diff --git a/0001-lxd-secommp-Fix-sysinfo-syscall-interception-on-32-b.patch b/0001-lxd-secommp-Fix-sysinfo-syscall-interception-on-32-b.patch deleted file mode 100644 index 63195de..0000000 --- a/0001-lxd-secommp-Fix-sysinfo-syscall-interception-on-32-b.patch +++ /dev/null @@ -1,174 +0,0 @@ -From fd6845ddda3f80cdd24a8f94c42acce6bff0c41f Mon Sep 17 00:00:00 2001 -From: Thomas Parrott -Date: Fri, 29 Apr 2022 11:12:48 +0100 -Subject: [PATCH] lxd/secommp: Fix sysinfo syscall interception on 32 bit - platforms - -Fixes #10347 - -Backport: -Signed-off-by: Thomas Parrott ---- - lxd/seccomp/seccomp.go | 22 ++++++++++++++-------- - lxd/seccomp/sysinfo.go | 13 +++++++++++++ - lxd/seccomp/sysinfo_32.go | 19 +++++++++++++++++++ - lxd/seccomp/sysinfo_64.go | 19 +++++++++++++++++++ - 4 files changed, 65 insertions(+), 8 deletions(-) - create mode 100644 lxd/seccomp/sysinfo.go - create mode 100644 lxd/seccomp/sysinfo_32.go - create mode 100644 lxd/seccomp/sysinfo_64.go - -diff --git a/lxd/seccomp/seccomp.go b/lxd/seccomp/seccomp.go -index 03fee3c71a09..203d408a8286 100644 ---- a/lxd/seccomp/seccomp.go -+++ b/lxd/seccomp/seccomp.go -@@ -1709,6 +1709,7 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { - - defer l.Debug("Handling sysinfo syscall") - -+ // Pre-fill sysinfo struct with metrics from host system. - info := unix.Sysinfo_t{} - err := unix.Sysinfo(&info) - if err != nil { -@@ -1718,6 +1719,8 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { - return 0 - } - -+ instMetrics := Sysinfo{} // Architecture independent place to hold instance metrics. -+ - cg, err := cgroup.NewFileReadWriter(int(siov.msg.init_pid), liblxc.HasApiExtension("cgroup2")) - if err != nil { - l.Warn("Failed loading cgroup", logger.Ctx{"err": err, "pid": siov.msg.init_pid}) -@@ -1735,7 +1738,7 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { - return 0 - } - -- info.Uptime = int64(time.Now().Sub(f.ModTime()).Seconds()) -+ instMetrics.Uptime = int64(time.Now().Sub(f.ModTime()).Seconds()) - - // Get instance process count. - pids, err := cg.GetTotalProcesses() -@@ -1746,7 +1749,7 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { - return 0 - } - -- info.Procs = uint16(pids) -+ instMetrics.Procs = uint16(pids) - - // Get instance memory stats. - memStats, err := cg.GetMemoryStats() -@@ -1760,9 +1763,9 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { - for k, v := range memStats { - switch k { - case "shmem": -- info.Sharedram = v -+ instMetrics.Sharedram = v - case "cache": -- info.Bufferram = v -+ instMetrics.Bufferram = v - } - } - -@@ -1784,8 +1787,8 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { - return 0 - } - -- info.Totalram = uint64(memoryLimit) -- info.Freeram = info.Totalram - uint64(memoryUsage) - info.Bufferram -+ instMetrics.Totalram = uint64(memoryLimit) -+ instMetrics.Freeram = instMetrics.Totalram - uint64(memoryUsage) - instMetrics.Bufferram - - // Get instance swap info. - if s.s.OS.CGInfo.Supports(cgroup.MemorySwapUsage, cg) { -@@ -1805,14 +1808,17 @@ func (s *Server) HandleSysinfoSyscall(c Instance, siov *Iovec) int { - return 0 - } - -- info.Totalswap = uint64(swapLimit) -- info.Freeswap = info.Totalswap - uint64(swapUsage) -+ instMetrics.Totalswap = uint64(swapLimit) -+ instMetrics.Freeswap = instMetrics.Totalswap - uint64(swapUsage) - } - - // Get writable pointer to buffer of sysinfo syscall result. - const sz = int(unsafe.Sizeof(info)) - var b []byte = (*(*[sz]byte)(unsafe.Pointer(&info)))[:] - -+ // Write instance metrics to native sysinfo struct. -+ instMetrics.ToNative(&info) -+ - // Write sysinfo response into buffer. - _, err = unix.Pwrite(siov.memFd, b, int64(siov.req.data.args[0])) - if err != nil { -diff --git a/lxd/seccomp/sysinfo.go b/lxd/seccomp/sysinfo.go -new file mode 100644 -index 000000000000..b255894af26e ---- /dev/null -+++ b/lxd/seccomp/sysinfo.go -@@ -0,0 +1,13 @@ -+package seccomp -+ -+// Sysinfo architecture independent sysinfo struct. -+type Sysinfo struct { -+ Uptime int64 -+ Totalram uint64 -+ Freeram uint64 -+ Sharedram uint64 -+ Bufferram uint64 -+ Totalswap uint64 -+ Freeswap uint64 -+ Procs uint16 -+} -diff --git a/lxd/seccomp/sysinfo_32.go b/lxd/seccomp/sysinfo_32.go -new file mode 100644 -index 000000000000..e52808300dd0 ---- /dev/null -+++ b/lxd/seccomp/sysinfo_32.go -@@ -0,0 +1,19 @@ -+//go:build 386 || arm || ppc || s390 || mips || mipsle -+ -+package seccomp -+ -+import ( -+ "golang.org/x/sys/unix" -+) -+ -+// ToNative fills fields from s into native fields. -+func (s *Sysinfo) ToNative(n *unix.Sysinfo_t) { -+ n.Bufferram = uint32(s.Bufferram) -+ n.Freeram = uint32(s.Freeram) -+ n.Freeswap = uint32(s.Freeswap) -+ n.Procs = s.Procs -+ n.Sharedram = uint32(s.Sharedram) -+ n.Totalram = uint32(s.Totalram) -+ n.Totalswap = uint32(s.Totalswap) -+ n.Uptime = int32(s.Uptime) -+} -diff --git a/lxd/seccomp/sysinfo_64.go b/lxd/seccomp/sysinfo_64.go -new file mode 100644 -index 000000000000..84383b1c5a86 ---- /dev/null -+++ b/lxd/seccomp/sysinfo_64.go -@@ -0,0 +1,19 @@ -+//go:build amd64 || ppc64 || ppc64le || arm64 || s390x || mips64 || mips64le || riscv64 -+ -+package seccomp -+ -+import ( -+ "golang.org/x/sys/unix" -+) -+ -+// ToNative fills fields from s into native fields. -+func (s *Sysinfo) ToNative(n *unix.Sysinfo_t) { -+ n.Bufferram = s.Bufferram -+ n.Freeram = s.Freeram -+ n.Freeswap = s.Freeswap -+ n.Procs = s.Procs -+ n.Sharedram = s.Sharedram -+ n.Totalram = s.Totalram -+ n.Totalswap = s.Totalswap -+ n.Uptime = s.Uptime -+} --- -2.35.1 - diff --git a/lxd-5.1.tar.gz b/lxd-5.1.tar.gz deleted file mode 100644 index b57d442..0000000 --- a/lxd-5.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:319f4e93506e2144edaa280b0185fb37c4374cf7d7468a5e5c8c1b678189250a -size 18017579 diff --git a/lxd-5.1.tar.gz.asc b/lxd-5.1.tar.gz.asc deleted file mode 100644 index d9b2aef..0000000 --- a/lxd-5.1.tar.gz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCgAdFiEEYC9WdmPlk7y9FPM4xjiXTWR5LWcFAmJq60YACgkQxjiXTWR5 -LWcnZA/9E3XxPxLaFVnfT16kOYIFCZX50eyumUefcS+T5qhu19yX1MdvOC3ESLIn -bSQjK/AVjL9UgNpQQTaMYkn1FWq1ZH6jdwzB6y4hBMcP7iE3BqihCoehZk0K+oC4 -sybqSimUqt491/HNSVdDChGTHhr2BVZRTLmAo46EdBueb4WYGyTzEiiSUM0cmMF5 -Af5/MjpuYfmVxr7DfbXeBibJzhpg6x5PzyYzRvC0hMAg2qrMYZMAWhJXXFFE3VCt -QszrMriGbOcSqfSL0VqSjGgUJW7B0StVBQq16TkdhO+oBMUvfjTCm1e11uoWNN4p -8PS6vA9yeNIjd2+UuubsG+gGssHhgKpMSDPt0bFZNMW7y6m7OwNk0W+CUgA1bxnK -QPn3QFfi+QkmEUCLZjVLu/pQDH46fD1RUk1G0zYHdlnVJpUCM+sH4YbKwYDax/lS -ZaL26ihG25sZw3fESermEAUSRS8q68HDWzDad0+YE4hnQscqFo8toNxNv/+8QHx/ -b6fQM6gaEIu43u/JqAJCURtIkW0aiSRI/vcZfGnPoFA77wbzCeA0DxGJURlFsP6Q -hbVlmunKDzDKukO5w1zKJBOjiAj/aBElRR/iRvVmwCwwAPiBXhvpn6eamGTgJNsa -UR2a5xew76JL1yQ4ug9yi0aObXh3gULd9XuY8E1Uu5Rk16vag9U= -=rsCN ------END PGP SIGNATURE----- diff --git a/lxd-5.2.tar.gz b/lxd-5.2.tar.gz new file mode 100644 index 0000000..a22ee87 --- /dev/null +++ b/lxd-5.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e22d2b34a1848d33b2080b2b1c82355afb6d36fdfe49e67f44b3749edbc02e4c +size 18187041 diff --git a/lxd-5.2.tar.gz.asc b/lxd-5.2.tar.gz.asc new file mode 100644 index 0000000..5cff436 --- /dev/null +++ b/lxd-5.2.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEYC9WdmPlk7y9FPM4xjiXTWR5LWcFAmKP3nMACgkQxjiXTWR5 +LWfBAA//bD0OuQYP5BlAfULq/TwwRztwiqDxFwyUvg4S1a/z5UH2+YMGfnltuIDD +d70hhGXTxGvA9ropDZqsiNx3nZ4624U5lWzEaJLbdrcn2fB+OJKhX8+UvzR93g48 +azlx4bgRmLFMJRY8NFSm5QvuptEnEhG/KNTWBLwZEqOpyyUw0R5q8wJz8pl43OtP +ZS9VJ65dkpQTJStv074lqEXUMZg0MKFBhRBAIrZFTYeol+nx+bd2nLndY4aoIv/M +uqb80x7O+Fs3agfknexO/LbP731Yn4GIF6asp2t4qB26gvaGafnGcquZqFtj/6yO +rYFKGaTaUbAHkO4R9azB4EAORJHfPjFtcLy5mh3Mh+Ft5UPNJk/GqI2CKKx9ENgC +vcHnVR1ToPGEXYqxjebMjHIHPALZc4pdsaCC+ziyZngkiOWv/orQ5Xa3JGwyVeUc +4I2nV6RKBLyzS6YRKCfXswtAIDchI84WvfGZczQGP8jBE7qGn51ZY+WwV9X0IXpa +m/iK3kNri6AU2LACyCTVA6c+SDH7MAN7iFfIv1GjissIotUouF8jnZudVjEEG8AG +3qRsFfaxxyYDgkWpLs3DOkmzmiocPVi3KfLrPdDnRNblqtG9yTI7qN4kDtbSQNRd +XuHPvW4qxzX8cBLqnzspOujjseylZJEoiftxeii05HBJmz+OWm4= +=YU3B +-----END PGP SIGNATURE----- diff --git a/lxd.changes b/lxd.changes index 9305d05..9a23f4c 100644 --- a/lxd.changes +++ b/lxd.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Sun May 29 02:18:04 UTC 2022 - Aleksa Sarai + +- Update to LXD 5.2. The full upstream changelog is available from: + https://discuss.linuxcontainers.org/t/lxd-5-2-has-been-released/14200 + boo#1200002 + + + VPD information in resources API + * Cross-project profile copy + * HTTP streaming support in /dev/lxd API + * Use of server-side filtering in CLI + * Ceph librbd for virtual machines +- Remove upstreamed patch: + + 0001-lxd-secommp-Fix-sysinfo-syscall-interception-on-32-b.patch + ------------------------------------------------------------------- Thu May 5 04:27:43 UTC 2022 - Aleksa Sarai diff --git a/lxd.spec b/lxd.spec index 4db20da..42820f1 100644 --- a/lxd.spec +++ b/lxd.spec @@ -34,7 +34,7 @@ %endif Name: lxd -Version: 5.1 +Version: 5.2 Release: 0 Summary: Container hypervisor based on LXC License: Apache-2.0 @@ -51,8 +51,6 @@ Source101: %{name}-config.yml # Additional runtime configuration. Source200: %{name}.sysctl Source201: %{name}.dnsmasq -# OPENSUSE-UPSTREAM-FIX: Backport of . -Patch1: 0001-lxd-secommp-Fix-sysinfo-syscall-interception-on-32-b.patch BuildRequires: fdupes BuildRequires: golang-packaging BuildRequires: libacl-devel @@ -127,8 +125,6 @@ Bash command line completion support for %{name}. %prep %setup -q -# https://github.com/lxc/lxd/pull/10348 -%patch1 -p1 %build # Make sure any leftover go build caches are gone.