 4.24 Release: 0 Summary: Container hypervisor based on LXC License: Apache-2.0 @@ -61,10 +61,10 @@ BuildRequires: pkg-config BuildRequires: rsync BuildRequires: sqlite3-devel >= 3.25 BuildRequires: pkgconfig(libudev) -BuildRequires: pkgconfig(lxc) >= 3.0.0 +BuildRequires: pkgconfig(lxc) >= 4.0.0 # Due to a limitation in openSUSE's Go packaging we cannot have a BuildRequires # for 'golang(API) >= 1.14' here, so just require 1.14 exactly. bsc#1172608 -BuildRequires: golang(API) = 1.15 +BuildRequires: golang(API) = 1.17 # Needed to build dqlite and raft. BuildRequires: autoconf BuildRequires: libtool From b136d2a6a16dc885fefd26c475e3479de078dbeb9cee66ab4b2e761d397cbc35 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai Date: Thu, 5 May 2022 05:38:58 +0000 Subject: [PATCH 2/4] Accepting request 975028 from home:cyphar:lxc - Update to LXD 5.1. The full upstream changelog is available from: https://discuss.linuxcontainers.org/t/lxd-5-1-has-been-released/13956 boo#1199216 + Sysinfo system call interception + lxc cluster role sub-command * lxc storage volume info shows volume total size + Configurable host network interface naming pattern * Overrideable evacuation mode * Setting profiles during an image copy OBS-URL: https://build.opensuse.org/request/show/975028 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/lxd?expand=0&rev=106 --- lxd-4.24.tar.gz | 3 --- lxd-4.24.tar.gz.asc | 16 ---------------- lxd-5.1.tar.gz | 3 +++ lxd-5.1.tar.gz.asc | 16 ++++++++++++++++ lxd.changes | 14 ++++++++++++++ lxd.spec | 11 ++++++----- 6 files changed, 39 insertions(+), 24 deletions(-) delete mode 100644 lxd-4.24.tar.gz delete mode 100644 lxd-4.24.tar.gz.asc create mode 100644 lxd-5.1.tar.gz create mode 100644 lxd-5.1.tar.gz.asc diff --git a/lxd-4.24.tar.gz b/lxd-4.24.tar.gz deleted file mode 100644 index 76fff45..0000000 --- a/lxd-4.24.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:97fae15a1826bc73a45cbf8e9adf775fd9702248863b8a5997de5494eaaeb252 -size 17955650 diff --git a/lxd-4.24.tar.gz.asc b/lxd-4.24.tar.gz.asc deleted file mode 100644 index 4c0656e..0000000 --- a/lxd-4.24.tar.gz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEYC9WdmPlk7y9FPM4xjiXTWR5LWcFAmIqyfIACgkQxjiXTWR5 -LWfFihAAl8k6I18h1BQVXMQEdrW2Dtcm7ejlPmKPliseZgt8vvLdoABQ9GQRK3Rf -apkBt3Dc+eFLy9waz8BWo1+X14aXaWYMyDNPea6iEhLcUgrhWYsw7SzmwDIaWaex -c/Wf8C3ZobePmDBzUZ/fLSeuP/Lw77VlOmPpIb8XSHyNbKSSLBHPQcj2Crowh2UL -/w9nsOsKNbg3UTXeEXUce3UheAS2WE9KhJPrQZp+vCBPUbYLNZbRNe5uAbAEm4hL -+WEWlvlA1cQPVYrHkAj1rwk4DA8li7JiyCDilDy6Kww33Qy5rWU3LW2MBCY6uVHX -n4fxSItwZHrC8GtKmcz+YOqtIRI6o6KVluqtB9UnSAlyBaRmSPx/rQybwEQ9Zcex -Hyd0/euL01OegvTdkVr/T3y4PP0I/qZRbomd2GXUF2erGokPPSNwgrQh4SQeJLxa -JSqrIO8ZRPv3G9k0+3b53sSgS/3eTuVMHLBX5yP6nTtFJFJIE+QTXRr0aAheh+lD -9JHBBS1/1+iPZLT93RQBPNiB8NMrtrz1md1REfDc6tQ6UMfcN5jxtVpZi6LorQFm -IBbe9ElOyuethehsBfe7vO1dzi9rIylAJ7d7u53+OV3cM8ejXb32Rjb1ldfoGjGv -wXkijXaVi1114sqPh0kRsHOtitygjsKYSvUJK18TVhvNK4TQkhQ= -=+kth ------END PGP SIGNATURE----- diff --git a/lxd-5.1.tar.gz b/lxd-5.1.tar.gz new file mode 100644 index 0000000..b57d442 --- /dev/null +++ b/lxd-5.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:319f4e93506e2144edaa280b0185fb37c4374cf7d7468a5e5c8c1b678189250a +size 18017579 diff --git a/lxd-5.1.tar.gz.asc b/lxd-5.1.tar.gz.asc new file mode 100644 index 0000000..d9b2aef --- /dev/null +++ b/lxd-5.1.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEYC9WdmPlk7y9FPM4xjiXTWR5LWcFAmJq60YACgkQxjiXTWR5 +LWcnZA/9E3XxPxLaFVnfT16kOYIFCZX50eyumUefcS+T5qhu19yX1MdvOC3ESLIn +bSQjK/AVjL9UgNpQQTaMYkn1FWq1ZH6jdwzB6y4hBMcP7iE3BqihCoehZk0K+oC4 +sybqSimUqt491/HNSVdDChGTHhr2BVZRTLmAo46EdBueb4WYGyTzEiiSUM0cmMF5 +Af5/MjpuYfmVxr7DfbXeBibJzhpg6x5PzyYzRvC0hMAg2qrMYZMAWhJXXFFE3VCt +QszrMriGbOcSqfSL0VqSjGgUJW7B0StVBQq16TkdhO+oBMUvfjTCm1e11uoWNN4p +8PS6vA9yeNIjd2+UuubsG+gGssHhgKpMSDPt0bFZNMW7y6m7OwNk0W+CUgA1bxnK +QPn3QFfi+QkmEUCLZjVLu/pQDH46fD1RUk1G0zYHdlnVJpUCM+sH4YbKwYDax/lS +ZaL26ihG25sZw3fESermEAUSRS8q68HDWzDad0+YE4hnQscqFo8toNxNv/+8QHx/ +b6fQM6gaEIu43u/JqAJCURtIkW0aiSRI/vcZfGnPoFA77wbzCeA0DxGJURlFsP6Q +hbVlmunKDzDKukO5w1zKJBOjiAj/aBElRR/iRvVmwCwwAPiBXhvpn6eamGTgJNsa +UR2a5xew76JL1yQ4ug9yi0aObXh3gULd9XuY8E1Uu5Rk16vag9U= +=rsCN +-----END PGP SIGNATURE----- diff --git a/lxd.changes b/lxd.changes index 19532bd..685dd73 100644 --- a/lxd.changes +++ b/lxd.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Thu May 5 04:27:43 UTC 2022 - Aleksa Sarai + +- Update to LXD 5.1. The full upstream changelog is available from: + https://discuss.linuxcontainers.org/t/lxd-5-1-has-been-released/13956 + boo#1199216 + + + Sysinfo system call interception + + lxc cluster role sub-command + * lxc storage volume info shows volume total size + + Configurable host network interface naming pattern + * Overrideable evacuation mode + * Setting profiles during an image copy + ------------------------------------------------------------------- Thu May 5 03:31:24 UTC 2022 - Aleksa Sarai diff --git a/lxd.spec b/lxd.spec index fe3d1fb..30149c5 100644 --- a/lxd.spec +++ b/lxd.spec @@ -34,7 +34,7 @@ %endif Name: lxd -Version: 4.24 +Version: 5.1 Release: 0 Summary: Container hypervisor based on LXC License: Apache-2.0 @@ -63,12 +63,13 @@ BuildRequires: sqlite3-devel >= 3.25 BuildRequires: pkgconfig(libudev) BuildRequires: pkgconfig(lxc) >= 4.0.0 # Due to a limitation in openSUSE's Go packaging we cannot have a BuildRequires -# for 'golang(API) >= 1.14' here, so just require 1.14 exactly. bsc#1172608 -BuildRequires: golang(API) = 1.17 +# for 'golang(API) >= 1.18' here, so just require 1.18 exactly. bsc#1172608 +BuildRequires: golang(API) = 1.18 # Needed to build dqlite and raft. BuildRequires: autoconf BuildRequires: libtool BuildRequires: pkgconfig(libuv) >= 1.8.0 +Requires: kernel-base >= 5.4 # Bits required for images and other things at runtime. Requires: acl Requires: ebtables @@ -93,10 +94,10 @@ Requires: qemu-ui-spice-core Requires: qemu-ui-spice-app %endif %ifarch %ix86 x86_64 -Requires: qemu-x86 +Requires: qemu-x86 >= 6.0 %endif %ifarch aarch64 %arm -Requires: qemu-arm +Requires: qemu-arm >= 6.0 %endif %endif # Storage backends -- we don't recommend ZFS since it's not *technically* a From e59bb6221076c24600203bbe6f936a6fd110b8bea7c6940318f3b48ee044f07b Mon Sep 17 00:00:00 2001 From: Aleksa Sarai Date: Thu, 5 May 2022 06:18:13 +0000 Subject: [PATCH 3/4] Accepting request 975050 from home:cyphar:lxc - Backport upstream patch to fix build on x32 systems. + 0001-lxd-secommp-Fix-sysinfo-syscall-interception-on-32-b.patch OBS-URL: https://build.opensuse.org/request/show/975050 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/lxd?expand=0&rev=107 --- ...sysinfo-syscall-interception-on-32-b.patch | 174 ++++++++++++++++++ lxd.changes | 2 + lxd.spec | 4 + 3 files changed, 180 insertions(+) create mode 100644 0001-lxd-secommp-Fix-sysinfo-syscall-interception-on-32-b.patch diff --git a/0001-lxd-secommp-Fix-sysinfo-syscall-interception-on-32-b.patch b/0001-lxd-secommp-Fix-sysinfo-syscall-interception-on-32-b.patch new file mode 100644 index 0000000..63195de --- /dev/null +++ b/0001-lxd-secommp-Fix-sysinfo-syscall-interception-on-32-b.patch @@ -0,0 +1,174 @@ +From fd6845ddda3f80cdd24a8f94c42acce6bff0c41f Mon Sep 17 00:00:00 2001 +From: Thomas Parrott +Date: Fri, 29 Apr 2022 11:12:48 +0100 +Subject: [PATCH] lxd/secommp: Fix sysinfo syscall interception on 32 bit + platforms + +Fixes #10347 + +Backport: +Signed-off-by: Thomas Parrott +--- + lxd/seccomp/seccomp.go | 22 ++++++++++++++-------- + lxd/seccomp/sysinfo.go | 13 +++++++++++++ + lxd/seccomp/sysinfo_32.go | 19 +++++++++++++++++++ + lxd/seccomp/sysinfo_64.go | 19 +++++++++++++++++++ + 4 files changed, 65 insertions(+), 8 deletions(-) + create mode 100644 lxd/seccomp/sysinfo.go + create mode 100644 lxd/seccomp/sysinfo_32.go + create mode 100644 lxd/seccomp/sysinfo_64.go + +diff --git a/lxd/seccomp/seccomp.go b/lxd/seccomp/seccomp.go +index 03fee3c71a09..203d408a8286 100644 +--- a/lxd/seccomp/seccomp.go ++++ b/lxd/seccomp/seccomp.go +@@ -1709,6 +1709,7 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { + + defer l.Debug("Handling sysinfo syscall") + ++ // Pre-fill sysinfo struct with metrics from host system. + info := unix.Sysinfo_t{} + err := unix.Sysinfo(&info) + if err != nil { +@@ -1718,6 +1719,8 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { + return 0 + } + ++ instMetrics := Sysinfo{} // Architecture independent place to hold instance metrics. ++ + cg, err := cgroup.NewFileReadWriter(int(siov.msg.init_pid), liblxc.HasApiExtension("cgroup2")) + if err != nil { + l.Warn("Failed loading cgroup", logger.Ctx{"err": err, "pid": siov.msg.init_pid}) +@@ -1735,7 +1738,7 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { + return 0 + } + +- info.Uptime = int64(time.Now().Sub(f.ModTime()).Seconds()) ++ instMetrics.Uptime = int64(time.Now().Sub(f.ModTime()).Seconds()) + + // Get instance process count. + pids, err := cg.GetTotalProcesses() +@@ -1746,7 +1749,7 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { + return 0 + } + +- info.Procs = uint16(pids) ++ instMetrics.Procs = uint16(pids) + + // Get instance memory stats. + memStats, err := cg.GetMemoryStats() +@@ -1760,9 +1763,9 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { + for k, v := range memStats { + switch k { + case "shmem": +- info.Sharedram = v ++ instMetrics.Sharedram = v + case "cache": +- info.Bufferram = v ++ instMetrics.Bufferram = v + } + } + +@@ -1784,8 +1787,8 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { + return 0 + } + +- info.Totalram = uint64(memoryLimit) +- info.Freeram = info.Totalram - uint64(memoryUsage) - info.Bufferram ++ instMetrics.Totalram = uint64(memoryLimit) ++ instMetrics.Freeram = instMetrics.Totalram - uint64(memoryUsage) - instMetrics.Bufferram + + // Get instance swap info. + if s.s.OS.CGInfo.Supports(cgroup.MemorySwapUsage, cg) { +@@ -1805,14 +1808,17 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { + return 0 + } + +- info.Totalswap = uint64(swapLimit) +- info.Freeswap = info.Totalswap - uint64(swapUsage) ++ instMetrics.Totalswap = uint64(swapLimit) ++ instMetrics.Freeswap = instMetrics.Totalswap - uint64(swapUsage) + } + + // Get writable pointer to buffer of sysinfo syscall result. + const sz = int(unsafe.Sizeof(info)) + var b []byte = (*(*[sz]byte)(unsafe.Pointer(&info)))[:] + ++ // Write instance metrics to native sysinfo struct. ++ instMetrics.ToNative(&info) ++ + // Write sysinfo response into buffer. + _, err = unix.Pwrite(siov.memFd, b, int64(siov.req.data.args[0])) + if err != nil { +diff --git a/lxd/seccomp/sysinfo.go b/lxd/seccomp/sysinfo.go +new file mode 100644 +index 000000000000..b255894af26e +--- /dev/null ++++ b/lxd/seccomp/sysinfo.go +@@ -0,0 +1,13 @@ ++package seccomp ++ ++// Sysinfo architecture independent sysinfo struct. ++type Sysinfo struct { ++ Uptime int64 ++ Totalram uint64 ++ Freeram uint64 ++ Sharedram uint64 ++ Bufferram uint64 ++ Totalswap uint64 ++ Freeswap uint64 ++ Procs uint16 ++} +diff --git a/lxd/seccomp/sysinfo_32.go b/lxd/seccomp/sysinfo_32.go +new file mode 100644 +index 000000000000..e52808300dd0 +--- /dev/null ++++ b/lxd/seccomp/sysinfo_32.go +@@ -0,0 +1,19 @@ ++//go:build 386 || arm || ppc || s390 || mips || mipsle ++ ++package seccomp ++ ++import ( ++ "golang.org/x/sys/unix" ++) ++ ++// ToNative fills fields from s into native fields. ++func (s *Sysinfo) ToNative(n *unix.Sysinfo_t) { ++ n.Bufferram = uint32(s.Bufferram) ++ n.Freeram = uint32(s.Freeram) ++ n.Freeswap = uint32(s.Freeswap) ++ n.Procs = s.Procs ++ n.Sharedram = uint32(s.Sharedram) ++ n.Totalram = uint32(s.Totalram) ++ n.Totalswap = uint32(s.Totalswap) ++ n.Uptime = int32(s.Uptime) ++} +diff --git a/lxd/seccomp/sysinfo_64.go b/lxd/seccomp/sysinfo_64.go +new file mode 100644 +index 000000000000..84383b1c5a86 +--- /dev/null ++++ b/lxd/seccomp/sysinfo_64.go +@@ -0,0 +1,19 @@ ++//go:build amd64 || ppc64 || ppc64le || arm64 || s390x || mips64 || mips64le || riscv64 ++ ++package seccomp ++ ++import ( ++ "golang.org/x/sys/unix" ++) ++ ++// ToNative fills fields from s into native fields. ++func (s *Sysinfo) ToNative(n *unix.Sysinfo_t) { ++ n.Bufferram = s.Bufferram ++ n.Freeram = s.Freeram ++ n.Freeswap = s.Freeswap ++ n.Procs = s.Procs ++ n.Sharedram = s.Sharedram ++ n.Totalram = s.Totalram ++ n.Totalswap = s.Totalswap ++ n.Uptime = s.Uptime ++} +-- +2.35.1 + diff --git a/lxd.changes b/lxd.changes index 685dd73..41dfc04 100644 --- a/lxd.changes +++ b/lxd.changes @@ -11,6 +11,8 @@ Thu May 5 04:27:43 UTC 2022 - Aleksa Sarai + Configurable host network interface naming pattern * Overrideable evacuation mode * Setting profiles during an image copy +- Backport upstream patch to fix build on x32 systems. + + 0001-lxd-secommp-Fix-sysinfo-syscall-interception-on-32-b.patch ------------------------------------------------------------------- Thu May 5 03:31:24 UTC 2022 - Aleksa Sarai diff --git a/lxd.spec b/lxd.spec index 30149c5..869db91 100644 --- a/lxd.spec +++ b/lxd.spec @@ -51,6 +51,8 @@ Source101: %{name}-config.yml # Additional runtime configuration. Source200: %{name}.sysctl Source201: %{name}.dnsmasq +# OPENSUSE-UPSTREAM-FIX: Backport of . +Patch1: 0001-lxd-secommp-Fix-sysinfo-syscall-interception-on-32-b.patch BuildRequires: fdupes BuildRequires: golang-packaging BuildRequires: libacl-devel @@ -123,6 +125,8 @@ Bash command line completion support for %{name}. %prep %setup -q +# https://github.com/lxc/lxd/pull/10348 +%patch1 -p1 %build # Make sure any leftover go build caches are gone. From ee035bec7ccb7897a6e3ea79a01f5634a3ad5124a1b48645bd02e350a41d3388 Mon Sep 17 00:00:00 2001 From: Aleksa Sarai Date: Mon, 9 May 2022 08:14:19 +0000 Subject: [PATCH 4/4] Accepting request 975738 from home:cyphar:lxc - Make CRIU a Recommends so that we can still use LXD on 32-bit openSUSE. OBS-URL: https://build.opensuse.org/request/show/975738 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/lxd?expand=0&rev=108 --- lxd.changes | 1 + lxd.spec | 4 +++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/lxd.changes b/lxd.changes index 41dfc04..9305d05 100644 --- a/lxd.changes +++ b/lxd.changes @@ -13,6 +13,7 @@ Thu May 5 04:27:43 UTC 2022 - Aleksa Sarai * Setting profiles during an image copy - Backport upstream patch to fix build on x32 systems. + 0001-lxd-secommp-Fix-sysinfo-syscall-interception-on-32-b.patch +- Make CRIU a Recommends so that we can still use LXD on 32-bit openSUSE. ------------------------------------------------------------------- Thu May 5 03:31:24 UTC 2022 - Aleksa Sarai diff --git a/lxd.spec b/lxd.spec index 869db91..4db20da 100644 --- a/lxd.spec +++ b/lxd.spec @@ -76,7 +76,6 @@ Requires: kernel-base >= 5.4 Requires: acl Requires: ebtables BuildRequires: dnsmasq -Requires: criu >= 2.0 Requires: dnsmasq Requires: lxcfs Requires: lxcfs-hooks-lxc @@ -107,6 +106,9 @@ Requires: qemu-arm >= 6.0 Recommends: lvm2 Recommends: btrfsprogs Recommends: thin-provisioning-tools +# CRIU is used for certain operations but is not necessary (and is no longer +# shipped on 32-bit openSUSE). +Recommends: criu >= 2.0 Suggests: zfs %description