summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile1
-rw-r--r--cmd/podman/common/completion.go76
-rw-r--r--cmd/podman/common/completion_test.go13
-rw-r--r--cmd/podman/common/create.go1416
-rw-r--r--cmd/podman/common/create_opts.go120
-rw-r--r--cmd/podman/common/netflags.go102
-rw-r--r--cmd/podman/containers/create.go211
-rw-r--r--cmd/podman/containers/prune.go3
-rw-r--r--cmd/podman/containers/restore.go3
-rw-r--r--cmd/podman/containers/run.go19
-rw-r--r--cmd/podman/images/prune.go3
-rw-r--r--cmd/podman/networks/prune.go3
-rw-r--r--cmd/podman/pods/create.go155
-rw-r--r--cmd/podman/pods/ps.go2
-rw-r--r--cmd/podman/pods/rm.go3
-rw-r--r--cmd/podman/pods/start.go3
-rw-r--r--cmd/podman/pods/stop.go3
-rw-r--r--docs/source/markdown/podman-pod-create.1.md21
-rw-r--r--go.mod8
-rw-r--r--go.sum20
-rwxr-xr-xhack/libsubid_tag.sh19
-rw-r--r--libpod/container_internal.go3
-rw-r--r--libpod/kube.go4
-rw-r--r--libpod/networking_linux.go1
-rw-r--r--libpod/options.go480
-rw-r--r--libpod/pod.go169
-rw-r--r--libpod/pod_api.go53
-rw-r--r--libpod/pod_internal.go2
-rw-r--r--libpod/runtime_ctr.go26
-rw-r--r--libpod/runtime_pod_infra_linux.go284
-rw-r--r--libpod/runtime_pod_linux.go57
-rw-r--r--pkg/api/handlers/compat/containers_create.go3
-rw-r--r--pkg/api/handlers/libpod/containers_create.go7
-rw-r--r--pkg/api/handlers/libpod/pods.go65
-rw-r--r--pkg/api/handlers/types/types.go4
-rw-r--r--pkg/bindings/pods/pods.go12
-rw-r--r--pkg/bindings/test/pods_test.go7
-rw-r--r--pkg/domain/entities/engine_container.go2
-rw-r--r--pkg/domain/entities/pods.go183
-rw-r--r--pkg/domain/entities/types.go38
-rw-r--r--pkg/domain/infra/abi/containers.go12
-rw-r--r--pkg/domain/infra/abi/generate.go4
-rw-r--r--pkg/domain/infra/abi/play.go250
-rw-r--r--pkg/domain/infra/abi/pods.go9
-rw-r--r--pkg/domain/infra/tunnel/events.go1
-rw-r--r--pkg/domain/infra/tunnel/pods.go7
-rw-r--r--pkg/specgen/generate/container_create.go63
-rw-r--r--pkg/specgen/generate/kube/kube.go32
-rw-r--r--pkg/specgen/generate/namespaces.go2
-rw-r--r--pkg/specgen/generate/oci.go3
-rw-r--r--pkg/specgen/generate/pod_create.go214
-rw-r--r--pkg/specgen/podspecgen.go3
-rw-r--r--pkg/specgenutil/createparse.go (renamed from cmd/podman/common/createparse.go)11
-rw-r--r--pkg/specgenutil/ports.go (renamed from cmd/podman/common/ports.go)2
-rw-r--r--pkg/specgenutil/specgen.go (renamed from cmd/podman/common/specgen.go)104
-rw-r--r--pkg/specgenutil/util.go (renamed from cmd/podman/common/util.go)2
-rw-r--r--pkg/specgenutil/volumes.go (renamed from cmd/podman/common/volumes.go)2
-rw-r--r--test/e2e/pod_create_test.go12
-rw-r--r--vendor/github.com/containers/image/v5/copy/copy.go320
-rw-r--r--vendor/github.com/containers/image/v5/copy/digesting_reader.go62
-rw-r--r--vendor/github.com/containers/image/v5/directory/directory_dest.go17
-rw-r--r--vendor/github.com/containers/image/v5/docker/docker_image_dest.go24
-rw-r--r--vendor/github.com/containers/image/v5/docker/docker_image_src.go160
-rw-r--r--vendor/github.com/containers/image/v5/docker/internal/tarfile/dest.go14
-rw-r--r--vendor/github.com/containers/image/v5/internal/pkg/keyctl/key.go1
-rw-r--r--vendor/github.com/containers/image/v5/internal/pkg/keyctl/keyring.go1
-rw-r--r--vendor/github.com/containers/image/v5/internal/pkg/keyctl/perm.go1
-rw-r--r--vendor/github.com/containers/image/v5/internal/pkg/keyctl/sys_linux.go1
-rw-r--r--vendor/github.com/containers/image/v5/internal/putblobdigest/put_blob_digest.go57
-rw-r--r--vendor/github.com/containers/image/v5/internal/types/types.go1
-rw-r--r--vendor/github.com/containers/image/v5/oci/archive/oci_dest.go2
-rw-r--r--vendor/github.com/containers/image/v5/oci/layout/oci_dest.go17
-rw-r--r--vendor/github.com/containers/image/v5/openshift/openshift-copies.go2
-rw-r--r--vendor/github.com/containers/image/v5/openshift/openshift.go2
-rw-r--r--vendor/github.com/containers/image/v5/ostree/ostree_dest.go20
-rw-r--r--vendor/github.com/containers/image/v5/ostree/ostree_src.go1
-rw-r--r--vendor/github.com/containers/image/v5/ostree/ostree_transport.go1
-rw-r--r--vendor/github.com/containers/image/v5/pkg/docker/config/config.go18
-rw-r--r--vendor/github.com/containers/image/v5/pkg/docker/config/config_linux.go2
-rw-r--r--vendor/github.com/containers/image/v5/pkg/docker/config/config_unsupported.go1
-rw-r--r--vendor/github.com/containers/image/v5/signature/mechanism_gpgme.go1
-rw-r--r--vendor/github.com/containers/image/v5/signature/mechanism_openpgp.go1
-rw-r--r--vendor/github.com/containers/image/v5/storage/storage_image.go72
-rw-r--r--vendor/github.com/containers/image/v5/storage/storage_reference.go1
-rw-r--r--vendor/github.com/containers/image/v5/storage/storage_transport.go1
-rw-r--r--vendor/github.com/containers/image/v5/transports/alltransports/docker_daemon.go1
-rw-r--r--vendor/github.com/containers/image/v5/transports/alltransports/docker_daemon_stub.go1
-rw-r--r--vendor/github.com/containers/image/v5/transports/alltransports/ostree.go1
-rw-r--r--vendor/github.com/containers/image/v5/transports/alltransports/ostree_stub.go1
-rw-r--r--vendor/github.com/containers/image/v5/transports/alltransports/storage.go1
-rw-r--r--vendor/github.com/containers/image/v5/transports/alltransports/storage_stub.go1
-rw-r--r--vendor/github.com/containers/image/v5/types/types.go2
-rw-r--r--vendor/github.com/containers/image/v5/version/version.go4
-rw-r--r--vendor/github.com/containers/storage/VERSION2
-rw-r--r--vendor/github.com/containers/storage/go.mod6
-rw-r--r--vendor/github.com/containers/storage/go.sum12
-rw-r--r--vendor/github.com/containers/storage/layers.go59
-rw-r--r--vendor/github.com/containers/storage/pkg/chunked/storage_linux.go207
-rw-r--r--vendor/github.com/containers/storage/pkg/ioutils/readers.go17
-rw-r--r--vendor/github.com/containers/storage/store.go30
-rw-r--r--vendor/github.com/opencontainers/image-spec/specs-go/v1/annotations.go6
-rw-r--r--vendor/github.com/opencontainers/image-spec/specs-go/v1/config.go11
-rw-r--r--vendor/github.com/vbatts/tar-split/tar/storage/getter.go3
-rw-r--r--vendor/github.com/vbauerster/mpb/v7/README.md2
-rw-r--r--vendor/github.com/vbauerster/mpb/v7/bar.go116
-rw-r--r--vendor/github.com/vbauerster/mpb/v7/bar_filler_bar.go150
-rw-r--r--vendor/github.com/vbauerster/mpb/v7/container_option.go6
-rw-r--r--vendor/github.com/vbauerster/mpb/v7/cwriter/writer.go10
-rw-r--r--vendor/github.com/vbauerster/mpb/v7/cwriter/writer_windows.go4
-rw-r--r--vendor/github.com/vbauerster/mpb/v7/go.mod2
-rw-r--r--vendor/github.com/vbauerster/mpb/v7/go.sum4
-rw-r--r--vendor/github.com/vbauerster/mpb/v7/internal/percentage.go4
-rw-r--r--vendor/github.com/vbauerster/mpb/v7/progress.go46
-rw-r--r--vendor/golang.org/x/sys/unix/ifreq_linux.go149
-rw-r--r--vendor/golang.org/x/sys/unix/ioctl_linux.go78
-rw-r--r--vendor/golang.org/x/sys/unix/mkerrors.sh4
-rw-r--r--vendor/golang.org/x/sys/unix/syscall_linux.go24
-rw-r--r--vendor/golang.org/x/sys/unix/syscall_linux_386.go4
-rw-r--r--vendor/golang.org/x/sys/unix/syscall_linux_arm.go4
-rw-r--r--vendor/golang.org/x/sys/unix/syscall_linux_arm64.go4
-rw-r--r--vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go4
-rw-r--r--vendor/golang.org/x/sys/unix/syscall_linux_ppc.go7
-rw-r--r--vendor/golang.org/x/sys/unix/syscall_solaris.go240
-rw-r--r--vendor/golang.org/x/sys/unix/syscall_unix.go4
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux.go42
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_386.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_arm.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_mips.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go1
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go3
-rw-r--r--vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go3
-rw-r--r--vendor/golang.org/x/sys/unix/zsyscall_linux.go12
-rw-r--r--vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go72
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_386.go3
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go711
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go3
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go601
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go3
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go697
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go697
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go3
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go3
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go795
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go795
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go599
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go725
-rw-r--r--vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go753
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux.go22
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_386.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_arm.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_mips.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go5
-rw-r--r--vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go40
-rw-r--r--vendor/golang.org/x/sys/windows/security_windows.go1
-rw-r--r--vendor/golang.org/x/sys/windows/zsyscall_windows.go7
-rw-r--r--vendor/modules.txt13
178 files changed, 6941 insertions, 6117 deletions
diff --git a/Makefile b/Makefile
index 93c7fdf95..f9efafdba 100644
--- a/Makefile
+++ b/Makefile
@@ -50,6 +50,7 @@ BUILDTAGS ?= \
$(shell hack/btrfs_tag.sh) \
$(shell hack/selinux_tag.sh) \
$(shell hack/systemd_tag.sh) \
+ $(shell hack/libsubid_tag.sh) \
exclude_graphdriver_devicemapper \
seccomp
PYTHON ?= $(shell command -v python3 python|head -n1)
diff --git a/cmd/podman/common/completion.go b/cmd/podman/common/completion.go
index 9a4524b46..3966606e3 100644
--- a/cmd/podman/common/completion.go
+++ b/cmd/podman/common/completion.go
@@ -985,40 +985,14 @@ func AutocompleteFormat(o interface{}) func(cmd *cobra.Command, args []string, t
f = f.Elem()
}
- // // the only supported type is struct
+ // the only supported type is struct
if f.Kind() != reflect.Struct {
return nil, cobra.ShellCompDirectiveNoFileComp
}
// last field get all names to suggest
if i == len(fields)-1 {
- suggestions := []string{}
- for j := 0; j < f.NumField(); j++ {
- fname := f.Type().Field(j).Name
- suffix := "}}"
- kind := f.Type().Field(j).Type.Kind()
- if kind == reflect.Ptr {
- // make sure to read the actual type when it is a pointer
- kind = f.Type().Field(j).Type.Elem().Kind()
- }
- // when we have a nested struct do not append braces instead append a dot
- if kind == reflect.Struct {
- suffix = "."
- }
- if strings.HasPrefix(fname, fields[i]) {
- // add field name with closing braces
- suggestions = append(suggestions, fname+suffix)
- }
- }
-
- for j := 0; j < f.NumMethod(); j++ {
- fname := f.Type().Method(j).Name
- if strings.HasPrefix(fname, fields[i]) {
- // add method name with closing braces
- suggestions = append(suggestions, fname+"}}")
- }
- }
-
+ suggestions := getStructFields(f, fields[i])
// add the current toComplete value in front so that the shell can complete this correctly
toCompArr := strings.Split(toComplete, ".")
toCompArr[len(toCompArr)-1] = ""
@@ -1032,6 +1006,52 @@ func AutocompleteFormat(o interface{}) func(cmd *cobra.Command, args []string, t
}
}
+// getStructFields reads all struct field names and method names and returns them.
+func getStructFields(f reflect.Value, prefix string) []string {
+ suggestions := []string{}
+ // follow the pointer first
+ if f.Kind() == reflect.Ptr {
+ f = f.Elem()
+ }
+ // we only support structs
+ if f.Kind() != reflect.Struct {
+ return nil
+ }
+ // loop over all field names
+ for j := 0; j < f.NumField(); j++ {
+ field := f.Type().Field(j)
+ fname := field.Name
+ suffix := "}}"
+ kind := field.Type.Kind()
+ if kind == reflect.Ptr {
+ // make sure to read the actual type when it is a pointer
+ kind = field.Type.Elem().Kind()
+ }
+ // when we have a nested struct do not append braces instead append a dot
+ if kind == reflect.Struct {
+ suffix = "."
+ }
+ if strings.HasPrefix(fname, prefix) {
+ // add field name with suffix
+ suggestions = append(suggestions, fname+suffix)
+ }
+ // if field is anonymous add the child fields as well
+ if field.Anonymous {
+ suggestions = append(suggestions, getStructFields(f.FieldByIndex([]int{j}), prefix)...)
+ }
+ }
+
+ for j := 0; j < f.NumMethod(); j++ {
+ fname := f.Type().Method(j).Name
+ if strings.HasPrefix(fname, prefix) {
+ // add method name with closing braces
+ suggestions = append(suggestions, fname+"}}")
+ }
+ }
+
+ return suggestions
+}
+
// AutocompleteEventFilter - Autocomplete event filter flag options.
// -> "container=", "event=", "image=", "pod=", "volume=", "type="
func AutocompleteEventFilter(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) {
diff --git a/cmd/podman/common/completion_test.go b/cmd/podman/common/completion_test.go
index 5bd627b85..84b3c1132 100644
--- a/cmd/podman/common/completion_test.go
+++ b/cmd/podman/common/completion_test.go
@@ -17,6 +17,10 @@ type Car struct {
Extras map[string]string
}
+type Anonymous struct {
+ Hello string
+}
+
func (c Car) Type() string {
return ""
}
@@ -30,7 +34,10 @@ func TestAutocompleteFormat(t *testing.T) {
Name string
Age int
Car *Car
- }{}
+ *Anonymous
+ }{
+ Anonymous: &Anonymous{},
+ }
testStruct.Car = &Car{}
testStruct.Car.Extras = map[string]string{"test": "1"}
@@ -73,12 +80,12 @@ func TestAutocompleteFormat(t *testing.T) {
{
"fist level struct field name",
"{{.",
- []string{"{{.Name}}", "{{.Age}}", "{{.Car."},
+ []string{"{{.Name}}", "{{.Age}}", "{{.Car.", "{{.Anonymous.", "{{.Hello}}"},
},
{
"fist level struct field name",
"{{ .",
- []string{"{{ .Name}}", "{{ .Age}}", "{{ .Car."},
+ []string{"{{ .Name}}", "{{ .Age}}", "{{ .Car.", "{{ .Anonymous.", "{{ .Hello}}"},
},
{
"fist level struct field name",
diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go
index 401cf2e09..325c1dc69 100644
--- a/cmd/podman/common/create.go
+++ b/cmd/podman/common/create.go
@@ -7,6 +7,7 @@ import (
"github.com/containers/common/pkg/completion"
"github.com/containers/podman/v3/cmd/podman/registry"
"github.com/containers/podman/v3/libpod/define"
+ "github.com/containers/podman/v3/pkg/domain/entities"
"github.com/spf13/cobra"
)
@@ -14,663 +15,714 @@ const sizeWithUnitFormat = "(format: `<number>[<unit>]`, where unit = b (bytes),
var containerConfig = registry.PodmanConfig()
-func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) {
+func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions, isInfra bool) {
createFlags := cmd.Flags()
- annotationFlagName := "annotation"
- createFlags.StringSliceVar(
- &cf.Annotation,
- annotationFlagName, []string{},
- "Add annotations to container (key:value)",
- )
- _ = cmd.RegisterFlagCompletionFunc(annotationFlagName, completion.AutocompleteNone)
+ if !isInfra {
+ annotationFlagName := "annotation"
+ createFlags.StringSliceVar(
+ &cf.Annotation,
+ annotationFlagName, []string{},
+ "Add annotations to container (key:value)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(annotationFlagName, completion.AutocompleteNone)
- attachFlagName := "attach"
- createFlags.StringSliceVarP(
- &cf.Attach,
- attachFlagName, "a", []string{},
- "Attach to STDIN, STDOUT or STDERR",
- )
- _ = cmd.RegisterFlagCompletionFunc(attachFlagName, AutocompleteCreateAttach)
+ attachFlagName := "attach"
+ createFlags.StringSliceVarP(
+ &cf.Attach,
+ attachFlagName, "a", []string{},
+ "Attach to STDIN, STDOUT or STDERR",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(attachFlagName, AutocompleteCreateAttach)
- authfileFlagName := "authfile"
- createFlags.StringVar(
- &cf.Authfile,
- authfileFlagName, auth.GetDefaultAuthFile(),
- "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override",
- )
- _ = cmd.RegisterFlagCompletionFunc(authfileFlagName, completion.AutocompleteDefault)
+ authfileFlagName := "authfile"
+ createFlags.StringVar(
+ &cf.Authfile,
+ authfileFlagName, auth.GetDefaultAuthFile(),
+ "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(authfileFlagName, completion.AutocompleteDefault)
- blkioWeightFlagName := "blkio-weight"
- createFlags.StringVar(
- &cf.BlkIOWeight,
- blkioWeightFlagName, "",
- "Block IO weight (relative weight) accepts a weight value between 10 and 1000.",
- )
- _ = cmd.RegisterFlagCompletionFunc(blkioWeightFlagName, completion.AutocompleteNone)
+ blkioWeightFlagName := "blkio-weight"
+ createFlags.StringVar(
+ &cf.BlkIOWeight,
+ blkioWeightFlagName, "",
+ "Block IO weight (relative weight) accepts a weight value between 10 and 1000.",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(blkioWeightFlagName, completion.AutocompleteNone)
- blkioWeightDeviceFlagName := "blkio-weight-device"
- createFlags.StringSliceVar(
- &cf.BlkIOWeightDevice,
- blkioWeightDeviceFlagName, []string{},
- "Block IO weight (relative device weight, format: `DEVICE_NAME:WEIGHT`)",
- )
- _ = cmd.RegisterFlagCompletionFunc(blkioWeightDeviceFlagName, completion.AutocompleteDefault)
+ blkioWeightDeviceFlagName := "blkio-weight-device"
+ createFlags.StringSliceVar(
+ &cf.BlkIOWeightDevice,
+ blkioWeightDeviceFlagName, []string{},
+ "Block IO weight (relative device weight, format: `DEVICE_NAME:WEIGHT`)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(blkioWeightDeviceFlagName, completion.AutocompleteDefault)
- capAddFlagName := "cap-add"
- createFlags.StringSliceVar(
- &cf.CapAdd,
- capAddFlagName, []string{},
- "Add capabilities to the container",
- )
- _ = cmd.RegisterFlagCompletionFunc(capAddFlagName, completion.AutocompleteCapabilities)
+ capAddFlagName := "cap-add"
+ createFlags.StringSliceVar(
+ &cf.CapAdd,
+ capAddFlagName, []string{},
+ "Add capabilities to the container",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(capAddFlagName, completion.AutocompleteCapabilities)
- capDropFlagName := "cap-drop"
- createFlags.StringSliceVar(
- &cf.CapDrop,
- capDropFlagName, []string{},
- "Drop capabilities from the container",
- )
- _ = cmd.RegisterFlagCompletionFunc(capDropFlagName, completion.AutocompleteCapabilities)
+ capDropFlagName := "cap-drop"
+ createFlags.StringSliceVar(
+ &cf.CapDrop,
+ capDropFlagName, []string{},
+ "Drop capabilities from the container",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(capDropFlagName, completion.AutocompleteCapabilities)
- cgroupnsFlagName := "cgroupns"
- createFlags.String(
- cgroupnsFlagName, "",
- "cgroup namespace to use",
- )
- _ = cmd.RegisterFlagCompletionFunc(cgroupnsFlagName, AutocompleteNamespace)
+ cgroupnsFlagName := "cgroupns"
+ createFlags.String(
+ cgroupnsFlagName, "",
+ "cgroup namespace to use",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(cgroupnsFlagName, AutocompleteNamespace)
- cgroupsFlagName := "cgroups"
- createFlags.StringVar(
- &cf.CGroupsMode,
- cgroupsFlagName, cgroupConfig(),
- `control container cgroup configuration ("enabled"|"disabled"|"no-conmon"|"split")`,
- )
- _ = cmd.RegisterFlagCompletionFunc(cgroupsFlagName, AutocompleteCgroupMode)
+ cgroupsFlagName := "cgroups"
+ createFlags.StringVar(
+ &cf.CGroupsMode,
+ cgroupsFlagName, cgroupConfig(),
+ `control container cgroup configuration ("enabled"|"disabled"|"no-conmon"|"split")`,
+ )
+ _ = cmd.RegisterFlagCompletionFunc(cgroupsFlagName, AutocompleteCgroupMode)
- cgroupParentFlagName := "cgroup-parent"
- createFlags.StringVar(
- &cf.CGroupParent,
- cgroupParentFlagName, "",
- "Optional parent cgroup for the container",
- )
- _ = cmd.RegisterFlagCompletionFunc(cgroupParentFlagName, completion.AutocompleteDefault)
+ cpuPeriodFlagName := "cpu-period"
+ createFlags.Uint64Var(
+ &cf.CPUPeriod,
+ cpuPeriodFlagName, 0,
+ "Limit the CPU CFS (Completely Fair Scheduler) period",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(cpuPeriodFlagName, completion.AutocompleteNone)
- cidfileFlagName := "cidfile"
- createFlags.StringVar(
- &cf.CIDFile,
- cidfileFlagName, "",
- "Write the container ID to the file",
- )
- _ = cmd.RegisterFlagCompletionFunc(cidfileFlagName, completion.AutocompleteDefault)
+ cpuQuotaFlagName := "cpu-quota"
+ createFlags.Int64Var(
+ &cf.CPUQuota,
+ cpuQuotaFlagName, 0,
+ "Limit the CPU CFS (Completely Fair Scheduler) quota",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(cpuQuotaFlagName, completion.AutocompleteNone)
- conmonPidfileFlagName := "conmon-pidfile"
- createFlags.StringVar(
- &cf.ConmonPIDFile,
- conmonPidfileFlagName, "",
- "Path to the file that will receive the PID of conmon",
- )
- _ = cmd.RegisterFlagCompletionFunc(conmonPidfileFlagName, completion.AutocompleteDefault)
+ cpuRtPeriodFlagName := "cpu-rt-period"
+ createFlags.Uint64Var(
+ &cf.CPURTPeriod,
+ cpuRtPeriodFlagName, 0,
+ "Limit the CPU real-time period in microseconds",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(cpuRtPeriodFlagName, completion.AutocompleteNone)
- cpuPeriodFlagName := "cpu-period"
- createFlags.Uint64Var(
- &cf.CPUPeriod,
- cpuPeriodFlagName, 0,
- "Limit the CPU CFS (Completely Fair Scheduler) period",
- )
- _ = cmd.RegisterFlagCompletionFunc(cpuPeriodFlagName, completion.AutocompleteNone)
+ cpuRtRuntimeFlagName := "cpu-rt-runtime"
+ createFlags.Int64Var(
+ &cf.CPURTRuntime,
+ cpuRtRuntimeFlagName, 0,
+ "Limit the CPU real-time runtime in microseconds",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(cpuRtRuntimeFlagName, completion.AutocompleteNone)
- cpuQuotaFlagName := "cpu-quota"
- createFlags.Int64Var(
- &cf.CPUQuota,
- cpuQuotaFlagName, 0,
- "Limit the CPU CFS (Completely Fair Scheduler) quota",
- )
- _ = cmd.RegisterFlagCompletionFunc(cpuQuotaFlagName, completion.AutocompleteNone)
+ cpuSharesFlagName := "cpu-shares"
+ createFlags.Uint64Var(
+ &cf.CPUShares,
+ cpuSharesFlagName, 0,
+ "CPU shares (relative weight)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(cpuSharesFlagName, completion.AutocompleteNone)
+ cidfileFlagName := "cidfile"
+ createFlags.StringVar(
+ &cf.CIDFile,
+ cidfileFlagName, "",
+ "Write the container ID to the file",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(cidfileFlagName, completion.AutocompleteDefault)
+ cpusetMemsFlagName := "cpuset-mems"
+ createFlags.StringVar(
+ &cf.CPUSetMems,
+ cpusetMemsFlagName, "",
+ "Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(cpusetMemsFlagName, completion.AutocompleteNone)
- cpuRtPeriodFlagName := "cpu-rt-period"
- createFlags.Uint64Var(
- &cf.CPURTPeriod,
- cpuRtPeriodFlagName, 0,
- "Limit the CPU real-time period in microseconds",
- )
- _ = cmd.RegisterFlagCompletionFunc(cpuRtPeriodFlagName, completion.AutocompleteNone)
+ deviceFlagName := "device"
+ createFlags.StringSliceVar(
+ &cf.Devices,
+ deviceFlagName, devices(),
+ "Add a host device to the container",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(deviceFlagName, completion.AutocompleteDefault)
- cpuRtRuntimeFlagName := "cpu-rt-runtime"
- createFlags.Int64Var(
- &cf.CPURTRuntime,
- cpuRtRuntimeFlagName, 0,
- "Limit the CPU real-time runtime in microseconds",
- )
- _ = cmd.RegisterFlagCompletionFunc(cpuRtRuntimeFlagName, completion.AutocompleteNone)
+ deviceCgroupRuleFlagName := "device-cgroup-rule"
+ createFlags.StringSliceVar(
+ &cf.DeviceCGroupRule,
+ deviceCgroupRuleFlagName, []string{},
+ "Add a rule to the cgroup allowed devices list",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(deviceCgroupRuleFlagName, completion.AutocompleteNone)
- cpuSharesFlagName := "cpu-shares"
- createFlags.Uint64Var(
- &cf.CPUShares,
- cpuSharesFlagName, 0,
- "CPU shares (relative weight)",
- )
- _ = cmd.RegisterFlagCompletionFunc(cpuSharesFlagName, completion.AutocompleteNone)
+ deviceReadBpsFlagName := "device-read-bps"
+ createFlags.StringSliceVar(
+ &cf.DeviceReadBPs,
+ deviceReadBpsFlagName, []string{},
+ "Limit read rate (bytes per second) from a device (e.g. --device-read-bps=/dev/sda:1mb)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(deviceReadBpsFlagName, completion.AutocompleteDefault)
- cpusFlagName := "cpus"
- createFlags.Float64Var(
- &cf.CPUS,
- cpusFlagName, 0,
- "Number of CPUs. The default is 0.000 which means no limit",
- )
- _ = cmd.RegisterFlagCompletionFunc(cpusFlagName, completion.AutocompleteNone)
+ deviceReadIopsFlagName := "device-read-iops"
+ createFlags.StringSliceVar(
+ &cf.DeviceReadIOPs,
+ deviceReadIopsFlagName, []string{},
+ "Limit read rate (IO per second) from a device (e.g. --device-read-iops=/dev/sda:1000)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(deviceReadIopsFlagName, completion.AutocompleteDefault)
- cpusetCpusFlagName := "cpuset-cpus"
- createFlags.StringVar(
- &cf.CPUSetCPUs,
- cpusetCpusFlagName, "",
- "CPUs in which to allow execution (0-3, 0,1)",
- )
- _ = cmd.RegisterFlagCompletionFunc(cpusetCpusFlagName, completion.AutocompleteNone)
+ deviceWriteBpsFlagName := "device-write-bps"
+ createFlags.StringSliceVar(
+ &cf.DeviceWriteBPs,
+ deviceWriteBpsFlagName, []string{},
+ "Limit write rate (bytes per second) to a device (e.g. --device-write-bps=/dev/sda:1mb)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(deviceWriteBpsFlagName, completion.AutocompleteDefault)
- cpusetMemsFlagName := "cpuset-mems"
- createFlags.StringVar(
- &cf.CPUSetMems,
- cpusetMemsFlagName, "",
- "Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.",
- )
- _ = cmd.RegisterFlagCompletionFunc(cpusetMemsFlagName, completion.AutocompleteNone)
+ deviceWriteIopsFlagName := "device-write-iops"
+ createFlags.StringSliceVar(
+ &cf.DeviceWriteIOPs,
+ deviceWriteIopsFlagName, []string{},
+ "Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda:1000)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(deviceWriteIopsFlagName, completion.AutocompleteDefault)
- deviceFlagName := "device"
- createFlags.StringSliceVar(
- &cf.Devices,
- deviceFlagName, devices(),
- "Add a host device to the container",
- )
- _ = cmd.RegisterFlagCompletionFunc(deviceFlagName, completion.AutocompleteDefault)
+ createFlags.Bool(
+ "disable-content-trust", false,
+ "This is a Docker specific option and is a NOOP",
+ )
- deviceCgroupRuleFlagName := "device-cgroup-rule"
- createFlags.StringSliceVar(
- &cf.DeviceCGroupRule,
- deviceCgroupRuleFlagName, []string{},
- "Add a rule to the cgroup allowed devices list",
- )
- _ = cmd.RegisterFlagCompletionFunc(deviceCgroupRuleFlagName, completion.AutocompleteNone)
+ envFlagName := "env"
+ createFlags.StringArrayP(
+ envFlagName, "e", env(),
+ "Set environment variables in container",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(envFlagName, completion.AutocompleteNone)
+
+ if !registry.IsRemote() {
+ createFlags.BoolVar(
+ &cf.EnvHost,
+ "env-host", false, "Use all current host environment variables in container",
+ )
+ }
+
+ envFileFlagName := "env-file"
+ createFlags.StringSliceVar(
+ &cf.EnvFile,
+ envFileFlagName, []string{},
+ "Read in a file of environment variables",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(envFileFlagName, completion.AutocompleteDefault)
- deviceReadBpsFlagName := "device-read-bps"
- createFlags.StringSliceVar(
- &cf.DeviceReadBPs,
- deviceReadBpsFlagName, []string{},
- "Limit read rate (bytes per second) from a device (e.g. --device-read-bps=/dev/sda:1mb)",
- )
- _ = cmd.RegisterFlagCompletionFunc(deviceReadBpsFlagName, completion.AutocompleteDefault)
+ exposeFlagName := "expose"
+ createFlags.StringSliceVar(
+ &cf.Expose,
+ exposeFlagName, []string{},
+ "Expose a port or a range of ports",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(exposeFlagName, completion.AutocompleteNone)
- deviceReadIopsFlagName := "device-read-iops"
- createFlags.StringSliceVar(
- &cf.DeviceReadIOPs,
- deviceReadIopsFlagName, []string{},
- "Limit read rate (IO per second) from a device (e.g. --device-read-iops=/dev/sda:1000)",
- )
- _ = cmd.RegisterFlagCompletionFunc(deviceReadIopsFlagName, completion.AutocompleteDefault)
+ groupAddFlagName := "group-add"
+ createFlags.StringSliceVar(
+ &cf.GroupAdd,
+ groupAddFlagName, []string{},
+ "Add additional groups to the primary container process. 'keep-groups' allows container processes to use supplementary groups.",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(groupAddFlagName, completion.AutocompleteNone)
- deviceWriteBpsFlagName := "device-write-bps"
- createFlags.StringSliceVar(
- &cf.DeviceWriteBPs,
- deviceWriteBpsFlagName, []string{},
- "Limit write rate (bytes per second) to a device (e.g. --device-write-bps=/dev/sda:1mb)",
- )
- _ = cmd.RegisterFlagCompletionFunc(deviceWriteBpsFlagName, completion.AutocompleteDefault)
+ healthCmdFlagName := "health-cmd"
+ createFlags.StringVar(
+ &cf.HealthCmd,
+ healthCmdFlagName, "",
+ "set a healthcheck command for the container ('none' disables the existing healthcheck)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(healthCmdFlagName, completion.AutocompleteNone)
- deviceWriteIopsFlagName := "device-write-iops"
- createFlags.StringSliceVar(
- &cf.DeviceWriteIOPs,
- deviceWriteIopsFlagName, []string{},
- "Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda:1000)",
- )
- _ = cmd.RegisterFlagCompletionFunc(deviceWriteIopsFlagName, completion.AutocompleteDefault)
+ healthIntervalFlagName := "health-interval"
+ createFlags.StringVar(
+ &cf.HealthInterval,
+ healthIntervalFlagName, DefaultHealthCheckInterval,
+ "set an interval for the healthchecks (a value of disable results in no automatic timer setup)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(healthIntervalFlagName, completion.AutocompleteNone)
- createFlags.Bool(
- "disable-content-trust", false,
- "This is a Docker specific option and is a NOOP",
- )
+ healthRetriesFlagName := "health-retries"
+ createFlags.UintVar(
+ &cf.HealthRetries,
+ healthRetriesFlagName, DefaultHealthCheckRetries,
+ "the number of retries allowed before a healthcheck is considered to be unhealthy",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(healthRetriesFlagName, completion.AutocompleteNone)
- entrypointFlagName := "entrypoint"
- createFlags.String(entrypointFlagName, "",
- "Overwrite the default ENTRYPOINT of the image",
- )
- _ = cmd.RegisterFlagCompletionFunc(entrypointFlagName, completion.AutocompleteNone)
+ healthStartPeriodFlagName := "health-start-period"
+ createFlags.StringVar(
+ &cf.HealthStartPeriod,
+ healthStartPeriodFlagName, DefaultHealthCheckStartPeriod,
+ "the initialization time needed for a container to bootstrap",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(healthStartPeriodFlagName, completion.AutocompleteNone)
- envFlagName := "env"
- createFlags.StringArrayP(
- envFlagName, "e", env(),
- "Set environment variables in container",
- )
- _ = cmd.RegisterFlagCompletionFunc(envFlagName, completion.AutocompleteNone)
+ healthTimeoutFlagName := "health-timeout"
+ createFlags.StringVar(
+ &cf.HealthTimeout,
+ healthTimeoutFlagName, DefaultHealthCheckTimeout,
+ "the maximum time allowed to complete the healthcheck before an interval is considered failed",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(healthTimeoutFlagName, completion.AutocompleteNone)
- if !registry.IsRemote() {
createFlags.BoolVar(
- &cf.EnvHost,
- "env-host", false, "Use all current host environment variables in container",
+ &cf.HTTPProxy,
+ "http-proxy", containerConfig.Containers.HTTPProxy,
+ "Set proxy environment variables in the container based on the host proxy vars",
)
- }
-
- envFileFlagName := "env-file"
- createFlags.StringSliceVar(
- &cf.EnvFile,
- envFileFlagName, []string{},
- "Read in a file of environment variables",
- )
- _ = cmd.RegisterFlagCompletionFunc(envFileFlagName, completion.AutocompleteDefault)
-
- exposeFlagName := "expose"
- createFlags.StringSliceVar(
- &cf.Expose,
- exposeFlagName, []string{},
- "Expose a port or a range of ports",
- )
- _ = cmd.RegisterFlagCompletionFunc(exposeFlagName, completion.AutocompleteNone)
- gidmapFlagName := "gidmap"
- createFlags.StringSliceVar(
- &cf.GIDMap,
- gidmapFlagName, []string{},
- "GID map to use for the user namespace",
- )
- _ = cmd.RegisterFlagCompletionFunc(gidmapFlagName, completion.AutocompleteNone)
+ imageVolumeFlagName := "image-volume"
+ createFlags.StringVar(
+ &cf.ImageVolume,
+ imageVolumeFlagName, DefaultImageVolume,
+ `Tells podman how to handle the builtin image volumes ("bind"|"tmpfs"|"ignore")`,
+ )
+ _ = cmd.RegisterFlagCompletionFunc(imageVolumeFlagName, AutocompleteImageVolume)
- groupAddFlagName := "group-add"
- createFlags.StringSliceVar(
- &cf.GroupAdd,
- groupAddFlagName, []string{},
- "Add additional groups to the primary container process. 'keep-groups' allows container processes to use supplementary groups.",
- )
- _ = cmd.RegisterFlagCompletionFunc(groupAddFlagName, completion.AutocompleteNone)
+ createFlags.BoolVar(
+ &cf.Init,
+ "init", false,
+ "Run an init binary inside the container that forwards signals and reaps processes",
+ )
- createFlags.Bool(
- "help", false, "",
- )
+ initPathFlagName := "init-path"
+ createFlags.StringVar(
+ &cf.InitPath,
+ initPathFlagName, initPath(),
+ // Do not use the Value field for setting the default value to determine user input (i.e., non-empty string)
+ "Path to the container-init binary",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(initPathFlagName, completion.AutocompleteDefault)
- healthCmdFlagName := "health-cmd"
- createFlags.StringVar(
- &cf.HealthCmd,
- healthCmdFlagName, "",
- "set a healthcheck command for the container ('none' disables the existing healthcheck)",
- )
- _ = cmd.RegisterFlagCompletionFunc(healthCmdFlagName, completion.AutocompleteNone)
+ createFlags.BoolVarP(
+ &cf.Interactive,
+ "interactive", "i", false,
+ "Keep STDIN open even if not attached",
+ )
+ ipcFlagName := "ipc"
+ createFlags.String(
+ ipcFlagName, "",
+ "IPC namespace to use",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(ipcFlagName, AutocompleteNamespace)
- healthIntervalFlagName := "health-interval"
- createFlags.StringVar(
- &cf.HealthInterval,
- healthIntervalFlagName, DefaultHealthCheckInterval,
- "set an interval for the healthchecks (a value of disable results in no automatic timer setup)",
- )
- _ = cmd.RegisterFlagCompletionFunc(healthIntervalFlagName, completion.AutocompleteNone)
+ kernelMemoryFlagName := "kernel-memory"
+ createFlags.StringVar(
+ &cf.KernelMemory,
+ kernelMemoryFlagName, "",
+ "Kernel memory limit "+sizeWithUnitFormat,
+ )
+ _ = cmd.RegisterFlagCompletionFunc(kernelMemoryFlagName, completion.AutocompleteNone)
+ logDriverFlagName := "log-driver"
+ createFlags.StringVar(
+ &cf.LogDriver,
+ logDriverFlagName, logDriver(),
+ "Logging driver for the container",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(logDriverFlagName, AutocompleteLogDriver)
- healthRetriesFlagName := "health-retries"
- createFlags.UintVar(
- &cf.HealthRetries,
- healthRetriesFlagName, DefaultHealthCheckRetries,
- "the number of retries allowed before a healthcheck is considered to be unhealthy",
- )
- _ = cmd.RegisterFlagCompletionFunc(healthRetriesFlagName, completion.AutocompleteNone)
+ logOptFlagName := "log-opt"
+ createFlags.StringSliceVar(
+ &cf.LogOptions,
+ logOptFlagName, []string{},
+ "Logging driver options",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(logOptFlagName, AutocompleteLogOpt)
- healthStartPeriodFlagName := "health-start-period"
- createFlags.StringVar(
- &cf.HealthStartPeriod,
- healthStartPeriodFlagName, DefaultHealthCheckStartPeriod,
- "the initialization time needed for a container to bootstrap",
- )
- _ = cmd.RegisterFlagCompletionFunc(healthStartPeriodFlagName, completion.AutocompleteNone)
+ memoryFlagName := "memory"
+ createFlags.StringVarP(
+ &cf.Memory,
+ memoryFlagName, "m", "",
+ "Memory limit "+sizeWithUnitFormat,
+ )
+ _ = cmd.RegisterFlagCompletionFunc(memoryFlagName, completion.AutocompleteNone)
- healthTimeoutFlagName := "health-timeout"
- createFlags.StringVar(
- &cf.HealthTimeout,
- healthTimeoutFlagName, DefaultHealthCheckTimeout,
- "the maximum time allowed to complete the healthcheck before an interval is considered failed",
- )
- _ = cmd.RegisterFlagCompletionFunc(healthTimeoutFlagName, completion.AutocompleteNone)
+ memoryReservationFlagName := "memory-reservation"
+ createFlags.StringVar(
+ &cf.MemoryReservation,
+ memoryReservationFlagName, "",
+ "Memory soft limit "+sizeWithUnitFormat,
+ )
+ _ = cmd.RegisterFlagCompletionFunc(memoryReservationFlagName, completion.AutocompleteNone)
- hostnameFlagName := "hostname"
- createFlags.StringVarP(
- &cf.Hostname,
- hostnameFlagName, "h", "",
- "Set container hostname",
- )
- _ = cmd.RegisterFlagCompletionFunc(hostnameFlagName, completion.AutocompleteNone)
+ memorySwapFlagName := "memory-swap"
+ createFlags.StringVar(
+ &cf.MemorySwap,
+ memorySwapFlagName, "",
+ "Swap limit equal to memory plus swap: '-1' to enable unlimited swap",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(memorySwapFlagName, completion.AutocompleteNone)
- createFlags.BoolVar(
- &cf.HTTPProxy,
- "http-proxy", containerConfig.Containers.HTTPProxy,
- "Set proxy environment variables in the container based on the host proxy vars",
- )
+ memorySwappinessFlagName := "memory-swappiness"
+ createFlags.Int64Var(
+ &cf.MemorySwappiness,
+ memorySwappinessFlagName, -1,
+ "Tune container memory swappiness (0 to 100, or -1 for system default)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(memorySwappinessFlagName, completion.AutocompleteNone)
- imageVolumeFlagName := "image-volume"
- createFlags.StringVar(
- &cf.ImageVolume,
- imageVolumeFlagName, DefaultImageVolume,
- `Tells podman how to handle the builtin image volumes ("bind"|"tmpfs"|"ignore")`,
- )
- _ = cmd.RegisterFlagCompletionFunc(imageVolumeFlagName, AutocompleteImageVolume)
+ createFlags.BoolVar(
+ &cf.NoHealthCheck,
+ "no-healthcheck", false,
+ "Disable healthchecks on container",
+ )
+ createFlags.BoolVar(
+ &cf.OOMKillDisable,
+ "oom-kill-disable", false,
+ "Disable OOM Killer",
+ )
- createFlags.BoolVar(
- &cf.Init,
- "init", false,
- "Run an init binary inside the container that forwards signals and reaps processes",
- )
+ oomScoreAdjFlagName := "oom-score-adj"
+ createFlags.IntVar(
+ &cf.OOMScoreAdj,
+ oomScoreAdjFlagName, 0,
+ "Tune the host's OOM preferences (-1000 to 1000)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(oomScoreAdjFlagName, completion.AutocompleteNone)
- initPathFlagName := "init-path"
- createFlags.StringVar(
- &cf.InitPath,
- initPathFlagName, initPath(),
- // Do not use the Value field for setting the default value to determine user input (i.e., non-empty string)
- "Path to the container-init binary",
- )
- _ = cmd.RegisterFlagCompletionFunc(initPathFlagName, completion.AutocompleteDefault)
+ archFlagName := "arch"
+ createFlags.StringVar(
+ &cf.Arch,
+ archFlagName, "",
+ "use `ARCH` instead of the architecture of the machine for choosing images",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(archFlagName, completion.AutocompleteArch)
- createFlags.BoolVarP(
- &cf.Interactive,
- "interactive", "i", false,
- "Keep STDIN open even if not attached",
- )
+ osFlagName := "os"
+ createFlags.StringVar(
+ &cf.OS,
+ osFlagName, "",
+ "use `OS` instead of the running OS for choosing images",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(osFlagName, completion.AutocompleteOS)
- ipcFlagName := "ipc"
- createFlags.String(
- ipcFlagName, "",
- "IPC namespace to use",
- )
- _ = cmd.RegisterFlagCompletionFunc(ipcFlagName, AutocompleteNamespace)
+ variantFlagName := "variant"
+ createFlags.StringVar(
+ &cf.Variant,
+ variantFlagName, "",
+ "Use _VARIANT_ instead of the running architecture variant for choosing images",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(variantFlagName, completion.AutocompleteNone)
- kernelMemoryFlagName := "kernel-memory"
- createFlags.StringVar(
- &cf.KernelMemory,
- kernelMemoryFlagName, "",
- "Kernel memory limit "+sizeWithUnitFormat,
- )
- _ = cmd.RegisterFlagCompletionFunc(kernelMemoryFlagName, completion.AutocompleteNone)
+ pidsLimitFlagName := "pids-limit"
+ createFlags.Int64(
+ pidsLimitFlagName, pidsLimit(),
+ "Tune container pids limit (set 0 for unlimited, -1 for server defaults)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(pidsLimitFlagName, completion.AutocompleteNone)
- labelFlagName := "label"
- createFlags.StringArrayVarP(
- &cf.Label,
- labelFlagName, "l", []string{},
- "Set metadata on container",
- )
- _ = cmd.RegisterFlagCompletionFunc(labelFlagName, completion.AutocompleteNone)
+ platformFlagName := "platform"
+ createFlags.StringVar(
+ &cf.Platform,
+ platformFlagName, "",
+ "Specify the platform for selecting the image. (Conflicts with --arch and --os)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(platformFlagName, completion.AutocompleteNone)
- labelFileFlagName := "label-file"
- createFlags.StringSliceVar(
- &cf.LabelFile,
- labelFileFlagName, []string{},
- "Read in a line delimited file of labels",
- )
- _ = cmd.RegisterFlagCompletionFunc(labelFileFlagName, completion.AutocompleteDefault)
+ podFlagName := "pod"
+ createFlags.StringVar(
+ &cf.Pod,
+ podFlagName, "",
+ "Run container in an existing pod",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(podFlagName, AutocompletePods)
- logDriverFlagName := "log-driver"
- createFlags.StringVar(
- &cf.LogDriver,
- logDriverFlagName, logDriver(),
- "Logging driver for the container",
- )
- _ = cmd.RegisterFlagCompletionFunc(logDriverFlagName, AutocompleteLogDriver)
+ podIDFileFlagName := "pod-id-file"
+ createFlags.StringVar(
+ &cf.PodIDFile,
+ podIDFileFlagName, "",
+ "Read the pod ID from the file",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(podIDFileFlagName, completion.AutocompleteDefault)
+ createFlags.BoolVar(
+ &cf.Privileged,
+ "privileged", false,
+ "Give extended privileges to container",
+ )
+ createFlags.BoolVarP(
+ &cf.PublishAll,
+ "publish-all", "P", false,
+ "Publish all exposed ports to random ports on the host interface",
+ )
- logOptFlagName := "log-opt"
- createFlags.StringSliceVar(
- &cf.LogOptions,
- logOptFlagName, []string{},
- "Logging driver options",
- )
- _ = cmd.RegisterFlagCompletionFunc(logOptFlagName, AutocompleteLogOpt)
+ pullFlagName := "pull"
+ createFlags.StringVar(
+ &cf.Pull,
+ pullFlagName, policy(),
+ `Pull image before creating ("always"|"missing"|"never")`,
+ )
+ _ = cmd.RegisterFlagCompletionFunc(pullFlagName, AutocompletePullOption)
- memoryFlagName := "memory"
- createFlags.StringVarP(
- &cf.Memory,
- memoryFlagName, "m", "",
- "Memory limit "+sizeWithUnitFormat,
- )
- _ = cmd.RegisterFlagCompletionFunc(memoryFlagName, completion.AutocompleteNone)
+ createFlags.BoolVarP(
+ &cf.Quiet,
+ "quiet", "q", false,
+ "Suppress output information when pulling images",
+ )
+ createFlags.BoolVar(
+ &cf.ReadOnly,
+ "read-only", false,
+ "Make containers root filesystem read-only",
+ )
+ createFlags.BoolVar(
+ &cf.ReadOnlyTmpFS,
+ "read-only-tmpfs", true,
+ "When running containers in read-only mode mount a read-write tmpfs on /run, /tmp and /var/tmp",
+ )
+ requiresFlagName := "requires"
+ createFlags.StringSliceVar(
+ &cf.Requires,
+ requiresFlagName, []string{},
+ "Add one or more requirement containers that must be started before this container will start",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(requiresFlagName, AutocompleteContainers)
- memoryReservationFlagName := "memory-reservation"
- createFlags.StringVar(
- &cf.MemoryReservation,
- memoryReservationFlagName, "",
- "Memory soft limit "+sizeWithUnitFormat,
- )
- _ = cmd.RegisterFlagCompletionFunc(memoryReservationFlagName, completion.AutocompleteNone)
+ restartFlagName := "restart"
+ createFlags.StringVar(
+ &cf.Restart,
+ restartFlagName, "",
+ `Restart policy to apply when a container exits ("always"|"no"|"on-failure"|"unless-stopped")`,
+ )
+ _ = cmd.RegisterFlagCompletionFunc(restartFlagName, AutocompleteRestartOption)
- memorySwapFlagName := "memory-swap"
- createFlags.StringVar(
- &cf.MemorySwap,
- memorySwapFlagName, "",
- "Swap limit equal to memory plus swap: '-1' to enable unlimited swap",
- )
- _ = cmd.RegisterFlagCompletionFunc(memorySwapFlagName, completion.AutocompleteNone)
+ createFlags.BoolVar(
+ &cf.Rm,
+ "rm", false,
+ "Remove container (and pod if created) after exit",
+ )
+ createFlags.BoolVar(
+ &cf.RootFS,
+ "rootfs", false,
+ "The first argument is not an image but the rootfs to the exploded container",
+ )
- memorySwappinessFlagName := "memory-swappiness"
- createFlags.Int64Var(
- &cf.MemorySwappiness,
- memorySwappinessFlagName, -1,
- "Tune container memory swappiness (0 to 100, or -1 for system default)",
- )
- _ = cmd.RegisterFlagCompletionFunc(memorySwappinessFlagName, completion.AutocompleteNone)
+ sdnotifyFlagName := "sdnotify"
+ createFlags.StringVar(
+ &cf.SdNotifyMode,
+ sdnotifyFlagName, define.SdNotifyModeContainer,
+ `control sd-notify behavior ("container"|"conmon"|"ignore")`,
+ )
+ _ = cmd.RegisterFlagCompletionFunc(sdnotifyFlagName, AutocompleteSDNotify)
- nameFlagName := "name"
- createFlags.StringVar(
- &cf.Name,
- nameFlagName, "",
- "Assign a name to the container",
- )
- _ = cmd.RegisterFlagCompletionFunc(nameFlagName, completion.AutocompleteNone)
+ secretFlagName := "secret"
+ createFlags.StringArrayVar(
+ &cf.Secrets,
+ secretFlagName, []string{},
+ "Add secret to container",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(secretFlagName, AutocompleteSecrets)
- createFlags.BoolVar(
- &cf.NoHealthCheck,
- "no-healthcheck", false,
- "Disable healthchecks on container",
- )
- createFlags.BoolVar(
- &cf.OOMKillDisable,
- "oom-kill-disable", false,
- "Disable OOM Killer",
- )
+ securityOptFlagName := "security-opt"
+ createFlags.StringArrayVar(
+ &cf.SecurityOpt,
+ securityOptFlagName, []string{},
+ "Security Options",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(securityOptFlagName, AutocompleteSecurityOption)
- oomScoreAdjFlagName := "oom-score-adj"
- createFlags.IntVar(
- &cf.OOMScoreAdj,
- oomScoreAdjFlagName, 0,
- "Tune the host's OOM preferences (-1000 to 1000)",
- )
- _ = cmd.RegisterFlagCompletionFunc(oomScoreAdjFlagName, completion.AutocompleteNone)
+ shmSizeFlagName := "shm-size"
+ createFlags.String(
+ shmSizeFlagName, shmSize(),
+ "Size of /dev/shm "+sizeWithUnitFormat,
+ )
+ _ = cmd.RegisterFlagCompletionFunc(shmSizeFlagName, completion.AutocompleteNone)
- archFlagName := "arch"
- createFlags.StringVar(
- &cf.Arch,
- archFlagName, "",
- "use `ARCH` instead of the architecture of the machine for choosing images",
- )
- _ = cmd.RegisterFlagCompletionFunc(archFlagName, completion.AutocompleteArch)
+ stopSignalFlagName := "stop-signal"
+ createFlags.StringVar(
+ &cf.SignaturePolicy,
+ "signature-policy", "",
+ "`Pathname` of signature policy file (not usually used)",
+ )
+ createFlags.StringVar(
+ &cf.StopSignal,
+ stopSignalFlagName, "",
+ "Signal to stop a container. Default is SIGTERM",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(stopSignalFlagName, AutocompleteStopSignal)
- osFlagName := "os"
- createFlags.StringVar(
- &cf.OS,
- osFlagName, "",
- "use `OS` instead of the running OS for choosing images",
- )
- _ = cmd.RegisterFlagCompletionFunc(osFlagName, completion.AutocompleteOS)
+ stopTimeoutFlagName := "stop-timeout"
+ createFlags.UintVar(
+ &cf.StopTimeout,
+ stopTimeoutFlagName, containerConfig.Engine.StopTimeout,
+ "Timeout (in seconds) that containers stopped by user command have to exit. If exceeded, the container will be forcibly stopped via SIGKILL.",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(stopTimeoutFlagName, completion.AutocompleteNone)
- variantFlagName := "variant"
- createFlags.StringVar(
- &cf.Variant,
- variantFlagName, "",
- "Use _VARIANT_ instead of the running architecture variant for choosing images",
- )
- _ = cmd.RegisterFlagCompletionFunc(variantFlagName, completion.AutocompleteNone)
+ sysctlFlagName := "sysctl"
+ createFlags.StringSliceVar(
+ &cf.Sysctl,
+ sysctlFlagName, []string{},
+ "Sysctl options",
+ )
+ //TODO: Add function for sysctl completion.
+ _ = cmd.RegisterFlagCompletionFunc(sysctlFlagName, completion.AutocompleteNone)
+
+ systemdFlagName := "systemd"
+ createFlags.StringVar(
+ &cf.Systemd,
+ systemdFlagName, "true",
+ `Run container in systemd mode ("true"|"false"|"always")`,
+ )
+ _ = cmd.RegisterFlagCompletionFunc(systemdFlagName, AutocompleteSystemdFlag)
- personalityFlagName := "personality"
- createFlags.StringVar(
- &cf.Personality,
- personalityFlagName, "",
- "Configure execution domain using personality (e.g., LINUX/LINUX32)",
- )
- _ = cmd.RegisterFlagCompletionFunc(personalityFlagName, AutocompleteNamespace)
+ personalityFlagName := "personality"
+ createFlags.StringVar(
+ &cf.Personality,
+ personalityFlagName, "",
+ "Configure execution domain using personality (e.g., LINUX/LINUX32)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(personalityFlagName, AutocompleteNamespace)
- pidFlagName := "pid"
- createFlags.String(
- pidFlagName, "",
- "PID namespace to use",
- )
- _ = cmd.RegisterFlagCompletionFunc(pidFlagName, AutocompleteNamespace)
+ timeoutFlagName := "timeout"
+ createFlags.UintVar(
+ &cf.Timeout,
+ timeoutFlagName, 0,
+ "Maximum length of time a container is allowed to run. The container will be killed automatically after the time expires.",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(timeoutFlagName, completion.AutocompleteNone)
- pidsLimitFlagName := "pids-limit"
- createFlags.Int64(
- pidsLimitFlagName, pidsLimit(),
- "Tune container pids limit (set 0 for unlimited, -1 for server defaults)",
- )
- _ = cmd.RegisterFlagCompletionFunc(pidsLimitFlagName, completion.AutocompleteNone)
+ // Flag for TLS verification, so that `run` and `create` commands can make use of it.
+ // Make sure to use `=` while using this flag i.e `--tls-verify=false/true`
+ tlsVerifyFlagName := "tls-verify"
+ createFlags.BoolVar(
+ &cf.TLSVerify,
+ tlsVerifyFlagName, true,
+ "Require HTTPS and verify certificates when contacting registries for pulling images",
+ )
- platformFlagName := "platform"
- createFlags.StringVar(
- &cf.Platform,
- platformFlagName, "",
- "Specify the platform for selecting the image. (Conflicts with --arch and --os)",
- )
- _ = cmd.RegisterFlagCompletionFunc(platformFlagName, completion.AutocompleteNone)
+ tmpfsFlagName := "tmpfs"
+ createFlags.StringArrayVar(
+ &cf.TmpFS,
+ tmpfsFlagName, []string{},
+ "Mount a temporary filesystem (`tmpfs`) into a container",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(tmpfsFlagName, completion.AutocompleteDefault)
- podFlagName := "pod"
- createFlags.StringVar(
- &cf.Pod,
- podFlagName, "",
- "Run container in an existing pod",
- )
- _ = cmd.RegisterFlagCompletionFunc(podFlagName, AutocompletePods)
+ createFlags.BoolVarP(
+ &cf.TTY,
+ "tty", "t", false,
+ "Allocate a pseudo-TTY for container",
+ )
- podIDFileFlagName := "pod-id-file"
- createFlags.StringVar(
- &cf.PodIDFile,
- podIDFileFlagName, "",
- "Read the pod ID from the file",
- )
- _ = cmd.RegisterFlagCompletionFunc(podIDFileFlagName, completion.AutocompleteDefault)
-
- // Flag for TLS verification, so that `run` and `create` commands can make use of it.
- // Make sure to use `=` while using this flag i.e `--tls-verify=false/true`
- tlsVerifyFlagName := "tls-verify"
- createFlags.BoolVar(
- &cf.TLSVerify,
- tlsVerifyFlagName, true,
- "Require HTTPS and verify certificates when contacting registries for pulling images",
- )
+ timezoneFlagName := "tz"
+ createFlags.StringVar(
+ &cf.Timezone,
+ timezoneFlagName, containerConfig.TZ(),
+ "Set timezone in container",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(timezoneFlagName, completion.AutocompleteNone) //TODO: add timezone completion
- createFlags.BoolVar(
- &cf.Privileged,
- "privileged", false,
- "Give extended privileges to container",
- )
- createFlags.BoolVarP(
- &cf.PublishAll,
- "publish-all", "P", false,
- "Publish all exposed ports to random ports on the host interface",
- )
+ umaskFlagName := "umask"
+ createFlags.StringVar(
+ &cf.Umask,
+ umaskFlagName, containerConfig.Umask(),
+ "Set umask in container",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(umaskFlagName, completion.AutocompleteNone)
- pullFlagName := "pull"
- createFlags.StringVar(
- &cf.Pull,
- pullFlagName, policy(),
- `Pull image before creating ("always"|"missing"|"never")`,
- )
- _ = cmd.RegisterFlagCompletionFunc(pullFlagName, AutocompletePullOption)
+ ulimitFlagName := "ulimit"
+ createFlags.StringSliceVar(
+ &cf.Ulimit,
+ ulimitFlagName, ulimits(),
+ "Ulimit options",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(ulimitFlagName, completion.AutocompleteNone)
- createFlags.BoolVarP(
- &cf.Quiet,
- "quiet", "q", false,
- "Suppress output information when pulling images",
- )
- createFlags.BoolVar(
- &cf.ReadOnly,
- "read-only", false,
- "Make containers root filesystem read-only",
- )
- createFlags.BoolVar(
- &cf.ReadOnlyTmpFS,
- "read-only-tmpfs", true,
- "When running containers in read-only mode mount a read-write tmpfs on /run, /tmp and /var/tmp",
- )
- createFlags.BoolVar(
- &cf.Replace,
- "replace", false,
- `If a container with the same name exists, replace it`,
- )
+ userFlagName := "user"
+ createFlags.StringVarP(
+ &cf.User,
+ userFlagName, "u", "",
+ "Username or UID (format: <name|uid>[:<group|gid>])",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(userFlagName, AutocompleteUserFlag)
- requiresFlagName := "requires"
- createFlags.StringSliceVar(
- &cf.Requires,
- requiresFlagName, []string{},
- "Add one or more requirement containers that must be started before this container will start",
- )
- _ = cmd.RegisterFlagCompletionFunc(requiresFlagName, AutocompleteContainers)
+ utsFlagName := "uts"
+ createFlags.String(
+ utsFlagName, "",
+ "UTS namespace to use",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(utsFlagName, AutocompleteNamespace)
- restartFlagName := "restart"
- createFlags.StringVar(
- &cf.Restart,
- restartFlagName, "",
- `Restart policy to apply when a container exits ("always"|"no"|"on-failure"|"unless-stopped")`,
- )
- _ = cmd.RegisterFlagCompletionFunc(restartFlagName, AutocompleteRestartOption)
+ mountFlagName := "mount"
+ createFlags.StringArrayVar(
+ &cf.Mount,
+ mountFlagName, []string{},
+ "Attach a filesystem mount to the container",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(mountFlagName, AutocompleteMountFlag)
+
+ volumeDesciption := "Bind mount a volume into the container"
+ if registry.IsRemote() {
+ volumeDesciption = "Bind mount a volume into the container. Volume src will be on the server machine, not the client"
+ }
+ volumeFlagName := "volume"
+ createFlags.StringArrayVarP(
+ &cf.Volume,
+ volumeFlagName, "v", volumes(),
+ volumeDesciption,
+ )
+ _ = cmd.RegisterFlagCompletionFunc(volumeFlagName, AutocompleteVolumeFlag)
- createFlags.BoolVar(
- &cf.Rm,
- "rm", false,
- "Remove container (and pod if created) after exit",
- )
- createFlags.BoolVar(
- &cf.RootFS,
- "rootfs", false,
- "The first argument is not an image but the rootfs to the exploded container",
- )
+ volumesFromFlagName := "volumes-from"
+ createFlags.StringArrayVar(
+ &cf.VolumesFrom,
+ volumesFromFlagName, []string{},
+ "Mount volumes from the specified container(s)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(volumesFromFlagName, AutocompleteContainers)
- sdnotifyFlagName := "sdnotify"
- createFlags.StringVar(
- &cf.SdNotifyMode,
- sdnotifyFlagName, define.SdNotifyModeContainer,
- `control sd-notify behavior ("container"|"conmon"|"ignore")`,
- )
- _ = cmd.RegisterFlagCompletionFunc(sdnotifyFlagName, AutocompleteSDNotify)
+ workdirFlagName := "workdir"
+ createFlags.StringVarP(
+ &cf.Workdir,
+ workdirFlagName, "w", "",
+ "Working directory inside the container",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(workdirFlagName, completion.AutocompleteDefault)
- secretFlagName := "secret"
- createFlags.StringArrayVar(
- &cf.Secrets,
- secretFlagName, []string{},
- "Add secret to container",
- )
- _ = cmd.RegisterFlagCompletionFunc(secretFlagName, AutocompleteSecrets)
+ seccompPolicyFlagName := "seccomp-policy"
+ createFlags.StringVar(
+ &cf.SeccompPolicy,
+ seccompPolicyFlagName, "default",
+ "Policy for selecting a seccomp profile (experimental)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(seccompPolicyFlagName, completion.AutocompleteDefault)
- securityOptFlagName := "security-opt"
- createFlags.StringArrayVar(
- &cf.SecurityOpt,
- securityOptFlagName, []string{},
- "Security Options",
- )
- _ = cmd.RegisterFlagCompletionFunc(securityOptFlagName, AutocompleteSecurityOption)
+ cgroupConfFlagName := "cgroup-conf"
+ createFlags.StringSliceVar(
+ &cf.CgroupConf,
+ cgroupConfFlagName, []string{},
+ "Configure cgroup v2 (key=value)",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(cgroupConfFlagName, completion.AutocompleteNone)
- shmSizeFlagName := "shm-size"
- createFlags.String(
- shmSizeFlagName, shmSize(),
- "Size of /dev/shm "+sizeWithUnitFormat,
- )
- _ = cmd.RegisterFlagCompletionFunc(shmSizeFlagName, completion.AutocompleteNone)
+ pidFileFlagName := "pidfile"
+ createFlags.StringVar(
+ &cf.PidFile,
+ pidFileFlagName, "",
+ "Write the container process ID to the file")
+ _ = cmd.RegisterFlagCompletionFunc(pidFileFlagName, completion.AutocompleteDefault)
- stopSignalFlagName := "stop-signal"
- createFlags.StringVar(
- &cf.SignaturePolicy,
- "signature-policy", "",
- "`Pathname` of signature policy file (not usually used)",
- )
- createFlags.StringVar(
- &cf.StopSignal,
- stopSignalFlagName, "",
- "Signal to stop a container. Default is SIGTERM",
- )
- _ = cmd.RegisterFlagCompletionFunc(stopSignalFlagName, AutocompleteStopSignal)
+ _ = createFlags.MarkHidden("signature-policy")
+ if registry.IsRemote() {
+ _ = createFlags.MarkHidden("env-host")
+ _ = createFlags.MarkHidden("http-proxy")
+ }
- stopTimeoutFlagName := "stop-timeout"
- createFlags.UintVar(
- &cf.StopTimeout,
- stopTimeoutFlagName, containerConfig.Engine.StopTimeout,
- "Timeout (in seconds) that containers stopped by user command have to exit. If exceeded, the container will be forcibly stopped via SIGKILL.",
- )
- _ = cmd.RegisterFlagCompletionFunc(stopTimeoutFlagName, completion.AutocompleteNone)
+ createFlags.BoolVar(
+ &cf.Replace,
+ "replace", false,
+ `If a container with the same name exists, replace it`,
+ )
+ }
subgidnameFlagName := "subgidname"
createFlags.StringVar(
@@ -688,60 +740,13 @@ func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) {
)
_ = cmd.RegisterFlagCompletionFunc(subuidnameFlagName, completion.AutocompleteSubuidName)
- sysctlFlagName := "sysctl"
+ gidmapFlagName := "gidmap"
createFlags.StringSliceVar(
- &cf.Sysctl,
- sysctlFlagName, []string{},
- "Sysctl options",
- )
- //TODO: Add function for sysctl completion.
- _ = cmd.RegisterFlagCompletionFunc(sysctlFlagName, completion.AutocompleteNone)
-
- systemdFlagName := "systemd"
- createFlags.StringVar(
- &cf.Systemd,
- systemdFlagName, "true",
- `Run container in systemd mode ("true"|"false"|"always")`,
- )
- _ = cmd.RegisterFlagCompletionFunc(systemdFlagName, AutocompleteSystemdFlag)
-
- timeoutFlagName := "timeout"
- createFlags.UintVar(
- &cf.Timeout,
- timeoutFlagName, 0,
- "Maximum length of time a container is allowed to run. The container will be killed automatically after the time expires.",
- )
- _ = cmd.RegisterFlagCompletionFunc(timeoutFlagName, completion.AutocompleteNone)
-
- tmpfsFlagName := "tmpfs"
- createFlags.StringArrayVar(
- &cf.TmpFS,
- tmpfsFlagName, []string{},
- "Mount a temporary filesystem (`tmpfs`) into a container",
- )
- _ = cmd.RegisterFlagCompletionFunc(tmpfsFlagName, completion.AutocompleteDefault)
-
- createFlags.BoolVarP(
- &cf.TTY,
- "tty", "t", false,
- "Allocate a pseudo-TTY for container",
- )
-
- timezoneFlagName := "tz"
- createFlags.StringVar(
- &cf.Timezone,
- timezoneFlagName, containerConfig.TZ(),
- "Set timezone in container",
- )
- _ = cmd.RegisterFlagCompletionFunc(timezoneFlagName, completion.AutocompleteNone) //TODO: add timezone completion
-
- umaskFlagName := "umask"
- createFlags.StringVar(
- &cf.Umask,
- umaskFlagName, containerConfig.Umask(),
- "Set umask in container",
+ &cf.GIDMap,
+ gidmapFlagName, []string{},
+ "GID map to use for the user namespace",
)
- _ = cmd.RegisterFlagCompletionFunc(umaskFlagName, completion.AutocompleteNone)
+ _ = cmd.RegisterFlagCompletionFunc(gidmapFlagName, completion.AutocompleteNone)
uidmapFlagName := "uidmap"
createFlags.StringSliceVar(
@@ -751,22 +756,6 @@ func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) {
)
_ = cmd.RegisterFlagCompletionFunc(uidmapFlagName, completion.AutocompleteNone)
- ulimitFlagName := "ulimit"
- createFlags.StringSliceVar(
- &cf.Ulimit,
- ulimitFlagName, ulimits(),
- "Ulimit options",
- )
- _ = cmd.RegisterFlagCompletionFunc(ulimitFlagName, completion.AutocompleteNone)
-
- userFlagName := "user"
- createFlags.StringVarP(
- &cf.User,
- userFlagName, "u", "",
- "Username or UID (format: <name|uid>[:<group|gid>])",
- )
- _ = cmd.RegisterFlagCompletionFunc(userFlagName, AutocompleteUserFlag)
-
usernsFlagName := "userns"
createFlags.String(
usernsFlagName, os.Getenv("PODMAN_USERNS"),
@@ -774,75 +763,106 @@ func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) {
)
_ = cmd.RegisterFlagCompletionFunc(usernsFlagName, AutocompleteUserNamespace)
- utsFlagName := "uts"
- createFlags.String(
- utsFlagName, "",
- "UTS namespace to use",
+ cgroupParentFlagName := "cgroup-parent"
+ createFlags.StringVar(
+ &cf.CGroupParent,
+ cgroupParentFlagName, "",
+ "Optional parent cgroup for the container",
)
- _ = cmd.RegisterFlagCompletionFunc(utsFlagName, AutocompleteNamespace)
+ _ = cmd.RegisterFlagCompletionFunc(cgroupParentFlagName, completion.AutocompleteDefault)
- mountFlagName := "mount"
- createFlags.StringArrayVar(
- &cf.Mount,
- mountFlagName, []string{},
- "Attach a filesystem mount to the container",
+ conmonPidfileFlagName := ""
+ if !isInfra {
+ conmonPidfileFlagName = "conmon-pidfile"
+ } else {
+ conmonPidfileFlagName = "infra-conmon-pidfile"
+ }
+ createFlags.StringVar(
+ &cf.ConmonPIDFile,
+ conmonPidfileFlagName, "",
+ "Path to the file that will receive the PID of conmon",
)
- _ = cmd.RegisterFlagCompletionFunc(mountFlagName, AutocompleteMountFlag)
+ _ = cmd.RegisterFlagCompletionFunc(conmonPidfileFlagName, completion.AutocompleteDefault)
- volumeDesciption := "Bind mount a volume into the container"
- if registry.IsRemote() {
- volumeDesciption = "Bind mount a volume into the container. Volume src will be on the server machine, not the client"
- }
- volumeFlagName := "volume"
- createFlags.StringArrayVarP(
- &cf.Volume,
- volumeFlagName, "v", volumes(),
- volumeDesciption,
+ cpusFlagName := "cpus"
+ createFlags.Float64Var(
+ &cf.CPUS,
+ cpusFlagName, 0,
+ "Number of CPUs. The default is 0.000 which means no limit",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(cpusFlagName, completion.AutocompleteNone)
+
+ cpusetCpusFlagName := "cpuset-cpus"
+ createFlags.StringVar(
+ &cf.CPUSetCPUs,
+ cpusetCpusFlagName, "",
+ "CPUs in which to allow execution (0-3, 0,1)",
)
- _ = cmd.RegisterFlagCompletionFunc(volumeFlagName, AutocompleteVolumeFlag)
+ _ = cmd.RegisterFlagCompletionFunc(cpusetCpusFlagName, completion.AutocompleteNone)
+
+ entrypointFlagName := ""
+ if !isInfra {
+ entrypointFlagName = "entrypoint"
+ } else {
+ entrypointFlagName = "infra-command"
+ }
- volumesFromFlagName := "volumes-from"
- createFlags.StringArrayVar(
- &cf.VolumesFrom,
- volumesFromFlagName, []string{},
- "Mount volumes from the specified container(s)",
+ createFlags.String(entrypointFlagName, "",
+ "Overwrite the default ENTRYPOINT of the image",
)
- _ = cmd.RegisterFlagCompletionFunc(volumesFromFlagName, AutocompleteContainers)
+ _ = cmd.RegisterFlagCompletionFunc(entrypointFlagName, completion.AutocompleteNone)
- workdirFlagName := "workdir"
+ hostnameFlagName := "hostname"
createFlags.StringVarP(
- &cf.Workdir,
- workdirFlagName, "w", "",
- "Working directory inside the container",
+ &cf.Hostname,
+ hostnameFlagName, "h", "",
+ "Set container hostname",
)
- _ = cmd.RegisterFlagCompletionFunc(workdirFlagName, completion.AutocompleteDefault)
+ _ = cmd.RegisterFlagCompletionFunc(hostnameFlagName, completion.AutocompleteNone)
- seccompPolicyFlagName := "seccomp-policy"
- createFlags.StringVar(
- &cf.SeccompPolicy,
- seccompPolicyFlagName, "default",
- "Policy for selecting a seccomp profile (experimental)",
+ labelFlagName := "label"
+ createFlags.StringArrayVarP(
+ &cf.Label,
+ labelFlagName, "l", []string{},
+ "Set metadata on container",
)
- _ = cmd.RegisterFlagCompletionFunc(seccompPolicyFlagName, completion.AutocompleteDefault)
+ _ = cmd.RegisterFlagCompletionFunc(labelFlagName, completion.AutocompleteNone)
- cgroupConfFlagName := "cgroup-conf"
+ labelFileFlagName := "label-file"
createFlags.StringSliceVar(
- &cf.CgroupConf,
- cgroupConfFlagName, []string{},
- "Configure cgroup v2 (key=value)",
+ &cf.LabelFile,
+ labelFileFlagName, []string{},
+ "Read in a line delimited file of labels",
)
- _ = cmd.RegisterFlagCompletionFunc(cgroupConfFlagName, completion.AutocompleteNone)
+ _ = cmd.RegisterFlagCompletionFunc(labelFileFlagName, completion.AutocompleteDefault)
- pidFileFlagName := "pidfile"
- createFlags.StringVar(
- &cf.PidFile,
- pidFileFlagName, "",
- "Write the container process ID to the file")
- _ = cmd.RegisterFlagCompletionFunc(pidFileFlagName, completion.AutocompleteDefault)
-
- _ = createFlags.MarkHidden("signature-policy")
- if registry.IsRemote() {
- _ = createFlags.MarkHidden("env-host")
- _ = createFlags.MarkHidden("http-proxy")
+ nameFlagName := ""
+ if !isInfra {
+ nameFlagName = "name"
+ createFlags.StringVar(
+ &cf.Name,
+ nameFlagName, "",
+ "Assign a name to the container",
+ )
+ } else {
+ nameFlagName = "infra-name"
+ createFlags.StringVar(
+ &cf.Name,
+ nameFlagName, "",
+ "Assign a name to the container",
+ )
}
+ _ = cmd.RegisterFlagCompletionFunc(nameFlagName, completion.AutocompleteNone)
+
+ createFlags.Bool(
+ "help", false, "",
+ )
+
+ pidFlagName := "pid"
+ createFlags.StringVar(
+ &cf.PID,
+ pidFlagName, "",
+ "PID namespace to use",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(pidFlagName, AutocompleteNamespace)
}
diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go
index c94f46cf2..2f592cba7 100644
--- a/cmd/podman/common/create_opts.go
+++ b/cmd/podman/common/create_opts.go
@@ -19,122 +19,6 @@ import (
"github.com/pkg/errors"
)
-type ContainerCLIOpts struct {
- Annotation []string
- Attach []string
- Authfile string
- BlkIOWeight string
- BlkIOWeightDevice []string
- CapAdd []string
- CapDrop []string
- CgroupNS string
- CGroupsMode string
- CGroupParent string
- CIDFile string
- ConmonPIDFile string
- CPUPeriod uint64
- CPUQuota int64
- CPURTPeriod uint64
- CPURTRuntime int64
- CPUShares uint64
- CPUS float64
- CPUSetCPUs string
- CPUSetMems string
- Devices []string
- DeviceCGroupRule []string
- DeviceReadBPs []string
- DeviceReadIOPs []string
- DeviceWriteBPs []string
- DeviceWriteIOPs []string
- Entrypoint *string
- Env []string
- EnvHost bool
- EnvFile []string
- Expose []string
- GIDMap []string
- GroupAdd []string
- HealthCmd string
- HealthInterval string
- HealthRetries uint
- HealthStartPeriod string
- HealthTimeout string
- Hostname string
- HTTPProxy bool
- ImageVolume string
- Init bool
- InitContainerType string
- InitPath string
- Interactive bool
- IPC string
- KernelMemory string
- Label []string
- LabelFile []string
- LogDriver string
- LogOptions []string
- Memory string
- MemoryReservation string
- MemorySwap string
- MemorySwappiness int64
- Name string
- NoHealthCheck bool
- OOMKillDisable bool
- OOMScoreAdj int
- Arch string
- OS string
- Variant string
- Personality string
- PID string
- PIDsLimit *int64
- Platform string
- Pod string
- PodIDFile string
- PreserveFDs uint
- Privileged bool
- PublishAll bool
- Pull string
- Quiet bool
- ReadOnly bool
- ReadOnlyTmpFS bool
- Restart string
- Replace bool
- Requires []string
- Rm bool
- RootFS bool
- Secrets []string
- SecurityOpt []string
- SdNotifyMode string
- ShmSize string
- SignaturePolicy string
- StopSignal string
- StopTimeout uint
- StorageOpt []string
- SubUIDName string
- SubGIDName string
- Sysctl []string
- Systemd string
- Timeout uint
- TLSVerify bool
- TmpFS []string
- TTY bool
- Timezone string
- Umask string
- UIDMap []string
- Ulimit []string
- User string
- UserNS string
- UTS string
- Mount []string
- Volume []string
- VolumesFrom []string
- Workdir string
- SeccompPolicy string
- PidFile string
-
- Net *entities.NetOptions
-
- CgroupConf []string
-}
-
func stringMaptoArray(m map[string]string) []string {
a := make([]string, 0, len(m))
for k, v := range m {
@@ -145,7 +29,7 @@ func stringMaptoArray(m map[string]string) []string {
// ContainerCreateToContainerCLIOpts converts a compat input struct to cliopts so it can be converted to
// a specgen spec.
-func ContainerCreateToContainerCLIOpts(cc handlers.CreateContainerConfig, rtc *config.Config) (*ContainerCLIOpts, []string, error) {
+func ContainerCreateToContainerCLIOpts(cc handlers.CreateContainerConfig, rtc *config.Config) (*entities.ContainerCreateOptions, []string, error) {
var (
capAdd []string
cappDrop []string
@@ -341,7 +225,7 @@ func ContainerCreateToContainerCLIOpts(cc handlers.CreateContainerConfig, rtc *c
// Note: several options here are marked as "don't need". this is based
// on speculation by Matt and I. We think that these come into play later
// like with start. We believe this is just a difference in podman/compat
- cliOpts := ContainerCLIOpts{
+ cliOpts := entities.ContainerCreateOptions{
// Attach: nil, // don't need?
Authfile: "",
CapAdd: append(capAdd, cc.HostConfig.CapAdd...),
diff --git a/cmd/podman/common/netflags.go b/cmd/podman/common/netflags.go
index aa8714b50..d11f3c9d2 100644
--- a/cmd/podman/common/netflags.go
+++ b/cmd/podman/common/netflags.go
@@ -8,8 +8,10 @@ import (
"github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/specgen"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/pkg/errors"
"github.com/spf13/cobra"
+ "github.com/spf13/pflag"
)
func DefineNetFlags(cmd *cobra.Command) {
@@ -87,12 +89,15 @@ func DefineNetFlags(cmd *cobra.Command) {
// NetFlagsToNetOptions parses the network flags for the given cmd.
// The netnsFromConfig bool is used to indicate if the --network flag
// should always be parsed regardless if it was set on the cli.
-func NetFlagsToNetOptions(cmd *cobra.Command, netnsFromConfig bool) (*entities.NetOptions, error) {
+func NetFlagsToNetOptions(opts *entities.NetOptions, flags pflag.FlagSet, netnsFromConfig bool) (*entities.NetOptions, error) {
var (
err error
)
- opts := entities.NetOptions{}
- opts.AddHosts, err = cmd.Flags().GetStringSlice("add-host")
+ if opts == nil {
+ opts = &entities.NetOptions{}
+ }
+
+ opts.AddHosts, err = flags.GetStringSlice("add-host")
if err != nil {
return nil, err
}
@@ -103,56 +108,50 @@ func NetFlagsToNetOptions(cmd *cobra.Command, netnsFromConfig bool) (*entities.N
}
}
- if cmd.Flags().Changed("dns") {
- servers, err := cmd.Flags().GetStringSlice("dns")
- if err != nil {
- return nil, err
- }
- for _, d := range servers {
- if d == "none" {
- opts.UseImageResolvConf = true
- if len(servers) > 1 {
- return nil, errors.Errorf("%s is not allowed to be specified with other DNS ip addresses", d)
- }
- break
- }
- dns := net.ParseIP(d)
- if dns == nil {
- return nil, errors.Errorf("%s is not an ip address", d)
+ servers, err := flags.GetStringSlice("dns")
+ if err != nil {
+ return nil, err
+ }
+ for _, d := range servers {
+ if d == "none" {
+ opts.UseImageResolvConf = true
+ if len(servers) > 1 {
+ return nil, errors.Errorf("%s is not allowed to be specified with other DNS ip addresses", d)
}
- opts.DNSServers = append(opts.DNSServers, dns)
+ break
+ }
+ dns := net.ParseIP(d)
+ if dns == nil {
+ return nil, errors.Errorf("%s is not an ip address", d)
}
+ opts.DNSServers = append(opts.DNSServers, dns)
}
- if cmd.Flags().Changed("dns-opt") {
- options, err := cmd.Flags().GetStringSlice("dns-opt")
- if err != nil {
- return nil, err
- }
- opts.DNSOptions = options
+ options, err := flags.GetStringSlice("dns-opt")
+ if err != nil {
+ return nil, err
}
+ opts.DNSOptions = options
- if cmd.Flags().Changed("dns-search") {
- dnsSearches, err := cmd.Flags().GetStringSlice("dns-search")
- if err != nil {
- return nil, err
- }
- // Validate domains are good
- for _, dom := range dnsSearches {
- if dom == "." {
- if len(dnsSearches) > 1 {
- return nil, errors.Errorf("cannot pass additional search domains when also specifying '.'")
- }
- continue
- }
- if _, err := parse.ValidateDomain(dom); err != nil {
- return nil, err
+ dnsSearches, err := flags.GetStringSlice("dns-search")
+ if err != nil {
+ return nil, err
+ }
+ // Validate domains are good
+ for _, dom := range dnsSearches {
+ if dom == "." {
+ if len(dnsSearches) > 1 {
+ return nil, errors.Errorf("cannot pass additional search domains when also specifying '.'")
}
+ continue
+ }
+ if _, err := parse.ValidateDomain(dom); err != nil {
+ return nil, err
}
- opts.DNSSearch = dnsSearches
}
+ opts.DNSSearch = dnsSearches
- m, err := cmd.Flags().GetString("mac-address")
+ m, err := flags.GetString("mac-address")
if err != nil {
return nil, err
}
@@ -164,18 +163,18 @@ func NetFlagsToNetOptions(cmd *cobra.Command, netnsFromConfig bool) (*entities.N
opts.StaticMAC = &mac
}
- inputPorts, err := cmd.Flags().GetStringSlice("publish")
+ inputPorts, err := flags.GetStringSlice("publish")
if err != nil {
return nil, err
}
if len(inputPorts) > 0 {
- opts.PublishPorts, err = CreatePortBindings(inputPorts)
+ opts.PublishPorts, err = specgenutil.CreatePortBindings(inputPorts)
if err != nil {
return nil, err
}
}
- ip, err := cmd.Flags().GetString("ip")
+ ip, err := flags.GetString("ip")
if err != nil {
return nil, err
}
@@ -190,15 +189,15 @@ func NetFlagsToNetOptions(cmd *cobra.Command, netnsFromConfig bool) (*entities.N
opts.StaticIP = &staticIP
}
- opts.NoHosts, err = cmd.Flags().GetBool("no-hosts")
+ opts.NoHosts, err = flags.GetBool("no-hosts")
if err != nil {
return nil, err
}
// parse the --network value only when the flag is set or we need to use
// the netns config value, e.g. when --pod is not used
- if netnsFromConfig || cmd.Flag("network").Changed {
- network, err := cmd.Flags().GetString("network")
+ if netnsFromConfig || flags.Changed("network") {
+ network, err := flags.GetString("network")
if err != nil {
return nil, err
}
@@ -215,12 +214,13 @@ func NetFlagsToNetOptions(cmd *cobra.Command, netnsFromConfig bool) (*entities.N
opts.CNINetworks = cniNets
}
- aliases, err := cmd.Flags().GetStringSlice("network-alias")
+ aliases, err := flags.GetStringSlice("network-alias")
if err != nil {
return nil, err
}
if len(aliases) > 0 {
opts.Aliases = aliases
}
- return &opts, err
+
+ return opts, err
}
diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go
index 7583a024e..8b27de53e 100644
--- a/cmd/podman/containers/create.go
+++ b/cmd/podman/containers/create.go
@@ -17,6 +17,7 @@ import (
"github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/specgen"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/containers/podman/v3/pkg/util"
"github.com/pkg/errors"
"github.com/spf13/cobra"
@@ -52,8 +53,8 @@ var (
)
var (
- cliVals common.ContainerCLIOpts
InitContainerType string
+ cliVals entities.ContainerCreateOptions
)
func createFlags(cmd *cobra.Command) {
@@ -67,13 +68,18 @@ func createFlags(cmd *cobra.Command) {
)
flags.SetInterspersed(false)
- common.DefineCreateFlags(cmd, &cliVals)
+ common.DefineCreateFlags(cmd, &cliVals, false)
common.DefineNetFlags(cmd)
flags.SetNormalizeFunc(utils.AliasFlags)
if registry.IsRemote() {
- _ = flags.MarkHidden("conmon-pidfile")
+ if cliVals.IsInfra {
+ _ = flags.MarkHidden("infra-conmon-pidfile")
+ } else {
+ _ = flags.MarkHidden("conmon-pidfile")
+ }
+
_ = flags.MarkHidden("pidfile")
}
@@ -97,7 +103,8 @@ func create(cmd *cobra.Command, args []string) error {
var (
err error
)
- cliVals.Net, err = common.NetFlagsToNetOptions(cmd, cliVals.Pod == "" && cliVals.PodIDFile == "")
+ flags := cmd.Flags()
+ cliVals.Net, err = common.NetFlagsToNetOptions(nil, *flags, cliVals.Pod == "" && cliVals.PodIDFile == "")
if err != nil {
return err
}
@@ -113,22 +120,22 @@ func create(cmd *cobra.Command, args []string) error {
cliVals.InitContainerType = initctr
}
- if err := createInit(cmd); err != nil {
+ cliVals, err = CreateInit(cmd, cliVals, false)
+ if err != nil {
return err
}
-
imageName := args[0]
rawImageName := ""
if !cliVals.RootFS {
rawImageName = args[0]
- name, err := pullImage(args[0])
+ name, err := PullImage(args[0], cliVals)
if err != nil {
return err
}
imageName = name
}
s := specgen.NewSpecGenerator(imageName, cliVals.RootFS)
- if err := common.FillOutSpecGen(s, &cliVals, args); err != nil {
+ if err := specgenutil.FillOutSpecGen(s, &cliVals, args); err != nil {
return err
}
s.RawImageName = rawImageName
@@ -169,100 +176,101 @@ func replaceContainer(name string) error {
return removeContainers([]string{name}, rmOptions, false)
}
-func createInit(c *cobra.Command) error {
- cliVals.StorageOpt = registry.PodmanConfig().StorageOpts
-
- if c.Flag("shm-size").Changed {
- cliVals.ShmSize = c.Flag("shm-size").Value.String()
+func CreateInit(c *cobra.Command, vals entities.ContainerCreateOptions, isInfra bool) (entities.ContainerCreateOptions, error) {
+ vals.UserNS = c.Flag("userns").Value.String()
+ // if user did not modify --userns flag and did turn on
+ // uid/gid mappings, set userns flag to "private"
+ if !c.Flag("userns").Changed && vals.UserNS == "host" {
+ if len(vals.UIDMap) > 0 ||
+ len(vals.GIDMap) > 0 ||
+ vals.SubUIDName != "" ||
+ vals.SubGIDName != "" {
+ vals.UserNS = "private"
+ }
}
- if (c.Flag("dns").Changed || c.Flag("dns-opt").Changed || c.Flag("dns-search").Changed) && (cliVals.Net.Network.NSMode == specgen.NoNetwork || cliVals.Net.Network.IsContainer()) {
- return errors.Errorf("conflicting options: dns and the network mode.")
- }
+ if !isInfra {
+ if c.Flag("shm-size").Changed {
+ vals.ShmSize = c.Flag("shm-size").Value.String()
+ }
+ if c.Flag("cpu-period").Changed && c.Flag("cpus").Changed {
+ return vals, errors.Errorf("--cpu-period and --cpus cannot be set together")
+ }
+ if c.Flag("cpu-quota").Changed && c.Flag("cpus").Changed {
+ return vals, errors.Errorf("--cpu-quota and --cpus cannot be set together")
+ }
+ vals.IPC = c.Flag("ipc").Value.String()
+ vals.UTS = c.Flag("uts").Value.String()
+ vals.PID = c.Flag("pid").Value.String()
+ vals.CgroupNS = c.Flag("cgroupns").Value.String()
+
+ if c.Flags().Changed("group-add") {
+ groups := []string{}
+ for _, g := range cliVals.GroupAdd {
+ if g == "keep-groups" {
+ if len(cliVals.GroupAdd) > 1 {
+ return vals, errors.New("the '--group-add keep-groups' option is not allowed with any other --group-add options")
+ }
+ if registry.IsRemote() {
+ return vals, errors.New("the '--group-add keep-groups' option is not supported in remote mode")
+ }
+ vals.Annotation = append(vals.Annotation, "run.oci.keep_original_groups=1")
+ } else {
+ groups = append(groups, g)
+ }
+ }
+ vals.GroupAdd = groups
+ }
- if c.Flag("cpu-period").Changed && c.Flag("cpus").Changed {
- return errors.Errorf("--cpu-period and --cpus cannot be set together")
- }
- if c.Flag("cpu-quota").Changed && c.Flag("cpus").Changed {
- return errors.Errorf("--cpu-quota and --cpus cannot be set together")
+ if c.Flags().Changed("pids-limit") {
+ val := c.Flag("pids-limit").Value.String()
+ pidsLimit, err := strconv.ParseInt(val, 10, 32)
+ if err != nil {
+ return vals, err
+ }
+ vals.PIDsLimit = &pidsLimit
+ }
+ if c.Flags().Changed("env") {
+ env, err := c.Flags().GetStringArray("env")
+ if err != nil {
+ return vals, errors.Wrapf(err, "retrieve env flag")
+ }
+ vals.Env = env
+ }
+ if c.Flag("cgroups").Changed && vals.CGroupsMode == "split" && registry.IsRemote() {
+ return vals, errors.Errorf("the option --cgroups=%q is not supported in remote mode", vals.CGroupsMode)
+ }
+
+ if c.Flag("pod").Changed && !strings.HasPrefix(c.Flag("pod").Value.String(), "new:") && c.Flag("userns").Changed {
+ return vals, errors.Errorf("--userns and --pod cannot be set together")
+ }
}
- if c.Flag("pod").Changed && !strings.HasPrefix(c.Flag("pod").Value.String(), "new:") && c.Flag("userns").Changed {
- return errors.Errorf("--userns and --pod cannot be set together")
+ if (c.Flag("dns").Changed || c.Flag("dns-opt").Changed || c.Flag("dns-search").Changed) && vals.Net != nil && (vals.Net.Network.NSMode == specgen.NoNetwork || vals.Net.Network.IsContainer()) {
+ return vals, errors.Errorf("conflicting options: dns and the network mode: " + string(vals.Net.Network.NSMode))
}
-
noHosts, err := c.Flags().GetBool("no-hosts")
if err != nil {
- return err
+ return vals, err
}
if noHosts && c.Flag("add-host").Changed {
- return errors.Errorf("--no-hosts and --add-host cannot be set together")
- }
- cliVals.UserNS = c.Flag("userns").Value.String()
- // if user did not modify --userns flag and did turn on
- // uid/gid mappings, set userns flag to "private"
- if !c.Flag("userns").Changed && cliVals.UserNS == "host" {
- if len(cliVals.UIDMap) > 0 ||
- len(cliVals.GIDMap) > 0 ||
- cliVals.SubUIDName != "" ||
- cliVals.SubGIDName != "" {
- cliVals.UserNS = "private"
- }
+ return vals, errors.Errorf("--no-hosts and --add-host cannot be set together")
}
- cliVals.IPC = c.Flag("ipc").Value.String()
- cliVals.UTS = c.Flag("uts").Value.String()
- cliVals.PID = c.Flag("pid").Value.String()
- cliVals.CgroupNS = c.Flag("cgroupns").Value.String()
- if c.Flag("entrypoint").Changed {
+ if !isInfra && c.Flag("entrypoint").Changed {
val := c.Flag("entrypoint").Value.String()
- cliVals.Entrypoint = &val
- }
-
- if c.Flags().Changed("group-add") {
- groups := []string{}
- for _, g := range cliVals.GroupAdd {
- if g == "keep-groups" {
- if len(cliVals.GroupAdd) > 1 {
- return errors.New("the '--group-add keep-groups' option is not allowed with any other --group-add options")
- }
- if registry.IsRemote() {
- return errors.New("the '--group-add keep-groups' option is not supported in remote mode")
- }
- cliVals.Annotation = append(cliVals.Annotation, "run.oci.keep_original_groups=1")
- } else {
- groups = append(groups, g)
- }
- }
- cliVals.GroupAdd = groups
- }
+ vals.Entrypoint = &val
+ } else if isInfra && c.Flag("infra-command").Changed {
- if c.Flags().Changed("pids-limit") {
- val := c.Flag("pids-limit").Value.String()
- pidsLimit, err := strconv.ParseInt(val, 10, 32)
- if err != nil {
- return err
- }
- cliVals.PIDsLimit = &pidsLimit
- }
- if c.Flags().Changed("env") {
- env, err := c.Flags().GetStringArray("env")
- if err != nil {
- return errors.Wrapf(err, "retrieve env flag")
- }
- cliVals.Env = env
- }
- if c.Flag("cgroups").Changed && cliVals.CGroupsMode == "split" && registry.IsRemote() {
- return errors.Errorf("the option --cgroups=%q is not supported in remote mode", cliVals.CGroupsMode)
}
// Docker-compatibility: the "-h" flag for run/create is reserved for
// the hostname (see https://github.com/containers/podman/issues/1367).
- return nil
+ return vals, nil
}
-func pullImage(imageName string) (string, error) {
- pullPolicy, err := config.ParsePullPolicy(cliVals.Pull)
+func PullImage(imageName string, cliVals entities.ContainerCreateOptions) (string, error) {
+ pullPolicy, err := config.ValidatePullPolicy(cliVals.Pull)
if err != nil {
return "", err
}
@@ -316,11 +324,14 @@ func createPodIfNecessary(s *specgen.SpecGenerator, netOpts *entities.NetOptions
return nil, errors.Errorf("new pod name must be at least one character")
}
- userns, err := specgen.ParseUserNamespace(cliVals.UserNS)
- if err != nil {
- return nil, err
+ var err error
+ uns := specgen.Namespace{NSMode: specgen.Default}
+ if cliVals.UserNS != "" {
+ uns, err = specgen.ParseNamespace(cliVals.UserNS)
+ if err != nil {
+ return nil, err
+ }
}
-
createOptions := entities.PodCreateOptions{
Name: podName,
Infra: true,
@@ -330,12 +341,36 @@ func createPodIfNecessary(s *specgen.SpecGenerator, netOpts *entities.NetOptions
Cpus: cliVals.CPUS,
CpusetCpus: cliVals.CPUSetCPUs,
Pid: cliVals.PID,
- Userns: userns,
+ Userns: uns,
}
// Unset config values we passed to the pod to prevent them being used twice for the container and pod.
s.ContainerBasicConfig.Hostname = ""
s.ContainerNetworkConfig = specgen.ContainerNetworkConfig{}
s.Pod = podName
- return registry.ContainerEngine().PodCreate(context.Background(), createOptions)
+ podSpec := entities.PodSpec{}
+ podGen := specgen.NewPodSpecGenerator()
+ podSpec.PodSpecGen = *podGen
+ podGen, err = entities.ToPodSpecGen(*&podSpec.PodSpecGen, &createOptions)
+ if err != nil {
+ return nil, err
+ }
+
+ infraOpts := entities.ContainerCreateOptions{ImageVolume: "bind", Net: netOpts, Quiet: true}
+ rawImageName := config.DefaultInfraImage
+ name, err := PullImage(rawImageName, infraOpts)
+ if err != nil {
+ fmt.Println(err)
+ }
+ imageName := name
+ podGen.InfraImage = imageName
+ podGen.InfraContainerSpec = specgen.NewSpecGenerator(imageName, false)
+ podGen.InfraContainerSpec.RawImageName = rawImageName
+ podGen.InfraContainerSpec.NetworkOptions = podGen.NetworkOptions
+ err = specgenutil.FillOutSpecGen(podGen.InfraContainerSpec, &infraOpts, []string{})
+ if err != nil {
+ return nil, err
+ }
+ podSpec.PodSpecGen = *podGen
+ return registry.ContainerEngine().PodCreate(context.Background(), podSpec)
}
diff --git a/cmd/podman/containers/prune.go b/cmd/podman/containers/prune.go
index e55bd8a53..e13b9e7f6 100644
--- a/cmd/podman/containers/prune.go
+++ b/cmd/podman/containers/prune.go
@@ -13,6 +13,7 @@ import (
"github.com/containers/podman/v3/cmd/podman/utils"
"github.com/containers/podman/v3/cmd/podman/validate"
"github.com/containers/podman/v3/pkg/domain/entities"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/spf13/cobra"
)
@@ -63,7 +64,7 @@ func prune(cmd *cobra.Command, args []string) error {
}
}
- pruneOptions.Filters, err = common.ParseFilters(filter)
+ pruneOptions.Filters, err = specgenutil.ParseFilters(filter)
if err != nil {
return err
}
diff --git a/cmd/podman/containers/restore.go b/cmd/podman/containers/restore.go
index 3b6f74efa..05214f32c 100644
--- a/cmd/podman/containers/restore.go
+++ b/cmd/podman/containers/restore.go
@@ -11,6 +11,7 @@ import (
"github.com/containers/podman/v3/cmd/podman/validate"
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/rootless"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/pkg/errors"
"github.com/spf13/cobra"
)
@@ -106,7 +107,7 @@ func restore(cmd *cobra.Command, args []string) error {
return err
}
if len(inputPorts) > 0 {
- restoreOptions.PublishPorts, err = common.CreatePortBindings(inputPorts)
+ restoreOptions.PublishPorts, err = specgenutil.CreatePortBindings(inputPorts)
if err != nil {
return err
}
diff --git a/cmd/podman/containers/run.go b/cmd/podman/containers/run.go
index 830d1de7f..d14961829 100644
--- a/cmd/podman/containers/run.go
+++ b/cmd/podman/containers/run.go
@@ -14,6 +14,7 @@ import (
"github.com/containers/podman/v3/pkg/errorhandling"
"github.com/containers/podman/v3/pkg/rootless"
"github.com/containers/podman/v3/pkg/specgen"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"github.com/spf13/cobra"
@@ -60,7 +61,7 @@ func runFlags(cmd *cobra.Command) {
flags := cmd.Flags()
flags.SetInterspersed(false)
- common.DefineCreateFlags(cmd, &cliVals)
+ common.DefineCreateFlags(cmd, &cliVals, false)
common.DefineNetFlags(cmd)
flags.SetNormalizeFunc(utils.AliasFlags)
@@ -106,10 +107,6 @@ func init() {
func run(cmd *cobra.Command, args []string) error {
var err error
- cliVals.Net, err = common.NetFlagsToNetOptions(cmd, cliVals.Pod == "" && cliVals.PodIDFile == "")
- if err != nil {
- return err
- }
// TODO: Breaking change should be made fatal in next major Release
if cliVals.TTY && cliVals.Interactive && !terminal.IsTerminal(int(os.Stdin.Fd())) {
@@ -122,11 +119,17 @@ func run(cmd *cobra.Command, args []string) error {
}
}
+ flags := cmd.Flags()
+ cliVals.Net, err = common.NetFlagsToNetOptions(nil, *flags, cliVals.Pod == "" && cliVals.PodIDFile == "")
+ if err != nil {
+ return err
+ }
runOpts.CIDFile = cliVals.CIDFile
runOpts.Rm = cliVals.Rm
- if err := createInit(cmd); err != nil {
+ if cliVals, err = CreateInit(cmd, cliVals, false); err != nil {
return err
}
+
for fd := 3; fd < int(3+runOpts.PreserveFDs); fd++ {
if !rootless.IsFdInherited(fd) {
return errors.Errorf("file descriptor %d is not available - the preserve-fds option requires that file descriptors must be passed", fd)
@@ -137,7 +140,7 @@ func run(cmd *cobra.Command, args []string) error {
rawImageName := ""
if !cliVals.RootFS {
rawImageName = args[0]
- name, err := pullImage(args[0])
+ name, err := PullImage(args[0], cliVals)
if err != nil {
return err
}
@@ -178,7 +181,7 @@ func run(cmd *cobra.Command, args []string) error {
}
cliVals.PreserveFDs = runOpts.PreserveFDs
s := specgen.NewSpecGenerator(imageName, cliVals.RootFS)
- if err := common.FillOutSpecGen(s, &cliVals, args); err != nil {
+ if err := specgenutil.FillOutSpecGen(s, &cliVals, args); err != nil {
return err
}
s.RawImageName = rawImageName
diff --git a/cmd/podman/images/prune.go b/cmd/podman/images/prune.go
index 6ecf4f2aa..8a484495a 100644
--- a/cmd/podman/images/prune.go
+++ b/cmd/podman/images/prune.go
@@ -12,6 +12,7 @@ import (
"github.com/containers/podman/v3/cmd/podman/utils"
"github.com/containers/podman/v3/cmd/podman/validate"
"github.com/containers/podman/v3/pkg/domain/entities"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/spf13/cobra"
)
@@ -59,7 +60,7 @@ func prune(cmd *cobra.Command, args []string) error {
return nil
}
}
- filterMap, err := common.ParseFilters(filter)
+ filterMap, err := specgenutil.ParseFilters(filter)
if err != nil {
return err
}
diff --git a/cmd/podman/networks/prune.go b/cmd/podman/networks/prune.go
index e6b779ded..311d098cd 100644
--- a/cmd/podman/networks/prune.go
+++ b/cmd/podman/networks/prune.go
@@ -11,6 +11,7 @@ import (
"github.com/containers/podman/v3/cmd/podman/utils"
"github.com/containers/podman/v3/cmd/podman/validate"
"github.com/containers/podman/v3/pkg/domain/entities"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/spf13/cobra"
"github.com/spf13/pflag"
)
@@ -67,7 +68,7 @@ func networkPrune(cmd *cobra.Command, _ []string) error {
return nil
}
}
- networkPruneOptions.Filters, err = common.ParseFilters(filter)
+ networkPruneOptions.Filters, err = specgenutil.ParseFilters(filter)
if err != nil {
return err
}
diff --git a/cmd/podman/pods/create.go b/cmd/podman/pods/create.go
index bf5b9e350..b3f84dcd8 100644
--- a/cmd/podman/pods/create.go
+++ b/cmd/podman/pods/create.go
@@ -11,14 +11,17 @@ import (
"strings"
"github.com/containers/common/pkg/completion"
+ "github.com/containers/common/pkg/config"
"github.com/containers/common/pkg/sysinfo"
"github.com/containers/podman/v3/cmd/podman/common"
+ "github.com/containers/podman/v3/cmd/podman/containers"
"github.com/containers/podman/v3/cmd/podman/parse"
"github.com/containers/podman/v3/cmd/podman/registry"
"github.com/containers/podman/v3/cmd/podman/validate"
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/errorhandling"
"github.com/containers/podman/v3/pkg/specgen"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/containers/podman/v3/pkg/util"
"github.com/docker/docker/pkg/parsers"
"github.com/pkg/errors"
@@ -44,11 +47,11 @@ var (
var (
createOptions entities.PodCreateOptions
+ infraOptions entities.ContainerCreateOptions
labels, labelFile []string
podIDFile string
replace bool
share string
- userns string
)
func init() {
@@ -58,62 +61,19 @@ func init() {
})
flags := createCommand.Flags()
flags.SetInterspersed(false)
-
+ infraOptions.IsInfra = true
+ common.DefineCreateFlags(createCommand, &infraOptions, true)
common.DefineNetFlags(createCommand)
- cpusetflagName := "cpuset-cpus"
- flags.StringVar(&createOptions.CpusetCpus, cpusetflagName, "", "CPUs in which to allow execution")
- _ = createCommand.RegisterFlagCompletionFunc(cpusetflagName, completion.AutocompleteDefault)
-
- cpusflagName := "cpus"
- flags.Float64Var(&createOptions.Cpus, cpusflagName, 0.000, "set amount of CPUs for the pod")
- _ = createCommand.RegisterFlagCompletionFunc(cpusflagName, completion.AutocompleteDefault)
-
- cgroupParentflagName := "cgroup-parent"
- flags.StringVar(&createOptions.CGroupParent, cgroupParentflagName, "", "Set parent cgroup for the pod")
- _ = createCommand.RegisterFlagCompletionFunc(cgroupParentflagName, completion.AutocompleteDefault)
-
- usernsFlagName := "userns"
- flags.StringVar(&userns, usernsFlagName, os.Getenv("PODMAN_USERNS"), "User namespace to use")
- _ = createCommand.RegisterFlagCompletionFunc(usernsFlagName, common.AutocompleteUserNamespace)
-
flags.BoolVar(&createOptions.Infra, "infra", true, "Create an infra container associated with the pod to share namespaces with")
- infraConmonPidfileFlagName := "infra-conmon-pidfile"
- flags.StringVar(&createOptions.InfraConmonPidFile, infraConmonPidfileFlagName, "", "Path to the file that will receive the POD of the infra container's conmon")
- _ = createCommand.RegisterFlagCompletionFunc(infraConmonPidfileFlagName, completion.AutocompleteDefault)
-
- infraImageFlagName := "infra-image"
- flags.String(infraImageFlagName, containerConfig.Engine.InfraImage, "The image of the infra container to associate with the pod")
- _ = createCommand.RegisterFlagCompletionFunc(infraImageFlagName, common.AutocompleteImages)
-
- infraCommandFlagName := "infra-command"
- flags.String(infraCommandFlagName, containerConfig.Engine.InfraCommand, "The command to run on the infra container when the pod is started")
- _ = createCommand.RegisterFlagCompletionFunc(infraCommandFlagName, completion.AutocompleteNone)
-
- infraNameFlagName := "infra-name"
- flags.StringVarP(&createOptions.InfraName, infraNameFlagName, "", "", "The name used as infra container name")
- _ = createCommand.RegisterFlagCompletionFunc(infraNameFlagName, completion.AutocompleteNone)
-
- labelFileFlagName := "label-file"
- flags.StringSliceVar(&labelFile, labelFileFlagName, []string{}, "Read in a line delimited file of labels")
- _ = createCommand.RegisterFlagCompletionFunc(labelFileFlagName, completion.AutocompleteDefault)
-
- labelFlagName := "label"
- flags.StringSliceVarP(&labels, labelFlagName, "l", []string{}, "Set metadata on pod (default [])")
- _ = createCommand.RegisterFlagCompletionFunc(labelFlagName, completion.AutocompleteNone)
-
nameFlagName := "name"
flags.StringVarP(&createOptions.Name, nameFlagName, "n", "", "Assign a name to the pod")
_ = createCommand.RegisterFlagCompletionFunc(nameFlagName, completion.AutocompleteNone)
- hostnameFlagName := "hostname"
- flags.StringVarP(&createOptions.Hostname, hostnameFlagName, "", "", "Set a hostname to the pod")
- _ = createCommand.RegisterFlagCompletionFunc(hostnameFlagName, completion.AutocompleteNone)
-
- pidFlagName := "pid"
- flags.StringVar(&createOptions.Pid, pidFlagName, "", "PID namespace to use")
- _ = createCommand.RegisterFlagCompletionFunc(pidFlagName, common.AutocompleteNamespace)
+ infraImageFlagName := "infra-image"
+ flags.String(infraImageFlagName, containerConfig.Engine.InfraImage, "The image of the infra container to associate with the pod")
+ _ = createCommand.RegisterFlagCompletionFunc(infraImageFlagName, common.AutocompleteImages)
podIDFileFlagName := "pod-id-file"
flags.StringVar(&podIDFile, podIDFileFlagName, "", "Write the pod ID to the file")
@@ -137,25 +97,30 @@ func aliasNetworkFlag(_ *pflag.FlagSet, name string) pflag.NormalizedName {
func create(cmd *cobra.Command, args []string) error {
var (
- err error
- podIDFD *os.File
+ err error
+ podIDFD *os.File
+ imageName string
+ rawImageName string
)
+ labelFile = infraOptions.LabelFile
+ labels = infraOptions.Label
createOptions.Labels, err = parse.GetAllLabels(labelFile, labels)
if err != nil {
return errors.Wrapf(err, "unable to process labels")
}
+ imageName = config.DefaultInfraImage
+ img := imageName
if !createOptions.Infra {
- logrus.Debugf("Not creating an infra container")
- if cmd.Flag("infra-conmon-pidfile").Changed {
- return errors.New("cannot set infra-conmon-pid without an infra container")
+ if cmd.Flag("no-hosts").Changed {
+ return fmt.Errorf("cannot specify no-hosts without an infra container")
}
- if cmd.Flag("infra-command").Changed {
- return errors.New("cannot set infra-command without an infra container")
- }
- if cmd.Flag("infra-image").Changed {
- return errors.New("cannot set infra-image without an infra container")
+ flags := cmd.Flags()
+ createOptions.Net, err = common.NetFlagsToNetOptions(nil, *flags, false)
+ if err != nil {
+ return err
}
+ logrus.Debugf("Not creating an infra container")
createOptions.InfraImage = ""
if createOptions.InfraName != "" {
return errors.New("cannot set infra-name without an infra container")
@@ -166,28 +131,43 @@ func create(cmd *cobra.Command, args []string) error {
}
createOptions.Share = nil
} else {
+ // reassign certain optios for lbpod api, these need to be populated in spec
+ createOptions.InfraConmonPidFile = infraOptions.ConmonPIDFile
+ createOptions.InfraName = infraOptions.Name
+ createOptions.Hostname = infraOptions.Hostname
+ createOptions.Cpus = infraOptions.CPUS
+ createOptions.CpusetCpus = infraOptions.CPUSetCPUs
+ createOptions.Pid = infraOptions.PID
+ flags := cmd.Flags()
+ infraOptions.Net, err = common.NetFlagsToNetOptions(nil, *flags, false)
+ if err != nil {
+ return err
+ }
+ infraOptions, err = containers.CreateInit(cmd, infraOptions, true)
+ if err != nil {
+ return err
+ }
+ createOptions.Net = infraOptions.Net
createOptions.Share = strings.Split(share, ",")
if cmd.Flag("infra-command").Changed {
// Only send content to server side if user changed defaults
- createOptions.InfraCommand, err = cmd.Flags().GetString("infra-command")
+ cmdIn, err := cmd.Flags().GetString("infra-command")
+ infraOptions.Entrypoint = &cmdIn
+ createOptions.InfraCommand = cmdIn
if err != nil {
return err
}
}
if cmd.Flag("infra-image").Changed {
// Only send content to server side if user changed defaults
- createOptions.InfraImage, err = cmd.Flags().GetString("infra-image")
+ img, err = cmd.Flags().GetString("infra-image")
+ imageName = img
if err != nil {
return err
}
}
}
- createOptions.Userns, err = specgen.ParseUserNamespace(userns)
- if err != nil {
- return err
- }
-
if cmd.Flag("pod-id-file").Changed {
podIDFD, err = util.OpenExclusiveFile(podIDFile)
if err != nil && os.IsExist(err) {
@@ -200,13 +180,6 @@ func create(cmd *cobra.Command, args []string) error {
defer errorhandling.SyncQuiet(podIDFD)
}
- createOptions.Pid = cmd.Flag("pid").Value.String()
-
- createOptions.Net, err = common.NetFlagsToNetOptions(cmd, createOptions.Infra)
- if err != nil {
- return err
- }
-
if len(createOptions.Net.PublishPorts) > 0 {
if !createOptions.Infra {
return errors.Errorf("you must have an infra container to publish port bindings to the host")
@@ -261,10 +234,44 @@ func create(cmd *cobra.Command, args []string) error {
copy = "" + strconv.Itoa(core)
}
}
- response, err := registry.ContainerEngine().PodCreate(context.Background(), createOptions)
+ podSpec := specgen.NewPodSpecGenerator()
+ podSpec, err = entities.ToPodSpecGen(*podSpec, &createOptions)
if err != nil {
return err
}
+ if createOptions.Infra {
+ rawImageName = img
+ if !infraOptions.RootFS {
+ curr := infraOptions.Quiet
+ infraOptions.Quiet = true
+ name, err := containers.PullImage(imageName, infraOptions)
+ if err != nil {
+ fmt.Println(err)
+ }
+ imageName = name
+ infraOptions.Quiet = curr
+ }
+ podSpec.InfraImage = imageName
+ if infraOptions.Entrypoint != nil {
+ createOptions.InfraCommand = *infraOptions.Entrypoint
+ }
+ infraOptions.CPUS = createOptions.Cpus
+ infraOptions.CPUSetCPUs = createOptions.CpusetCpus
+ infraOptions.PID = createOptions.Pid
+ podSpec.InfraContainerSpec = specgen.NewSpecGenerator(imageName, false)
+ podSpec.InfraContainerSpec.RawImageName = rawImageName
+ podSpec.InfraContainerSpec.NetworkOptions = podSpec.NetworkOptions
+ err = specgenutil.FillOutSpecGen(podSpec.InfraContainerSpec, &infraOptions, []string{})
+ if err != nil {
+ return err
+ }
+ }
+ PodSpec := entities.PodSpec{PodSpecGen: *podSpec}
+ response, err := registry.ContainerEngine().PodCreate(context.Background(), PodSpec)
+ if err != nil {
+ return err
+ }
+
if len(podIDFile) > 0 {
if err = ioutil.WriteFile(podIDFile, []byte(response.Id), 0644); err != nil {
return errors.Wrapf(err, "failed to write pod ID to file")
diff --git a/cmd/podman/pods/ps.go b/cmd/podman/pods/ps.go
index 14e3e2ea9..60aadf224 100644
--- a/cmd/podman/pods/ps.go
+++ b/cmd/podman/pods/ps.go
@@ -57,7 +57,7 @@ func init() {
formatFlagName := "format"
flags.StringVar(&psInput.Format, formatFlagName, "", "Pretty-print pods to JSON or using a Go template")
- _ = psCmd.RegisterFlagCompletionFunc(formatFlagName, common.AutocompleteFormat(ListPodReporter{}))
+ _ = psCmd.RegisterFlagCompletionFunc(formatFlagName, common.AutocompleteFormat(ListPodReporter{ListPodsReport: &entities.ListPodsReport{}}))
flags.Bool("noheading", false, "Do not print headers")
flags.BoolVar(&psInput.Namespace, "namespace", false, "Display namespace information of the pod")
diff --git a/cmd/podman/pods/rm.go b/cmd/podman/pods/rm.go
index fbaf64c1f..dc4c7eb83 100644
--- a/cmd/podman/pods/rm.go
+++ b/cmd/podman/pods/rm.go
@@ -12,6 +12,7 @@ import (
"github.com/containers/podman/v3/cmd/podman/validate"
"github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/pkg/domain/entities"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/pkg/errors"
"github.com/spf13/cobra"
)
@@ -66,7 +67,7 @@ func init() {
}
func rm(_ *cobra.Command, args []string) error {
- ids, err := common.ReadPodIDFiles(rmOptions.PodIDFiles)
+ ids, err := specgenutil.ReadPodIDFiles(rmOptions.PodIDFiles)
if err != nil {
return err
}
diff --git a/cmd/podman/pods/start.go b/cmd/podman/pods/start.go
index e39891a9b..e5f9eaa84 100644
--- a/cmd/podman/pods/start.go
+++ b/cmd/podman/pods/start.go
@@ -10,6 +10,7 @@ import (
"github.com/containers/podman/v3/cmd/podman/utils"
"github.com/containers/podman/v3/cmd/podman/validate"
"github.com/containers/podman/v3/pkg/domain/entities"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/spf13/cobra"
)
@@ -64,7 +65,7 @@ func start(cmd *cobra.Command, args []string) error {
errs utils.OutputErrors
)
- ids, err := common.ReadPodIDFiles(startOptions.PodIDFiles)
+ ids, err := specgenutil.ReadPodIDFiles(startOptions.PodIDFiles)
if err != nil {
return err
}
diff --git a/cmd/podman/pods/stop.go b/cmd/podman/pods/stop.go
index bcc054b8e..41325649f 100644
--- a/cmd/podman/pods/stop.go
+++ b/cmd/podman/pods/stop.go
@@ -10,6 +10,7 @@ import (
"github.com/containers/podman/v3/cmd/podman/utils"
"github.com/containers/podman/v3/cmd/podman/validate"
"github.com/containers/podman/v3/pkg/domain/entities"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/spf13/cobra"
)
@@ -78,7 +79,7 @@ func stop(cmd *cobra.Command, args []string) error {
stopOptions.Timeout = int(stopOptions.TimeoutCLI)
}
- ids, err := common.ReadPodIDFiles(stopOptions.PodIDFiles)
+ ids, err := specgenutil.ReadPodIDFiles(stopOptions.PodIDFiles)
if err != nil {
return err
}
diff --git a/docs/source/markdown/podman-pod-create.1.md b/docs/source/markdown/podman-pod-create.1.md
index 4e822dca5..fc7d39754 100644
--- a/docs/source/markdown/podman-pod-create.1.md
+++ b/docs/source/markdown/podman-pod-create.1.md
@@ -51,7 +51,26 @@ Set custom DNS options in the /etc/resolv.conf file that will be shared between
Set custom DNS search domains in the /etc/resolv.conf file that will be shared between all containers in the pod.
-#### **--help**
+#### **--gidmap**=*container_gid:host_gid:amount*
+
+GID map for the user namespace. Using this flag will run the container with user namespace enabled. It conflicts with the `--userns` and `--subgidname` flags.
+
+#### **--uidmap**=*container_uid*:*from_uid*:*amount*
+
+Run the container in a new user namespace using the supplied mapping. This
+option conflicts with the **--userns** and **--subuidname** options. This
+option provides a way to map host UIDs to container UIDs. It can be passed
+several times to map different ranges.
+
+#### **--subgidname**=*name*
+
+Name for GID map from the `/etc/subgid` file. Using this flag will run the container with user namespace enabled. This flag conflicts with `--userns` and `--gidmap`.
+
+#### **--subuidname**=*name*
+
+Name for UID map from the `/etc/subuid` file. Using this flag will run the container with user namespace enabled. This flag conflicts with `--userns` and `--uidmap`.
+
+#### **--help**, **-h**
Print usage statement.
diff --git a/go.mod b/go.mod
index e9692fb3f..d94165c19 100644
--- a/go.mod
+++ b/go.mod
@@ -14,10 +14,10 @@ require (
github.com/containers/buildah v1.22.3
github.com/containers/common v0.43.2
github.com/containers/conmon v2.0.20+incompatible
- github.com/containers/image/v5 v5.15.2
+ github.com/containers/image/v5 v5.16.0
github.com/containers/ocicrypt v1.1.2
github.com/containers/psgo v1.5.2
- github.com/containers/storage v1.34.1
+ github.com/containers/storage v1.35.0
github.com/coreos/go-systemd/v22 v22.3.2
github.com/coreos/stream-metadata-go v0.0.0-20210225230131-70edb9eb47b3
github.com/cri-o/ocicni v0.2.1-0.20210621164014-d0acc7862283
@@ -46,7 +46,7 @@ require (
github.com/onsi/ginkgo v1.16.4
github.com/onsi/gomega v1.16.0
github.com/opencontainers/go-digest v1.0.0
- github.com/opencontainers/image-spec v1.0.2-0.20190823105129-775207bd45b6
+ github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283
github.com/opencontainers/runc v1.0.2
github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417
github.com/opencontainers/runtime-tools v0.9.0
@@ -65,7 +65,7 @@ require (
go.etcd.io/bbolt v1.3.6
golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
- golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c
+ golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
k8s.io/api v0.22.1
k8s.io/apimachinery v0.22.1
diff --git a/go.sum b/go.sum
index a0c50d268..ec3a8dd88 100644
--- a/go.sum
+++ b/go.sum
@@ -247,8 +247,9 @@ github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6J
github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
github.com/containers/image/v5 v5.14.0/go.mod h1:SxiBKOcKuT+4yTjD0AskjO+UwFvNcVOJ9qlAw1HNSPU=
github.com/containers/image/v5 v5.15.0/go.mod h1:gzdBcooi6AFdiqfzirUqv90hUyHyI0MMdaqKzACKr2s=
-github.com/containers/image/v5 v5.15.2 h1:DKicmVr0h1HGkzs9muoErX+fVbV9sV9W5TyMy5perLE=
github.com/containers/image/v5 v5.15.2/go.mod h1:8jejVSzTDfyPwr/HXp9rri34n/vbdavYk6IzTiB3TBw=
+github.com/containers/image/v5 v5.16.0 h1:WQcNSzb7+ngS2cfynx0vUwhk+scpgiKlldVcsF8GPbI=
+github.com/containers/image/v5 v5.16.0/go.mod h1:XgTpfAPLRGOd1XYyCU5cISFr777bLmOerCSpt/v7+Q4=
github.com/containers/libtrust v0.0.0-20190913040956-14b96171aa3b h1:Q8ePgVfHDplZ7U33NwHZkrVELsZP5fYj9pM5WBZB2GE=
github.com/containers/libtrust v0.0.0-20190913040956-14b96171aa3b/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY=
github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc=
@@ -263,8 +264,9 @@ github.com/containers/storage v1.32.6/go.mod h1:mdB+b89p+jU8zpzLTVXA0gWMmIo0Wrkf
github.com/containers/storage v1.33.0/go.mod h1:FUZPF4nJijX8ixdhByZJXf02cvbyLi6dyDwXdIe8QVY=
github.com/containers/storage v1.33.1/go.mod h1:FUZPF4nJijX8ixdhByZJXf02cvbyLi6dyDwXdIe8QVY=
github.com/containers/storage v1.34.0/go.mod h1:t6I+hTgPU0/tVxQ75vw406wDi/TXwYBqZp4QZV9N7b8=
-github.com/containers/storage v1.34.1 h1:PsBGMH7hwuQ3MOr7qTgPznFrE8ebfIbwQbg2gKvg0lE=
github.com/containers/storage v1.34.1/go.mod h1:FY2TcbfgCLMU4lYoKnlZeZXeH353TOTbpDEA+sAcqAY=
+github.com/containers/storage v1.35.0 h1:bNduWshYm1tq4IPJRC+zLs3VQ+1tbauU0CZBaqzPxw4=
+github.com/containers/storage v1.35.0/go.mod h1:qzYhasQP2/V9D9XdO+vRwkHBhsBO0oznMLzzRDQ8s20=
github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
@@ -730,8 +732,9 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
-github.com/opencontainers/image-spec v1.0.2-0.20190823105129-775207bd45b6 h1:yN8BPXVwMBAm3Cuvh1L5XE8XpvYRMdsVLd82ILprhUU=
github.com/opencontainers/image-spec v1.0.2-0.20190823105129-775207bd45b6/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
+github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283 h1:TVzvdjOalkJBNkbpPVMAr4KV9QRf2IjfxdyxwAK78Gs=
+github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
github.com/opencontainers/runc v0.0.0-20190425234816-dae70e8efea4/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
@@ -908,13 +911,16 @@ github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/
github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
+github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/urfave/cli/v2 v2.3.0/go.mod h1:LJmUH05zAU44vOAcrfzZQKsZbVcdbOG8rtL3/XcUArI=
-github.com/vbatts/tar-split v0.11.1 h1:0Odu65rhcZ3JZaPHxl7tCI3V/C/Q9Zf82UFravl02dE=
github.com/vbatts/tar-split v0.11.1/go.mod h1:LEuURwDEiWjRjwu46yU3KVGuUdVv/dcnpcEPSzR8z6g=
+github.com/vbatts/tar-split v0.11.2 h1:Via6XqJr0hceW4wff3QRzD5gAk/tatMw/4ZA7cTlIME=
+github.com/vbatts/tar-split v0.11.2/go.mod h1:vV3ZuO2yWSVsz+pfFzDG/upWH1JhjOiEaWq6kXyQ3VI=
github.com/vbauerster/mpb/v6 v6.0.4 h1:h6J5zM/2wimP5Hj00unQuV8qbo5EPcj6wbkCqgj7KcY=
github.com/vbauerster/mpb/v6 v6.0.4/go.mod h1:a/+JT57gqh6Du0Ay5jSR+uBMfXGdlR7VQlGP52fJxLM=
-github.com/vbauerster/mpb/v7 v7.0.3 h1:NfX0pHWhlDTev15M/C3qmSTM1EiIjcS+/d6qS6H4FnI=
github.com/vbauerster/mpb/v7 v7.0.3/go.mod h1:NXGsfPGx6G2JssqvEcULtDqUrxuuYs4llpv8W6ZUpzk=
+github.com/vbauerster/mpb/v7 v7.1.3 h1:VJkiLuuBs/re5SCHLVkYOPYAs+1jagk5QIDHgAXLVVA=
+github.com/vbauerster/mpb/v7 v7.1.3/go.mod h1:X5GlohZw2fIpypMXWaKart+HGSAjpz49skxkDk+ZL7c=
github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk=
github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE=
github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852 h1:cPXZWzzG0NllBLdjWoD1nDfaqu98YMv+OneaKc8sPOA=
@@ -1197,8 +1203,10 @@ golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c h1:F1jZWGFhYfh0Ci55sIpILtKKK8p3i2/krTr0H1rg74I=
golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55 h1:rw6UNGRMfarCepjI8qOepea/SXwIBVfTKjztZ5gBbq4=
+golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201113234701-d7a72108b828/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
diff --git a/hack/libsubid_tag.sh b/hack/libsubid_tag.sh
new file mode 100755
index 000000000..ab6af9e30
--- /dev/null
+++ b/hack/libsubid_tag.sh
@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+if test $(${GO:-go} env GOOS) != "linux" ; then
+ exit 0
+fi
+tmpdir="$PWD/tmp.$RANDOM"
+mkdir -p "$tmpdir"
+trap 'rm -fr "$tmpdir"' EXIT
+cc -o "$tmpdir"/libsubid_tag -l subid -x c - > /dev/null 2> /dev/null << EOF
+#include <shadow/subid.h>
+int main() {
+ struct subid_range *ranges = NULL;
+ get_subuid_ranges("root", &ranges);
+ free(ranges);
+ return 0;
+}
+EOF
+if test $? -eq 0 ; then
+ echo libsubid
+fi
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 3f7a4807d..6717ada59 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -972,11 +972,12 @@ func (c *Container) checkDependenciesRunning() ([]string, error) {
}
// Check the status
+ conf := depCtr.Config()
state, err := depCtr.State()
if err != nil {
return nil, errors.Wrapf(err, "error retrieving state of dependency %s of container %s", dep, c.ID())
}
- if state != define.ContainerStateRunning {
+ if state != define.ContainerStateRunning && !conf.IsInfra {
notRunning = append(notRunning, dep)
}
depCtrs[dep] = depCtr
diff --git a/libpod/kube.go b/libpod/kube.go
index a3f49bfe8..fff040adb 100644
--- a/libpod/kube.go
+++ b/libpod/kube.go
@@ -10,6 +10,8 @@ import (
"github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/pkg/lookup"
+ "github.com/containers/podman/v3/pkg/namespaces"
+ "github.com/containers/podman/v3/pkg/specgen"
"github.com/containers/podman/v3/pkg/util"
"github.com/cri-o/ocicni/pkg/ocicni"
"github.com/opencontainers/runtime-spec/specs-go"
@@ -72,7 +74,7 @@ func (p *Pod) GenerateForKube() (*v1.Pod, []v1.ServicePort, error) {
return nil, servicePorts, err
}
servicePorts = containerPortsToServicePorts(ports)
- hostNetwork = p.config.InfraContainer.HostNetwork
+ hostNetwork = infraContainer.NetworkMode() == string(namespaces.NetworkMode(specgen.Host))
}
pod, err := p.podWithContainers(allContainers, ports, hostNetwork)
if err != nil {
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index dbe2274d3..5ade0849d 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -632,7 +632,6 @@ func (r *Runtime) configureNetNS(ctr *Container, ctrNS ns.NetNS) ([]*cnitypes.Re
}
podName := getCNIPodName(ctr)
-
networks, _, err := ctr.networks()
if err != nil {
return nil, err
diff --git a/libpod/options.go b/libpod/options.go
index 0bcd1e3a6..4cbd2b5e2 100644
--- a/libpod/options.go
+++ b/libpod/options.go
@@ -14,6 +14,7 @@ import (
"github.com/containers/image/v5/types"
"github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/libpod/events"
+ netTypes "github.com/containers/podman/v3/libpod/network/types"
"github.com/containers/podman/v3/pkg/namespaces"
"github.com/containers/podman/v3/pkg/rootless"
"github.com/containers/podman/v3/pkg/specgen"
@@ -21,7 +22,6 @@ import (
"github.com/containers/storage"
"github.com/containers/storage/pkg/idtools"
"github.com/cri-o/ocicni/pkg/ocicni"
- "github.com/opencontainers/runtime-spec/specs-go"
"github.com/opencontainers/runtime-tools/generate"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
@@ -713,7 +713,6 @@ func (r *Runtime) WithPod(pod *Pod) CtrCreateOption {
if pod == nil {
return define.ErrInvalidArg
}
-
ctr.config.Pod = pod.ID()
return nil
@@ -1430,20 +1429,6 @@ func WithRestartRetries(tries uint) CtrCreateOption {
}
}
-// withIsInfra sets the container to be an infra container. This means the container will be sometimes hidden
-// and expected to be the first container in the pod.
-func withIsInfra() CtrCreateOption {
- return func(ctr *Container) error {
- if ctr.valid {
- return define.ErrCtrFinalized
- }
-
- ctr.config.IsInfra = true
-
- return nil
- }
-}
-
// WithNamedVolumes adds the given named volumes to the container.
func WithNamedVolumes(volumes []*ContainerNamedVolume) CtrCreateOption {
return func(ctr *Container) error {
@@ -1541,6 +1526,20 @@ func WithCreateCommand(cmd []string) CtrCreateOption {
}
}
+// withIsInfra allows us to dfferentiate between infra containers and regular containers
+// within the container config
+func withIsInfra() CtrCreateOption {
+ return func(ctr *Container) error {
+ if ctr.valid {
+ return define.ErrCtrFinalized
+ }
+
+ ctr.config.IsInfra = true
+
+ return nil
+ }
+}
+
// WithCreateWorkingDir tells Podman to create the container's working directory
// if it does not exist.
func WithCreateWorkingDir() CtrCreateOption {
@@ -1812,45 +1811,14 @@ func WithInitCtrType(containerType string) CtrCreateOption {
// Pod Creation Options
-// WithInfraImage sets the infra image for libpod.
-// An infra image is used for inter-container kernel
-// namespace sharing within a pod. Typically, an infra
-// container is lightweight and is there to reap
-// zombie processes within its pid namespace.
-func WithInfraImage(img string) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- pod.config.InfraContainer.InfraImage = img
-
- return nil
- }
-}
-
-// WithInfraCommand sets the command to
-// run on pause container start up.
-func WithInfraCommand(cmd []string) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- pod.config.InfraContainer.InfraCommand = cmd
- return nil
- }
-}
-
-// WithInfraName sets the infra container name for a single pod.
-func WithInfraName(name string) PodCreateOption {
+// WithPodCreateCommand adds the full command plus arguments of the current
+// process to the pod config.
+func WithPodCreateCommand(createCmd []string) PodCreateOption {
return func(pod *Pod) error {
if pod.valid {
return define.ErrPodFinalized
}
-
- pod.config.InfraContainer.InfraName = name
-
+ pod.config.CreateCommand = createCmd
return nil
}
}
@@ -1891,26 +1859,14 @@ func WithPodHostname(hostname string) PodCreateOption {
}
}
-// WithPodCreateCommand adds the full command plus arguments of the current
-// process to the pod config.
-func WithPodCreateCommand(createCmd []string) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
- pod.config.CreateCommand = createCmd
- return nil
- }
-}
-
// WithInfraConmonPidFile sets the path to a custom conmon PID file for the
// infra container.
-func WithInfraConmonPidFile(path string) PodCreateOption {
+func WithInfraConmonPidFile(path string, infraSpec *specgen.SpecGenerator) PodCreateOption {
return func(pod *Pod) error {
if pod.valid {
return define.ErrPodFinalized
}
- pod.config.InfraContainer.ConmonPidFile = path
+ infraSpec.ConmonPidFile = path
return nil
}
}
@@ -2099,320 +2055,25 @@ func WithInfraContainer() PodCreateOption {
if pod.valid {
return define.ErrPodFinalized
}
-
- pod.config.InfraContainer.HasInfraContainer = true
+ pod.config.HasInfra = true
return nil
}
}
// WithInfraContainerPorts tells the pod to add port bindings to the pause container
-func WithInfraContainerPorts(bindings []ocicni.PortMapping) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot set pod ports as no infra container is being created")
- }
- pod.config.InfraContainer.PortBindings = bindings
- return nil
- }
-}
-
-// WithPodStaticIP sets a static IP for the pod.
-func WithPodStaticIP(ip net.IP) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot set pod static IP as no infra container is being created")
- }
-
- if pod.config.InfraContainer.HostNetwork {
- return errors.Wrapf(define.ErrInvalidArg, "cannot set static IP if host network is specified")
- }
-
- if len(pod.config.InfraContainer.Networks) > 1 {
- return errors.Wrapf(define.ErrInvalidArg, "cannot set a static IP if joining more than 1 CNI network")
- }
-
- pod.config.InfraContainer.StaticIP = ip
-
- return nil
- }
-}
-
-// WithPodStaticMAC sets a static MAC address for the pod.
-func WithPodStaticMAC(mac net.HardwareAddr) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot set pod static MAC as no infra container is being created")
- }
-
- if pod.config.InfraContainer.HostNetwork {
- return errors.Wrapf(define.ErrInvalidArg, "cannot set static MAC if host network is specified")
- }
-
- if len(pod.config.InfraContainer.Networks) > 1 {
- return errors.Wrapf(define.ErrInvalidArg, "cannot set a static MAC if joining more than 1 CNI network")
- }
-
- pod.config.InfraContainer.StaticMAC = mac
-
- return nil
- }
-}
-
-// WithPodUseImageResolvConf sets a pod to use an image's resolv.conf and not
-// create its own.
-func WithPodUseImageResolvConf() PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot configure pod DNS as no infra container is being created")
- }
-
- if len(pod.config.InfraContainer.DNSServer) != 0 ||
- len(pod.config.InfraContainer.DNSSearch) != 0 ||
- len(pod.config.InfraContainer.DNSOption) != 0 {
- return errors.Wrapf(define.ErrInvalidArg, "requested use of image resolv.conf conflicts with already-configured DNS settings")
- }
-
- pod.config.InfraContainer.UseImageResolvConf = true
-
- return nil
- }
-}
-
-// WithPodDNS sets the DNS Servers for a pod.
-func WithPodDNS(dnsServer []string) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot configure pod DNS as no infra container is being created")
- }
-
- if pod.config.InfraContainer.UseImageResolvConf {
- return errors.Wrapf(define.ErrInvalidArg, "cannot add DNS servers if pod will not create /etc/resolv.conf")
- }
-
- pod.config.InfraContainer.DNSServer = dnsServer
-
- return nil
- }
-}
-
-// WithPodDNSSearch sets the DNS Search domains for a pod.
-func WithPodDNSSearch(dnsSearch []string) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot configure pod DNS as no infra container is being created")
- }
-
- if pod.config.InfraContainer.UseImageResolvConf {
- return errors.Wrapf(define.ErrInvalidArg, "cannot add DNS search domains if pod will not create /etc/resolv.conf")
- }
-
- pod.config.InfraContainer.DNSSearch = dnsSearch
-
- return nil
- }
-}
-
-// WithPodDNSOption sets DNS Options for a pod.
-func WithPodDNSOption(dnsOption []string) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot configure pod DNS as no infra container is being created")
- }
-
- if pod.config.InfraContainer.UseImageResolvConf {
- return errors.Wrapf(define.ErrInvalidArg, "cannot add DNS options if pod will not create /etc/resolv.conf")
- }
-
- pod.config.InfraContainer.DNSOption = dnsOption
-
- return nil
- }
-}
-
-// WithPodUseImageHosts tells the pod not to create /etc/hosts and instead to
-// use the one provided by the image.
-func WithPodUseImageHosts() PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot configure pod hosts as no infra container is being created")
- }
-
- if len(pod.config.InfraContainer.HostAdd) != 0 {
- return errors.Wrapf(define.ErrInvalidArg, "not creating /etc/hosts conflicts with adding to the hosts file")
- }
-
- pod.config.InfraContainer.UseImageHosts = true
-
- return nil
- }
-}
-
-// WithPodHosts adds additional entries to the pod's /etc/hosts
-func WithPodHosts(hosts []string) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot configure pod hosts as no infra container is being created")
- }
-
- if pod.config.InfraContainer.UseImageHosts {
- return errors.Wrapf(define.ErrInvalidArg, "cannot add to /etc/hosts if container is using image hosts")
- }
-
- pod.config.InfraContainer.HostAdd = hosts
-
- return nil
- }
-}
-
-// WithPodNetworks sets additional CNI networks for the pod to join.
-func WithPodNetworks(networks []string) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot configure pod CNI networks as no infra container is being created")
- }
-
- if (pod.config.InfraContainer.StaticIP != nil || pod.config.InfraContainer.StaticMAC != nil) &&
- len(networks) > 1 {
- return errors.Wrapf(define.ErrInvalidArg, "cannot join more than one CNI network if setting a static IP or MAC address")
- }
-
- if pod.config.InfraContainer.HostNetwork {
- return errors.Wrapf(define.ErrInvalidArg, "cannot join pod to CNI networks if host network is specified")
- }
-
- pod.config.InfraContainer.Networks = networks
-
- return nil
- }
-}
-
-// WithPodNoNetwork tells the pod to disable external networking.
-func WithPodNoNetwork() PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot disable pod networking as no infra container is being created")
- }
-
- if len(pod.config.InfraContainer.PortBindings) > 0 ||
- pod.config.InfraContainer.StaticIP != nil ||
- pod.config.InfraContainer.StaticMAC != nil ||
- len(pod.config.InfraContainer.Networks) > 0 ||
- pod.config.InfraContainer.HostNetwork {
- return errors.Wrapf(define.ErrInvalidArg, "cannot disable pod network if network-related configuration is specified")
- }
-
- pod.config.InfraContainer.NoNetwork = true
-
- return nil
- }
-}
-
-// WithPodHostNetwork tells the pod to use the host's network namespace.
-func WithPodHostNetwork() PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot configure pod host networking as no infra container is being created")
- }
-
- if len(pod.config.InfraContainer.PortBindings) > 0 ||
- pod.config.InfraContainer.StaticIP != nil ||
- pod.config.InfraContainer.StaticMAC != nil ||
- len(pod.config.InfraContainer.Networks) > 0 ||
- pod.config.InfraContainer.NoNetwork {
- return errors.Wrapf(define.ErrInvalidArg, "cannot set host network if network-related configuration is specified")
- }
-
- pod.config.InfraContainer.HostNetwork = true
-
- return nil
- }
-}
-
-// WithPodInfraExitCommand sets an exit command for the pod's infra container.
-// Semantics are identical to WithExitCommand() above - the ID of the container
-// will be appended to the end of the provided command (note that this will
-// specifically be the ID of the infra container *and not the pod's id*.
-func WithPodInfraExitCommand(exitCmd []string) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot configure pod infra container exit command as no infra container is being created")
- }
-
- pod.config.InfraContainer.ExitCommand = exitCmd
-
- return nil
- }
-}
-
-// WithPodSlirp4netns tells the pod to use slirp4netns.
-func WithPodSlirp4netns(networkOptions map[string][]string) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot configure pod networking as no infra container is being created")
- }
- if pod.config.InfraContainer.HostNetwork {
- return errors.Wrapf(define.ErrInvalidArg, "cannot set both HostNetwork and Slirp4netns")
- }
- pod.config.InfraContainer.Slirp4netns = true
- pod.config.InfraContainer.NetworkOptions = networkOptions
-
- return nil
+func WithInfraContainerPorts(bindings []ocicni.PortMapping, infraSpec *specgen.SpecGenerator) []netTypes.PortMapping {
+ bindingSpec := []netTypes.PortMapping{}
+ for _, bind := range bindings {
+ currBind := netTypes.PortMapping{}
+ currBind.ContainerPort = uint16(bind.ContainerPort)
+ currBind.HostIP = bind.HostIP
+ currBind.HostPort = uint16(bind.HostPort)
+ currBind.Protocol = bind.Protocol
+ bindingSpec = append(bindingSpec, currBind)
}
+ infraSpec.PortMappings = bindingSpec
+ return infraSpec.PortMappings
}
// WithVolatile sets the volatile flag for the container storage.
@@ -2428,78 +2089,3 @@ func WithVolatile() CtrCreateOption {
return nil
}
}
-
-// WithPodUserns sets the userns for the infra container in a pod.
-func WithPodUserns(userns specgen.Namespace) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
-
- if !pod.config.InfraContainer.HasInfraContainer {
- return errors.Wrapf(define.ErrInvalidArg, "cannot configure pod userns as no infra container is being created")
- }
-
- pod.config.InfraContainer.Userns = userns
-
- return nil
- }
-}
-
-// WithPodCPUPAQ takes the given cpu period and quota and inserts them in the proper place.
-func WithPodCPUPAQ(period uint64, quota int64) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
- if pod.CPUPeriod() != 0 && pod.CPUQuota() != 0 {
- pod.config.InfraContainer.ResourceLimits.CPU = &specs.LinuxCPU{
- Period: &period,
- Quota: &quota,
- }
- } else {
- pod.config.InfraContainer.ResourceLimits = &specs.LinuxResources{}
- pod.config.InfraContainer.ResourceLimits.CPU = &specs.LinuxCPU{
- Period: &period,
- Quota: &quota,
- }
- }
- return nil
- }
-}
-
-// WithPodCPUSetCPUS computes and sets the Cpus linux resource string which determines the amount of cores, from those available, we are allowed to execute on
-func WithPodCPUSetCPUs(inp string) PodCreateOption {
- return func(pod *Pod) error {
- if pod.valid {
- return define.ErrPodFinalized
- }
- if pod.ResourceLim().CPU.Period != nil {
- pod.config.InfraContainer.ResourceLimits.CPU.Cpus = inp
- } else {
- pod.config.InfraContainer.ResourceLimits = &specs.LinuxResources{}
- pod.config.InfraContainer.ResourceLimits.CPU = &specs.LinuxCPU{}
- pod.config.InfraContainer.ResourceLimits.CPU.Cpus = inp
- }
- return nil
- }
-}
-
-func WithPodPidNS(inp specgen.Namespace) PodCreateOption {
- return func(p *Pod) error {
- if p.valid {
- return define.ErrPodFinalized
- }
- if p.config.UsePodPID {
- switch inp.NSMode {
- case "container":
- return errors.Wrap(define.ErrInvalidArg, "Cannot take container in a different NS as an argument")
- case "host":
- p.config.UsePodPID = false
- }
- p.config.InfraContainer.PidNS = inp
- }
-
- return nil
- }
-}
diff --git a/libpod/pod.go b/libpod/pod.go
index 7df15df7b..e4516b354 100644
--- a/libpod/pod.go
+++ b/libpod/pod.go
@@ -2,14 +2,12 @@ package libpod
import (
"context"
- "net"
+ "fmt"
"sort"
"time"
"github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/libpod/lock"
- "github.com/containers/podman/v3/pkg/specgen"
- "github.com/cri-o/ocicni/pkg/ocicni"
"github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
)
@@ -63,7 +61,7 @@ type PodConfig struct {
UsePodUTS bool `json:"sharesUts,omitempty"`
UsePodCgroupNS bool `json:"sharesCgroupNS,omitempty"`
- InfraContainer *InfraContainerConfig `json:"infraConfig"`
+ HasInfra bool `json:"hasInfra,omitempty"`
// Time pod was created
CreatedTime time.Time `json:"created"`
@@ -85,41 +83,6 @@ type podState struct {
InfraContainerID string
}
-// InfraContainerConfig is the configuration for the pod's infra container.
-// Generally speaking, these are equivalent to container configuration options
-// you will find in container_config.go (and even named identically), save for
-// HasInfraContainer (which determines if an infra container is even created -
-// if it is false, no other options in this struct will be used) and HostNetwork
-// (this involves the created OCI spec, and as such is not represented directly
-// in container_config.go).
-// Generally speaking, aside from those two exceptions, these options will set
-// the equivalent field in the container's configuration.
-type InfraContainerConfig struct {
- ConmonPidFile string `json:"conmonPidFile"`
- HasInfraContainer bool `json:"makeInfraContainer"`
- NoNetwork bool `json:"noNetwork,omitempty"`
- HostNetwork bool `json:"infraHostNetwork,omitempty"`
- PidNS specgen.Namespace `json:"infraPid,omitempty"`
- PortBindings []ocicni.PortMapping `json:"infraPortBindings"`
- StaticIP net.IP `json:"staticIP,omitempty"`
- StaticMAC net.HardwareAddr `json:"staticMAC,omitempty"`
- UseImageResolvConf bool `json:"useImageResolvConf,omitempty"`
- DNSServer []string `json:"dnsServer,omitempty"`
- DNSSearch []string `json:"dnsSearch,omitempty"`
- DNSOption []string `json:"dnsOption,omitempty"`
- UseImageHosts bool `json:"useImageHosts,omitempty"`
- HostAdd []string `json:"hostsAdd,omitempty"`
- Networks []string `json:"networks,omitempty"`
- ExitCommand []string `json:"exitCommand,omitempty"`
- InfraImage string `json:"infraImage,omitempty"`
- InfraCommand []string `json:"infraCommand,omitempty"`
- InfraName string `json:"infraName,omitempty"`
- Slirp4netns bool `json:"slirp4netns,omitempty"`
- NetworkOptions map[string][]string `json:"network_options,omitempty"`
- ResourceLimits *specs.LinuxResources `json:"resource_limits,omitempty"`
- Userns specgen.Namespace `json:"userns,omitempty"`
-}
-
// ID retrieves the pod's ID
func (p *Pod) ID() string {
return p.config.ID
@@ -139,45 +102,104 @@ func (p *Pod) Namespace() string {
// ResourceLim returns the cpuset resource limits for the pod
func (p *Pod) ResourceLim() *specs.LinuxResources {
resCopy := &specs.LinuxResources{}
- if err := JSONDeepCopy(p.config.InfraContainer.ResourceLimits, resCopy); err != nil {
+ empty := &specs.LinuxResources{
+ CPU: &specs.LinuxCPU{},
+ }
+ infra, err := p.runtime.GetContainer(p.state.InfraContainerID)
+ if err != nil {
+ return empty
+ }
+ conf := infra.config.Spec
+ if err != nil {
+ return empty
+ }
+ if conf.Linux == nil || conf.Linux.Resources == nil {
+ return empty
+ }
+ if err = JSONDeepCopy(conf.Linux.Resources, resCopy); err != nil {
return nil
}
- if resCopy != nil && resCopy.CPU != nil {
+ if resCopy.CPU != nil {
return resCopy
}
- empty := &specs.LinuxResources{
- CPU: &specs.LinuxCPU{},
- }
+
return empty
}
// CPUPeriod returns the pod CPU period
func (p *Pod) CPUPeriod() uint64 {
- resCopy := &specs.LinuxResources{}
- if err := JSONDeepCopy(p.config.InfraContainer.ResourceLimits, resCopy); err != nil {
+ if p.state.InfraContainerID == "" {
return 0
}
- if resCopy != nil && resCopy.CPU != nil && resCopy.CPU.Period != nil {
- return *resCopy.CPU.Period
+ infra, err := p.runtime.GetContainer(p.state.InfraContainerID)
+ if err != nil {
+ return 0
+ }
+ conf := infra.config.Spec
+ if conf != nil && conf.Linux != nil && conf.Linux.Resources != nil && conf.Linux.Resources.CPU != nil && conf.Linux.Resources.CPU.Period != nil {
+ return *conf.Linux.Resources.CPU.Period
}
return 0
}
// CPUQuota returns the pod CPU quota
func (p *Pod) CPUQuota() int64 {
- resCopy := &specs.LinuxResources{}
- if err := JSONDeepCopy(p.config.InfraContainer.ResourceLimits, resCopy); err != nil {
+ if p.state.InfraContainerID == "" {
+ return 0
+ }
+ infra, err := p.runtime.GetContainer(p.state.InfraContainerID)
+ if err != nil {
return 0
}
- if resCopy != nil && resCopy.CPU != nil && resCopy.CPU.Quota != nil {
- return *resCopy.CPU.Quota
+ conf := infra.config.Spec
+ if conf != nil && conf.Linux != nil && conf.Linux.Resources != nil && conf.Linux.Resources.CPU != nil && conf.Linux.Resources.CPU.Quota != nil {
+ return *conf.Linux.Resources.CPU.Quota
}
return 0
}
// PidMode returns the PID mode given by the user ex: pod, private...
func (p *Pod) PidMode() string {
- return string(p.config.InfraContainer.PidNS.NSMode)
+ infra, err := p.runtime.GetContainer(p.state.InfraContainerID)
+ if err != nil {
+ return ""
+ }
+ conf := infra.Config()
+ ctrSpec := conf.Spec
+ if ctrSpec != nil && ctrSpec.Linux != nil {
+ for _, ns := range ctrSpec.Linux.Namespaces {
+ if ns.Type == specs.PIDNamespace {
+ if ns.Path != "" {
+ return fmt.Sprintf("ns:%s", ns.Path)
+ }
+ return "private"
+ }
+ }
+ return "host"
+ }
+ return ""
+}
+
+// PidMode returns the PID mode given by the user ex: pod, private...
+func (p *Pod) UserNSMode() string {
+ infra, err := p.infraContainer()
+ if err != nil {
+ return ""
+ }
+ conf := infra.Config()
+ ctrSpec := conf.Spec
+ if ctrSpec != nil && ctrSpec.Linux != nil {
+ for _, ns := range ctrSpec.Linux.Namespaces {
+ if ns.Type == specs.UserNamespace {
+ if ns.Path != "" {
+ return fmt.Sprintf("ns:%s", ns.Path)
+ }
+ return "private"
+ }
+ }
+ return "host"
+ }
+ return ""
}
// Labels returns the pod's labels
@@ -263,20 +285,24 @@ func (p *Pod) CgroupPath() (string, error) {
if p.state.CgroupPath != "" {
return p.state.CgroupPath, nil
}
- if !p.HasInfraContainer() {
+ if p.state.InfraContainerID == "" {
return "", errors.Wrap(define.ErrNoSuchCtr, "pod has no infra container")
}
- id := p.state.InfraContainerID
+ id, err := p.infraContainerID()
+ if err != nil {
+ return "", err
+ }
if id != "" {
- ctr, err := p.runtime.state.Container(id)
+ ctr, err := p.infraContainer()
if err != nil {
return "", errors.Wrapf(err, "could not get infra")
}
if ctr != nil {
- ctr.Start(context.Background(), false)
+ ctr.Start(context.Background(), true)
cgroupPath, err := ctr.CGroupPath()
+ fmt.Println(cgroupPath)
if err != nil {
return "", errors.Wrapf(err, "could not get container cgroup")
}
@@ -325,7 +351,7 @@ func (p *Pod) allContainers() ([]*Container, error) {
// HasInfraContainer returns whether the pod will create an infra container
func (p *Pod) HasInfraContainer() bool {
- return p.config.InfraContainer.HasInfraContainer
+ return p.config.HasInfra
}
// SharesNamespaces checks if the pod has any kernel namespaces set as shared. An infra container will not be
@@ -350,19 +376,26 @@ func (p *Pod) InfraContainerID() (string, error) {
return p.infraContainerID()
}
-// InfraContainer returns the infra container.
-func (p *Pod) InfraContainer() (*Container, error) {
- if !p.HasInfraContainer() {
- return nil, errors.Wrap(define.ErrNoSuchCtr, "pod has no infra container")
- }
- id, err := p.InfraContainerID()
+// infraContainer is the unlocked versio of InfraContainer which returns the infra container
+func (p *Pod) infraContainer() (*Container, error) {
+ id, err := p.infraContainerID()
if err != nil {
return nil, err
}
+ if id == "" {
+ return nil, errors.Wrap(define.ErrNoSuchCtr, "pod has no infra container")
+ }
return p.runtime.state.Container(id)
}
+// InfraContainer returns the infra container.
+func (p *Pod) InfraContainer() (*Container, error) {
+ p.lock.Lock()
+ defer p.lock.Unlock()
+ return p.infraContainer()
+}
+
// TODO add pod batching
// Lock pod to avoid lock contention
// Store and lock all containers (no RemoveContainer in batch guarantees cache will not become stale)
@@ -412,13 +445,7 @@ func (p *Pod) ProcessLabel() (string, error) {
if !p.HasInfraContainer() {
return "", nil
}
-
- id, err := p.InfraContainerID()
- if err != nil {
- return "", err
- }
-
- ctr, err := p.runtime.state.Container(id)
+ ctr, err := p.infraContainer()
if err != nil {
return "", err
}
diff --git a/libpod/pod_api.go b/libpod/pod_api.go
index 53fb9538f..5f4d983b9 100644
--- a/libpod/pod_api.go
+++ b/libpod/pod_api.go
@@ -582,41 +582,46 @@ func (p *Pod) Inspect() (*define.InspectPodData, error) {
// Infra config contains detailed information on the pod's infra
// container.
var infraConfig *define.InspectPodInfraConfig
- if p.config.InfraContainer != nil && p.config.InfraContainer.HasInfraContainer {
+ if p.state.InfraContainerID != "" {
+ infra, err := p.runtime.GetContainer(p.state.InfraContainerID)
+ if err != nil {
+ return nil, err
+ }
infraConfig = new(define.InspectPodInfraConfig)
- infraConfig.HostNetwork = p.config.InfraContainer.HostNetwork
- infraConfig.StaticIP = p.config.InfraContainer.StaticIP
- infraConfig.StaticMAC = p.config.InfraContainer.StaticMAC.String()
- infraConfig.NoManageResolvConf = p.config.InfraContainer.UseImageResolvConf
- infraConfig.NoManageHosts = p.config.InfraContainer.UseImageHosts
+ infraConfig.HostNetwork = !infra.Config().ContainerNetworkConfig.UseImageHosts
+ infraConfig.StaticIP = infra.Config().ContainerNetworkConfig.StaticIP
+ infraConfig.NoManageResolvConf = infra.Config().UseImageResolvConf
+ infraConfig.NoManageHosts = infra.Config().UseImageHosts
infraConfig.CPUPeriod = p.CPUPeriod()
infraConfig.CPUQuota = p.CPUQuota()
infraConfig.CPUSetCPUs = p.ResourceLim().CPU.Cpus
infraConfig.PidNS = p.PidMode()
- infraConfig.UserNS = p.config.InfraContainer.Userns.String()
+ infraConfig.UserNS = p.UserNSMode()
- if len(p.config.InfraContainer.DNSServer) > 0 {
- infraConfig.DNSServer = make([]string, 0, len(p.config.InfraContainer.DNSServer))
- infraConfig.DNSServer = append(infraConfig.DNSServer, p.config.InfraContainer.DNSServer...)
+ if len(infra.Config().ContainerNetworkConfig.DNSServer) > 0 {
+ infraConfig.DNSServer = make([]string, 0, len(infra.Config().ContainerNetworkConfig.DNSServer))
+ for _, entry := range infra.Config().ContainerNetworkConfig.DNSServer {
+ infraConfig.DNSServer = append(infraConfig.DNSServer, entry.String())
+ }
}
- if len(p.config.InfraContainer.DNSSearch) > 0 {
- infraConfig.DNSSearch = make([]string, 0, len(p.config.InfraContainer.DNSSearch))
- infraConfig.DNSSearch = append(infraConfig.DNSSearch, p.config.InfraContainer.DNSSearch...)
+ if len(infra.Config().ContainerNetworkConfig.DNSSearch) > 0 {
+ infraConfig.DNSSearch = make([]string, 0, len(infra.Config().ContainerNetworkConfig.DNSSearch))
+ infraConfig.DNSSearch = append(infraConfig.DNSSearch, infra.Config().ContainerNetworkConfig.DNSSearch...)
}
- if len(p.config.InfraContainer.DNSOption) > 0 {
- infraConfig.DNSOption = make([]string, 0, len(p.config.InfraContainer.DNSOption))
- infraConfig.DNSOption = append(infraConfig.DNSOption, p.config.InfraContainer.DNSOption...)
+ if len(infra.Config().ContainerNetworkConfig.DNSOption) > 0 {
+ infraConfig.DNSOption = make([]string, 0, len(infra.Config().ContainerNetworkConfig.DNSOption))
+ infraConfig.DNSOption = append(infraConfig.DNSOption, infra.Config().ContainerNetworkConfig.DNSOption...)
}
- if len(p.config.InfraContainer.HostAdd) > 0 {
- infraConfig.HostAdd = make([]string, 0, len(p.config.InfraContainer.HostAdd))
- infraConfig.HostAdd = append(infraConfig.HostAdd, p.config.InfraContainer.HostAdd...)
+ if len(infra.Config().HostAdd) > 0 {
+ infraConfig.HostAdd = make([]string, 0, len(infra.Config().HostAdd))
+ infraConfig.HostAdd = append(infraConfig.HostAdd, infra.Config().HostAdd...)
}
- if len(p.config.InfraContainer.Networks) > 0 {
- infraConfig.Networks = make([]string, 0, len(p.config.InfraContainer.Networks))
- infraConfig.Networks = append(infraConfig.Networks, p.config.InfraContainer.Networks...)
+ if len(infra.Config().ContainerNetworkConfig.Networks) > 0 {
+ infraConfig.Networks = make([]string, 0, len(infra.Config().ContainerNetworkConfig.Networks))
+ infraConfig.Networks = append(infraConfig.Networks, infra.Config().ContainerNetworkConfig.Networks...)
}
- infraConfig.NetworkOptions = p.config.InfraContainer.NetworkOptions
- infraConfig.PortBindings = makeInspectPortBindings(p.config.InfraContainer.PortBindings, nil)
+ infraConfig.NetworkOptions = infra.Config().ContainerNetworkConfig.NetworkOptions
+ infraConfig.PortBindings = makeInspectPortBindings(infra.Config().ContainerNetworkConfig.PortMappings, nil)
}
inspectData := define.InspectPodData{
diff --git a/libpod/pod_internal.go b/libpod/pod_internal.go
index e81bd7b16..079b631a0 100644
--- a/libpod/pod_internal.go
+++ b/libpod/pod_internal.go
@@ -20,7 +20,7 @@ func newPod(runtime *Runtime) *Pod {
pod.config.ID = stringid.GenerateNonCryptoID()
pod.config.Labels = make(map[string]string)
pod.config.CreatedTime = time.Now()
- pod.config.InfraContainer = new(InfraContainerConfig)
+ // pod.config.InfraContainer = new(ContainerConfig)
pod.state = new(podState)
pod.runtime = runtime
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
index 52072b0f3..7d3891f6e 100644
--- a/libpod/runtime_ctr.go
+++ b/libpod/runtime_ctr.go
@@ -17,6 +17,7 @@ import (
"github.com/containers/podman/v3/pkg/cgroups"
"github.com/containers/podman/v3/pkg/domain/entities/reports"
"github.com/containers/podman/v3/pkg/rootless"
+ "github.com/containers/podman/v3/pkg/specgen"
"github.com/containers/storage"
"github.com/containers/storage/pkg/stringid"
"github.com/docker/go-units"
@@ -38,12 +39,15 @@ type CtrCreateOption func(*Container) error
type ContainerFilter func(*Container) bool
// NewContainer creates a new container from a given OCI config.
-func (r *Runtime) NewContainer(ctx context.Context, rSpec *spec.Spec, options ...CtrCreateOption) (*Container, error) {
+func (r *Runtime) NewContainer(ctx context.Context, rSpec *spec.Spec, spec *specgen.SpecGenerator, infra bool, options ...CtrCreateOption) (*Container, error) {
r.lock.Lock()
defer r.lock.Unlock()
if !r.valid {
return nil, define.ErrRuntimeStopped
}
+ if infra {
+ options = append(options, withIsInfra())
+ }
return r.newContainer(ctx, rSpec, options...)
}
@@ -172,6 +176,7 @@ func (r *Runtime) initContainerVariables(rSpec *spec.Spec, config *ContainerConf
}
ctr.config.ShmSize = size
ctr.config.StopSignal = 15
+
ctr.config.StopTimeout = r.config.Engine.StopTimeout
} else {
// This is a restore from an imported checkpoint
@@ -211,7 +216,11 @@ func (r *Runtime) initContainerVariables(rSpec *spec.Spec, config *ContainerConf
}
func (r *Runtime) newContainer(ctx context.Context, rSpec *spec.Spec, options ...CtrCreateOption) (*Container, error) {
- ctr, err := r.initContainerVariables(rSpec, nil)
+ var ctr *Container
+ var err error
+
+ ctr, err = r.initContainerVariables(rSpec, nil)
+
if err != nil {
return nil, errors.Wrapf(err, "error initializing container variables")
}
@@ -230,7 +239,9 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai
if err := ctr.validate(); err != nil {
return nil, err
}
-
+ if ctr.config.IsInfra {
+ ctr.config.StopTimeout = 10
+ }
// normalize the networks to names
// ocicni only knows about cni names so we have to make
// sure we do not use ids internally
@@ -327,7 +338,7 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai
switch r.config.Engine.CgroupManager {
case config.CgroupfsCgroupsManager:
if ctr.config.CgroupParent == "" {
- if pod != nil && pod.config.UsePodCgroup {
+ if pod != nil && pod.config.UsePodCgroup && !ctr.IsInfra() {
podCgroup, err := pod.CgroupPath()
if err != nil {
return nil, errors.Wrapf(err, "error retrieving pod %s cgroup", pod.ID())
@@ -348,7 +359,7 @@ func (r *Runtime) setupContainer(ctx context.Context, ctr *Container) (_ *Contai
case config.SystemdCgroupsManager:
if ctr.config.CgroupParent == "" {
switch {
- case pod != nil && pod.config.UsePodCgroup:
+ case pod != nil && pod.config.UsePodCgroup && !ctr.IsInfra():
podCgroup, err := pod.CgroupPath()
if err != nil {
return nil, errors.Wrapf(err, "error retrieving pod %s cgroup", pod.ID())
@@ -833,7 +844,10 @@ func (r *Runtime) evictContainer(ctx context.Context, idOrName string, removeVol
return id, err
}
- infraID := pod.state.InfraContainerID
+ infraID, err := pod.infraContainerID()
+ if err != nil {
+ return "", err
+ }
if c.ID() == infraID {
return id, errors.Errorf("container %s is the infra container of pod %s and cannot be removed without removing the pod", c.ID(), pod.ID())
}
diff --git a/libpod/runtime_pod_infra_linux.go b/libpod/runtime_pod_infra_linux.go
deleted file mode 100644
index 9236fb1f5..000000000
--- a/libpod/runtime_pod_infra_linux.go
+++ /dev/null
@@ -1,284 +0,0 @@
-// +build linux
-
-package libpod
-
-import (
- "context"
- "strings"
-
- "github.com/containers/common/pkg/config"
- "github.com/containers/podman/v3/libpod/define"
- "github.com/containers/podman/v3/pkg/namespaces"
- "github.com/containers/podman/v3/pkg/rootless"
- "github.com/containers/podman/v3/pkg/specgen"
- "github.com/containers/podman/v3/pkg/util"
- v1 "github.com/opencontainers/image-spec/specs-go/v1"
- spec "github.com/opencontainers/runtime-spec/specs-go"
- "github.com/opencontainers/runtime-tools/generate"
- "github.com/pkg/errors"
- "github.com/sirupsen/logrus"
-)
-
-const (
- // IDTruncLength is the length of the pod's id that will be used to make the
- // infra container name
- IDTruncLength = 12
-)
-
-func (r *Runtime) makeInfraContainer(ctx context.Context, p *Pod, imgName, rawImageName, imgID string, config *v1.ImageConfig) (*Container, error) {
- // Set up generator for infra container defaults
- g, err := generate.New("linux")
- if err != nil {
- return nil, err
- }
-
- // Set Pod hostname
- g.Config.Hostname = p.config.Hostname
-
- var options []CtrCreateOption
-
- // Command: If user-specified, use that preferentially.
- // If not set and the config file is set, fall back to that.
- var infraCtrCommand []string
- if p.config.InfraContainer.InfraCommand != nil {
- logrus.Debugf("User-specified infra container entrypoint %v", p.config.InfraContainer.InfraCommand)
- infraCtrCommand = p.config.InfraContainer.InfraCommand
- } else if r.config.Engine.InfraCommand != "" {
- logrus.Debugf("Config-specified infra container entrypoint %s", r.config.Engine.InfraCommand)
- infraCtrCommand = []string{r.config.Engine.InfraCommand}
- }
- // Only if set by the user or containers.conf, we set entrypoint for the
- // infra container.
- // This is only used by commit, so it shouldn't matter... But someone
- // may eventually want to commit an infra container?
- // TODO: Should we actually do this if set by containers.conf?
- if infraCtrCommand != nil {
- // Need to duplicate the array - we are going to add Cmd later
- // so the current array will be changed.
- newArr := make([]string, 0, len(infraCtrCommand))
- newArr = append(newArr, infraCtrCommand...)
- options = append(options, WithEntrypoint(newArr))
- }
-
- isRootless := rootless.IsRootless()
-
- // I've seen circumstances where config is being passed as nil.
- // Let's err on the side of safety and make sure it's safe to use.
- if config != nil {
- if infraCtrCommand == nil {
- // If we have no entrypoint and command from the image,
- // we can't go on - the infra container has no command.
- if len(config.Entrypoint) == 0 && len(config.Cmd) == 0 {
- return nil, errors.Errorf("infra container has no command")
- }
- if len(config.Entrypoint) > 0 {
- infraCtrCommand = config.Entrypoint
- } else {
- // Use the Docker default "/bin/sh -c"
- // entrypoint, as we're overriding command.
- // If an image doesn't want this, it can
- // override entrypoint too.
- infraCtrCommand = []string{"/bin/sh", "-c"}
- }
- }
- if len(config.Cmd) > 0 {
- infraCtrCommand = append(infraCtrCommand, config.Cmd...)
- }
-
- if len(config.Env) > 0 {
- for _, nameValPair := range config.Env {
- nameValSlice := strings.Split(nameValPair, "=")
- if len(nameValSlice) < 2 {
- return nil, errors.Errorf("Invalid environment variable structure in pause image")
- }
- g.AddProcessEnv(nameValSlice[0], nameValSlice[1])
- }
- }
-
- switch {
- case p.config.InfraContainer.HostNetwork:
- if err := g.RemoveLinuxNamespace(string(spec.NetworkNamespace)); err != nil {
- return nil, errors.Wrapf(err, "error removing network namespace from pod %s infra container", p.ID())
- }
- case p.config.InfraContainer.NoNetwork:
- // Do nothing - we have a network namespace by default,
- // but should not configure slirp.
- default:
- // Since user namespace sharing is not implemented, we only need to check if it's rootless
- netmode := "bridge"
- if p.config.InfraContainer.Slirp4netns {
- netmode = "slirp4netns"
- if len(p.config.InfraContainer.NetworkOptions) != 0 {
- options = append(options, WithNetworkOptions(p.config.InfraContainer.NetworkOptions))
- }
- }
- // FIXME allow pods to have exposed ports
- options = append(options, WithNetNS(p.config.InfraContainer.PortBindings, nil, !p.config.InfraContainer.Userns.IsHost(), netmode, p.config.InfraContainer.Networks))
- }
-
- // For each option in InfraContainerConfig - if set, pass into
- // the infra container we're creating with the appropriate
- // With... option.
- if p.config.InfraContainer.StaticIP != nil {
- options = append(options, WithStaticIP(p.config.InfraContainer.StaticIP))
- }
- if p.config.InfraContainer.StaticMAC != nil {
- options = append(options, WithStaticMAC(p.config.InfraContainer.StaticMAC))
- }
- if p.config.InfraContainer.UseImageResolvConf {
- options = append(options, WithUseImageResolvConf())
- }
- if len(p.config.InfraContainer.DNSServer) > 0 {
- options = append(options, WithDNS(p.config.InfraContainer.DNSServer))
- }
- if len(p.config.InfraContainer.DNSSearch) > 0 {
- options = append(options, WithDNSSearch(p.config.InfraContainer.DNSSearch))
- }
- if len(p.config.InfraContainer.DNSOption) > 0 {
- options = append(options, WithDNSOption(p.config.InfraContainer.DNSOption))
- }
- if p.config.InfraContainer.UseImageHosts {
- options = append(options, WithUseImageHosts())
- }
- if len(p.config.InfraContainer.HostAdd) > 0 {
- options = append(options, WithHosts(p.config.InfraContainer.HostAdd))
- }
- if len(p.config.InfraContainer.ExitCommand) > 0 {
- options = append(options, WithExitCommand(p.config.InfraContainer.ExitCommand))
- }
-
- if p.config.UsePodPID && p.config.InfraContainer.PidNS.NSMode != "host" {
- g.AddOrReplaceLinuxNamespace(string(spec.LinuxNamespaceType("pid")), p.config.InfraContainer.PidNS.Value)
- } else if p.config.InfraContainer.PidNS.NSMode == "host" {
- newNS := []spec.LinuxNamespace{}
- for _, entry := range g.Config.Linux.Namespaces {
- if entry.Type != spec.LinuxNamespaceType("pid") {
- newNS = append(newNS, entry)
- }
- }
- g.Config.Linux.Namespaces = newNS
- }
- }
-
- for _, ctl := range r.config.Containers.DefaultSysctls {
- sysctl := strings.SplitN(ctl, "=", 2)
- if len(sysctl) < 2 {
- return nil, errors.Errorf("invalid default sysctl %s", ctl)
- }
-
- // Ignore net sysctls if --net=host
- if p.config.InfraContainer.HostNetwork && strings.HasPrefix(sysctl[0], "net.") {
- logrus.Infof("Sysctl %s=%s ignored in containers.conf, since Network Namespace set to host", sysctl[0], sysctl[1])
- continue
- }
-
- g.AddLinuxSysctl(sysctl[0], sysctl[1])
- }
-
- g.SetRootReadonly(true)
- g.SetProcessArgs(infraCtrCommand)
-
- logrus.Debugf("Using %q as infra container command", infraCtrCommand)
-
- mapopt, err := util.ParseIDMapping(namespaces.UsernsMode(p.config.InfraContainer.Userns.String()), []string{}, []string{}, "", "")
- if err != nil {
- return nil, err
- }
- user, err := specgen.SetupUserNS(mapopt, p.config.InfraContainer.Userns, &g)
- if err != nil {
- return nil, err
- }
- if user != "" {
- options = append(options, WithUser(user))
- }
-
- g.RemoveMount("/dev/shm")
- if isRootless {
- g.RemoveMount("/dev/pts")
- devPts := spec.Mount{
- Destination: "/dev/pts",
- Type: "devpts",
- Source: "devpts",
- Options: []string{"private", "nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620"},
- }
- g.AddMount(devPts)
- }
-
- // Add default sysctls from containers.conf
- defaultSysctls, err := util.ValidateSysctls(r.config.Sysctls())
- if err != nil {
- return nil, err
- }
- for sysctlKey, sysctlVal := range defaultSysctls {
- // Ignore mqueue sysctls if not sharing IPC
- if !p.config.UsePodIPC && strings.HasPrefix(sysctlKey, "fs.mqueue.") {
- logrus.Infof("Sysctl %s=%s ignored in containers.conf, since IPC Namespace for pod is unused", sysctlKey, sysctlVal)
- continue
- }
-
- // Ignore net sysctls if host network or not sharing network
- if (p.config.InfraContainer.HostNetwork || !p.config.UsePodNet) && strings.HasPrefix(sysctlKey, "net.") {
- logrus.Infof("Sysctl %s=%s ignored in containers.conf, since Network Namespace for pod is unused", sysctlKey, sysctlVal)
- continue
- }
-
- // Ignore uts sysctls if not sharing UTS
- if !p.config.UsePodUTS && (strings.HasPrefix(sysctlKey, "kernel.domainname") || strings.HasPrefix(sysctlKey, "kernel.hostname")) {
- logrus.Infof("Sysctl %s=%s ignored in containers.conf, since UTS Namespace for pod is unused", sysctlKey, sysctlVal)
- continue
- }
- g.AddLinuxSysctl(sysctlKey, sysctlVal)
- }
-
- containerName := p.config.InfraContainer.InfraName
- if containerName == "" {
- containerName = p.ID()[:IDTruncLength] + "-infra"
- }
- logrus.Infof("Infra container name %s", containerName)
- options = append(options, r.WithPod(p))
- options = append(options, WithRootFSFromImage(imgID, imgName, rawImageName))
- options = append(options, WithName(containerName))
- options = append(options, withIsInfra())
- options = append(options, WithIDMappings(*mapopt))
- if len(p.config.InfraContainer.ConmonPidFile) > 0 {
- options = append(options, WithConmonPidFile(p.config.InfraContainer.ConmonPidFile))
- }
- newRes := new(spec.LinuxResources)
- newRes.CPU = new(spec.LinuxCPU)
- newRes.CPU = p.ResourceLim().CPU
- g.Config.Linux.Resources.CPU = newRes.CPU
-
- return r.newContainer(ctx, g.Config, options...)
-}
-
-// createInfraContainer wrap creates an infra container for a pod.
-// An infra container becomes the basis for kernel namespace sharing between
-// containers in the pod.
-func (r *Runtime) createInfraContainer(ctx context.Context, p *Pod) (*Container, error) {
- if !r.valid {
- return nil, define.ErrRuntimeStopped
- }
- imageName := p.config.InfraContainer.InfraImage
- if imageName == "" {
- imageName = r.config.Engine.InfraImage
- }
-
- pulledImages, err := r.LibimageRuntime().Pull(ctx, imageName, config.PullPolicyMissing, nil)
- if err != nil {
- return nil, errors.Wrap(err, "error pulling infra-container image")
- }
-
- newImage := pulledImages[0]
- data, err := newImage.Inspect(ctx, false)
- if err != nil {
- return nil, err
- }
-
- imageName = "none"
- if len(newImage.Names()) > 0 {
- imageName = newImage.Names()[0]
- }
- imageID := data.ID
-
- return r.makeInfraContainer(ctx, p, imageName, r.config.Engine.InfraImage, imageID, data.Config)
-}
diff --git a/libpod/runtime_pod_linux.go b/libpod/runtime_pod_linux.go
index fce3f38a7..7571fdfff 100644
--- a/libpod/runtime_pod_linux.go
+++ b/libpod/runtime_pod_linux.go
@@ -14,13 +14,14 @@ import (
"github.com/containers/podman/v3/libpod/events"
"github.com/containers/podman/v3/pkg/cgroups"
"github.com/containers/podman/v3/pkg/rootless"
+ "github.com/containers/podman/v3/pkg/specgen"
spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
// NewPod makes a new, empty pod
-func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Pod, deferredErr error) {
+func (r *Runtime) NewPod(ctx context.Context, p specgen.PodSpecGenerator, options ...PodCreateOption) (_ *Pod, deferredErr error) {
r.lock.Lock()
defer r.lock.Unlock()
@@ -50,8 +51,8 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po
pod.config.Name = name
}
- if pod.config.Hostname == "" {
- pod.config.Hostname = pod.config.Name
+ if p.InfraContainerSpec != nil && p.InfraContainerSpec.Hostname == "" {
+ p.InfraContainerSpec.Hostname = pod.config.Name
}
// Allocate a lock for the pod
@@ -88,6 +89,9 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po
// launch should do it for us
if pod.config.UsePodCgroup {
pod.state.CgroupPath = filepath.Join(pod.config.CgroupParent, pod.ID())
+ if p.InfraContainerSpec != nil {
+ p.InfraContainerSpec.CgroupParent = pod.state.CgroupPath
+ }
}
}
case config.SystemdCgroupsManager:
@@ -108,6 +112,9 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po
return nil, errors.Wrapf(err, "unable to create pod cgroup for pod %s", pod.ID())
}
pod.state.CgroupPath = cgroupPath
+ if p.InfraContainerSpec != nil {
+ p.InfraContainerSpec.CgroupParent = pod.state.CgroupPath
+ }
}
default:
return nil, errors.Wrapf(define.ErrInvalidArg, "unsupported CGroup manager: %s - cannot validate cgroup parent", r.config.Engine.CgroupManager)
@@ -127,28 +134,40 @@ func (r *Runtime) NewPod(ctx context.Context, options ...PodCreateOption) (_ *Po
if err := r.state.AddPod(pod); err != nil {
return nil, errors.Wrapf(err, "error adding pod to state")
}
- defer func() {
- if deferredErr != nil {
- if err := r.removePod(ctx, pod, true, true); err != nil {
- logrus.Errorf("Error removing pod after pause container creation failure: %v", err)
- }
- }
- }()
+ return pod, nil
+}
- if pod.HasInfraContainer() {
- ctr, err := r.createInfraContainer(ctx, pod)
- if err != nil {
- return nil, errors.Wrapf(err, "error adding Infra Container")
- }
- pod.state.InfraContainerID = ctr.ID()
- if err := pod.save(); err != nil {
- return nil, err
- }
+// AddInfra adds the created infra container to the pod state
+func (r *Runtime) AddInfra(ctx context.Context, pod *Pod, infraCtr *Container) (*Pod, error) {
+ r.lock.Lock()
+ defer r.lock.Unlock()
+
+ if !r.valid {
+ return nil, define.ErrRuntimeStopped
+ }
+ pod.state.InfraContainerID = infraCtr.ID()
+ if err := pod.save(); err != nil {
+ return nil, err
}
pod.newPodEvent(events.Create)
return pod, nil
}
+// SavePod is a helper function to save the pod state from outside of libpod
+func (r *Runtime) SavePod(pod *Pod) error {
+ r.lock.Lock()
+ defer r.lock.Unlock()
+
+ if !r.valid {
+ return define.ErrRuntimeStopped
+ }
+ if err := pod.save(); err != nil {
+ return err
+ }
+ pod.newPodEvent(events.Create)
+ return nil
+}
+
func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool) error {
if err := p.updatePod(); err != nil {
return err
diff --git a/pkg/api/handlers/compat/containers_create.go b/pkg/api/handlers/compat/containers_create.go
index 0b5cbd343..9df35697a 100644
--- a/pkg/api/handlers/compat/containers_create.go
+++ b/pkg/api/handlers/compat/containers_create.go
@@ -11,6 +11,7 @@ import (
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/domain/infra/abi"
"github.com/containers/podman/v3/pkg/specgen"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/containers/storage"
"github.com/gorilla/schema"
"github.com/pkg/errors"
@@ -80,7 +81,7 @@ func CreateContainer(w http.ResponseWriter, r *http.Request) {
}
sg := specgen.NewSpecGenerator(imgNameOrID, cliOpts.RootFS)
- if err := common.FillOutSpecGen(sg, cliOpts, args); err != nil {
+ if err := specgenutil.FillOutSpecGen(sg, cliOpts, args); err != nil {
utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "fill out specgen"))
return
}
diff --git a/pkg/api/handlers/libpod/containers_create.go b/pkg/api/handlers/libpod/containers_create.go
index 65951861b..0e2163d5c 100644
--- a/pkg/api/handlers/libpod/containers_create.go
+++ b/pkg/api/handlers/libpod/containers_create.go
@@ -28,7 +28,12 @@ func CreateContainer(w http.ResponseWriter, r *http.Request) {
utils.InternalServerError(w, err)
return
}
- ctr, err := generate.MakeContainer(context.Background(), runtime, &sg)
+ rtSpec, spec, opts, err := generate.MakeContainer(context.Background(), runtime, &sg)
+ if err != nil {
+ utils.InternalServerError(w, err)
+ return
+ }
+ ctr, err := generate.ExecuteCreate(context.Background(), runtime, rtSpec, spec, false, opts...)
if err != nil {
utils.InternalServerError(w, err)
return
diff --git a/pkg/api/handlers/libpod/pods.go b/pkg/api/handlers/libpod/pods.go
index ff105bc48..3d6cf093b 100644
--- a/pkg/api/handlers/libpod/pods.go
+++ b/pkg/api/handlers/libpod/pods.go
@@ -1,11 +1,15 @@
package libpod
import (
+ "context"
"encoding/json"
"fmt"
"net/http"
"strings"
+ "github.com/containers/common/libimage"
+ "github.com/containers/common/pkg/config"
+ "github.com/containers/image/v5/transports/alltransports"
"github.com/containers/podman/v3/libpod"
"github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/pkg/api/handlers"
@@ -14,6 +18,7 @@ import (
"github.com/containers/podman/v3/pkg/domain/infra/abi"
"github.com/containers/podman/v3/pkg/specgen"
"github.com/containers/podman/v3/pkg/specgen/generate"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/containers/podman/v3/pkg/util"
"github.com/gorilla/schema"
"github.com/pkg/errors"
@@ -25,24 +30,70 @@ func PodCreate(w http.ResponseWriter, r *http.Request) {
runtime = r.Context().Value("runtime").(*libpod.Runtime)
err error
)
- var psg specgen.PodSpecGenerator
+ psg := specgen.PodSpecGenerator{InfraContainerSpec: &specgen.SpecGenerator{}}
if err := json.NewDecoder(r.Body).Decode(&psg); err != nil {
- utils.Error(w, "failed to decode specgen", http.StatusInternalServerError, errors.Wrap(err, "failed to decode specgen"))
+ utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "failed to decode specgen"))
return
}
- // parse userns so we get the valid default value of userns
- psg.Userns, err = specgen.ParseUserNamespace(psg.Userns.String())
if err != nil {
- utils.Error(w, "failed to parse userns", http.StatusInternalServerError, errors.Wrap(err, "failed to parse userns"))
+ utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "failed to decode specgen"))
return
}
- pod, err := generate.MakePod(&psg, runtime)
+ if !psg.NoInfra {
+ infraOptions := &entities.ContainerCreateOptions{ImageVolume: "bind", IsInfra: true, Net: &entities.NetOptions{}} // options for pulling the image and FillOutSpec
+ err = specgenutil.FillOutSpecGen(psg.InfraContainerSpec, infraOptions, []string{}) // necessary for default values in many cases (userns, idmappings)
+ if err != nil {
+ utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "error filling out specgen"))
+ return
+ }
+ out, err := json.Marshal(psg) // marshal our spec so the matching options can be unmarshaled into infra
+ if err != nil {
+ utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "failed to decode specgen"))
+ return
+ }
+ tempSpec := &specgen.SpecGenerator{} // temporary spec since infra cannot be decoded into
+ err = json.Unmarshal(out, tempSpec) // unmarhal matching options
+ if err != nil {
+ utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "failed to decode specgen"))
+ return
+ }
+ psg.InfraContainerSpec = tempSpec // set infra spec equal to temp
+ // a few extra that do not have the same json tags
+ psg.InfraContainerSpec.Name = psg.InfraName
+ psg.InfraContainerSpec.ConmonPidFile = psg.InfraConmonPidFile
+ psg.InfraContainerSpec.ContainerCreateCommand = psg.InfraCommand
+ imageName := psg.InfraImage
+ rawImageName := psg.InfraImage
+ if imageName == "" {
+ imageName = config.DefaultInfraImage
+ rawImageName = config.DefaultInfraImage
+ }
+ curr := infraOptions.Quiet
+ infraOptions.Quiet = true
+ pullOptions := &libimage.PullOptions{}
+ pulledImages, err := runtime.LibimageRuntime().Pull(context.Background(), imageName, config.PullPolicyMissing, pullOptions)
+ if err != nil {
+ utils.Error(w, "Something went wrong.", http.StatusInternalServerError, errors.Wrap(err, "could not pull image"))
+ return
+ }
+ if _, err := alltransports.ParseImageName(imageName); err == nil {
+ if len(pulledImages) != 0 {
+ imageName = pulledImages[0].ID()
+ }
+ }
+ infraOptions.Quiet = curr
+ psg.InfraImage = imageName
+ psg.InfraContainerSpec.Image = imageName
+ psg.InfraContainerSpec.RawImageName = rawImageName
+ }
+ podSpecComplete := entities.PodSpec{PodSpecGen: psg}
+ pod, err := generate.MakePod(&podSpecComplete, runtime)
if err != nil {
httpCode := http.StatusInternalServerError
if errors.Cause(err) == define.ErrPodExists {
httpCode = http.StatusConflict
}
- utils.Error(w, "Something went wrong.", httpCode, err)
+ utils.Error(w, "Something went wrong.", httpCode, errors.Wrap(err, "failed to make pod"))
return
}
utils.WriteResponse(w, http.StatusCreated, handlers.IDResponse{ID: pod.ID()})
diff --git a/pkg/api/handlers/types/types.go b/pkg/api/handlers/types/types.go
index 71165364f..e7920047e 100644
--- a/pkg/api/handlers/types/types.go
+++ b/pkg/api/handlers/types/types.go
@@ -1,8 +1,6 @@
package types
-import (
- "github.com/containers/podman/v3/pkg/domain/entities"
-)
+import "github.com/containers/podman/v3/pkg/domain/entities"
// LibpodImagesRemoveReport is the return type for image removal via the rest
// api.
diff --git a/pkg/bindings/pods/pods.go b/pkg/bindings/pods/pods.go
index 9d3ff322e..a1a431a3b 100644
--- a/pkg/bindings/pods/pods.go
+++ b/pkg/bindings/pods/pods.go
@@ -9,27 +9,25 @@ import (
"github.com/containers/podman/v3/pkg/api/handlers"
"github.com/containers/podman/v3/pkg/bindings"
"github.com/containers/podman/v3/pkg/domain/entities"
- "github.com/containers/podman/v3/pkg/specgen"
jsoniter "github.com/json-iterator/go"
)
-func CreatePodFromSpec(ctx context.Context, s *specgen.PodSpecGenerator, options *CreateOptions) (*entities.PodCreateReport, error) {
+func CreatePodFromSpec(ctx context.Context, spec *entities.PodSpec) (*entities.PodCreateReport, error) {
var (
pcr entities.PodCreateReport
)
- if options == nil {
- options = new(CreateOptions)
+ if spec == nil {
+ spec = new(entities.PodSpec)
}
- _ = options
conn, err := bindings.GetClient(ctx)
if err != nil {
return nil, err
}
- specgenString, err := jsoniter.MarshalToString(s)
+ specString, err := jsoniter.MarshalToString(spec.PodSpecGen)
if err != nil {
return nil, err
}
- stringReader := strings.NewReader(specgenString)
+ stringReader := strings.NewReader(specString)
response, err := conn.DoRequest(stringReader, http.MethodPost, "/pods/create", nil, nil)
if err != nil {
return nil, err
diff --git a/pkg/bindings/test/pods_test.go b/pkg/bindings/test/pods_test.go
index b06ff31a2..5331cf439 100644
--- a/pkg/bindings/test/pods_test.go
+++ b/pkg/bindings/test/pods_test.go
@@ -8,6 +8,7 @@ import (
"github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/pkg/bindings"
"github.com/containers/podman/v3/pkg/bindings/pods"
+ "github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/specgen"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
@@ -333,9 +334,9 @@ var _ = Describe("Podman pods", func() {
})
It("simple create pod", func() {
- ps := specgen.PodSpecGenerator{}
- ps.Name = "foobar"
- _, err := pods.CreatePodFromSpec(bt.conn, &ps, nil)
+ ps := entities.PodSpec{PodSpecGen: specgen.PodSpecGenerator{InfraContainerSpec: &specgen.SpecGenerator{}}}
+ ps.PodSpecGen.Name = "foobar"
+ _, err := pods.CreatePodFromSpec(bt.conn, &ps)
Expect(err).To(BeNil())
exists, err := pods.Exists(bt.conn, "foobar", nil)
diff --git a/pkg/domain/entities/engine_container.go b/pkg/domain/entities/engine_container.go
index 5acf7211c..bd011d309 100644
--- a/pkg/domain/entities/engine_container.go
+++ b/pkg/domain/entities/engine_container.go
@@ -68,7 +68,7 @@ type ContainerEngine interface {
NetworkRm(ctx context.Context, namesOrIds []string, options NetworkRmOptions) ([]*NetworkRmReport, error)
PlayKube(ctx context.Context, path string, opts PlayKubeOptions) (*PlayKubeReport, error)
PlayKubeDown(ctx context.Context, path string, opts PlayKubeDownOptions) (*PlayKubeReport, error)
- PodCreate(ctx context.Context, opts PodCreateOptions) (*PodCreateReport, error)
+ PodCreate(ctx context.Context, specg PodSpec) (*PodCreateReport, error)
PodExists(ctx context.Context, nameOrID string) (*BoolReport, error)
PodInspect(ctx context.Context, options PodInspectOptions) (*PodInspectReport, error)
PodKill(ctx context.Context, namesOrIds []string, options PodKillOptions) ([]*PodKillReport, error)
diff --git a/pkg/domain/entities/pods.go b/pkg/domain/entities/pods.go
index c66bf96fc..10bd7e5ce 100644
--- a/pkg/domain/entities/pods.go
+++ b/pkg/domain/entities/pods.go
@@ -106,6 +106,14 @@ type PodRmReport struct {
Id string //nolint
}
+// PddSpec is an abstracted version of PodSpecGen designed to eventually accept options
+// not meant to be in a specgen
+type PodSpec struct {
+ PodSpecGen specgen.PodSpecGenerator
+}
+
+// PodCreateOptions provides all possible options for creating a pod and its infra container
+// swagger:model PodCreateOptions
type PodCreateOptions struct {
CGroupParent string
CreateCommand []string
@@ -125,6 +133,123 @@ type PodCreateOptions struct {
Userns specgen.Namespace
}
+type ContainerCreateOptions struct {
+ Annotation []string
+ Attach []string
+ Authfile string
+ BlkIOWeight string
+ BlkIOWeightDevice []string
+ CapAdd []string
+ CapDrop []string
+ CgroupNS string
+ CGroupsMode string
+ CGroupParent string
+ CIDFile string
+ ConmonPIDFile string
+ CPUPeriod uint64
+ CPUQuota int64
+ CPURTPeriod uint64
+ CPURTRuntime int64
+ CPUShares uint64
+ CPUS float64
+ CPUSetCPUs string
+ CPUSetMems string
+ Devices []string
+ DeviceCGroupRule []string
+ DeviceReadBPs []string
+ DeviceReadIOPs []string
+ DeviceWriteBPs []string
+ DeviceWriteIOPs []string
+ Entrypoint *string
+ Env []string
+ EnvHost bool
+ EnvFile []string
+ Expose []string
+ GIDMap []string
+ GroupAdd []string
+ HealthCmd string
+ HealthInterval string
+ HealthRetries uint
+ HealthStartPeriod string
+ HealthTimeout string
+ Hostname string
+ HTTPProxy bool
+ ImageVolume string
+ Init bool
+ InitContainerType string
+ InitPath string
+ Interactive bool
+ IPC string
+ KernelMemory string
+ Label []string
+ LabelFile []string
+ LogDriver string
+ LogOptions []string
+ Memory string
+ MemoryReservation string
+ MemorySwap string
+ MemorySwappiness int64
+ Name string
+ NoHealthCheck bool
+ OOMKillDisable bool
+ OOMScoreAdj int
+ Arch string
+ OS string
+ Variant string
+ PID string
+ PIDsLimit *int64
+ Platform string
+ Pod string
+ PodIDFile string
+ Personality string
+ PreserveFDs uint
+ Privileged bool
+ PublishAll bool
+ Pull string
+ Quiet bool
+ ReadOnly bool
+ ReadOnlyTmpFS bool
+ Restart string
+ Replace bool
+ Requires []string
+ Rm bool
+ RootFS bool
+ Secrets []string
+ SecurityOpt []string
+ SdNotifyMode string
+ ShmSize string
+ SignaturePolicy string
+ StopSignal string
+ StopTimeout uint
+ StorageOpt []string
+ SubUIDName string
+ SubGIDName string
+ Sysctl []string
+ Systemd string
+ Timeout uint
+ TLSVerify bool
+ TmpFS []string
+ TTY bool
+ Timezone string
+ Umask string
+ UIDMap []string
+ Ulimit []string
+ User string
+ UserNS string
+ UTS string
+ Mount []string
+ Volume []string
+ VolumesFrom []string
+ Workdir string
+ SeccompPolicy string
+ PidFile string
+ IsInfra bool
+
+ Net *NetOptions
+
+ CgroupConf []string
+}
+
type PodCreateReport struct {
Id string //nolint
}
@@ -149,21 +274,15 @@ func (p *PodCreateOptions) CPULimits() *specs.LinuxCPU {
return cpu
}
-func setNamespaces(p *PodCreateOptions) ([4]specgen.Namespace, error) {
- allNS := [4]specgen.Namespace{}
- if p.Pid != "" {
- pid, err := specgen.ParseNamespace(p.Pid)
- if err != nil {
- return [4]specgen.Namespace{}, err
- }
- allNS[0] = pid
- }
- return allNS, nil
-}
-
-func (p *PodCreateOptions) ToPodSpecGen(s *specgen.PodSpecGenerator) error {
+func ToPodSpecGen(s specgen.PodSpecGenerator, p *PodCreateOptions) (*specgen.PodSpecGenerator, error) {
// Basic Config
s.Name = p.Name
+ s.InfraName = p.InfraName
+ out, err := specgen.ParseNamespace(p.Pid)
+ if err != nil {
+ return nil, err
+ }
+ s.Pid = out
s.Hostname = p.Hostname
s.Labels = p.Labels
s.NoInfra = !p.Infra
@@ -174,32 +293,26 @@ func (p *PodCreateOptions) ToPodSpecGen(s *specgen.PodSpecGenerator) error {
s.InfraConmonPidFile = p.InfraConmonPidFile
}
s.InfraImage = p.InfraImage
- s.InfraName = p.InfraName
s.SharedNamespaces = p.Share
s.PodCreateCommand = p.CreateCommand
// Networking config
- s.NetNS = p.Net.Network
- s.StaticIP = p.Net.StaticIP
- s.StaticMAC = p.Net.StaticMAC
- s.PortMappings = p.Net.PublishPorts
- s.CNINetworks = p.Net.CNINetworks
- s.NetworkOptions = p.Net.NetworkOptions
- if p.Net.UseImageResolvConf {
- s.NoManageResolvConf = true
- }
- s.DNSServer = p.Net.DNSServers
- s.DNSSearch = p.Net.DNSSearch
- s.DNSOption = p.Net.DNSOptions
- s.NoManageHosts = p.Net.NoHosts
- s.HostAdd = p.Net.AddHosts
- namespaces, err := setNamespaces(p)
- if err != nil {
- return err
- }
- if !namespaces[0].IsDefault() {
- s.Pid = namespaces[0]
+ if p.Net != nil {
+ s.NetNS = p.Net.Network
+ s.StaticIP = p.Net.StaticIP
+ s.StaticMAC = p.Net.StaticMAC
+ s.PortMappings = p.Net.PublishPorts
+ s.CNINetworks = p.Net.CNINetworks
+ s.NetworkOptions = p.Net.NetworkOptions
+ if p.Net.UseImageResolvConf {
+ s.NoManageResolvConf = true
+ }
+ s.DNSServer = p.Net.DNSServers
+ s.DNSSearch = p.Net.DNSSearch
+ s.DNSOption = p.Net.DNSOptions
+ s.NoManageHosts = p.Net.NoHosts
+ s.HostAdd = p.Net.AddHosts
}
// Cgroup
@@ -219,7 +332,7 @@ func (p *PodCreateOptions) ToPodSpecGen(s *specgen.PodSpecGenerator) error {
}
}
s.Userns = p.Userns
- return nil
+ return &s, nil
}
type PodPruneOptions struct {
diff --git a/pkg/domain/entities/types.go b/pkg/domain/entities/types.go
index db4c6bb8a..ec4d4a902 100644
--- a/pkg/domain/entities/types.go
+++ b/pkg/domain/entities/types.go
@@ -31,21 +31,33 @@ type VolumeDeleteReport struct{ Report }
// NetOptions reflect the shared network options between
// pods and containers
+type NetFlags struct {
+ AddHosts []string `json:"add-host,omitempty"`
+ DNS []string `json:"dns,omitempty"`
+ DNSOpt []string `json:"dns-opt,omitempty"`
+ DNDSearch []string `json:"dns-search,omitempty"`
+ MacAddr string `json:"mac-address,omitempty"`
+ Publish []string `json:"publish,omitempty"`
+ IP string `json:"ip,omitempty"`
+ NoHosts bool `json:"no-hosts,omitempty"`
+ Network string `json:"network,omitempty"`
+ NetworkAlias []string `json:"network-alias,omitempty"`
+}
type NetOptions struct {
- AddHosts []string
- Aliases []string
- CNINetworks []string
- UseImageResolvConf bool
- DNSOptions []string
- DNSSearch []string
- DNSServers []net.IP
- Network specgen.Namespace
- NoHosts bool
- PublishPorts []types.PortMapping
- StaticIP *net.IP
- StaticMAC *net.HardwareAddr
+ AddHosts []string `json:"hostadd,omitempty"`
+ Aliases []string `json:"network_alias,omitempty"`
+ CNINetworks []string `json:"cni_networks,omitempty"`
+ UseImageResolvConf bool `json:"no_manage_resolv_conf,omitempty"`
+ DNSOptions []string `json:"dns_option,omitempty"`
+ DNSSearch []string `json:"dns_search,omitempty"`
+ DNSServers []net.IP `json:"dns_server,omitempty"`
+ Network specgen.Namespace `json:"netns,omitempty"`
+ NoHosts bool `json:"no_manage_hosts,omitempty"`
+ PublishPorts []types.PortMapping `json:"portmappings,omitempty"`
+ StaticIP *net.IP `json:"static_ip,omitempty"`
+ StaticMAC *net.HardwareAddr `json:"static_mac,omitempty"`
// NetworkOptions are additional options for each network
- NetworkOptions map[string][]string
+ NetworkOptions map[string][]string `json:"network_options,omitempty"`
}
// All CLI inspect commands and inspect sub-commands use the same options
diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go
index a74b65ab9..8b2a5bfae 100644
--- a/pkg/domain/infra/abi/containers.go
+++ b/pkg/domain/infra/abi/containers.go
@@ -583,7 +583,11 @@ func (ic *ContainerEngine) ContainerCreate(ctx context.Context, s *specgen.SpecG
for _, w := range warn {
fmt.Fprintf(os.Stderr, "%s\n", w)
}
- ctr, err := generate.MakeContainer(ctx, ic.Libpod, s)
+ rtSpec, spec, opts, err := generate.MakeContainer(context.Background(), ic.Libpod, s)
+ if err != nil {
+ return nil, err
+ }
+ ctr, err := generate.ExecuteCreate(ctx, ic.Libpod, rtSpec, spec, false, opts...)
if err != nil {
return nil, err
}
@@ -915,7 +919,11 @@ func (ic *ContainerEngine) ContainerRun(ctx context.Context, opts entities.Conta
for _, w := range warn {
fmt.Fprintf(os.Stderr, "%s\n", w)
}
- ctr, err := generate.MakeContainer(ctx, ic.Libpod, opts.Spec)
+ rtSpec, spec, optsN, err := generate.MakeContainer(ctx, ic.Libpod, opts.Spec)
+ if err != nil {
+ return nil, err
+ }
+ ctr, err := generate.ExecuteCreate(ctx, ic.Libpod, rtSpec, spec, false, optsN...)
if err != nil {
return nil, err
}
diff --git a/pkg/domain/infra/abi/generate.go b/pkg/domain/infra/abi/generate.go
index b0853b554..2d7bc15f5 100644
--- a/pkg/domain/infra/abi/generate.go
+++ b/pkg/domain/infra/abi/generate.go
@@ -60,9 +60,7 @@ func (ic *ContainerEngine) GenerateKube(ctx context.Context, nameOrIDs []string,
return nil, err
}
} else {
- if len(ctr.Dependencies()) > 0 {
- return nil, errors.Wrapf(define.ErrNotImplemented, "containers with dependencies")
- }
+ // now that infra holds NS data, we need to support dependencies.
// we cannot deal with ctrs already in a pod.
if len(ctr.PodID()) > 0 {
return nil, errors.Errorf("container %s is associated with pod %s: use generate on the pod itself", ctr.ID(), ctr.PodID())
diff --git a/pkg/domain/infra/abi/play.go b/pkg/domain/infra/abi/play.go
index f22b2dbbb..2799df794 100644
--- a/pkg/domain/infra/abi/play.go
+++ b/pkg/domain/infra/abi/play.go
@@ -6,6 +6,7 @@ import (
"fmt"
"io"
"io/ioutil"
+ "net"
"os"
"path/filepath"
"strconv"
@@ -22,6 +23,7 @@ import (
"github.com/containers/podman/v3/pkg/specgen"
"github.com/containers/podman/v3/pkg/specgen/generate"
"github.com/containers/podman/v3/pkg/specgen/generate/kube"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/containers/podman/v3/pkg/util"
"github.com/ghodss/yaml"
"github.com/pkg/errors"
@@ -179,10 +181,12 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY
}
}
- p, err := kube.ToPodGen(ctx, podName, podYAML)
+ podOpt := entities.PodCreateOptions{Infra: true, Net: &entities.NetOptions{StaticIP: &net.IP{}, StaticMAC: &net.HardwareAddr{}}}
+ podOpt, err = kube.ToPodOpt(ctx, podName, podOpt, podYAML)
if err != nil {
return nil, err
}
+
if options.Network != "" {
ns, cniNets, netOpts, err := specgen.ParseNetworkString(options.Network)
if err != nil {
@@ -193,42 +197,37 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY
return nil, errors.Errorf("invalid value passed to --network: bridge or host networking must be configured in YAML")
}
logrus.Debugf("Pod %q joining CNI networks: %v", podName, cniNets)
- p.NetNS.NSMode = specgen.Bridge
- p.CNINetworks = append(p.CNINetworks, cniNets...)
+ podOpt.Net.Network.NSMode = specgen.Bridge
+ podOpt.Net.CNINetworks = append(podOpt.Net.CNINetworks, cniNets...)
if len(netOpts) > 0 {
- p.NetworkOptions = netOpts
+ podOpt.Net.NetworkOptions = netOpts
}
}
if len(options.StaticIPs) > *ipIndex {
- p.StaticIP = &options.StaticIPs[*ipIndex]
+ podOpt.Net.StaticIP = &options.StaticIPs[*ipIndex]
} else if len(options.StaticIPs) > 0 {
// only warn if the user has set at least one ip
logrus.Warn("No more static ips left using a random one")
}
if len(options.StaticMACs) > *ipIndex {
- p.StaticMAC = &options.StaticMACs[*ipIndex]
+ podOpt.Net.StaticMAC = &options.StaticMACs[*ipIndex]
} else if len(options.StaticIPs) > 0 {
// only warn if the user has set at least one mac
logrus.Warn("No more static macs left using a random one")
}
*ipIndex++
- // Create the Pod
- pod, err := generate.MakePod(p, ic.Libpod)
+ p := specgen.NewPodSpecGenerator()
if err != nil {
return nil, err
}
- podInfraID, err := pod.InfraContainerID()
+ p, err = entities.ToPodSpecGen(*p, &podOpt)
if err != nil {
return nil, err
}
-
- if !options.Quiet {
- writer = os.Stderr
- }
-
+ podSpec := entities.PodSpec{PodSpecGen: *p}
volumes, err := kube.InitializeVolumes(podYAML.Spec.Volumes)
if err != nil {
return nil, err
@@ -267,112 +266,146 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY
configMaps = append(configMaps, cm)
}
- containers := make([]*libpod.Container, 0, len(podYAML.Spec.Containers))
- cwd, err := os.Getwd()
- if err != nil {
- return nil, err
- }
- for _, container := range podYAML.Spec.Containers {
- // Contains all labels obtained from kube
- labels := make(map[string]string)
- var pulledImage *libimage.Image
- buildFile, err := getBuildFile(container.Image, cwd)
+ if podOpt.Infra {
+ imagePull := config.DefaultInfraImage
+ if podOpt.InfraImage != config.DefaultInfraImage && podOpt.InfraImage != "" {
+ imagePull = podOpt.InfraImage
+ }
+
+ pulledImages, err := pullImage(ic, writer, imagePull, options, config.PullPolicyNewer)
if err != nil {
return nil, err
}
- existsLocally, err := ic.Libpod.LibimageRuntime().Exists(container.Image)
+ infraOptions := entities.ContainerCreateOptions{ImageVolume: "bind"}
+
+ podSpec.PodSpecGen.InfraImage = pulledImages[0].Names()[0]
+ podSpec.PodSpecGen.NoInfra = false
+ podSpec.PodSpecGen.InfraContainerSpec = specgen.NewSpecGenerator(pulledImages[0].Names()[0], false)
+ podSpec.PodSpecGen.InfraContainerSpec.NetworkOptions = p.NetworkOptions
+
+ err = specgenutil.FillOutSpecGen(podSpec.PodSpecGen.InfraContainerSpec, &infraOptions, []string{})
if err != nil {
return nil, err
}
- if (len(buildFile) > 0 && !existsLocally) || (len(buildFile) > 0 && options.Build) {
- buildOpts := new(buildahDefine.BuildOptions)
- commonOpts := new(buildahDefine.CommonBuildOptions)
- buildOpts.ConfigureNetwork = buildahDefine.NetworkDefault
- buildOpts.Isolation = buildahDefine.IsolationChroot
- buildOpts.CommonBuildOpts = commonOpts
- buildOpts.Output = container.Image
- if _, _, err := ic.Libpod.Build(ctx, *buildOpts, []string{buildFile}...); err != nil {
+ }
+
+ // Create the Pod
+ pod, err := generate.MakePod(&podSpec, ic.Libpod)
+ if err != nil {
+ return nil, err
+ }
+
+ podInfraID, err := pod.InfraContainerID()
+ if err != nil {
+ return nil, err
+ }
+
+ if !options.Quiet {
+ writer = os.Stderr
+ }
+
+ containers := make([]*libpod.Container, 0, len(podYAML.Spec.Containers))
+ cwd, err := os.Getwd()
+ if err != nil {
+ return nil, err
+ }
+ for _, container := range podYAML.Spec.Containers {
+ if !strings.Contains("infra", container.Name) {
+ // Contains all labels obtained from kube
+ labels := make(map[string]string)
+ var pulledImage *libimage.Image
+ buildFile, err := getBuildFile(container.Image, cwd)
+ if err != nil {
return nil, err
}
- i, _, err := ic.Libpod.LibimageRuntime().LookupImage(container.Image, new(libimage.LookupImageOptions))
+ existsLocally, err := ic.Libpod.LibimageRuntime().Exists(container.Image)
if err != nil {
return nil, err
}
- pulledImage = i
- } else {
- // NOTE: set the pull policy to "newer". This will cover cases
- // where the "latest" tag requires a pull and will also
- // transparently handle "localhost/" prefixed files which *may*
- // refer to a locally built image OR an image running a
- // registry on localhost.
- pullPolicy := config.PullPolicyNewer
- if len(container.ImagePullPolicy) > 0 {
- // Make sure to lower the strings since K8s pull policy
- // may be capitalized (see bugzilla.redhat.com/show_bug.cgi?id=1985905).
- rawPolicy := string(container.ImagePullPolicy)
- pullPolicy, err = config.ParsePullPolicy(strings.ToLower(rawPolicy))
+ if (len(buildFile) > 0 && !existsLocally) || (len(buildFile) > 0 && options.Build) {
+ buildOpts := new(buildahDefine.BuildOptions)
+ commonOpts := new(buildahDefine.CommonBuildOptions)
+ buildOpts.ConfigureNetwork = buildahDefine.NetworkDefault
+ buildOpts.Isolation = buildahDefine.IsolationChroot
+ buildOpts.CommonBuildOpts = commonOpts
+ buildOpts.Output = container.Image
+ if _, _, err := ic.Libpod.Build(ctx, *buildOpts, []string{buildFile}...); err != nil {
+ return nil, err
+ }
+ i, _, err := ic.Libpod.LibimageRuntime().LookupImage(container.Image, new(libimage.LookupImageOptions))
+ if err != nil {
+ return nil, err
+ }
+ pulledImage = i
+ } else {
+ // NOTE: set the pull policy to "newer". This will cover cases
+ // where the "latest" tag requires a pull and will also
+ // transparently handle "localhost/" prefixed files which *may*
+ // refer to a locally built image OR an image running a
+ // registry on localhost.
+ pullPolicy := config.PullPolicyNewer
+ if len(container.ImagePullPolicy) > 0 {
+ // Make sure to lower the strings since K8s pull policy
+ // may be capitalized (see bugzilla.redhat.com/show_bug.cgi?id=1985905).
+ rawPolicy := string(container.ImagePullPolicy)
+ pullPolicy, err = config.ParsePullPolicy(strings.ToLower(rawPolicy))
+ if err != nil {
+ return nil, err
+ }
+ }
+ pulledImages, err := pullImage(ic, writer, container.Image, options, pullPolicy)
if err != nil {
return nil, err
}
+ pulledImage = pulledImages[0]
+ }
+
+ // Handle kube annotations
+ for k, v := range annotations {
+ switch k {
+ // Auto update annotation without container name will apply to
+ // all containers within the pod
+ case autoupdate.Label, autoupdate.AuthfileLabel:
+ labels[k] = v
+ // Auto update annotation with container name will apply only
+ // to the specified container
+ case fmt.Sprintf("%s/%s", autoupdate.Label, container.Name),
+ fmt.Sprintf("%s/%s", autoupdate.AuthfileLabel, container.Name):
+ prefixAndCtr := strings.Split(k, "/")
+ labels[prefixAndCtr[0]] = v
+ }
}
- // This ensures the image is the image store
- pullOptions := &libimage.PullOptions{}
- pullOptions.AuthFilePath = options.Authfile
- pullOptions.CertDirPath = options.CertDir
- pullOptions.SignaturePolicyPath = options.SignaturePolicy
- pullOptions.Writer = writer
- pullOptions.Username = options.Username
- pullOptions.Password = options.Password
- pullOptions.InsecureSkipTLSVerify = options.SkipTLSVerify
-
- pulledImages, err := ic.Libpod.LibimageRuntime().Pull(ctx, container.Image, pullPolicy, pullOptions)
+
+ specgenOpts := kube.CtrSpecGenOptions{
+ Container: container,
+ Image: pulledImage,
+ Volumes: volumes,
+ PodID: pod.ID(),
+ PodName: podName,
+ PodInfraID: podInfraID,
+ ConfigMaps: configMaps,
+ SeccompPaths: seccompPaths,
+ RestartPolicy: ctrRestartPolicy,
+ NetNSIsHost: p.NetNS.IsHost(),
+ SecretsManager: secretsManager,
+ LogDriver: options.LogDriver,
+ Labels: labels,
+ }
+ specGen, err := kube.ToSpecGen(ctx, &specgenOpts)
if err != nil {
return nil, err
}
- pulledImage = pulledImages[0]
- }
- // Handle kube annotations
- for k, v := range annotations {
- switch k {
- // Auto update annotation without container name will apply to
- // all containers within the pod
- case autoupdate.Label, autoupdate.AuthfileLabel:
- labels[k] = v
- // Auto update annotation with container name will apply only
- // to the specified container
- case fmt.Sprintf("%s/%s", autoupdate.Label, container.Name),
- fmt.Sprintf("%s/%s", autoupdate.AuthfileLabel, container.Name):
- prefixAndCtr := strings.Split(k, "/")
- labels[prefixAndCtr[0]] = v
+ rtSpec, spec, opts, err := generate.MakeContainer(ctx, ic.Libpod, specGen)
+ if err != nil {
+ return nil, err
}
+ ctr, err := generate.ExecuteCreate(ctx, ic.Libpod, rtSpec, spec, false, opts...)
+ if err != nil {
+ return nil, err
+ }
+ containers = append(containers, ctr)
}
-
- specgenOpts := kube.CtrSpecGenOptions{
- Container: container,
- Image: pulledImage,
- Volumes: volumes,
- PodID: pod.ID(),
- PodName: podName,
- PodInfraID: podInfraID,
- ConfigMaps: configMaps,
- SeccompPaths: seccompPaths,
- RestartPolicy: ctrRestartPolicy,
- NetNSIsHost: p.NetNS.IsHost(),
- SecretsManager: secretsManager,
- LogDriver: options.LogDriver,
- Labels: labels,
- }
- specGen, err := kube.ToSpecGen(ctx, &specgenOpts)
- if err != nil {
- return nil, err
- }
-
- ctr, err := generate.MakeContainer(ctx, ic.Libpod, specGen)
- if err != nil {
- return nil, err
- }
- containers = append(containers, ctr)
}
if options.Start != types.OptionalBoolFalse {
@@ -383,6 +416,7 @@ func (ic *ContainerEngine) playKubePod(ctx context.Context, podName string, podY
}
for id, err := range podStartErrors {
playKubePod.ContainerErrors = append(playKubePod.ContainerErrors, errors.Wrapf(err, "error starting container %s", id).Error())
+ fmt.Println(playKubePod.ContainerErrors)
}
}
@@ -656,3 +690,21 @@ func (ic *ContainerEngine) PlayKubeDown(ctx context.Context, path string, _ enti
}
return reports, nil
}
+
+// pullImage is a helper function to set up the proper pull options and pull the image for certain containers
+func pullImage(ic *ContainerEngine, writer io.Writer, imagePull string, options entities.PlayKubeOptions, pullPolicy config.PullPolicy) ([]*libimage.Image, error) {
+ // This ensures the image is the image store
+ pullOptions := &libimage.PullOptions{}
+ pullOptions.AuthFilePath = options.Authfile
+ pullOptions.CertDirPath = options.CertDir
+ pullOptions.SignaturePolicyPath = options.SignaturePolicy
+ pullOptions.Writer = writer
+ pullOptions.Username = options.Username
+ pullOptions.Password = options.Password
+ pullOptions.InsecureSkipTLSVerify = options.SkipTLSVerify
+ pulledImages, err := ic.Libpod.LibimageRuntime().Pull(context.Background(), imagePull, pullPolicy, pullOptions)
+ if err != nil {
+ return nil, err
+ }
+ return pulledImages, nil
+}
diff --git a/pkg/domain/infra/abi/pods.go b/pkg/domain/infra/abi/pods.go
index 055c495d5..98233f60d 100644
--- a/pkg/domain/infra/abi/pods.go
+++ b/pkg/domain/infra/abi/pods.go
@@ -8,7 +8,6 @@ import (
"github.com/containers/podman/v3/pkg/domain/entities"
dfilters "github.com/containers/podman/v3/pkg/domain/filters"
"github.com/containers/podman/v3/pkg/signal"
- "github.com/containers/podman/v3/pkg/specgen"
"github.com/containers/podman/v3/pkg/specgen/generate"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
@@ -248,12 +247,8 @@ func (ic *ContainerEngine) prunePodHelper(ctx context.Context) ([]*entities.PodP
return reports, nil
}
-func (ic *ContainerEngine) PodCreate(ctx context.Context, opts entities.PodCreateOptions) (*entities.PodCreateReport, error) {
- podSpec := specgen.NewPodSpecGenerator()
- if err := opts.ToPodSpecGen(podSpec); err != nil {
- return nil, err
- }
- pod, err := generate.MakePod(podSpec, ic.Libpod)
+func (ic *ContainerEngine) PodCreate(ctx context.Context, specg entities.PodSpec) (*entities.PodCreateReport, error) {
+ pod, err := generate.MakePod(&specg, ic.Libpod)
if err != nil {
return nil, err
}
diff --git a/pkg/domain/infra/tunnel/events.go b/pkg/domain/infra/tunnel/events.go
index 6e2c3f8ba..203550c5d 100644
--- a/pkg/domain/infra/tunnel/events.go
+++ b/pkg/domain/infra/tunnel/events.go
@@ -7,6 +7,7 @@ import (
"github.com/containers/podman/v3/libpod/events"
"github.com/containers/podman/v3/pkg/bindings/system"
"github.com/containers/podman/v3/pkg/domain/entities"
+
"github.com/pkg/errors"
)
diff --git a/pkg/domain/infra/tunnel/pods.go b/pkg/domain/infra/tunnel/pods.go
index 82f062b2c..480adb88a 100644
--- a/pkg/domain/infra/tunnel/pods.go
+++ b/pkg/domain/infra/tunnel/pods.go
@@ -6,7 +6,6 @@ import (
"github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/pkg/bindings/pods"
"github.com/containers/podman/v3/pkg/domain/entities"
- "github.com/containers/podman/v3/pkg/specgen"
"github.com/containers/podman/v3/pkg/util"
"github.com/pkg/errors"
)
@@ -179,10 +178,8 @@ func (ic *ContainerEngine) PodPrune(ctx context.Context, opts entities.PodPruneO
return pods.Prune(ic.ClientCtx, nil)
}
-func (ic *ContainerEngine) PodCreate(ctx context.Context, opts entities.PodCreateOptions) (*entities.PodCreateReport, error) {
- podSpec := specgen.NewPodSpecGenerator()
- opts.ToPodSpecGen(podSpec)
- return pods.CreatePodFromSpec(ic.ClientCtx, podSpec, nil)
+func (ic *ContainerEngine) PodCreate(ctx context.Context, specg entities.PodSpec) (*entities.PodCreateReport, error) {
+ return pods.CreatePodFromSpec(ic.ClientCtx, &specg)
}
func (ic *ContainerEngine) PodTop(ctx context.Context, opts entities.PodTopOptions) (*entities.StringSliceReport, error) {
diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go
index 5101a6ccb..f82b2a3c6 100644
--- a/pkg/specgen/generate/container_create.go
+++ b/pkg/specgen/generate/container_create.go
@@ -22,10 +22,10 @@ import (
// MakeContainer creates a container based on the SpecGenerator.
// Returns the created, container and any warnings resulting from creating the
// container, or an error.
-func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGenerator) (*libpod.Container, error) {
+func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGenerator) (*spec.Spec, *specgen.SpecGenerator, []libpod.CtrCreateOption, error) {
rtc, err := rt.GetConfig()
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
// If joining a pod, retrieve the pod for use.
@@ -33,7 +33,7 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
if s.Pod != "" {
pod, err = rt.LookupPod(s.Pod)
if err != nil {
- return nil, errors.Wrapf(err, "error retrieving pod %s", s.Pod)
+ return nil, nil, nil, errors.Wrapf(err, "error retrieving pod %s", s.Pod)
}
}
@@ -41,47 +41,48 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
if s.PidNS.IsDefault() {
defaultNS, err := GetDefaultNamespaceMode("pid", rtc, pod)
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
s.PidNS = defaultNS
}
if s.IpcNS.IsDefault() {
defaultNS, err := GetDefaultNamespaceMode("ipc", rtc, pod)
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
s.IpcNS = defaultNS
}
if s.UtsNS.IsDefault() {
defaultNS, err := GetDefaultNamespaceMode("uts", rtc, pod)
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
s.UtsNS = defaultNS
}
if s.UserNS.IsDefault() {
defaultNS, err := GetDefaultNamespaceMode("user", rtc, pod)
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
s.UserNS = defaultNS
}
if s.NetNS.IsDefault() {
defaultNS, err := GetDefaultNamespaceMode("net", rtc, pod)
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
s.NetNS = defaultNS
}
if s.CgroupNS.IsDefault() {
defaultNS, err := GetDefaultNamespaceMode("cgroup", rtc, pod)
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
s.CgroupNS = defaultNS
}
options := []libpod.CtrCreateOption{}
+
if s.ContainerCreateCommand != nil {
options = append(options, libpod.WithCreateCommand(s.ContainerCreateCommand))
}
@@ -94,12 +95,11 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
var resolvedImageName string
newImage, resolvedImageName, err = rt.LibimageRuntime().LookupImage(s.Image, nil)
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
-
imageData, err = newImage.Inspect(ctx, false)
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
// If the input name changed, we could properly resolve the
// image. Otherwise, it must have been an ID where we're
@@ -115,29 +115,32 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
options = append(options, libpod.WithRootFSFromImage(newImage.ID(), resolvedImageName, s.RawImageName))
}
if err := s.Validate(); err != nil {
- return nil, errors.Wrap(err, "invalid config provided")
+ return nil, nil, nil, errors.Wrap(err, "invalid config provided")
}
finalMounts, finalVolumes, finalOverlays, err := finalizeMounts(ctx, s, rt, rtc, newImage)
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
command, err := makeCommand(ctx, s, imageData, rtc)
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
opts, err := createContainerOptions(ctx, rt, s, pod, finalVolumes, finalOverlays, imageData, command)
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
options = append(options, opts...)
- exitCommandArgs, err := CreateExitCommandArgs(rt.StorageConfig(), rtc, logrus.IsLevelEnabled(logrus.DebugLevel), s.Remove, false)
+ var exitCommandArgs []string
+
+ exitCommandArgs, err = CreateExitCommandArgs(rt.StorageConfig(), rtc, logrus.IsLevelEnabled(logrus.DebugLevel), s.Remove, false)
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
+
options = append(options, libpod.WithExitCommand(exitCommandArgs))
if len(s.Aliases) > 0 {
@@ -147,23 +150,26 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener
if containerType := s.InitContainerType; len(containerType) > 0 {
options = append(options, libpod.WithInitCtrType(containerType))
}
-
+ if len(s.Name) > 0 {
+ logrus.Debugf("setting container name %s", s.Name)
+ options = append(options, libpod.WithName(s.Name))
+ }
if len(s.Devices) > 0 {
opts = extractCDIDevices(s)
options = append(options, opts...)
}
runtimeSpec, err := SpecGenToOCI(ctx, s, rt, rtc, newImage, finalMounts, pod, command)
if err != nil {
- return nil, err
+ return nil, nil, nil, err
}
-
- ctr, err := rt.NewContainer(ctx, runtimeSpec, options...)
+ return runtimeSpec, s, options, err
+}
+func ExecuteCreate(ctx context.Context, rt *libpod.Runtime, runtimeSpec *spec.Spec, s *specgen.SpecGenerator, infra bool, options ...libpod.CtrCreateOption) (*libpod.Container, error) {
+ ctr, err := rt.NewContainer(ctx, runtimeSpec, s, infra, options...)
if err != nil {
return ctr, err
}
- // Copy the content from the underlying image into the newly created
- // volume if configured to do so.
return ctr, rt.PrepareVolumeOnCreateContainer(ctx, ctr)
}
@@ -256,11 +262,6 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.
if len(s.SdNotifyMode) > 0 {
options = append(options, libpod.WithSdNotifyMode(s.SdNotifyMode))
}
-
- if len(s.Name) > 0 {
- logrus.Debugf("setting container name %s", s.Name)
- options = append(options, libpod.WithName(s.Name))
- }
if pod != nil {
logrus.Debugf("adding container to pod %s", pod.Name())
options = append(options, rt.WithPod(pod))
@@ -379,11 +380,11 @@ func createContainerOptions(ctx context.Context, rt *libpod.Runtime, s *specgen.
options = append(options, libpod.WithPrivileged(s.Privileged))
// Get namespace related options
- namespaceOptions, err := namespaceOptions(ctx, s, rt, pod, imageData)
+ namespaceOpts, err := namespaceOptions(ctx, s, rt, pod, imageData)
if err != nil {
return nil, err
}
- options = append(options, namespaceOptions...)
+ options = append(options, namespaceOpts...)
if len(s.ConmonPidFile) > 0 {
options = append(options, libpod.WithConmonPidFile(s.ConmonPidFile))
diff --git a/pkg/specgen/generate/kube/kube.go b/pkg/specgen/generate/kube/kube.go
index 04b4e5ab3..5188abc3a 100644
--- a/pkg/specgen/generate/kube/kube.go
+++ b/pkg/specgen/generate/kube/kube.go
@@ -14,6 +14,7 @@ import (
"github.com/containers/image/v5/manifest"
"github.com/containers/podman/v3/libpod/network/types"
ann "github.com/containers/podman/v3/pkg/annotations"
+ "github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/specgen"
"github.com/containers/podman/v3/pkg/specgen/generate"
"github.com/containers/podman/v3/pkg/util"
@@ -23,25 +24,26 @@ import (
"k8s.io/apimachinery/pkg/api/resource"
)
-func ToPodGen(ctx context.Context, podName string, podYAML *v1.PodTemplateSpec) (*specgen.PodSpecGenerator, error) {
- p := specgen.NewPodSpecGenerator()
+func ToPodOpt(ctx context.Context, podName string, p entities.PodCreateOptions, podYAML *v1.PodTemplateSpec) (entities.PodCreateOptions, error) {
+ // p := specgen.NewPodSpecGenerator()
+ p.Net = &entities.NetOptions{}
p.Name = podName
p.Labels = podYAML.ObjectMeta.Labels
// Kube pods must share {ipc, net, uts} by default
- p.SharedNamespaces = append(p.SharedNamespaces, "ipc")
- p.SharedNamespaces = append(p.SharedNamespaces, "net")
- p.SharedNamespaces = append(p.SharedNamespaces, "uts")
+ p.Share = append(p.Share, "ipc")
+ p.Share = append(p.Share, "net")
+ p.Share = append(p.Share, "uts")
// TODO we only configure Process namespace. We also need to account for Host{IPC,Network,PID}
// which is not currently possible with pod create
if podYAML.Spec.ShareProcessNamespace != nil && *podYAML.Spec.ShareProcessNamespace {
- p.SharedNamespaces = append(p.SharedNamespaces, "pid")
+ p.Share = append(p.Share, "pid")
}
p.Hostname = podYAML.Spec.Hostname
if p.Hostname == "" {
p.Hostname = podName
}
if podYAML.Spec.HostNetwork {
- p.NetNS.NSMode = specgen.Host
+ p.Net.Network = specgen.Namespace{NSMode: "host"}
}
if podYAML.Spec.HostAliases != nil {
hosts := make([]string, 0, len(podYAML.Spec.HostAliases))
@@ -50,10 +52,10 @@ func ToPodGen(ctx context.Context, podName string, podYAML *v1.PodTemplateSpec)
hosts = append(hosts, host+":"+hostAlias.IP)
}
}
- p.HostAdd = hosts
+ p.Net.AddHosts = hosts
}
podPorts := getPodPorts(podYAML.Spec.Containers)
- p.PortMappings = podPorts
+ p.Net.PublishPorts = podPorts
if dnsConfig := podYAML.Spec.DNSConfig; dnsConfig != nil {
// name servers
@@ -62,11 +64,11 @@ func ToPodGen(ctx context.Context, podName string, podYAML *v1.PodTemplateSpec)
for _, server := range dnsServers {
servers = append(servers, net.ParseIP(server))
}
- p.DNSServer = servers
+ p.Net.DNSServers = servers
}
// search domains
if domains := dnsConfig.Searches; len(domains) > 0 {
- p.DNSSearch = domains
+ p.Net.DNSSearch = domains
}
// dns options
if options := dnsConfig.Options; len(options) > 0 {
@@ -110,6 +112,8 @@ type CtrSpecGenOptions struct {
LogDriver string
// Labels define key-value pairs of metadata
Labels map[string]string
+ //
+ IsInfra bool
}
func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGenerator, error) {
@@ -216,19 +220,19 @@ func ToSpecGen(ctx context.Context, opts *CtrSpecGenOptions) (*specgen.SpecGener
}
}
// If only the yaml.Command is specified, set it as the entrypoint and drop the image Cmd
- if len(opts.Container.Command) != 0 {
+ if !opts.IsInfra && len(opts.Container.Command) != 0 {
s.Entrypoint = opts.Container.Command
s.Command = []string{}
}
// Only override the cmd field if yaml.Args is specified
// Keep the image entrypoint, or the yaml.command if specified
- if len(opts.Container.Args) != 0 {
+ if !opts.IsInfra && len(opts.Container.Args) != 0 {
s.Command = opts.Container.Args
}
// FIXME,
// we are currently ignoring imageData.Config.ExposedPorts
- if opts.Container.WorkingDir != "" {
+ if !opts.IsInfra && opts.Container.WorkingDir != "" {
s.WorkDir = opts.Container.WorkingDir
}
diff --git a/pkg/specgen/generate/namespaces.go b/pkg/specgen/generate/namespaces.go
index 80790dcc1..5349e224f 100644
--- a/pkg/specgen/generate/namespaces.go
+++ b/pkg/specgen/generate/namespaces.go
@@ -250,7 +250,7 @@ func namespaceOptions(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.
if s.NetNS.Value != "" {
val = fmt.Sprintf("slirp4netns:%s", s.NetNS.Value)
}
- toReturn = append(toReturn, libpod.WithNetNS(portMappings, expose, postConfigureNetNS, val, nil))
+ toReturn = append(toReturn, libpod.WithNetNS(portMappings, expose, postConfigureNetNS, val, s.CNINetworks))
case specgen.Private:
fallthrough
case specgen.Bridge:
diff --git a/pkg/specgen/generate/oci.go b/pkg/specgen/generate/oci.go
index 1f3f9e832..80c7f112f 100644
--- a/pkg/specgen/generate/oci.go
+++ b/pkg/specgen/generate/oci.go
@@ -201,7 +201,8 @@ func SpecGenToOCI(ctx context.Context, s *specgen.SpecGenerator, rt *libpod.Runt
Options: []string{"rprivate", "nosuid", "noexec", "nodev", "rw"},
}
g.AddMount(sysMnt)
- } else if !canMountSys {
+ }
+ if !canMountSys {
addCgroup = false
g.RemoveMount("/sys")
r := "ro"
diff --git a/pkg/specgen/generate/pod_create.go b/pkg/specgen/generate/pod_create.go
index 426cf1b6d..e523aef42 100644
--- a/pkg/specgen/generate/pod_create.go
+++ b/pkg/specgen/generate/pod_create.go
@@ -2,53 +2,82 @@ package generate
import (
"context"
+ "net"
+ "github.com/containers/common/pkg/config"
"github.com/containers/podman/v3/libpod"
+ "github.com/containers/podman/v3/libpod/define"
+ "github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/rootless"
"github.com/containers/podman/v3/pkg/specgen"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
-func MakePod(p *specgen.PodSpecGenerator, rt *libpod.Runtime) (*libpod.Pod, error) {
- if err := p.Validate(); err != nil {
+func MakePod(p *entities.PodSpec, rt *libpod.Runtime) (*libpod.Pod, error) {
+ if err := p.PodSpecGen.Validate(); err != nil {
return nil, err
}
- options, err := createPodOptions(p, rt)
+ if !p.PodSpecGen.NoInfra && p.PodSpecGen.InfraContainerSpec != nil {
+ var err error
+ p.PodSpecGen.InfraContainerSpec, err = MapSpec(&p.PodSpecGen)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ options, err := createPodOptions(&p.PodSpecGen, rt, p.PodSpecGen.InfraContainerSpec)
if err != nil {
return nil, err
}
- return rt.NewPod(context.Background(), options...)
+ pod, err := rt.NewPod(context.Background(), p.PodSpecGen, options...)
+ if err != nil {
+ return nil, err
+ }
+ if !p.PodSpecGen.NoInfra && p.PodSpecGen.InfraContainerSpec != nil {
+ p.PodSpecGen.InfraContainerSpec.ContainerCreateCommand = []string{} // we do NOT want os.Args as the command, will display the pod create cmd
+ if p.PodSpecGen.InfraContainerSpec.Name == "" {
+ p.PodSpecGen.InfraContainerSpec.Name = pod.ID()[:12] + "-infra"
+ }
+ _, err = CompleteSpec(context.Background(), rt, p.PodSpecGen.InfraContainerSpec)
+ if err != nil {
+ return nil, err
+ }
+ p.PodSpecGen.InfraContainerSpec.User = "" // infraSpec user will get incorrectly assigned via the container creation process, overwrite here
+ rtSpec, spec, opts, err := MakeContainer(context.Background(), rt, p.PodSpecGen.InfraContainerSpec)
+ if err != nil {
+ return nil, err
+ }
+ spec.Pod = pod.ID()
+ opts = append(opts, rt.WithPod(pod))
+ spec.CgroupParent = pod.CgroupParent()
+ infraCtr, err := ExecuteCreate(context.Background(), rt, rtSpec, spec, true, opts...)
+ if err != nil {
+ return nil, err
+ }
+ pod, err = rt.AddInfra(context.Background(), pod, infraCtr)
+ if err != nil {
+ return nil, err
+ }
+ }
+ return pod, nil
}
-func createPodOptions(p *specgen.PodSpecGenerator, rt *libpod.Runtime) ([]libpod.PodCreateOption, error) {
+func createPodOptions(p *specgen.PodSpecGenerator, rt *libpod.Runtime, infraSpec *specgen.SpecGenerator) ([]libpod.PodCreateOption, error) {
var (
options []libpod.PodCreateOption
)
- if !p.NoInfra {
+ if !p.NoInfra { //&& infraSpec != nil {
options = append(options, libpod.WithInfraContainer())
- nsOptions, err := GetNamespaceOptions(p.SharedNamespaces, p.NetNS.IsHost())
+ nsOptions, err := GetNamespaceOptions(p.SharedNamespaces, p.InfraContainerSpec.NetNS.IsHost())
if err != nil {
return nil, err
}
options = append(options, nsOptions...)
// Use pod user and infra userns only when --userns is not set to host
- if !p.Userns.IsHost() {
+ if !p.InfraContainerSpec.UserNS.IsHost() && !p.InfraContainerSpec.UserNS.IsDefault() {
options = append(options, libpod.WithPodUser())
- options = append(options, libpod.WithPodUserns(p.Userns))
}
-
- // Make our exit command
- storageConfig := rt.StorageConfig()
- runtimeConfig, err := rt.GetConfig()
- if err != nil {
- return nil, err
- }
- exitCommand, err := CreateExitCommandArgs(storageConfig, runtimeConfig, logrus.IsLevelEnabled(logrus.DebugLevel), false, false)
- if err != nil {
- return nil, errors.Wrapf(err, "error creating infra container exit command")
- }
- options = append(options, libpod.WithPodInfraExitCommand(exitCommand))
}
if len(p.CgroupParent) > 0 {
options = append(options, libpod.WithPodCgroupParent(p.CgroupParent))
@@ -59,62 +88,27 @@ func createPodOptions(p *specgen.PodSpecGenerator, rt *libpod.Runtime) ([]libpod
if len(p.Name) > 0 {
options = append(options, libpod.WithPodName(p.Name))
}
- if p.ResourceLimits != nil && p.ResourceLimits.CPU != nil && p.ResourceLimits.CPU.Period != nil && p.ResourceLimits.CPU.Quota != nil {
- if *p.ResourceLimits.CPU.Period != 0 || *p.ResourceLimits.CPU.Quota != 0 {
- options = append(options, libpod.WithPodCPUPAQ((*p.ResourceLimits.CPU.Period), (*p.ResourceLimits.CPU.Quota)))
- }
- }
- if p.ResourceLimits != nil && p.ResourceLimits.CPU != nil && p.ResourceLimits.CPU.Cpus != "" {
- options = append(options, libpod.WithPodCPUSetCPUs(p.ResourceLimits.CPU.Cpus))
+ if p.PodCreateCommand != nil {
+ options = append(options, libpod.WithPodCreateCommand(p.PodCreateCommand))
}
+
if len(p.Hostname) > 0 {
options = append(options, libpod.WithPodHostname(p.Hostname))
}
- if len(p.HostAdd) > 0 {
- options = append(options, libpod.WithPodHosts(p.HostAdd))
- }
- if len(p.DNSServer) > 0 {
- var dnsServers []string
- for _, d := range p.DNSServer {
- dnsServers = append(dnsServers, d.String())
- }
- options = append(options, libpod.WithPodDNS(dnsServers))
- }
- if len(p.DNSOption) > 0 {
- options = append(options, libpod.WithPodDNSOption(p.DNSOption))
- }
- if len(p.DNSSearch) > 0 {
- options = append(options, libpod.WithPodDNSSearch(p.DNSSearch))
- }
- if p.StaticIP != nil {
- options = append(options, libpod.WithPodStaticIP(*p.StaticIP))
- }
- if p.StaticMAC != nil {
- options = append(options, libpod.WithPodStaticMAC(*p.StaticMAC))
- }
- if p.NoManageResolvConf {
- options = append(options, libpod.WithPodUseImageResolvConf())
- }
- if len(p.CNINetworks) > 0 {
- options = append(options, libpod.WithPodNetworks(p.CNINetworks))
- }
-
- if len(p.InfraImage) > 0 {
- options = append(options, libpod.WithInfraImage(p.InfraImage))
- }
- if len(p.InfraName) > 0 {
- options = append(options, libpod.WithInfraName(p.InfraName))
- }
-
- if len(p.InfraCommand) > 0 {
- options = append(options, libpod.WithInfraCommand(p.InfraCommand))
- }
+ return options, nil
+}
- if !p.Pid.IsDefault() {
- options = append(options, libpod.WithPodPidNS(p.Pid))
+// MapSpec modifies the already filled Infra specgenerator,
+// replacing necessary values with those specified in pod creation
+func MapSpec(p *specgen.PodSpecGenerator) (*specgen.SpecGenerator, error) {
+ if len(p.PortMappings) > 0 {
+ ports, _, _, err := ParsePortMapping(p.PortMappings)
+ if err != nil {
+ return nil, err
+ }
+ p.InfraContainerSpec.PortMappings = libpod.WithInfraContainerPorts(ports, p.InfraContainerSpec)
}
-
switch p.NetNS.NSMode {
case specgen.Default, "":
if p.NoInfra {
@@ -123,42 +117,88 @@ func createPodOptions(p *specgen.PodSpecGenerator, rt *libpod.Runtime) ([]libpod
}
if rootless.IsRootless() {
logrus.Debugf("Pod will use slirp4netns")
- options = append(options, libpod.WithPodSlirp4netns(p.NetworkOptions))
+ if p.InfraContainerSpec.NetNS.NSMode != "host" {
+ p.InfraContainerSpec.NetworkOptions = p.NetworkOptions
+ p.InfraContainerSpec.NetNS.NSMode = specgen.NamespaceMode("slirp4netns")
+ }
} else {
logrus.Debugf("Pod using bridge network mode")
}
case specgen.Bridge:
+ p.InfraContainerSpec.NetNS.NSMode = specgen.Bridge
logrus.Debugf("Pod using bridge network mode")
case specgen.Host:
logrus.Debugf("Pod will use host networking")
- options = append(options, libpod.WithPodHostNetwork())
+ if len(p.InfraContainerSpec.PortMappings) > 0 ||
+ p.InfraContainerSpec.StaticIP != nil ||
+ p.InfraContainerSpec.StaticMAC != nil ||
+ len(p.InfraContainerSpec.CNINetworks) > 0 ||
+ p.InfraContainerSpec.NetNS.NSMode == specgen.NoNetwork {
+ return nil, errors.Wrapf(define.ErrInvalidArg, "cannot set host network if network-related configuration is specified")
+ }
+ p.InfraContainerSpec.NetNS.NSMode = specgen.Host
case specgen.Slirp:
logrus.Debugf("Pod will use slirp4netns")
- options = append(options, libpod.WithPodSlirp4netns(p.NetworkOptions))
+ if p.InfraContainerSpec.NetNS.NSMode != "host" {
+ p.InfraContainerSpec.NetworkOptions = p.NetworkOptions
+ p.InfraContainerSpec.NetNS.NSMode = specgen.NamespaceMode("slirp4netns")
+ }
case specgen.NoNetwork:
logrus.Debugf("Pod will not use networking")
- options = append(options, libpod.WithPodNoNetwork())
+ if len(p.InfraContainerSpec.PortMappings) > 0 ||
+ p.InfraContainerSpec.StaticIP != nil ||
+ p.InfraContainerSpec.StaticMAC != nil ||
+ len(p.InfraContainerSpec.CNINetworks) > 0 ||
+ p.InfraContainerSpec.NetNS.NSMode == "host" {
+ return nil, errors.Wrapf(define.ErrInvalidArg, "cannot disable pod network if network-related configuration is specified")
+ }
+ p.InfraContainerSpec.NetNS.NSMode = specgen.NoNetwork
default:
return nil, errors.Errorf("pods presently do not support network mode %s", p.NetNS.NSMode)
}
- if p.NoManageHosts {
- options = append(options, libpod.WithPodUseImageHosts())
+ libpod.WithPodCgroups()
+ if len(p.InfraCommand) > 0 {
+ p.InfraContainerSpec.Entrypoint = p.InfraCommand
}
- if len(p.PortMappings) > 0 {
- ports, _, _, err := ParsePortMapping(p.PortMappings)
- if err != nil {
- return nil, err
- }
- options = append(options, libpod.WithInfraContainerPorts(ports))
+
+ if len(p.HostAdd) > 0 {
+ p.InfraContainerSpec.HostAdd = p.HostAdd
}
- options = append(options, libpod.WithPodCgroups())
- if p.PodCreateCommand != nil {
- options = append(options, libpod.WithPodCreateCommand(p.PodCreateCommand))
+ if len(p.DNSServer) > 0 {
+ var dnsServers []net.IP
+ dnsServers = append(dnsServers, p.DNSServer...)
+
+ p.InfraContainerSpec.DNSServers = dnsServers
+ }
+ if len(p.DNSOption) > 0 {
+ p.InfraContainerSpec.DNSOptions = p.DNSOption
+ }
+ if len(p.DNSSearch) > 0 {
+ p.InfraContainerSpec.DNSSearch = p.DNSSearch
+ }
+ if p.StaticIP != nil {
+ p.InfraContainerSpec.StaticIP = p.StaticIP
+ }
+ if p.StaticMAC != nil {
+ p.InfraContainerSpec.StaticMAC = p.StaticMAC
+ }
+ if p.NoManageResolvConf {
+ p.InfraContainerSpec.UseImageResolvConf = true
+ }
+ if len(p.CNINetworks) > 0 {
+ p.InfraContainerSpec.CNINetworks = p.CNINetworks
+ }
+ if p.NoManageHosts {
+ p.InfraContainerSpec.UseImageHosts = p.NoManageHosts
}
+
if len(p.InfraConmonPidFile) > 0 {
- options = append(options, libpod.WithInfraConmonPidFile(p.InfraConmonPidFile))
+ p.InfraContainerSpec.ConmonPidFile = p.InfraConmonPidFile
}
- return options, nil
+ if p.InfraImage != config.DefaultInfraImage {
+ p.InfraContainerSpec.Image = p.InfraImage
+ }
+ return p.InfraContainerSpec, nil
}
diff --git a/pkg/specgen/podspecgen.go b/pkg/specgen/podspecgen.go
index 386571d11..8872a1321 100644
--- a/pkg/specgen/podspecgen.go
+++ b/pkg/specgen/podspecgen.go
@@ -67,7 +67,7 @@ type PodBasicConfig struct {
// Pid sets the process id namespace of the pod
// Optional (defaults to private if unset). This sets the PID namespace of the infra container
// This configuration will then be shared with the entire pod if PID namespace sharing is enabled via --share
- Pid Namespace `json:"pid,omitempty:"`
+ Pid Namespace `json:"pidns,omitempty"`
// Userns is used to indicate which kind of Usernamespace to enter.
// Any containers created within the pod will inherit the pod's userns settings.
// Optional
@@ -173,6 +173,7 @@ type PodSpecGenerator struct {
PodNetworkConfig
PodCgroupConfig
PodResourceConfig
+ InfraContainerSpec *SpecGenerator `json:"-"`
}
type PodResourceConfig struct {
diff --git a/cmd/podman/common/createparse.go b/pkg/specgenutil/createparse.go
index dcef1a151..b46d8fbc6 100644
--- a/cmd/podman/common/createparse.go
+++ b/pkg/specgenutil/createparse.go
@@ -1,13 +1,14 @@
-package common
+package specgenutil
import (
"github.com/containers/common/pkg/config"
+ "github.com/containers/podman/v3/pkg/domain/entities"
"github.com/pkg/errors"
)
// validate determines if the flags and values given by the user are valid. things checked
// by validate must not need any state information on the flag (i.e. changed)
-func (c *ContainerCLIOpts) validate() error {
+func validate(c *entities.ContainerCreateOptions) error {
var ()
if c.Rm && (c.Restart != "" && c.Restart != "no" && c.Restart != "on-failure") {
return errors.Errorf(`the --rm option conflicts with --restart, when the restartPolicy is not "" and "no"`)
@@ -23,7 +24,11 @@ func (c *ContainerCLIOpts) validate() error {
"ignore": "",
}
if _, ok := imageVolType[c.ImageVolume]; !ok {
- return errors.Errorf("invalid image-volume type %q. Pick one of bind, tmpfs, or ignore", c.ImageVolume)
+ if c.IsInfra {
+ c.ImageVolume = "bind"
+ } else {
+ return errors.Errorf("invalid image-volume type %q. Pick one of bind, tmpfs, or ignore", c.ImageVolume)
+ }
}
return nil
}
diff --git a/cmd/podman/common/ports.go b/pkg/specgenutil/ports.go
index 2092bbe53..6cc4de1ed 100644
--- a/cmd/podman/common/ports.go
+++ b/pkg/specgenutil/ports.go
@@ -1,4 +1,4 @@
-package common
+package specgenutil
import (
"github.com/docker/go-connections/nat"
diff --git a/cmd/podman/common/specgen.go b/pkg/specgenutil/specgen.go
index 59d32f568..9f676db1b 100644
--- a/cmd/podman/common/specgen.go
+++ b/pkg/specgenutil/specgen.go
@@ -1,6 +1,7 @@
-package common
+package specgenutil
import (
+ "encoding/json"
"fmt"
"os"
"strconv"
@@ -11,8 +12,9 @@ import (
"github.com/containers/podman/v3/cmd/podman/parse"
"github.com/containers/podman/v3/libpod/define"
ann "github.com/containers/podman/v3/pkg/annotations"
+ "github.com/containers/podman/v3/pkg/domain/entities"
envLib "github.com/containers/podman/v3/pkg/env"
- ns "github.com/containers/podman/v3/pkg/namespaces"
+ "github.com/containers/podman/v3/pkg/namespaces"
"github.com/containers/podman/v3/pkg/specgen"
systemdDefine "github.com/containers/podman/v3/pkg/systemd/define"
"github.com/containers/podman/v3/pkg/util"
@@ -21,7 +23,7 @@ import (
"github.com/pkg/errors"
)
-func getCPULimits(c *ContainerCLIOpts) *specs.LinuxCPU {
+func getCPULimits(c *entities.ContainerCreateOptions) *specs.LinuxCPU {
cpu := &specs.LinuxCPU{}
hasLimits := false
@@ -67,7 +69,7 @@ func getCPULimits(c *ContainerCLIOpts) *specs.LinuxCPU {
return cpu
}
-func getIOLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts) (*specs.LinuxBlockIO, error) {
+func getIOLimits(s *specgen.SpecGenerator, c *entities.ContainerCreateOptions) (*specs.LinuxBlockIO, error) {
var err error
io := &specs.LinuxBlockIO{}
hasLimits := false
@@ -122,7 +124,7 @@ func getIOLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts) (*specs.LinuxBlo
return io, nil
}
-func getMemoryLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts) (*specs.LinuxMemory, error) {
+func getMemoryLimits(s *specgen.SpecGenerator, c *entities.ContainerCreateOptions) (*specs.LinuxMemory, error) {
var err error
memory := &specs.LinuxMemory{}
hasLimits := false
@@ -167,7 +169,7 @@ func getMemoryLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts) (*specs.Linu
memory.Kernel = &mk
hasLimits = true
}
- if c.MemorySwappiness >= 0 {
+ if c.MemorySwappiness > 0 {
swappiness := uint64(c.MemorySwappiness)
memory.Swappiness = &swappiness
hasLimits = true
@@ -182,7 +184,7 @@ func getMemoryLimits(s *specgen.SpecGenerator, c *ContainerCLIOpts) (*specs.Linu
return memory, nil
}
-func setNamespaces(s *specgen.SpecGenerator, c *ContainerCLIOpts) error {
+func setNamespaces(s *specgen.SpecGenerator, c *entities.ContainerCreateOptions) error {
var err error
if c.PID != "" {
@@ -222,18 +224,22 @@ func setNamespaces(s *specgen.SpecGenerator, c *ContainerCLIOpts) error {
return nil
}
-func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string) error {
+func FillOutSpecGen(s *specgen.SpecGenerator, c *entities.ContainerCreateOptions, args []string) error {
var (
err error
)
-
// validate flags as needed
- if err := c.validate(); err != nil {
+ if err := validate(c); err != nil {
return err
}
-
s.User = c.User
- inputCommand := args[1:]
+ var inputCommand []string
+ if !c.IsInfra {
+ if len(args) > 1 {
+ inputCommand = args[1:]
+ }
+ }
+
if len(c.HealthCmd) > 0 {
if c.NoHealthCheck {
return errors.New("Cannot specify both --no-healthcheck and --health-cmd")
@@ -247,12 +253,33 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
Test: []string{"NONE"},
}
}
-
- userNS := ns.UsernsMode(c.UserNS)
+ if err := setNamespaces(s, c); err != nil {
+ return err
+ }
+ userNS := namespaces.UsernsMode(s.UserNS.NSMode)
+ tempIDMap, err := util.ParseIDMapping(namespaces.UsernsMode(c.UserNS), []string{}, []string{}, "", "")
+ if err != nil {
+ return err
+ }
s.IDMappings, err = util.ParseIDMapping(userNS, c.UIDMap, c.GIDMap, c.SubUIDName, c.SubGIDName)
if err != nil {
return err
}
+ if len(s.IDMappings.GIDMap) == 0 {
+ s.IDMappings.AutoUserNsOpts.AdditionalGIDMappings = tempIDMap.AutoUserNsOpts.AdditionalGIDMappings
+ if s.UserNS.NSMode == specgen.NamespaceMode("auto") {
+ s.IDMappings.AutoUserNs = true
+ }
+ }
+ if len(s.IDMappings.UIDMap) == 0 {
+ s.IDMappings.AutoUserNsOpts.AdditionalUIDMappings = tempIDMap.AutoUserNsOpts.AdditionalUIDMappings
+ if s.UserNS.NSMode == specgen.NamespaceMode("auto") {
+ s.IDMappings.AutoUserNs = true
+ }
+ }
+ if tempIDMap.AutoUserNsOpts.Size != 0 {
+ s.IDMappings.AutoUserNsOpts.Size = tempIDMap.AutoUserNsOpts.Size
+ }
// If some mappings are specified, assume a private user namespace
if userNS.IsDefaultValue() && (!s.IDMappings.HostUIDMapping || !s.IDMappings.HostGIDMapping) {
s.UserNS.NSMode = specgen.Private
@@ -267,7 +294,9 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
}
// We are not handling the Expose flag yet.
// s.PortsExpose = c.Expose
- s.PortMappings = c.Net.PublishPorts
+ if c.Net != nil {
+ s.PortMappings = c.Net.PublishPorts
+ }
s.PublishExposedPorts = c.PublishAll
s.Pod = c.Pod
@@ -288,10 +317,6 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
}
s.Expose = expose
- if err := setNamespaces(s, c); err != nil {
- return err
- }
-
if sig := c.StopSignal; len(sig) > 0 {
stopSignal, err := util.ParseSignal(sig)
if err != nil {
@@ -380,6 +405,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
}
// Include the command used to create the container.
+
s.ContainerCreateCommand = os.Args
if len(inputCommand) > 0 {
@@ -394,28 +420,34 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
}
s.ShmSize = &shmSize
}
- s.CNINetworks = c.Net.CNINetworks
+
+ if c.Net != nil {
+ s.CNINetworks = c.Net.CNINetworks
+ }
// Network aliases
- if len(c.Net.Aliases) > 0 {
- // build a map of aliases where key=cniName
- aliases := make(map[string][]string, len(s.CNINetworks))
- for _, cniNetwork := range s.CNINetworks {
- aliases[cniNetwork] = c.Net.Aliases
+ if c.Net != nil {
+ if len(c.Net.Aliases) > 0 {
+ // build a map of aliases where key=cniName
+ aliases := make(map[string][]string, len(s.CNINetworks))
+ for _, cniNetwork := range s.CNINetworks {
+ aliases[cniNetwork] = c.Net.Aliases
+ }
+ s.Aliases = aliases
}
- s.Aliases = aliases
}
- s.HostAdd = c.Net.AddHosts
- s.UseImageResolvConf = c.Net.UseImageResolvConf
- s.DNSServers = c.Net.DNSServers
- s.DNSSearch = c.Net.DNSSearch
- s.DNSOptions = c.Net.DNSOptions
- s.StaticIP = c.Net.StaticIP
- s.StaticMAC = c.Net.StaticMAC
- s.NetworkOptions = c.Net.NetworkOptions
- s.UseImageHosts = c.Net.NoHosts
-
+ if c.Net != nil {
+ s.HostAdd = c.Net.AddHosts
+ s.UseImageResolvConf = c.Net.UseImageResolvConf
+ s.DNSServers = c.Net.DNSServers
+ s.DNSSearch = c.Net.DNSSearch
+ s.DNSOptions = c.Net.DNSOptions
+ s.StaticIP = c.Net.StaticIP
+ s.StaticMAC = c.Net.StaticMAC
+ s.NetworkOptions = c.Net.NetworkOptions
+ s.UseImageHosts = c.Net.NoHosts
+ }
s.ImageVolumeMode = c.ImageVolume
if s.ImageVolumeMode == "bind" {
s.ImageVolumeMode = "anonymous"
diff --git a/cmd/podman/common/util.go b/pkg/specgenutil/util.go
index cdfff9d6f..15676d086 100644
--- a/cmd/podman/common/util.go
+++ b/pkg/specgenutil/util.go
@@ -1,4 +1,4 @@
-package common
+package specgenutil
import (
"io/ioutil"
diff --git a/cmd/podman/common/volumes.go b/pkg/specgenutil/volumes.go
index 883d604da..e9f70fc9d 100644
--- a/cmd/podman/common/volumes.go
+++ b/pkg/specgenutil/volumes.go
@@ -1,4 +1,4 @@
-package common
+package specgenutil
import (
"fmt"
diff --git a/test/e2e/pod_create_test.go b/test/e2e/pod_create_test.go
index c961bfc32..7297bfc6e 100644
--- a/test/e2e/pod_create_test.go
+++ b/test/e2e/pod_create_test.go
@@ -559,7 +559,7 @@ ENTRYPOINT ["sleep","99999"]
It("podman pod create --cpuset-cpus", func() {
podName := "testPod"
ctrName := "testCtr"
- numCPU := float64(sysinfo.NumCPU())
+ numCPU := float64(sysinfo.NumCPU()) - 1
numCPUStr := strconv.Itoa(int(numCPU))
in := "0-" + numCPUStr
podCreate := podmanTest.Podman([]string{"pod", "create", "--cpuset-cpus", in, "--name", podName})
@@ -588,20 +588,14 @@ ENTRYPOINT ["sleep","99999"]
podInspect.WaitWithDefaultTimeout()
Expect(podInspect).Should(Exit(0))
podJSON := podInspect.InspectPodToJSON()
- Expect(podJSON.InfraConfig.PidNS).To(Equal("path"))
+ Expect(podJSON.InfraConfig.PidNS).To(Equal(ns))
podName = "pidPod2"
ns = "pod"
podCreate = podmanTest.Podman([]string{"pod", "create", "--pid", ns, "--name", podName, "--share", "pid"})
podCreate.WaitWithDefaultTimeout()
- Expect(podCreate).Should(Exit(0))
-
- podInspect = podmanTest.Podman([]string{"pod", "inspect", podName})
- podInspect.WaitWithDefaultTimeout()
- Expect(podInspect).Should(Exit(0))
- podJSON = podInspect.InspectPodToJSON()
- Expect(podJSON.InfraConfig.PidNS).To(Equal("pod"))
+ Expect(podCreate).Should(ExitWithError())
podName = "pidPod3"
ns = "host"
diff --git a/vendor/github.com/containers/image/v5/copy/copy.go b/vendor/github.com/containers/image/v5/copy/copy.go
index b4ff8aa10..e1649ba8e 100644
--- a/vendor/github.com/containers/image/v5/copy/copy.go
+++ b/vendor/github.com/containers/image/v5/copy/copy.go
@@ -36,14 +36,6 @@ import (
"golang.org/x/term"
)
-type digestingReader struct {
- source io.Reader
- digester digest.Digester
- expectedDigest digest.Digest
- validationFailed bool
- validationSucceeded bool
-}
-
var (
// ErrDecryptParamsMissing is returned if there is missing decryption parameters
ErrDecryptParamsMissing = errors.New("Necessary DecryptParameters not present")
@@ -51,6 +43,10 @@ var (
// maxParallelDownloads is used to limit the maximum number of parallel
// downloads. Let's follow Firefox by limiting it to 6.
maxParallelDownloads = uint(6)
+
+ // defaultCompressionFormat is used if the destination transport requests
+ // compression, and the user does not explicitly instruct us to use an algorithm.
+ defaultCompressionFormat = &compression.Gzip
)
// compressionBufferSize is the buffer size used to compress a blob
@@ -64,66 +60,22 @@ var expectedCompressionFormats = map[string]*compressiontypes.Algorithm{
manifest.DockerV2Schema2LayerMediaType: &compression.Gzip,
}
-// newDigestingReader returns an io.Reader implementation with contents of source, which will eventually return a non-EOF error
-// or set validationSucceeded/validationFailed to true if the source stream does/does not match expectedDigest.
-// (neither is set if EOF is never reached).
-func newDigestingReader(source io.Reader, expectedDigest digest.Digest) (*digestingReader, error) {
- var digester digest.Digester
- if err := expectedDigest.Validate(); err != nil {
- return nil, errors.Errorf("Invalid digest specification %s", expectedDigest)
- }
- digestAlgorithm := expectedDigest.Algorithm()
- if !digestAlgorithm.Available() {
- return nil, errors.Errorf("Invalid digest specification %s: unsupported digest algorithm %s", expectedDigest, digestAlgorithm)
- }
- digester = digestAlgorithm.Digester()
-
- return &digestingReader{
- source: source,
- digester: digester,
- expectedDigest: expectedDigest,
- validationFailed: false,
- }, nil
-}
-
-func (d *digestingReader) Read(p []byte) (int, error) {
- n, err := d.source.Read(p)
- if n > 0 {
- if n2, err := d.digester.Hash().Write(p[:n]); n2 != n || err != nil {
- // Coverage: This should not happen, the hash.Hash interface requires
- // d.digest.Write to never return an error, and the io.Writer interface
- // requires n2 == len(input) if no error is returned.
- return 0, errors.Wrapf(err, "updating digest during verification: %d vs. %d", n2, n)
- }
- }
- if err == io.EOF {
- actualDigest := d.digester.Digest()
- if actualDigest != d.expectedDigest {
- d.validationFailed = true
- return 0, errors.Errorf("Digest did not match, expected %s, got %s", d.expectedDigest, actualDigest)
- }
- d.validationSucceeded = true
- }
- return n, err
-}
-
// copier allows us to keep track of diffID values for blobs, and other
// data shared across one or more images in a possible manifest list.
type copier struct {
- dest types.ImageDestination
- rawSource types.ImageSource
- reportWriter io.Writer
- progressOutput io.Writer
- progressInterval time.Duration
- progress chan types.ProgressProperties
- blobInfoCache internalblobinfocache.BlobInfoCache2
- copyInParallel bool
- compressionFormat compressiontypes.Algorithm
- compressionLevel *int
- ociDecryptConfig *encconfig.DecryptConfig
- ociEncryptConfig *encconfig.EncryptConfig
- maxParallelDownloads uint
- downloadForeignLayers bool
+ dest types.ImageDestination
+ rawSource types.ImageSource
+ reportWriter io.Writer
+ progressOutput io.Writer
+ progressInterval time.Duration
+ progress chan types.ProgressProperties
+ blobInfoCache internalblobinfocache.BlobInfoCache2
+ compressionFormat *compressiontypes.Algorithm // Compression algorithm to use, if the user explicitly requested one, or nil.
+ compressionLevel *int
+ ociDecryptConfig *encconfig.DecryptConfig
+ ociEncryptConfig *encconfig.EncryptConfig
+ concurrentBlobCopiesSemaphore *semaphore.Weighted // Limits the amount of concurrently copied blobs
+ downloadForeignLayers bool
}
// imageCopier tracks state specific to a single image (possibly an item of a manifest list)
@@ -196,7 +148,10 @@ type Options struct {
// encrypted if non-nil. If nil, it does not attempt to decrypt an image.
OciDecryptConfig *encconfig.DecryptConfig
- // MaxParallelDownloads indicates the maximum layers to pull at the same time. A reasonable default is used if this is left as 0.
+ // A weighted semaphore to limit the amount of concurrently copied layers and configs. Applies to all copy operations using the semaphore. If set, MaxParallelDownloads is ignored.
+ ConcurrentBlobCopiesSemaphore *semaphore.Weighted
+
+ // MaxParallelDownloads indicates the maximum layers to pull at the same time. Applies to a single copy operation. A reasonable default is used if this is left as 0. Ignored if ConcurrentBlobCopiesSemaphore is set.
MaxParallelDownloads uint
// When OptimizeDestinationImageAlreadyExists is set, optimize the copy assuming that the destination image already
@@ -269,7 +224,6 @@ func Image(ctx context.Context, policyContext *signature.PolicyContext, destRef,
if !isTTY(reportWriter) {
progressOutput = ioutil.Discard
}
- copyInParallel := dest.HasThreadSafePutBlob() && rawSource.HasThreadSafeGetBlob()
c := &copier{
dest: dest,
@@ -278,24 +232,38 @@ func Image(ctx context.Context, policyContext *signature.PolicyContext, destRef,
progressOutput: progressOutput,
progressInterval: options.ProgressInterval,
progress: options.Progress,
- copyInParallel: copyInParallel,
// FIXME? The cache is used for sources and destinations equally, but we only have a SourceCtx and DestinationCtx.
// For now, use DestinationCtx (because blob reuse changes the behavior of the destination side more); eventually
// we might want to add a separate CommonCtx — or would that be too confusing?
blobInfoCache: internalblobinfocache.FromBlobInfoCache(blobinfocache.DefaultCache(options.DestinationCtx)),
ociDecryptConfig: options.OciDecryptConfig,
ociEncryptConfig: options.OciEncryptConfig,
- maxParallelDownloads: options.MaxParallelDownloads,
downloadForeignLayers: options.DownloadForeignLayers,
}
- // Default to using gzip compression unless specified otherwise.
- if options.DestinationCtx == nil || options.DestinationCtx.CompressionFormat == nil {
- c.compressionFormat = compression.Gzip
+
+ // Set the concurrentBlobCopiesSemaphore if we can copy layers in parallel.
+ if dest.HasThreadSafePutBlob() && rawSource.HasThreadSafeGetBlob() {
+ c.concurrentBlobCopiesSemaphore = options.ConcurrentBlobCopiesSemaphore
+ if c.concurrentBlobCopiesSemaphore == nil {
+ max := options.MaxParallelDownloads
+ if max == 0 {
+ max = maxParallelDownloads
+ }
+ c.concurrentBlobCopiesSemaphore = semaphore.NewWeighted(int64(max))
+ }
} else {
- c.compressionFormat = *options.DestinationCtx.CompressionFormat
+ c.concurrentBlobCopiesSemaphore = semaphore.NewWeighted(int64(1))
+ if options.ConcurrentBlobCopiesSemaphore != nil {
+ if err := options.ConcurrentBlobCopiesSemaphore.Acquire(ctx, 1); err != nil {
+ return nil, fmt.Errorf("acquiring semaphore for concurrent blob copies: %w", err)
+ }
+ defer options.ConcurrentBlobCopiesSemaphore.Release(1)
+ }
}
+
if options.DestinationCtx != nil {
- // Note that the compressionLevel can be nil.
+ // Note that compressionFormat and compressionLevel can be nil.
+ c.compressionFormat = options.DestinationCtx.CompressionFormat
c.compressionLevel = options.DestinationCtx.CompressionLevel
}
@@ -904,22 +872,9 @@ func (ic *imageCopier) copyLayers(ctx context.Context) error {
// copyGroup is used to determine if all layers are copied
copyGroup := sync.WaitGroup{}
- // copySemaphore is used to limit the number of parallel downloads to
- // avoid malicious images causing troubles and to be nice to servers.
- var copySemaphore *semaphore.Weighted
- if ic.c.copyInParallel {
- max := ic.c.maxParallelDownloads
- if max == 0 {
- max = maxParallelDownloads
- }
- copySemaphore = semaphore.NewWeighted(int64(max))
- } else {
- copySemaphore = semaphore.NewWeighted(int64(1))
- }
-
data := make([]copyLayerData, numLayers)
copyLayerHelper := func(index int, srcLayer types.BlobInfo, toEncrypt bool, pool *mpb.Progress, srcRef reference.Named) {
- defer copySemaphore.Release(1)
+ defer ic.c.concurrentBlobCopiesSemaphore.Release(1)
defer copyGroup.Done()
cld := copyLayerData{}
if !ic.c.downloadForeignLayers && ic.c.dest.AcceptsForeignLayerURLs() && len(srcLayer.URLs) != 0 {
@@ -957,17 +912,17 @@ func (ic *imageCopier) copyLayers(ctx context.Context) error {
}
if err := func() error { // A scope for defer
- progressPool, progressCleanup := ic.c.newProgressPool(ctx)
- defer func() {
- // Wait for all layers to be copied. progressCleanup() must not be called while any of the copyLayerHelpers interact with the progressPool.
- copyGroup.Wait()
- progressCleanup()
- }()
+ progressPool := ic.c.newProgressPool()
+ defer progressPool.Wait()
+
+ // Ensure we wait for all layers to be copied. progressPool.Wait() must not be called while any of the copyLayerHelpers interact with the progressPool.
+ defer copyGroup.Wait()
for i, srcLayer := range srcInfos {
- err = copySemaphore.Acquire(ctx, 1)
+ err = ic.c.concurrentBlobCopiesSemaphore.Acquire(ctx, 1)
if err != nil {
- return errors.Wrapf(err, "Can't acquire semaphore")
+ // This can only fail with ctx.Err(), so no need to blame acquiring the semaphore.
+ return fmt.Errorf("copying layer: %w", err)
}
copyGroup.Add(1)
go copyLayerHelper(i, srcLayer, encLayerBitmap[i], progressPool, ic.c.rawSource.Reference().DockerReference())
@@ -1061,15 +1016,13 @@ func (ic *imageCopier) copyUpdatedConfigAndManifest(ctx context.Context, instanc
return man, manifestDigest, nil
}
-// newProgressPool creates a *mpb.Progress and a cleanup function.
-// The caller must eventually call the returned cleanup function after the pool will no longer be updated.
-func (c *copier) newProgressPool(ctx context.Context) (*mpb.Progress, func()) {
- ctx, cancel := context.WithCancel(ctx)
- pool := mpb.NewWithContext(ctx, mpb.WithWidth(40), mpb.WithOutput(c.progressOutput))
- return pool, func() {
- cancel()
- pool.Wait()
- }
+// newProgressPool creates a *mpb.Progress.
+// The caller must eventually call pool.Wait() after the pool will no longer be updated.
+// NOTE: Every progress bar created within the progress pool must either successfully
+// complete or be aborted, or pool.Wait() will hang. That is typically done
+// using "defer bar.Abort(false)", which must be called BEFORE pool.Wait() is called.
+func (c *copier) newProgressPool() *mpb.Progress {
+ return mpb.New(mpb.WithWidth(40), mpb.WithOutput(c.progressOutput))
}
// customPartialBlobCounter provides a decorator function for the partial blobs retrieval progress bar
@@ -1090,6 +1043,9 @@ func customPartialBlobCounter(filler interface{}, wcc ...decor.WC) decor.Decorat
// createProgressBar creates a mpb.Bar in pool. Note that if the copier's reportWriter
// is ioutil.Discard, the progress bar's output will be discarded
+// NOTE: Every progress bar created within a progress pool must either successfully
+// complete or be aborted, or pool.Wait() will hang. That is typically done
+// using "defer bar.Abort(false)", which must happen BEFORE pool.Wait() is called.
func (c *copier) createProgressBar(pool *mpb.Progress, partial bool, info types.BlobInfo, kind string, onComplete string) *mpb.Bar {
// shortDigestLen is the length of the digest used for blobs.
const shortDigestLen = 12
@@ -1149,15 +1105,23 @@ func (c *copier) createProgressBar(pool *mpb.Progress, partial bool, info types.
func (c *copier) copyConfig(ctx context.Context, src types.Image) error {
srcInfo := src.ConfigInfo()
if srcInfo.Digest != "" {
+ if err := c.concurrentBlobCopiesSemaphore.Acquire(ctx, 1); err != nil {
+ // This can only fail with ctx.Err(), so no need to blame acquiring the semaphore.
+ return fmt.Errorf("copying config: %w", err)
+ }
+ defer c.concurrentBlobCopiesSemaphore.Release(1)
+
configBlob, err := src.ConfigBlob(ctx)
if err != nil {
return errors.Wrapf(err, "reading config blob %s", srcInfo.Digest)
}
destInfo, err := func() (types.BlobInfo, error) { // A scope for defer
- progressPool, progressCleanup := c.newProgressPool(ctx)
- defer progressCleanup()
+ progressPool := c.newProgressPool()
+ defer progressPool.Wait()
bar := c.createProgressBar(progressPool, false, srcInfo, "config", "done")
+ defer bar.Abort(false)
+
destInfo, err := c.copyBlobFromStream(ctx, bytes.NewReader(configBlob), srcInfo, nil, false, true, false, bar, -1, false)
if err != nil {
return types.BlobInfo{}, err
@@ -1184,7 +1148,7 @@ type diffIDResult struct {
// copyLayer copies a layer with srcInfo (with known Digest and Annotations and possibly known Size) in src to dest, perhaps (de/re/)compressing it,
// and returns a complete blobInfo of the copied layer, and a value for LayerDiffIDs if diffIDIsNeeded
-// srcRef can be used as an additional hint to the destination during checking whehter a layer can be reused but srcRef can be nil.
+// srcRef can be used as an additional hint to the destination during checking whether a layer can be reused but srcRef can be nil.
func (ic *imageCopier) copyLayer(ctx context.Context, srcInfo types.BlobInfo, toEncrypt bool, pool *mpb.Progress, layerIndex int, srcRef reference.Named, emptyLayer bool) (types.BlobInfo, digest.Digest, error) {
// If the srcInfo doesn't contain compression information, try to compute it from the
// MediaType, which was either read from a manifest by way of LayerInfos() or constructed
@@ -1245,8 +1209,11 @@ func (ic *imageCopier) copyLayer(ctx context.Context, srcInfo types.BlobInfo, to
}
if reused {
logrus.Debugf("Skipping blob %s (already present):", srcInfo.Digest)
- bar := ic.c.createProgressBar(pool, false, srcInfo, "blob", "skipped: already exists")
- bar.SetTotal(0, true)
+ func() { // A scope for defer
+ bar := ic.c.createProgressBar(pool, false, srcInfo, "blob", "skipped: already exists")
+ defer bar.Abort(false)
+ bar.SetTotal(0, true)
+ }()
// Throw an event that the layer has been skipped
if ic.c.progress != nil && ic.c.progressInterval > 0 {
@@ -1279,40 +1246,49 @@ func (ic *imageCopier) copyLayer(ctx context.Context, srcInfo types.BlobInfo, to
imgSource, okSource := ic.c.rawSource.(internalTypes.ImageSourceSeekable)
imgDest, okDest := ic.c.dest.(internalTypes.ImageDestinationPartial)
if okSource && okDest && !diffIDIsNeeded {
- bar := ic.c.createProgressBar(pool, true, srcInfo, "blob", "done")
-
- progress := make(chan int64)
- terminate := make(chan interface{})
-
- defer close(terminate)
- defer close(progress)
-
- proxy := imageSourceSeekableProxy{
- source: imgSource,
- progress: progress,
- }
- go func() {
- for {
- select {
- case written := <-progress:
- bar.IncrInt64(written)
- case <-terminate:
- return
+ if reused, blobInfo := func() (bool, types.BlobInfo) { // A scope for defer
+ bar := ic.c.createProgressBar(pool, true, srcInfo, "blob", "done")
+ hideProgressBar := true
+ defer func() { // Note that this is not the same as defer bar.Abort(hideProgressBar); we need hideProgressBar to be evaluated lazily.
+ bar.Abort(hideProgressBar)
+ }()
+
+ progress := make(chan int64)
+ terminate := make(chan interface{})
+
+ defer close(terminate)
+ defer close(progress)
+
+ proxy := imageSourceSeekableProxy{
+ source: imgSource,
+ progress: progress,
+ }
+ go func() {
+ for {
+ select {
+ case written := <-progress:
+ bar.IncrInt64(written)
+ case <-terminate:
+ return
+ }
}
+ }()
+
+ bar.SetTotal(srcInfo.Size, false)
+ info, err := imgDest.PutBlobPartial(ctx, proxy, srcInfo, ic.c.blobInfoCache)
+ if err == nil {
+ bar.SetRefill(srcInfo.Size - bar.Current())
+ bar.SetCurrent(srcInfo.Size)
+ bar.SetTotal(srcInfo.Size, true)
+ hideProgressBar = false
+ logrus.Debugf("Retrieved partial blob %v", srcInfo.Digest)
+ return true, info
}
- }()
-
- bar.SetTotal(srcInfo.Size, false)
- info, err := imgDest.PutBlobPartial(ctx, proxy, srcInfo, ic.c.blobInfoCache)
- if err == nil {
- bar.SetRefill(srcInfo.Size - bar.Current())
- bar.SetCurrent(srcInfo.Size)
- bar.SetTotal(srcInfo.Size, true)
- logrus.Debugf("Retrieved partial blob %v", srcInfo.Digest)
- return info, cachedDiffID, nil
+ logrus.Debugf("Failed to retrieve partial blob: %v", err)
+ return false, types.BlobInfo{}
+ }(); reused {
+ return blobInfo, cachedDiffID, nil
}
- bar.Abort(true)
- logrus.Debugf("Failed to retrieve partial blob: %v", err)
}
// Fallback: copy the layer, computing the diffID if we need to do so
@@ -1322,32 +1298,35 @@ func (ic *imageCopier) copyLayer(ctx context.Context, srcInfo types.BlobInfo, to
}
defer srcStream.Close()
- bar := ic.c.createProgressBar(pool, false, srcInfo, "blob", "done")
+ return func() (types.BlobInfo, digest.Digest, error) { // A scope for defer
+ bar := ic.c.createProgressBar(pool, false, srcInfo, "blob", "done")
+ defer bar.Abort(false)
- blobInfo, diffIDChan, err := ic.copyLayerFromStream(ctx, srcStream, types.BlobInfo{Digest: srcInfo.Digest, Size: srcBlobSize, MediaType: srcInfo.MediaType, Annotations: srcInfo.Annotations}, diffIDIsNeeded, toEncrypt, bar, layerIndex, emptyLayer)
- if err != nil {
- return types.BlobInfo{}, "", err
- }
+ blobInfo, diffIDChan, err := ic.copyLayerFromStream(ctx, srcStream, types.BlobInfo{Digest: srcInfo.Digest, Size: srcBlobSize, MediaType: srcInfo.MediaType, Annotations: srcInfo.Annotations}, diffIDIsNeeded, toEncrypt, bar, layerIndex, emptyLayer)
+ if err != nil {
+ return types.BlobInfo{}, "", err
+ }
- diffID := cachedDiffID
- if diffIDIsNeeded {
- select {
- case <-ctx.Done():
- return types.BlobInfo{}, "", ctx.Err()
- case diffIDResult := <-diffIDChan:
- if diffIDResult.err != nil {
- return types.BlobInfo{}, "", errors.Wrap(diffIDResult.err, "computing layer DiffID")
+ diffID := cachedDiffID
+ if diffIDIsNeeded {
+ select {
+ case <-ctx.Done():
+ return types.BlobInfo{}, "", ctx.Err()
+ case diffIDResult := <-diffIDChan:
+ if diffIDResult.err != nil {
+ return types.BlobInfo{}, "", errors.Wrap(diffIDResult.err, "computing layer DiffID")
+ }
+ logrus.Debugf("Computed DiffID %s for layer %s", diffIDResult.digest, srcInfo.Digest)
+ // This is safe because we have just computed diffIDResult.Digest ourselves, and in the process
+ // we have read all of the input blob, so srcInfo.Digest must have been validated by digestingReader.
+ ic.c.blobInfoCache.RecordDigestUncompressedPair(srcInfo.Digest, diffIDResult.digest)
+ diffID = diffIDResult.digest
}
- logrus.Debugf("Computed DiffID %s for layer %s", diffIDResult.digest, srcInfo.Digest)
- // This is safe because we have just computed diffIDResult.Digest ourselves, and in the process
- // we have read all of the input blob, so srcInfo.Digest must have been validated by digestingReader.
- ic.c.blobInfoCache.RecordDigestUncompressedPair(srcInfo.Digest, diffIDResult.digest)
- diffID = diffIDResult.digest
}
- }
- bar.SetTotal(srcInfo.Size, true)
- return blobInfo, diffID, nil
+ bar.SetTotal(srcInfo.Size, true)
+ return blobInfo, diffID, nil
+ }()
}
// copyLayerFromStream is an implementation detail of copyLayer; mostly providing a separate “defer” scope.
@@ -1502,7 +1481,7 @@ func (c *copier) copyBlobFromStream(ctx context.Context, srcStream io.Reader, sr
// short-circuit conditions
var inputInfo types.BlobInfo
var compressionOperation types.LayerCompression
- uploadCompressionFormat := &c.compressionFormat
+ var uploadCompressionFormat *compressiontypes.Algorithm
srcCompressorName := internalblobinfocache.Uncompressed
if isCompressed {
srcCompressorName = compressionFormat.Name()
@@ -1514,14 +1493,19 @@ func (c *copier) copyBlobFromStream(ctx context.Context, srcStream io.Reader, sr
compressionOperation = types.PreserveOriginal
inputInfo = srcInfo
srcCompressorName = internalblobinfocache.UnknownCompression
- uploadCompressorName = internalblobinfocache.UnknownCompression
uploadCompressionFormat = nil
+ uploadCompressorName = internalblobinfocache.UnknownCompression
} else if canModifyBlob && c.dest.DesiredLayerCompression() == types.Compress && !isCompressed {
logrus.Debugf("Compressing blob on the fly")
compressionOperation = types.Compress
pipeReader, pipeWriter := io.Pipe()
defer pipeReader.Close()
+ if c.compressionFormat != nil {
+ uploadCompressionFormat = c.compressionFormat
+ } else {
+ uploadCompressionFormat = defaultCompressionFormat
+ }
// If this fails while writing data, it will do pipeWriter.CloseWithError(); if it fails otherwise,
// e.g. because we have exited and due to pipeReader.Close() above further writing to the pipe has failed,
// we don’t care.
@@ -1530,7 +1514,8 @@ func (c *copier) copyBlobFromStream(ctx context.Context, srcStream io.Reader, sr
inputInfo.Digest = ""
inputInfo.Size = -1
uploadCompressorName = uploadCompressionFormat.Name()
- } else if canModifyBlob && c.dest.DesiredLayerCompression() == types.Compress && isCompressed && uploadCompressionFormat.Name() != compressionFormat.Name() {
+ } else if canModifyBlob && c.dest.DesiredLayerCompression() == types.Compress && isCompressed &&
+ c.compressionFormat != nil && c.compressionFormat.Name() != compressionFormat.Name() {
// When the blob is compressed, but the desired format is different, it first needs to be decompressed and finally
// re-compressed using the desired format.
logrus.Debugf("Blob will be converted")
@@ -1545,6 +1530,7 @@ func (c *copier) copyBlobFromStream(ctx context.Context, srcStream io.Reader, sr
pipeReader, pipeWriter := io.Pipe()
defer pipeReader.Close()
+ uploadCompressionFormat = c.compressionFormat
go c.compressGoroutine(pipeWriter, s, compressionMetadata, *uploadCompressionFormat) // Closes pipeWriter
destStream = pipeReader
@@ -1562,14 +1548,13 @@ func (c *copier) copyBlobFromStream(ctx context.Context, srcStream io.Reader, sr
destStream = s
inputInfo.Digest = ""
inputInfo.Size = -1
- uploadCompressorName = internalblobinfocache.Uncompressed
uploadCompressionFormat = nil
+ uploadCompressorName = internalblobinfocache.Uncompressed
} else {
// PreserveOriginal might also need to recompress the original blob if the desired compression format is different.
logrus.Debugf("Using original blob without modification")
compressionOperation = types.PreserveOriginal
inputInfo = srcInfo
- uploadCompressorName = srcCompressorName
// Remember if the original blob was compressed, and if so how, so that if
// LayerInfosForCopy() returned something that differs from what was in the
// source's manifest, and UpdatedImage() needs to call UpdateLayerInfos(),
@@ -1579,6 +1564,7 @@ func (c *copier) copyBlobFromStream(ctx context.Context, srcStream io.Reader, sr
} else {
uploadCompressionFormat = nil
}
+ uploadCompressorName = srcCompressorName
}
// === Encrypt the stream for valid mediatypes if ociEncryptConfig provided
diff --git a/vendor/github.com/containers/image/v5/copy/digesting_reader.go b/vendor/github.com/containers/image/v5/copy/digesting_reader.go
new file mode 100644
index 000000000..ccc9110ff
--- /dev/null
+++ b/vendor/github.com/containers/image/v5/copy/digesting_reader.go
@@ -0,0 +1,62 @@
+package copy
+
+import (
+ "hash"
+ "io"
+
+ digest "github.com/opencontainers/go-digest"
+ "github.com/pkg/errors"
+)
+
+type digestingReader struct {
+ source io.Reader
+ digester digest.Digester
+ hash hash.Hash
+ expectedDigest digest.Digest
+ validationFailed bool
+ validationSucceeded bool
+}
+
+// newDigestingReader returns an io.Reader implementation with contents of source, which will eventually return a non-EOF error
+// or set validationSucceeded/validationFailed to true if the source stream does/does not match expectedDigest.
+// (neither is set if EOF is never reached).
+func newDigestingReader(source io.Reader, expectedDigest digest.Digest) (*digestingReader, error) {
+ var digester digest.Digester
+ if err := expectedDigest.Validate(); err != nil {
+ return nil, errors.Errorf("Invalid digest specification %s", expectedDigest)
+ }
+ digestAlgorithm := expectedDigest.Algorithm()
+ if !digestAlgorithm.Available() {
+ return nil, errors.Errorf("Invalid digest specification %s: unsupported digest algorithm %s", expectedDigest, digestAlgorithm)
+ }
+ digester = digestAlgorithm.Digester()
+
+ return &digestingReader{
+ source: source,
+ digester: digester,
+ hash: digester.Hash(),
+ expectedDigest: expectedDigest,
+ validationFailed: false,
+ }, nil
+}
+
+func (d *digestingReader) Read(p []byte) (int, error) {
+ n, err := d.source.Read(p)
+ if n > 0 {
+ if n2, err := d.hash.Write(p[:n]); n2 != n || err != nil {
+ // Coverage: This should not happen, the hash.Hash interface requires
+ // d.digest.Write to never return an error, and the io.Writer interface
+ // requires n2 == len(input) if no error is returned.
+ return 0, errors.Wrapf(err, "updating digest during verification: %d vs. %d", n2, n)
+ }
+ }
+ if err == io.EOF {
+ actualDigest := d.digester.Digest()
+ if actualDigest != d.expectedDigest {
+ d.validationFailed = true
+ return 0, errors.Errorf("Digest did not match, expected %s, got %s", d.expectedDigest, actualDigest)
+ }
+ d.validationSucceeded = true
+ }
+ return n, err
+}
diff --git a/vendor/github.com/containers/image/v5/directory/directory_dest.go b/vendor/github.com/containers/image/v5/directory/directory_dest.go
index e3280aa2b..ea20e7c5e 100644
--- a/vendor/github.com/containers/image/v5/directory/directory_dest.go
+++ b/vendor/github.com/containers/image/v5/directory/directory_dest.go
@@ -8,6 +8,7 @@ import (
"path/filepath"
"runtime"
+ "github.com/containers/image/v5/internal/putblobdigest"
"github.com/containers/image/v5/types"
"github.com/opencontainers/go-digest"
"github.com/pkg/errors"
@@ -141,7 +142,7 @@ func (d *dirImageDestination) HasThreadSafePutBlob() bool {
}
// PutBlob writes contents of stream and returns data representing the result (with all data filled in).
-// inputInfo.Digest can be optionally provided if known; it is not mandatory for the implementation to verify it.
+// inputInfo.Digest can be optionally provided if known; if provided, and stream is read to the end without error, the digest MUST match the stream contents.
// inputInfo.Size is the expected length of stream, if known.
// May update cache.
// WARNING: The contents of stream are being verified on the fly. Until stream.Read() returns io.EOF, the contents of the data SHOULD NOT be available
@@ -163,17 +164,15 @@ func (d *dirImageDestination) PutBlob(ctx context.Context, stream io.Reader, inp
}
}()
- digester := digest.Canonical.Digester()
- tee := io.TeeReader(stream, digester.Hash())
-
+ digester, stream := putblobdigest.DigestIfCanonicalUnknown(stream, inputInfo)
// TODO: This can take quite some time, and should ideally be cancellable using ctx.Done().
- size, err := io.Copy(blobFile, tee)
+ size, err := io.Copy(blobFile, stream)
if err != nil {
return types.BlobInfo{}, err
}
- computedDigest := digester.Digest()
+ blobDigest := digester.Digest()
if inputInfo.Size != -1 && size != inputInfo.Size {
- return types.BlobInfo{}, errors.Errorf("Size mismatch when copying %s, expected %d, got %d", computedDigest, inputInfo.Size, size)
+ return types.BlobInfo{}, errors.Errorf("Size mismatch when copying %s, expected %d, got %d", blobDigest, inputInfo.Size, size)
}
if err := blobFile.Sync(); err != nil {
return types.BlobInfo{}, err
@@ -189,7 +188,7 @@ func (d *dirImageDestination) PutBlob(ctx context.Context, stream io.Reader, inp
}
}
- blobPath := d.ref.layerPath(computedDigest)
+ blobPath := d.ref.layerPath(blobDigest)
// need to explicitly close the file, since a rename won't otherwise not work on Windows
blobFile.Close()
explicitClosed = true
@@ -197,7 +196,7 @@ func (d *dirImageDestination) PutBlob(ctx context.Context, stream io.Reader, inp
return types.BlobInfo{}, err
}
succeeded = true
- return types.BlobInfo{Digest: computedDigest, Size: size}, nil
+ return types.BlobInfo{Digest: blobDigest, Size: size}, nil
}
// TryReusingBlob checks whether the transport already contains, or can efficiently reuse, a blob, and if so, applies it to the current destination
diff --git a/vendor/github.com/containers/image/v5/docker/docker_image_dest.go b/vendor/github.com/containers/image/v5/docker/docker_image_dest.go
index 360a7122e..80701a761 100644
--- a/vendor/github.com/containers/image/v5/docker/docker_image_dest.go
+++ b/vendor/github.com/containers/image/v5/docker/docker_image_dest.go
@@ -17,6 +17,7 @@ import (
"github.com/containers/image/v5/docker/reference"
"github.com/containers/image/v5/internal/blobinfocache"
"github.com/containers/image/v5/internal/iolimits"
+ "github.com/containers/image/v5/internal/putblobdigest"
"github.com/containers/image/v5/internal/uploadreader"
"github.com/containers/image/v5/manifest"
"github.com/containers/image/v5/pkg/blobinfocache/none"
@@ -124,14 +125,14 @@ func (d *dockerImageDestination) HasThreadSafePutBlob() bool {
}
// PutBlob writes contents of stream and returns data representing the result (with all data filled in).
-// inputInfo.Digest can be optionally provided if known; it is not mandatory for the implementation to verify it.
+// inputInfo.Digest can be optionally provided if known; if provided, and stream is read to the end without error, the digest MUST match the stream contents.
// inputInfo.Size is the expected length of stream, if known.
// May update cache.
// WARNING: The contents of stream are being verified on the fly. Until stream.Read() returns io.EOF, the contents of the data SHOULD NOT be available
// to any other readers for download using the supplied digest.
// If stream.Read() at any time, ESPECIALLY at end of input, returns an error, PutBlob MUST 1) fail, and 2) delete any data stored so far.
func (d *dockerImageDestination) PutBlob(ctx context.Context, stream io.Reader, inputInfo types.BlobInfo, cache types.BlobInfoCache, isConfig bool) (types.BlobInfo, error) {
- if inputInfo.Digest.String() != "" {
+ if inputInfo.Digest != "" {
// This should not really be necessary, at least the copy code calls TryReusingBlob automatically.
// Still, we need to check, if only because the "initiate upload" endpoint does not have a documented "blob already exists" return value.
// But we do that with NoCache, so that it _only_ checks the primary destination, instead of trying all mount candidates _again_.
@@ -161,10 +162,12 @@ func (d *dockerImageDestination) PutBlob(ctx context.Context, stream io.Reader,
return types.BlobInfo{}, errors.Wrap(err, "determining upload URL")
}
- digester := digest.Canonical.Digester()
+ digester, stream := putblobdigest.DigestIfCanonicalUnknown(stream, inputInfo)
sizeCounter := &sizeCounter{}
+ stream = io.TeeReader(stream, sizeCounter)
+
uploadLocation, err = func() (*url.URL, error) { // A scope for defer
- uploadReader := uploadreader.NewUploadReader(io.TeeReader(stream, io.MultiWriter(digester.Hash(), sizeCounter)))
+ uploadReader := uploadreader.NewUploadReader(stream)
// This error text should never be user-visible, we terminate only after makeRequestToResolvedURL
// returns, so there isn’t a way for the error text to be provided to any of our callers.
defer uploadReader.Terminate(errors.New("Reading data from an already terminated upload"))
@@ -186,13 +189,12 @@ func (d *dockerImageDestination) PutBlob(ctx context.Context, stream io.Reader,
if err != nil {
return types.BlobInfo{}, err
}
- computedDigest := digester.Digest()
+ blobDigest := digester.Digest()
// FIXME: DELETE uploadLocation on failure (does not really work in docker/distribution servers, which incorrectly require the "delete" action in the token's scope)
locationQuery := uploadLocation.Query()
- // TODO: check inputInfo.Digest == computedDigest https://github.com/containers/image/pull/70#discussion_r77646717
- locationQuery.Set("digest", computedDigest.String())
+ locationQuery.Set("digest", blobDigest.String())
uploadLocation.RawQuery = locationQuery.Encode()
res, err = d.c.makeRequestToResolvedURL(ctx, http.MethodPut, uploadLocation.String(), map[string][]string{"Content-Type": {"application/octet-stream"}}, nil, -1, v2Auth, nil)
if err != nil {
@@ -204,9 +206,9 @@ func (d *dockerImageDestination) PutBlob(ctx context.Context, stream io.Reader,
return types.BlobInfo{}, errors.Wrapf(registryHTTPResponseToError(res), "uploading layer to %s", uploadLocation)
}
- logrus.Debugf("Upload of layer %s complete", computedDigest)
- cache.RecordKnownLocation(d.ref.Transport(), bicTransportScope(d.ref), computedDigest, newBICLocationReference(d.ref))
- return types.BlobInfo{Digest: computedDigest, Size: sizeCounter.size}, nil
+ logrus.Debugf("Upload of layer %s complete", blobDigest)
+ cache.RecordKnownLocation(d.ref.Transport(), bicTransportScope(d.ref), blobDigest, newBICLocationReference(d.ref))
+ return types.BlobInfo{Digest: blobDigest, Size: sizeCounter.size}, nil
}
// blobExists returns true iff repo contains a blob with digest, and if so, also its size.
@@ -485,7 +487,7 @@ func (d *dockerImageDestination) PutSignatures(ctx context.Context, signatures [
return nil
}
if instanceDigest == nil {
- if d.manifestDigest.String() == "" {
+ if d.manifestDigest == "" {
// This shouldn’t happen, ImageDestination users are required to call PutManifest before PutSignatures
return errors.Errorf("Unknown manifest digest, can't add signatures")
}
diff --git a/vendor/github.com/containers/image/v5/docker/docker_image_src.go b/vendor/github.com/containers/image/v5/docker/docker_image_src.go
index 5dc8e7b1f..1333cf9e2 100644
--- a/vendor/github.com/containers/image/v5/docker/docker_image_src.go
+++ b/vendor/github.com/containers/image/v5/docker/docker_image_src.go
@@ -278,7 +278,78 @@ func (s *dockerImageSource) HasThreadSafeGetBlob() bool {
return true
}
+// splitHTTP200ResponseToPartial splits a 200 response in multiple streams as specified by the chunks
+func splitHTTP200ResponseToPartial(streams chan io.ReadCloser, errs chan error, body io.ReadCloser, chunks []internalTypes.ImageSourceChunk) {
+ defer close(streams)
+ defer close(errs)
+ currentOffset := uint64(0)
+
+ body = makeBufferedNetworkReader(body, 64, 16384)
+ defer body.Close()
+ for _, c := range chunks {
+ if c.Offset != currentOffset {
+ if c.Offset < currentOffset {
+ errs <- fmt.Errorf("invalid chunk offset specified %v (expected >= %v)", c.Offset, currentOffset)
+ break
+ }
+ toSkip := c.Offset - currentOffset
+ if _, err := io.Copy(ioutil.Discard, io.LimitReader(body, int64(toSkip))); err != nil {
+ errs <- err
+ break
+ }
+ currentOffset += toSkip
+ }
+ s := signalCloseReader{
+ closed: make(chan interface{}),
+ stream: ioutil.NopCloser(io.LimitReader(body, int64(c.Length))),
+ consumeStream: true,
+ }
+ streams <- s
+
+ // Wait until the stream is closed before going to the next chunk
+ <-s.closed
+ currentOffset += c.Length
+ }
+}
+
+// handle206Response reads a 206 response and send each part as a separate ReadCloser to the streams chan.
+func handle206Response(streams chan io.ReadCloser, errs chan error, body io.ReadCloser, chunks []internalTypes.ImageSourceChunk, mediaType string, params map[string]string) {
+ defer close(streams)
+ defer close(errs)
+ if !strings.HasPrefix(mediaType, "multipart/") {
+ streams <- body
+ return
+ }
+ boundary, found := params["boundary"]
+ if !found {
+ errs <- errors.Errorf("could not find boundary")
+ body.Close()
+ return
+ }
+ buffered := makeBufferedNetworkReader(body, 64, 16384)
+ defer buffered.Close()
+ mr := multipart.NewReader(buffered, boundary)
+ for {
+ p, err := mr.NextPart()
+ if err != nil {
+ if err != io.EOF {
+ errs <- err
+ }
+ return
+ }
+ s := signalCloseReader{
+ closed: make(chan interface{}),
+ stream: p,
+ }
+ streams <- s
+ // NextPart() cannot be called while the current part
+ // is being read, so wait until it is closed
+ <-s.closed
+ }
+}
+
// GetBlobAt returns a stream for the specified blob.
+// The specified chunks must be not overlapping and sorted by their offset.
func (s *dockerImageSource) GetBlobAt(ctx context.Context, info types.BlobInfo, chunks []internalTypes.ImageSourceChunk) (chan io.ReadCloser, chan error, error) {
headers := make(map[string][]string)
@@ -305,53 +376,30 @@ func (s *dockerImageSource) GetBlobAt(ctx context.Context, info types.BlobInfo,
}
return nil, nil, err
}
- if res.StatusCode != http.StatusPartialContent {
- res.Body.Close()
- return nil, nil, errors.Errorf("invalid status code returned when fetching blob %d (%s)", res.StatusCode, http.StatusText(res.StatusCode))
- }
- mediaType, params, err := mime.ParseMediaType(res.Header.Get("Content-Type"))
- if err != nil {
- return nil, nil, err
- }
+ switch res.StatusCode {
+ case http.StatusOK:
+ // if the server replied with a 200 status code, convert the full body response to a series of
+ // streams as it would have been done with 206.
+ streams := make(chan io.ReadCloser)
+ errs := make(chan error)
+ go splitHTTP200ResponseToPartial(streams, errs, res.Body, chunks)
+ return streams, errs, nil
+ case http.StatusPartialContent:
+ mediaType, params, err := mime.ParseMediaType(res.Header.Get("Content-Type"))
+ if err != nil {
+ return nil, nil, err
+ }
- streams := make(chan io.ReadCloser)
- errs := make(chan error)
+ streams := make(chan io.ReadCloser)
+ errs := make(chan error)
- go func() {
- defer close(streams)
- defer close(errs)
- if !strings.HasPrefix(mediaType, "multipart/") {
- streams <- res.Body
- return
- }
- boundary, found := params["boundary"]
- if !found {
- errs <- errors.Errorf("could not find boundary")
- return
- }
- buffered := makeBufferedNetworkReader(res.Body, 64, 16384)
- defer buffered.Close()
- mr := multipart.NewReader(buffered, boundary)
- for {
- p, err := mr.NextPart()
- if err != nil {
- if err != io.EOF {
- errs <- err
- }
- return
- }
- s := signalCloseReader{
- Closed: make(chan interface{}),
- Stream: p,
- }
- streams <- s
- // NextPart() cannot be called while the current part
- // is being read, so wait until it is closed
- <-s.Closed
- }
- }()
- return streams, errs, nil
+ go handle206Response(streams, errs, res.Body, chunks, mediaType, params)
+ return streams, errs, nil
+ default:
+ res.Body.Close()
+ return nil, nil, errors.Errorf("invalid status code returned when fetching blob %d (%s)", res.StatusCode, http.StatusText(res.StatusCode))
+ }
}
// GetBlob returns a stream for the specified blob, and the blob’s size (or -1 if unknown).
@@ -585,7 +633,7 @@ type bufferedNetworkReaderBuffer struct {
}
type bufferedNetworkReader struct {
- stream io.Reader
+ stream io.ReadCloser
emptyBuffer chan *bufferedNetworkReaderBuffer
readyBuffer chan *bufferedNetworkReaderBuffer
terminate chan bool
@@ -611,9 +659,10 @@ func handleBufferedNetworkReader(br *bufferedNetworkReader) {
}
}
-func (n *bufferedNetworkReader) Close() {
+func (n *bufferedNetworkReader) Close() error {
close(n.terminate)
close(n.emptyBuffer)
+ return n.stream.Close()
}
func (n *bufferedNetworkReader) read(p []byte) (int, error) {
@@ -657,7 +706,7 @@ func (n *bufferedNetworkReader) Read(p []byte) (int, error) {
return n.read(p)
}
-func makeBufferedNetworkReader(stream io.Reader, nBuffers, bufferSize uint) *bufferedNetworkReader {
+func makeBufferedNetworkReader(stream io.ReadCloser, nBuffers, bufferSize uint) *bufferedNetworkReader {
br := bufferedNetworkReader{
stream: stream,
emptyBuffer: make(chan *bufferedNetworkReaderBuffer, nBuffers),
@@ -680,15 +729,22 @@ func makeBufferedNetworkReader(stream io.Reader, nBuffers, bufferSize uint) *buf
}
type signalCloseReader struct {
- Closed chan interface{}
- Stream io.ReadCloser
+ closed chan interface{}
+ stream io.ReadCloser
+ consumeStream bool
}
func (s signalCloseReader) Read(p []byte) (int, error) {
- return s.Stream.Read(p)
+ return s.stream.Read(p)
}
func (s signalCloseReader) Close() error {
- defer close(s.Closed)
- return s.Stream.Close()
+ defer close(s.closed)
+ if s.consumeStream {
+ if _, err := io.Copy(ioutil.Discard, s.stream); err != nil {
+ s.stream.Close()
+ return err
+ }
+ }
+ return s.stream.Close()
}
diff --git a/vendor/github.com/containers/image/v5/docker/internal/tarfile/dest.go b/vendor/github.com/containers/image/v5/docker/internal/tarfile/dest.go
index a558657b6..44b0af110 100644
--- a/vendor/github.com/containers/image/v5/docker/internal/tarfile/dest.go
+++ b/vendor/github.com/containers/image/v5/docker/internal/tarfile/dest.go
@@ -10,6 +10,7 @@ import (
"github.com/containers/image/v5/docker/reference"
"github.com/containers/image/v5/internal/iolimits"
+ "github.com/containers/image/v5/internal/putblobdigest"
"github.com/containers/image/v5/internal/tmpdir"
"github.com/containers/image/v5/manifest"
"github.com/containers/image/v5/types"
@@ -86,7 +87,7 @@ func (d *Destination) HasThreadSafePutBlob() bool {
}
// PutBlob writes contents of stream and returns data representing the result (with all data filled in).
-// inputInfo.Digest can be optionally provided if known; it is not mandatory for the implementation to verify it.
+// inputInfo.Digest can be optionally provided if known; if provided, and stream is read to the end without error, the digest MUST match the stream contents.
// inputInfo.Size is the expected length of stream, if known.
// May update cache.
// WARNING: The contents of stream are being verified on the fly. Until stream.Read() returns io.EOF, the contents of the data SHOULD NOT be available
@@ -95,7 +96,7 @@ func (d *Destination) HasThreadSafePutBlob() bool {
func (d *Destination) PutBlob(ctx context.Context, stream io.Reader, inputInfo types.BlobInfo, cache types.BlobInfoCache, isConfig bool) (types.BlobInfo, error) {
// Ouch, we need to stream the blob into a temporary file just to determine the size.
// When the layer is decompressed, we also have to generate the digest on uncompressed data.
- if inputInfo.Size == -1 || inputInfo.Digest.String() == "" {
+ if inputInfo.Size == -1 || inputInfo.Digest == "" {
logrus.Debugf("docker tarfile: input with unknown size, streaming to disk first ...")
streamCopy, err := ioutil.TempFile(tmpdir.TemporaryDirectoryForBigFiles(d.sysCtx), "docker-tarfile-blob")
if err != nil {
@@ -104,10 +105,9 @@ func (d *Destination) PutBlob(ctx context.Context, stream io.Reader, inputInfo t
defer os.Remove(streamCopy.Name())
defer streamCopy.Close()
- digester := digest.Canonical.Digester()
- tee := io.TeeReader(stream, digester.Hash())
+ digester, stream2 := putblobdigest.DigestIfUnknown(stream, inputInfo)
// TODO: This can take quite some time, and should ideally be cancellable using ctx.Done().
- size, err := io.Copy(streamCopy, tee)
+ size, err := io.Copy(streamCopy, stream2)
if err != nil {
return types.BlobInfo{}, err
}
@@ -116,9 +116,7 @@ func (d *Destination) PutBlob(ctx context.Context, stream io.Reader, inputInfo t
return types.BlobInfo{}, err
}
inputInfo.Size = size // inputInfo is a struct, so we are only modifying our copy.
- if inputInfo.Digest == "" {
- inputInfo.Digest = digester.Digest()
- }
+ inputInfo.Digest = digester.Digest()
stream = streamCopy
logrus.Debugf("... streaming done")
}
diff --git a/vendor/github.com/containers/image/v5/internal/pkg/keyctl/key.go b/vendor/github.com/containers/image/v5/internal/pkg/keyctl/key.go
index 88e123cdd..bf6cc87d4 100644
--- a/vendor/github.com/containers/image/v5/internal/pkg/keyctl/key.go
+++ b/vendor/github.com/containers/image/v5/internal/pkg/keyctl/key.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux
// +build linux
package keyctl
diff --git a/vendor/github.com/containers/image/v5/internal/pkg/keyctl/keyring.go b/vendor/github.com/containers/image/v5/internal/pkg/keyctl/keyring.go
index 91c64a1b8..5eaad615c 100644
--- a/vendor/github.com/containers/image/v5/internal/pkg/keyctl/keyring.go
+++ b/vendor/github.com/containers/image/v5/internal/pkg/keyctl/keyring.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux
// +build linux
// Package keyctl is a Go interface to linux kernel keyrings (keyctl interface)
diff --git a/vendor/github.com/containers/image/v5/internal/pkg/keyctl/perm.go b/vendor/github.com/containers/image/v5/internal/pkg/keyctl/perm.go
index ae9697149..5f4d2157a 100644
--- a/vendor/github.com/containers/image/v5/internal/pkg/keyctl/perm.go
+++ b/vendor/github.com/containers/image/v5/internal/pkg/keyctl/perm.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux
// +build linux
package keyctl
diff --git a/vendor/github.com/containers/image/v5/internal/pkg/keyctl/sys_linux.go b/vendor/github.com/containers/image/v5/internal/pkg/keyctl/sys_linux.go
index 196c82760..f61666e42 100644
--- a/vendor/github.com/containers/image/v5/internal/pkg/keyctl/sys_linux.go
+++ b/vendor/github.com/containers/image/v5/internal/pkg/keyctl/sys_linux.go
@@ -2,6 +2,7 @@
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
+//go:build linux
// +build linux
package keyctl
diff --git a/vendor/github.com/containers/image/v5/internal/putblobdigest/put_blob_digest.go b/vendor/github.com/containers/image/v5/internal/putblobdigest/put_blob_digest.go
new file mode 100644
index 000000000..b8d3a7e56
--- /dev/null
+++ b/vendor/github.com/containers/image/v5/internal/putblobdigest/put_blob_digest.go
@@ -0,0 +1,57 @@
+package putblobdigest
+
+import (
+ "io"
+
+ "github.com/containers/image/v5/types"
+ "github.com/opencontainers/go-digest"
+)
+
+// Digester computes a digest of the provided stream, if not known yet.
+type Digester struct {
+ knownDigest digest.Digest // Or ""
+ digester digest.Digester // Or nil
+}
+
+// newDigester initiates computation of a digest.Canonical digest of stream,
+// if !validDigest; otherwise it just records knownDigest to be returned later.
+// The caller MUST use the returned stream instead of the original value.
+func newDigester(stream io.Reader, knownDigest digest.Digest, validDigest bool) (Digester, io.Reader) {
+ if validDigest {
+ return Digester{knownDigest: knownDigest}, stream
+ } else {
+ res := Digester{
+ digester: digest.Canonical.Digester(),
+ }
+ stream = io.TeeReader(stream, res.digester.Hash())
+ return res, stream
+ }
+}
+
+// DigestIfUnknown initiates computation of a digest.Canonical digest of stream,
+// if no digest is supplied in the provided blobInfo; otherwise blobInfo.Digest will
+// be used (accepting any algorithm).
+// The caller MUST use the returned stream instead of the original value.
+func DigestIfUnknown(stream io.Reader, blobInfo types.BlobInfo) (Digester, io.Reader) {
+ d := blobInfo.Digest
+ return newDigester(stream, d, d != "")
+}
+
+// DigestIfCanonicalUnknown initiates computation of a digest.Canonical digest of stream,
+// if a digest.Canonical digest is not supplied in the provided blobInfo;
+// otherwise blobInfo.Digest will be used.
+// The caller MUST use the returned stream instead of the original value.
+func DigestIfCanonicalUnknown(stream io.Reader, blobInfo types.BlobInfo) (Digester, io.Reader) {
+ d := blobInfo.Digest
+ return newDigester(stream, d, d != "" && d.Algorithm() == digest.Canonical)
+}
+
+// Digest() returns a digest value possibly computed by Digester.
+// This must be called only after all of the stream returned by a Digester constructor
+// has been successfully read.
+func (d Digester) Digest() digest.Digest {
+ if d.digester != nil {
+ return d.digester.Digest()
+ }
+ return d.knownDigest
+}
diff --git a/vendor/github.com/containers/image/v5/internal/types/types.go b/vendor/github.com/containers/image/v5/internal/types/types.go
index e0355a477..388f8cf3b 100644
--- a/vendor/github.com/containers/image/v5/internal/types/types.go
+++ b/vendor/github.com/containers/image/v5/internal/types/types.go
@@ -70,6 +70,7 @@ type ImageSourceChunk struct {
// This API is experimental and can be changed without bumping the major version number.
type ImageSourceSeekable interface {
// GetBlobAt returns a stream for the specified blob.
+ // The specified chunks must be not overlapping and sorted by their offset.
GetBlobAt(context.Context, publicTypes.BlobInfo, []ImageSourceChunk) (chan io.ReadCloser, chan error, error)
}
diff --git a/vendor/github.com/containers/image/v5/oci/archive/oci_dest.go b/vendor/github.com/containers/image/v5/oci/archive/oci_dest.go
index 065a0b055..3d8738db5 100644
--- a/vendor/github.com/containers/image/v5/oci/archive/oci_dest.go
+++ b/vendor/github.com/containers/image/v5/oci/archive/oci_dest.go
@@ -88,7 +88,7 @@ func (d *ociArchiveImageDestination) HasThreadSafePutBlob() bool {
}
// PutBlob writes contents of stream and returns data representing the result.
-// inputInfo.Digest can be optionally provided if known; it is not mandatory for the implementation to verify it.
+// inputInfo.Digest can be optionally provided if known; if provided, and stream is read to the end without error, the digest MUST match the stream contents.
// inputInfo.Size is the expected length of stream, if known.
// inputInfo.MediaType describes the blob format, if known.
// May update cache.
diff --git a/vendor/github.com/containers/image/v5/oci/layout/oci_dest.go b/vendor/github.com/containers/image/v5/oci/layout/oci_dest.go
index d1d06d64d..d0ee72635 100644
--- a/vendor/github.com/containers/image/v5/oci/layout/oci_dest.go
+++ b/vendor/github.com/containers/image/v5/oci/layout/oci_dest.go
@@ -9,6 +9,7 @@ import (
"path/filepath"
"runtime"
+ "github.com/containers/image/v5/internal/putblobdigest"
"github.com/containers/image/v5/manifest"
"github.com/containers/image/v5/types"
digest "github.com/opencontainers/go-digest"
@@ -115,7 +116,7 @@ func (d *ociImageDestination) HasThreadSafePutBlob() bool {
}
// PutBlob writes contents of stream and returns data representing the result.
-// inputInfo.Digest can be optionally provided if known; it is not mandatory for the implementation to verify it.
+// inputInfo.Digest can be optionally provided if known; if provided, and stream is read to the end without error, the digest MUST match the stream contents.
// inputInfo.Size is the expected length of stream, if known.
// inputInfo.MediaType describes the blob format, if known.
// May update cache.
@@ -138,17 +139,15 @@ func (d *ociImageDestination) PutBlob(ctx context.Context, stream io.Reader, inp
}
}()
- digester := digest.Canonical.Digester()
- tee := io.TeeReader(stream, digester.Hash())
-
+ digester, stream := putblobdigest.DigestIfCanonicalUnknown(stream, inputInfo)
// TODO: This can take quite some time, and should ideally be cancellable using ctx.Done().
- size, err := io.Copy(blobFile, tee)
+ size, err := io.Copy(blobFile, stream)
if err != nil {
return types.BlobInfo{}, err
}
- computedDigest := digester.Digest()
+ blobDigest := digester.Digest()
if inputInfo.Size != -1 && size != inputInfo.Size {
- return types.BlobInfo{}, errors.Errorf("Size mismatch when copying %s, expected %d, got %d", computedDigest, inputInfo.Size, size)
+ return types.BlobInfo{}, errors.Errorf("Size mismatch when copying %s, expected %d, got %d", blobDigest, inputInfo.Size, size)
}
if err := blobFile.Sync(); err != nil {
return types.BlobInfo{}, err
@@ -164,7 +163,7 @@ func (d *ociImageDestination) PutBlob(ctx context.Context, stream io.Reader, inp
}
}
- blobPath, err := d.ref.blobPath(computedDigest, d.sharedBlobDir)
+ blobPath, err := d.ref.blobPath(blobDigest, d.sharedBlobDir)
if err != nil {
return types.BlobInfo{}, err
}
@@ -179,7 +178,7 @@ func (d *ociImageDestination) PutBlob(ctx context.Context, stream io.Reader, inp
return types.BlobInfo{}, err
}
succeeded = true
- return types.BlobInfo{Digest: computedDigest, Size: size}, nil
+ return types.BlobInfo{Digest: blobDigest, Size: size}, nil
}
// TryReusingBlob checks whether the transport already contains, or can efficiently reuse, a blob, and if so, applies it to the current destination
diff --git a/vendor/github.com/containers/image/v5/openshift/openshift-copies.go b/vendor/github.com/containers/image/v5/openshift/openshift-copies.go
index f9f811784..4ffbced6b 100644
--- a/vendor/github.com/containers/image/v5/openshift/openshift-copies.go
+++ b/vendor/github.com/containers/image/v5/openshift/openshift-copies.go
@@ -279,7 +279,7 @@ func getUserIdentificationPartialConfig(configAuthInfo clientcmdAuthInfo) (*rest
}
// ConfirmUsable is a modified copy of k8s.io/kubernetes/pkg/client/unversioned/clientcmd.DirectClientConfig.ConfirmUsable.
-// ConfirmUsable looks a particular context and determines if that particular part of the config is useable. There might still be errors in the config,
+// ConfirmUsable looks a particular context and determines if that particular part of the config is usable. There might still be errors in the config,
// but no errors in the sections requested or referenced. It does not return early so that it can find as many errors as possible.
func (config *directClientConfig) ConfirmUsable() error {
var validationErrors []error
diff --git a/vendor/github.com/containers/image/v5/openshift/openshift.go b/vendor/github.com/containers/image/v5/openshift/openshift.go
index 6ea65bcf3..c7c6cf694 100644
--- a/vendor/github.com/containers/image/v5/openshift/openshift.go
+++ b/vendor/github.com/containers/image/v5/openshift/openshift.go
@@ -395,7 +395,7 @@ func (d *openshiftImageDestination) HasThreadSafePutBlob() bool {
}
// PutBlob writes contents of stream and returns data representing the result (with all data filled in).
-// inputInfo.Digest can be optionally provided if known; it is not mandatory for the implementation to verify it.
+// inputInfo.Digest can be optionally provided if known; if provided, and stream is read to the end without error, the digest MUST match the stream contents.
// inputInfo.Size is the expected length of stream, if known.
// May update cache.
// WARNING: The contents of stream are being verified on the fly. Until stream.Read() returns io.EOF, the contents of the data SHOULD NOT be available
diff --git a/vendor/github.com/containers/image/v5/ostree/ostree_dest.go b/vendor/github.com/containers/image/v5/ostree/ostree_dest.go
index c91a49c57..3eb2a2cba 100644
--- a/vendor/github.com/containers/image/v5/ostree/ostree_dest.go
+++ b/vendor/github.com/containers/image/v5/ostree/ostree_dest.go
@@ -1,3 +1,4 @@
+//go:build containers_image_ostree
// +build containers_image_ostree
package ostree
@@ -20,6 +21,7 @@ import (
"time"
"unsafe"
+ "github.com/containers/image/v5/internal/putblobdigest"
"github.com/containers/image/v5/manifest"
"github.com/containers/image/v5/types"
"github.com/containers/storage/pkg/archive"
@@ -138,7 +140,7 @@ func (d *ostreeImageDestination) HasThreadSafePutBlob() bool {
}
// PutBlob writes contents of stream and returns data representing the result.
-// inputInfo.Digest can be optionally provided if known; it is not mandatory for the implementation to verify it.
+// inputInfo.Digest can be optionally provided if known; if provided, and stream is read to the end without error, the digest MUST match the stream contents.
// inputInfo.Size is the expected length of stream, if known.
// inputInfo.MediaType describes the blob format, if known.
// May update cache.
@@ -158,25 +160,23 @@ func (d *ostreeImageDestination) PutBlob(ctx context.Context, stream io.Reader,
}
defer blobFile.Close()
- digester := digest.Canonical.Digester()
- tee := io.TeeReader(stream, digester.Hash())
-
+ digester, stream := putblobdigest.DigestIfCanonicalUnknown(stream, inputInfo)
// TODO: This can take quite some time, and should ideally be cancellable using ctx.Done().
- size, err := io.Copy(blobFile, tee)
+ size, err := io.Copy(blobFile, stream)
if err != nil {
return types.BlobInfo{}, err
}
- computedDigest := digester.Digest()
+ blobDigest := digester.Digest()
if inputInfo.Size != -1 && size != inputInfo.Size {
- return types.BlobInfo{}, errors.Errorf("Size mismatch when copying %s, expected %d, got %d", computedDigest, inputInfo.Size, size)
+ return types.BlobInfo{}, errors.Errorf("Size mismatch when copying %s, expected %d, got %d", blobDigest, inputInfo.Size, size)
}
if err := blobFile.Sync(); err != nil {
return types.BlobInfo{}, err
}
- hash := computedDigest.Hex()
- d.blobs[hash] = &blobToImport{Size: size, Digest: computedDigest, BlobPath: blobPath}
- return types.BlobInfo{Digest: computedDigest, Size: size}, nil
+ hash := blobDigest.Hex()
+ d.blobs[hash] = &blobToImport{Size: size, Digest: blobDigest, BlobPath: blobPath}
+ return types.BlobInfo{Digest: blobDigest, Size: size}, nil
}
func fixFiles(selinuxHnd *C.struct_selabel_handle, root string, dir string, usermode bool) error {
diff --git a/vendor/github.com/containers/image/v5/ostree/ostree_src.go b/vendor/github.com/containers/image/v5/ostree/ostree_src.go
index 4948ec664..d30c764a6 100644
--- a/vendor/github.com/containers/image/v5/ostree/ostree_src.go
+++ b/vendor/github.com/containers/image/v5/ostree/ostree_src.go
@@ -1,3 +1,4 @@
+//go:build containers_image_ostree
// +build containers_image_ostree
package ostree
diff --git a/vendor/github.com/containers/image/v5/ostree/ostree_transport.go b/vendor/github.com/containers/image/v5/ostree/ostree_transport.go
index a55147b85..1e35ab605 100644
--- a/vendor/github.com/containers/image/v5/ostree/ostree_transport.go
+++ b/vendor/github.com/containers/image/v5/ostree/ostree_transport.go
@@ -1,3 +1,4 @@
+//go:build containers_image_ostree
// +build containers_image_ostree
package ostree
diff --git a/vendor/github.com/containers/image/v5/pkg/docker/config/config.go b/vendor/github.com/containers/image/v5/pkg/docker/config/config.go
index c82a9e1a0..e37f4c19e 100644
--- a/vendor/github.com/containers/image/v5/pkg/docker/config/config.go
+++ b/vendor/github.com/containers/image/v5/pkg/docker/config/config.go
@@ -478,7 +478,7 @@ func listAuthsFromCredHelper(credHelper string) (map[string]string, error) {
return helperclient.List(p)
}
-// getPathToAuth gets the path of the auth.json file used for reading and writting credentials
+// getPathToAuth gets the path of the auth.json file used for reading and writing credentials
// returns the path, and a bool specifies whether the file is in legacy format
func getPathToAuth(sys *types.SystemContext) (string, bool, error) {
return getPathToAuthWithOS(sys, runtime.GOOS)
@@ -601,10 +601,18 @@ func getAuthFromCredHelper(credHelper, registry string) (types.DockerAuthConfig,
if err != nil {
return types.DockerAuthConfig{}, err
}
- return types.DockerAuthConfig{
- Username: creds.Username,
- Password: creds.Secret,
- }, nil
+
+ switch creds.Username {
+ case "<token>":
+ return types.DockerAuthConfig{
+ IdentityToken: creds.Secret,
+ }, nil
+ default:
+ return types.DockerAuthConfig{
+ Username: creds.Username,
+ Password: creds.Secret,
+ }, nil
+ }
}
func setAuthToCredHelper(credHelper, registry, username, password string) error {
diff --git a/vendor/github.com/containers/image/v5/pkg/docker/config/config_linux.go b/vendor/github.com/containers/image/v5/pkg/docker/config/config_linux.go
index 1354ee46d..0bf161259 100644
--- a/vendor/github.com/containers/image/v5/pkg/docker/config/config_linux.go
+++ b/vendor/github.com/containers/image/v5/pkg/docker/config/config_linux.go
@@ -10,7 +10,7 @@ import (
)
// NOTE: none of the functions here are currently used. If we ever want to
-// reenable keyring support, we should introduce a similar built-in credential
+// re-enable keyring support, we should introduce a similar built-in credential
// helpers as for `sysregistriesv2.AuthenticationFileHelper`.
const keyDescribePrefix = "container-registry-login:" //nolint:deadcode,unused
diff --git a/vendor/github.com/containers/image/v5/pkg/docker/config/config_unsupported.go b/vendor/github.com/containers/image/v5/pkg/docker/config/config_unsupported.go
index 65e580410..d9827d8ed 100644
--- a/vendor/github.com/containers/image/v5/pkg/docker/config/config_unsupported.go
+++ b/vendor/github.com/containers/image/v5/pkg/docker/config/config_unsupported.go
@@ -1,3 +1,4 @@
+//go:build !linux && (!386 || !amd64)
// +build !linux
// +build !386 !amd64
diff --git a/vendor/github.com/containers/image/v5/signature/mechanism_gpgme.go b/vendor/github.com/containers/image/v5/signature/mechanism_gpgme.go
index a0afc34b4..6ae74d430 100644
--- a/vendor/github.com/containers/image/v5/signature/mechanism_gpgme.go
+++ b/vendor/github.com/containers/image/v5/signature/mechanism_gpgme.go
@@ -1,3 +1,4 @@
+//go:build !containers_image_openpgp
// +build !containers_image_openpgp
package signature
diff --git a/vendor/github.com/containers/image/v5/signature/mechanism_openpgp.go b/vendor/github.com/containers/image/v5/signature/mechanism_openpgp.go
index a05760284..0a09788f9 100644
--- a/vendor/github.com/containers/image/v5/signature/mechanism_openpgp.go
+++ b/vendor/github.com/containers/image/v5/signature/mechanism_openpgp.go
@@ -1,3 +1,4 @@
+//go:build containers_image_openpgp
// +build containers_image_openpgp
package signature
diff --git a/vendor/github.com/containers/image/v5/storage/storage_image.go b/vendor/github.com/containers/image/v5/storage/storage_image.go
index 6b0fea61a..7329ef6ee 100644
--- a/vendor/github.com/containers/image/v5/storage/storage_image.go
+++ b/vendor/github.com/containers/image/v5/storage/storage_image.go
@@ -1,3 +1,4 @@
+//go:build !containers_image_storage_stub
// +build !containers_image_storage_stub
package storage
@@ -17,13 +18,14 @@ import (
"github.com/containers/image/v5/docker/reference"
"github.com/containers/image/v5/image"
+ "github.com/containers/image/v5/internal/putblobdigest"
"github.com/containers/image/v5/internal/tmpdir"
internalTypes "github.com/containers/image/v5/internal/types"
"github.com/containers/image/v5/manifest"
"github.com/containers/image/v5/pkg/blobinfocache/none"
"github.com/containers/image/v5/types"
"github.com/containers/storage"
- "github.com/containers/storage/drivers"
+ graphdriver "github.com/containers/storage/drivers"
"github.com/containers/storage/pkg/archive"
"github.com/containers/storage/pkg/chunked"
"github.com/containers/storage/pkg/ioutils"
@@ -34,8 +36,10 @@ import (
)
var (
- // ErrBlobDigestMismatch is returned when PutBlob() is given a blob
+ // ErrBlobDigestMismatch could potentially be returned when PutBlob() is given a blob
// with a digest-based name that doesn't match its contents.
+ // Deprecated: PutBlob() doesn't do this any more (it just accepts the caller’s value),
+ // and there is no known user of this error.
ErrBlobDigestMismatch = stderrors.New("blob digest mismatch")
// ErrBlobSizeMismatch is returned when PutBlob() is given a blob
// with an expected size that doesn't match the reader.
@@ -468,7 +472,7 @@ func (s *storageImageDestination) HasThreadSafePutBlob() bool {
}
// PutBlob writes contents of stream and returns data representing the result.
-// inputInfo.Digest can be optionally provided if known; it is not mandatory for the implementation to verify it.
+// inputInfo.Digest can be optionally provided if known; if provided, and stream is read to the end without error, the digest MUST match the stream contents.
// inputInfo.Size is the expected length of stream, if known.
// inputInfo.MediaType describes the blob format, if known.
// May update cache.
@@ -482,26 +486,28 @@ func (s *storageImageDestination) PutBlob(ctx context.Context, stream io.Reader,
Digest: "",
Size: -1,
}
- // Set up to digest the blob and count its size while saving it to a file.
- hasher := digest.Canonical.Digester()
- if blobinfo.Digest.Validate() == nil {
- if a := blobinfo.Digest.Algorithm(); a.Available() {
- hasher = a.Digester()
+ if blobinfo.Digest != "" {
+ if err := blobinfo.Digest.Validate(); err != nil {
+ return errorBlobInfo, fmt.Errorf("invalid digest %#v: %w", blobinfo.Digest.String(), err)
}
}
- diffID := digest.Canonical.Digester()
+
+ // Set up to digest the blob if necessary, and count its size while saving it to a file.
filename := s.computeNextBlobCacheFile()
file, err := os.OpenFile(filename, os.O_CREATE|os.O_TRUNC|os.O_WRONLY|os.O_EXCL, 0600)
if err != nil {
return errorBlobInfo, errors.Wrapf(err, "creating temporary file %q", filename)
}
defer file.Close()
- counter := ioutils.NewWriteCounter(hasher.Hash())
- reader := io.TeeReader(io.TeeReader(stream, counter), file)
- decompressed, err := archive.DecompressStream(reader)
+ counter := ioutils.NewWriteCounter(file)
+ stream = io.TeeReader(stream, counter)
+ digester, stream := putblobdigest.DigestIfUnknown(stream, blobinfo)
+ decompressed, err := archive.DecompressStream(stream)
if err != nil {
return errorBlobInfo, errors.Wrap(err, "setting up to decompress blob")
}
+
+ diffID := digest.Canonical.Digester()
// Copy the data to the file.
// TODO: This can take quite some time, and should ideally be cancellable using ctx.Done().
_, err = io.Copy(diffID.Hash(), decompressed)
@@ -509,28 +515,25 @@ func (s *storageImageDestination) PutBlob(ctx context.Context, stream io.Reader,
if err != nil {
return errorBlobInfo, errors.Wrapf(err, "storing blob to file %q", filename)
}
- // Ensure that any information that we were given about the blob is correct.
- if blobinfo.Digest.Validate() == nil && blobinfo.Digest != hasher.Digest() {
- return errorBlobInfo, errors.WithStack(ErrBlobDigestMismatch)
- }
- if blobinfo.Size >= 0 && blobinfo.Size != counter.Count {
+
+ // Determine blob properties, and fail if information that we were given about the blob
+ // is known to be incorrect.
+ blobDigest := digester.Digest()
+ blobSize := blobinfo.Size
+ if blobSize < 0 {
+ blobSize = counter.Count
+ } else if blobinfo.Size != counter.Count {
return errorBlobInfo, errors.WithStack(ErrBlobSizeMismatch)
}
+
// Record information about the blob.
s.lock.Lock()
- s.blobDiffIDs[hasher.Digest()] = diffID.Digest()
- s.fileSizes[hasher.Digest()] = counter.Count
- s.filenames[hasher.Digest()] = filename
+ s.blobDiffIDs[blobDigest] = diffID.Digest()
+ s.fileSizes[blobDigest] = counter.Count
+ s.filenames[blobDigest] = filename
s.lock.Unlock()
- blobDigest := blobinfo.Digest
- if blobDigest.Validate() != nil {
- blobDigest = hasher.Digest()
- }
- blobSize := blobinfo.Size
- if blobSize < 0 {
- blobSize = counter.Count
- }
- // This is safe because we have just computed both values ourselves.
+ // This is safe because we have just computed diffID, and blobDigest was either computed
+ // by us, or validated by the caller (usually copy.digestingReader).
cache.RecordDigestUncompressedPair(blobDigest, diffID.Digest())
return types.BlobInfo{
Digest: blobDigest,
@@ -813,7 +816,7 @@ func (s *storageImageDestination) queueOrCommit(ctx context.Context, blob types.
//
// The conceptual benefit of this design is that caller can continue
// pulling layers after an early return. At any given time, only one
- // caller is the "worker" routine comitting layers. All other routines
+ // caller is the "worker" routine committing layers. All other routines
// can continue pulling and queuing in layers.
s.lock.Lock()
s.indexToPulledLayerInfo[index] = &manifest.LayerInfo{
@@ -852,7 +855,7 @@ func (s *storageImageDestination) queueOrCommit(ctx context.Context, blob types.
// must guarantee that, at any given time, at most one goroutine may execute
// `commitLayer()`.
func (s *storageImageDestination) commitLayer(ctx context.Context, blob manifest.LayerInfo, index int) error {
- // Already commited? Return early.
+ // Already committed? Return early.
if _, alreadyCommitted := s.indexToStorageID[index]; alreadyCommitted {
return nil
}
@@ -1004,7 +1007,10 @@ func (s *storageImageDestination) commitLayer(ctx context.Context, blob manifest
defer file.Close()
// Build the new layer using the diff, regardless of where it came from.
// TODO: This can take quite some time, and should ideally be cancellable using ctx.Done().
- layer, _, err := s.imageRef.transport.store.PutLayer(id, lastLayer, nil, "", false, nil, file)
+ layer, _, err := s.imageRef.transport.store.PutLayer(id, lastLayer, nil, "", false, &storage.LayerOptions{
+ OriginalDigest: blob.Digest,
+ UncompressedDigest: diffID,
+ }, file)
if err != nil && errors.Cause(err) != storage.ErrDuplicateID {
return errors.Wrapf(err, "adding layer with blob %q", blob.Digest)
}
@@ -1065,7 +1071,7 @@ func (s *storageImageDestination) Commit(ctx context.Context, unparsedToplevel t
if len(layerBlobs) > 0 { // Can happen when using caches
prev := s.indexToStorageID[len(layerBlobs)-1]
if prev == nil {
- return errors.Errorf("Internal error: StorageImageDestination.Commit(): previous layer %d hasn't been commited (lastLayer == nil)", len(layerBlobs)-1)
+ return errors.Errorf("Internal error: StorageImageDestination.Commit(): previous layer %d hasn't been committed (lastLayer == nil)", len(layerBlobs)-1)
}
lastLayer = *prev
}
diff --git a/vendor/github.com/containers/image/v5/storage/storage_reference.go b/vendor/github.com/containers/image/v5/storage/storage_reference.go
index 1aafe9068..7c6da112c 100644
--- a/vendor/github.com/containers/image/v5/storage/storage_reference.go
+++ b/vendor/github.com/containers/image/v5/storage/storage_reference.go
@@ -1,3 +1,4 @@
+//go:build !containers_image_storage_stub
// +build !containers_image_storage_stub
package storage
diff --git a/vendor/github.com/containers/image/v5/storage/storage_transport.go b/vendor/github.com/containers/image/v5/storage/storage_transport.go
index d4c85b725..ab59c8a29 100644
--- a/vendor/github.com/containers/image/v5/storage/storage_transport.go
+++ b/vendor/github.com/containers/image/v5/storage/storage_transport.go
@@ -1,3 +1,4 @@
+//go:build !containers_image_storage_stub
// +build !containers_image_storage_stub
package storage
diff --git a/vendor/github.com/containers/image/v5/transports/alltransports/docker_daemon.go b/vendor/github.com/containers/image/v5/transports/alltransports/docker_daemon.go
index 82224052e..ffac6e0b8 100644
--- a/vendor/github.com/containers/image/v5/transports/alltransports/docker_daemon.go
+++ b/vendor/github.com/containers/image/v5/transports/alltransports/docker_daemon.go
@@ -1,3 +1,4 @@
+//go:build !containers_image_docker_daemon_stub
// +build !containers_image_docker_daemon_stub
package alltransports
diff --git a/vendor/github.com/containers/image/v5/transports/alltransports/docker_daemon_stub.go b/vendor/github.com/containers/image/v5/transports/alltransports/docker_daemon_stub.go
index d13700799..ddc347bf3 100644
--- a/vendor/github.com/containers/image/v5/transports/alltransports/docker_daemon_stub.go
+++ b/vendor/github.com/containers/image/v5/transports/alltransports/docker_daemon_stub.go
@@ -1,3 +1,4 @@
+//go:build containers_image_docker_daemon_stub
// +build containers_image_docker_daemon_stub
package alltransports
diff --git a/vendor/github.com/containers/image/v5/transports/alltransports/ostree.go b/vendor/github.com/containers/image/v5/transports/alltransports/ostree.go
index 72432d1ef..2340702bd 100644
--- a/vendor/github.com/containers/image/v5/transports/alltransports/ostree.go
+++ b/vendor/github.com/containers/image/v5/transports/alltransports/ostree.go
@@ -1,3 +1,4 @@
+//go:build containers_image_ostree && linux
// +build containers_image_ostree,linux
package alltransports
diff --git a/vendor/github.com/containers/image/v5/transports/alltransports/ostree_stub.go b/vendor/github.com/containers/image/v5/transports/alltransports/ostree_stub.go
index f4a862bd4..8c4175188 100644
--- a/vendor/github.com/containers/image/v5/transports/alltransports/ostree_stub.go
+++ b/vendor/github.com/containers/image/v5/transports/alltransports/ostree_stub.go
@@ -1,3 +1,4 @@
+//go:build !containers_image_ostree || !linux
// +build !containers_image_ostree !linux
package alltransports
diff --git a/vendor/github.com/containers/image/v5/transports/alltransports/storage.go b/vendor/github.com/containers/image/v5/transports/alltransports/storage.go
index 7041eb876..1e399cdb0 100644
--- a/vendor/github.com/containers/image/v5/transports/alltransports/storage.go
+++ b/vendor/github.com/containers/image/v5/transports/alltransports/storage.go
@@ -1,3 +1,4 @@
+//go:build !containers_image_storage_stub
// +build !containers_image_storage_stub
package alltransports
diff --git a/vendor/github.com/containers/image/v5/transports/alltransports/storage_stub.go b/vendor/github.com/containers/image/v5/transports/alltransports/storage_stub.go
index 67f0291cc..30802661f 100644
--- a/vendor/github.com/containers/image/v5/transports/alltransports/storage_stub.go
+++ b/vendor/github.com/containers/image/v5/transports/alltransports/storage_stub.go
@@ -1,3 +1,4 @@
+//go:build containers_image_storage_stub
// +build containers_image_storage_stub
package alltransports
diff --git a/vendor/github.com/containers/image/v5/types/types.go b/vendor/github.com/containers/image/v5/types/types.go
index 1c4a1419f..354b3f663 100644
--- a/vendor/github.com/containers/image/v5/types/types.go
+++ b/vendor/github.com/containers/image/v5/types/types.go
@@ -299,7 +299,7 @@ type ImageDestination interface {
IgnoresEmbeddedDockerReference() bool
// PutBlob writes contents of stream and returns data representing the result.
- // inputInfo.Digest can be optionally provided if known; it is not mandatory for the implementation to verify it.
+ // inputInfo.Digest can be optionally provided if known; if provided, and stream is read to the end without error, the digest MUST match the stream contents.
// inputInfo.Size is the expected length of stream, if known.
// inputInfo.MediaType describes the blob format, if known.
// May update cache.
diff --git a/vendor/github.com/containers/image/v5/version/version.go b/vendor/github.com/containers/image/v5/version/version.go
index 478a03b05..b9f8c3e9f 100644
--- a/vendor/github.com/containers/image/v5/version/version.go
+++ b/vendor/github.com/containers/image/v5/version/version.go
@@ -6,9 +6,9 @@ const (
// VersionMajor is for an API incompatible changes
VersionMajor = 5
// VersionMinor is for functionality in a backwards-compatible manner
- VersionMinor = 15
+ VersionMinor = 16
// VersionPatch is for backwards-compatible bug fixes
- VersionPatch = 2
+ VersionPatch = 0
// VersionDev indicates development branch. Releases will be empty string.
VersionDev = ""
diff --git a/vendor/github.com/containers/storage/VERSION b/vendor/github.com/containers/storage/VERSION
index a95a46d9f..2aeaa11ee 100644
--- a/vendor/github.com/containers/storage/VERSION
+++ b/vendor/github.com/containers/storage/VERSION
@@ -1 +1 @@
-1.34.1
+1.35.0
diff --git a/vendor/github.com/containers/storage/go.mod b/vendor/github.com/containers/storage/go.mod
index d2d438d93..10204a12a 100644
--- a/vendor/github.com/containers/storage/go.mod
+++ b/vendor/github.com/containers/storage/go.mod
@@ -16,7 +16,7 @@ require (
github.com/mistifyio/go-zfs v2.1.2-0.20190413222219-f784269be439+incompatible
github.com/moby/sys/mountinfo v0.4.1
github.com/opencontainers/go-digest v1.0.0
- github.com/opencontainers/runc v1.0.1
+ github.com/opencontainers/runc v1.0.2
github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417
github.com/opencontainers/selinux v1.8.4
github.com/pkg/errors v0.9.1
@@ -25,8 +25,8 @@ require (
github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635
github.com/tchap/go-patricia v2.3.0+incompatible
github.com/ulikunitz/xz v0.5.10
- github.com/vbatts/tar-split v0.11.1
+ github.com/vbatts/tar-split v0.11.2
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110
- golang.org/x/sys v0.0.0-20210426230700-d19ff857e887
+ golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55
gotest.tools v2.2.0+incompatible
)
diff --git a/vendor/github.com/containers/storage/go.sum b/vendor/github.com/containers/storage/go.sum
index da7a8f53e..1f5be8df5 100644
--- a/vendor/github.com/containers/storage/go.sum
+++ b/vendor/github.com/containers/storage/go.sum
@@ -469,8 +469,8 @@ github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59P
github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
github.com/opencontainers/runc v1.0.0-rc9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U=
github.com/opencontainers/runc v1.0.0-rc93/go.mod h1:3NOsor4w32B2tC0Zbl8Knk4Wg84SM2ImC1fxBuqJ/H0=
-github.com/opencontainers/runc v1.0.1 h1:G18PGckGdAm3yVQRWDVQ1rLSLntiniKJ0cNRT2Tm5gs=
-github.com/opencontainers/runc v1.0.1/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0=
+github.com/opencontainers/runc v1.0.2 h1:opHZMaswlyxz1OuGpBE53Dwe4/xF7EZTY0A2L/FpCOg=
+github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0=
github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
github.com/opencontainers/runtime-spec v1.0.2-0.20190207185410-29686dbc5559/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
@@ -585,8 +585,9 @@ github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/
github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
-github.com/vbatts/tar-split v0.11.1 h1:0Odu65rhcZ3JZaPHxl7tCI3V/C/Q9Zf82UFravl02dE=
-github.com/vbatts/tar-split v0.11.1/go.mod h1:LEuURwDEiWjRjwu46yU3KVGuUdVv/dcnpcEPSzR8z6g=
+github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
+github.com/vbatts/tar-split v0.11.2 h1:Via6XqJr0hceW4wff3QRzD5gAk/tatMw/4ZA7cTlIME=
+github.com/vbatts/tar-split v0.11.2/go.mod h1:vV3ZuO2yWSVsz+pfFzDG/upWH1JhjOiEaWq6kXyQ3VI=
github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk=
github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE=
github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho=
@@ -770,8 +771,9 @@ golang.org/x/sys v0.0.0-20201201145000-ef89a241ccb3/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20201202213521-69691e467435/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210426230700-d19ff857e887 h1:dXfMednGJh/SUUFjTLsWJz3P+TQt9qnR11GgeI3vWKs=
golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55 h1:rw6UNGRMfarCepjI8qOepea/SXwIBVfTKjztZ5gBbq4=
+golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
diff --git a/vendor/github.com/containers/storage/layers.go b/vendor/github.com/containers/storage/layers.go
index b85ff7e70..32ba20685 100644
--- a/vendor/github.com/containers/storage/layers.go
+++ b/vendor/github.com/containers/storage/layers.go
@@ -803,7 +803,7 @@ func (r *layerStore) Put(id string, parentLayer *Layer, names []string, mountLab
r.driver.Remove(id)
return nil, -1, err
}
- size, err = r.ApplyDiff(layer.ID, diff)
+ size, err = r.applyDiffWithOptions(layer.ID, moreOptions, diff)
if err != nil {
if r.Delete(layer.ID) != nil {
// Either a driver error or an error saving.
@@ -1505,6 +1505,10 @@ func (r *layerStore) DiffSize(from, to string) (size int64, err error) {
}
func (r *layerStore) ApplyDiff(to string, diff io.Reader) (size int64, err error) {
+ return r.applyDiffWithOptions(to, nil, diff)
+}
+
+func (r *layerStore) applyDiffWithOptions(to string, layerOptions *LayerOptions, diff io.Reader) (size int64, err error) {
if !r.IsReadWrite() {
return -1, errors.Wrapf(ErrStoreIsReadOnly, "not allowed to modify layer contents at %q", r.layerspath())
}
@@ -1519,11 +1523,33 @@ func (r *layerStore) ApplyDiff(to string, diff io.Reader) (size int64, err error
if err != nil && err != io.EOF {
return -1, err
}
-
compression := archive.DetectCompression(header[:n])
- compressedDigest := digest.Canonical.Digester()
- compressedCounter := ioutils.NewWriteCounter(compressedDigest.Hash())
- defragmented := io.TeeReader(io.MultiReader(bytes.NewBuffer(header[:n]), diff), compressedCounter)
+ defragmented := io.MultiReader(bytes.NewBuffer(header[:n]), diff)
+
+ // Decide if we need to compute digests
+ var compressedDigest, uncompressedDigest digest.Digest // = ""
+ var compressedDigester, uncompressedDigester digest.Digester // = nil
+ if layerOptions != nil && layerOptions.OriginalDigest != "" &&
+ layerOptions.OriginalDigest.Algorithm() == digest.Canonical {
+ compressedDigest = layerOptions.OriginalDigest
+ } else {
+ compressedDigester = digest.Canonical.Digester()
+ }
+ if layerOptions != nil && layerOptions.UncompressedDigest != "" &&
+ layerOptions.UncompressedDigest.Algorithm() == digest.Canonical {
+ uncompressedDigest = layerOptions.UncompressedDigest
+ } else {
+ uncompressedDigester = digest.Canonical.Digester()
+ }
+
+ var compressedWriter io.Writer
+ if compressedDigester != nil {
+ compressedWriter = compressedDigester.Hash()
+ } else {
+ compressedWriter = ioutil.Discard
+ }
+ compressedCounter := ioutils.NewWriteCounter(compressedWriter)
+ defragmented = io.TeeReader(defragmented, compressedCounter)
tsdata := bytes.Buffer{}
compressor, err := pgzip.NewWriterLevel(&tsdata, pgzip.BestSpeed)
@@ -1539,8 +1565,6 @@ func (r *layerStore) ApplyDiff(to string, diff io.Reader) (size int64, err error
return -1, err
}
defer uncompressed.Close()
- uncompressedDigest := digest.Canonical.Digester()
- uncompressedCounter := ioutils.NewWriteCounter(uncompressedDigest.Hash())
uidLog := make(map[uint32]struct{})
gidLog := make(map[uint32]struct{})
idLogger, err := tarlog.NewLogger(func(h *tar.Header) {
@@ -1553,7 +1577,12 @@ func (r *layerStore) ApplyDiff(to string, diff io.Reader) (size int64, err error
return -1, err
}
defer idLogger.Close()
- payload, err := asm.NewInputTarStream(io.TeeReader(uncompressed, io.MultiWriter(uncompressedCounter, idLogger)), metadata, storage.NewDiscardFilePutter())
+ uncompressedCounter := ioutils.NewWriteCounter(idLogger)
+ uncompressedWriter := (io.Writer)(uncompressedCounter)
+ if uncompressedDigester != nil {
+ uncompressedWriter = io.MultiWriter(uncompressedWriter, uncompressedDigester.Hash())
+ }
+ payload, err := asm.NewInputTarStream(io.TeeReader(uncompressed, uncompressedWriter), metadata, storage.NewDiscardFilePutter())
if err != nil {
return -1, err
}
@@ -1575,6 +1604,12 @@ func (r *layerStore) ApplyDiff(to string, diff io.Reader) (size int64, err error
return -1, err
}
}
+ if compressedDigester != nil {
+ compressedDigest = compressedDigester.Digest()
+ }
+ if uncompressedDigester != nil {
+ uncompressedDigest = uncompressedDigester.Digest()
+ }
updateDigestMap := func(m *map[digest.Digest][]string, oldvalue, newvalue digest.Digest, id string) {
var newList []string
@@ -1594,11 +1629,11 @@ func (r *layerStore) ApplyDiff(to string, diff io.Reader) (size int64, err error
(*m)[newvalue] = append((*m)[newvalue], id)
}
}
- updateDigestMap(&r.bycompressedsum, layer.CompressedDigest, compressedDigest.Digest(), layer.ID)
- layer.CompressedDigest = compressedDigest.Digest()
+ updateDigestMap(&r.bycompressedsum, layer.CompressedDigest, compressedDigest, layer.ID)
+ layer.CompressedDigest = compressedDigest
layer.CompressedSize = compressedCounter.Count
- updateDigestMap(&r.byuncompressedsum, layer.UncompressedDigest, uncompressedDigest.Digest(), layer.ID)
- layer.UncompressedDigest = uncompressedDigest.Digest()
+ updateDigestMap(&r.byuncompressedsum, layer.UncompressedDigest, uncompressedDigest, layer.ID)
+ layer.UncompressedDigest = uncompressedDigest
layer.UncompressedSize = uncompressedCounter.Count
layer.CompressionType = compression
layer.UIDs = make([]uint32, 0, len(uidLog))
diff --git a/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go b/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go
index 0f14d8af9..3aea77f22 100644
--- a/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go
+++ b/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go
@@ -32,7 +32,7 @@ import (
const (
maxNumberMissingChunks = 1024
- newFileFlags = (unix.O_CREAT | unix.O_TRUNC | unix.O_WRONLY | unix.O_EXCL)
+ newFileFlags = (unix.O_CREAT | unix.O_TRUNC | unix.O_EXCL | unix.O_WRONLY)
containersOverrideXattr = "user.containers.override_stat"
bigDataKey = "zstd-chunked-manifest"
)
@@ -54,7 +54,8 @@ func timeToTimespec(time time.Time) (ts unix.Timespec) {
return unix.NsecToTimespec(time.UnixNano())
}
-func copyFileContent(src, destFile, root string, dirfd int, missingDirsMode, mode os.FileMode) (*os.File, int64, error) {
+func copyFileContent(srcFd int, destFile string, dirfd int, mode os.FileMode, useHardLinks bool) (*os.File, int64, error) {
+ src := fmt.Sprintf("/proc/self/fd/%d", srcFd)
st, err := os.Stat(src)
if err != nil {
return nil, -1, err
@@ -62,8 +63,32 @@ func copyFileContent(src, destFile, root string, dirfd int, missingDirsMode, mod
copyWithFileRange, copyWithFileClone := true, true
+ if useHardLinks {
+ destDirPath := filepath.Dir(destFile)
+ destBase := filepath.Base(destFile)
+ destDir, err := openFileUnderRoot(destDirPath, dirfd, 0, mode)
+ if err == nil {
+ defer destDir.Close()
+
+ doLink := func() error {
+ return unix.Linkat(srcFd, "", int(destDir.Fd()), destBase, unix.AT_EMPTY_PATH)
+ }
+
+ err := doLink()
+
+ // if the destination exists, unlink it first and try again
+ if err != nil && os.IsExist(err) {
+ unix.Unlinkat(int(destDir.Fd()), destBase, 0)
+ err = doLink()
+ }
+ if err == nil {
+ return nil, st.Size(), nil
+ }
+ }
+ }
+
// If the destination file already exists, we shouldn't blow it away
- dstFile, err := openFileUnderRoot(destFile, root, dirfd, newFileFlags, mode)
+ dstFile, err := openFileUnderRoot(destFile, dirfd, newFileFlags, mode)
if err != nil {
return nil, -1, err
}
@@ -148,7 +173,39 @@ func makeZstdChunkedDiffer(ctx context.Context, store storage.Store, blobSize in
}, nil
}
-func findFileInOtherLayers(file internal.ZstdFileMetadata, root string, dirfd int, layersMetadata map[string]map[string]*internal.ZstdFileMetadata, layersTarget map[string]string, missingDirsMode os.FileMode) (*os.File, int64, error) {
+// copyFileFromOtherLayer copies a file from another layer
+// file is the file to look for.
+// source is the path to the source layer checkout.
+// otherFile contains the metadata for the file.
+// dirfd is an open file descriptor to the destination root directory.
+// useHardLinks defines whether the deduplication can be performed using hard links.
+func copyFileFromOtherLayer(file internal.ZstdFileMetadata, source string, otherFile *internal.ZstdFileMetadata, dirfd int, useHardLinks bool) (bool, *os.File, int64, error) {
+ srcDirfd, err := unix.Open(source, unix.O_RDONLY, 0)
+ if err != nil {
+ return false, nil, 0, err
+ }
+ defer unix.Close(srcDirfd)
+
+ srcFile, err := openFileUnderRoot(otherFile.Name, srcDirfd, unix.O_RDONLY, 0)
+ if err != nil {
+ return false, nil, 0, err
+ }
+ defer srcFile.Close()
+
+ dstFile, written, err := copyFileContent(int(srcFile.Fd()), file.Name, dirfd, 0, useHardLinks)
+ if err != nil {
+ return false, nil, 0, err
+ }
+ return true, dstFile, written, err
+}
+
+// findFileInOtherLayers finds the specified file in other layers.
+// file is the file to look for.
+// dirfd is an open file descriptor to the checkout root directory.
+// layersMetadata contains the metadata for each layer in the storage.
+// layersTarget maps each layer to its checkout on disk.
+// useHardLinks defines whether the deduplication can be performed using hard links.
+func findFileInOtherLayers(file internal.ZstdFileMetadata, dirfd int, layersMetadata map[string]map[string]*internal.ZstdFileMetadata, layersTarget map[string]string, useHardLinks bool) (bool, *os.File, int64, error) {
// this is ugly, needs to be indexed
for layerID, checksums := range layersMetadata {
m, found := checksums[file.Digest]
@@ -161,27 +218,12 @@ func findFileInOtherLayers(file internal.ZstdFileMetadata, root string, dirfd in
continue
}
- srcDirfd, err := unix.Open(source, unix.O_RDONLY, 0)
- if err != nil {
- continue
- }
- defer unix.Close(srcDirfd)
-
- srcFile, err := openFileUnderRoot(m.Name, source, srcDirfd, unix.O_RDONLY, 0)
- if err != nil {
- continue
+ found, dstFile, written, err := copyFileFromOtherLayer(file, source, m, dirfd, useHardLinks)
+ if found && err == nil {
+ return found, dstFile, written, err
}
- defer srcFile.Close()
-
- srcPath := fmt.Sprintf("/proc/self/fd/%d", srcFile.Fd())
-
- dstFile, written, err := copyFileContent(srcPath, file.Name, root, dirfd, missingDirsMode, 0)
- if err != nil {
- continue
- }
- return dstFile, written, nil
}
- return nil, 0, nil
+ return false, nil, 0, nil
}
func getFileDigest(f *os.File) (digest.Digest, error) {
@@ -195,25 +237,28 @@ func getFileDigest(f *os.File) (digest.Digest, error) {
// findFileOnTheHost checks whether the requested file already exist on the host and copies the file content from there if possible.
// It is currently implemented to look only at the file with the same path. Ideally it can detect the same content also at different
// paths.
-func findFileOnTheHost(file internal.ZstdFileMetadata, root string, dirfd int, missingDirsMode os.FileMode) (*os.File, int64, error) {
+// file is the file to look for.
+// dirfd is an open fd to the destination checkout.
+// useHardLinks defines whether the deduplication can be performed using hard links.
+func findFileOnTheHost(file internal.ZstdFileMetadata, dirfd int, useHardLinks bool) (bool, *os.File, int64, error) {
sourceFile := filepath.Clean(filepath.Join("/", file.Name))
if !strings.HasPrefix(sourceFile, "/usr/") {
// limit host deduplication to files under /usr.
- return nil, 0, nil
+ return false, nil, 0, nil
}
st, err := os.Stat(sourceFile)
if err != nil || !st.Mode().IsRegular() {
- return nil, 0, nil
+ return false, nil, 0, nil
}
if st.Size() != file.Size {
- return nil, 0, nil
+ return false, nil, 0, nil
}
fd, err := unix.Open(sourceFile, unix.O_RDONLY|unix.O_NONBLOCK, 0)
if err != nil {
- return nil, 0, nil
+ return false, nil, 0, nil
}
f := os.NewFile(uintptr(fd), "fd")
@@ -221,35 +266,38 @@ func findFileOnTheHost(file internal.ZstdFileMetadata, root string, dirfd int, m
manifestChecksum, err := digest.Parse(file.Digest)
if err != nil {
- return nil, 0, err
+ return false, nil, 0, err
}
checksum, err := getFileDigest(f)
if err != nil {
- return nil, 0, err
+ return false, nil, 0, err
}
if checksum != manifestChecksum {
- return nil, 0, nil
+ return false, nil, 0, nil
}
- dstFile, written, err := copyFileContent(fmt.Sprintf("/proc/self/fd/%d", fd), file.Name, root, dirfd, missingDirsMode, 0)
+ dstFile, written, err := copyFileContent(fd, file.Name, dirfd, 0, useHardLinks)
if err != nil {
- return nil, 0, nil
+ return false, nil, 0, nil
}
// calculate the checksum again to make sure the file wasn't modified while it was copied
if _, err := f.Seek(0, 0); err != nil {
- return nil, 0, err
+ dstFile.Close()
+ return false, nil, 0, err
}
checksum, err = getFileDigest(f)
if err != nil {
- return nil, 0, err
+ dstFile.Close()
+ return false, nil, 0, err
}
if checksum != manifestChecksum {
- return nil, 0, nil
+ dstFile.Close()
+ return false, nil, 0, nil
}
- return dstFile, written, nil
+ return true, dstFile, written, nil
}
func maybeDoIDRemap(manifest []internal.ZstdFileMetadata, options *archive.TarOptions) error {
@@ -292,6 +340,7 @@ type missingChunk struct {
Files []missingFile
}
+// setFileAttrs sets the file attributes for file given metadata
func setFileAttrs(file *os.File, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) error {
if file == nil || file.Fd() < 0 {
return errors.Errorf("invalid file")
@@ -333,7 +382,12 @@ func setFileAttrs(file *os.File, mode os.FileMode, metadata *internal.ZstdFileMe
return nil
}
-func openFileUnderRoot(name, root string, dirfd int, flags uint64, mode os.FileMode) (*os.File, error) {
+// openFileUnderRoot safely opens a file under the specified root directory using openat2
+// name is the path to open relative to dirfd.
+// dirfd is an open file descriptor to the target checkout directory.
+// flags are the flags top pass to the open syscall.
+// mode specifies the mode to use for newly created files.
+func openFileUnderRoot(name string, dirfd int, flags uint64, mode os.FileMode) (*os.File, error) {
how := unix.OpenHow{
Flags: flags,
Mode: uint64(mode & 07777),
@@ -347,8 +401,8 @@ func openFileUnderRoot(name, root string, dirfd int, flags uint64, mode os.FileM
return os.NewFile(uintptr(fd), name), nil
}
-func createFileFromZstdStream(dest string, dirfd int, reader io.Reader, missingDirsMode, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) (err error) {
- file, err := openFileUnderRoot(metadata.Name, dest, dirfd, newFileFlags, 0)
+func createFileFromZstdStream(dest string, dirfd int, reader io.Reader, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) (err error) {
+ file, err := openFileUnderRoot(metadata.Name, dirfd, newFileFlags, 0)
if err != nil {
return err
}
@@ -381,7 +435,7 @@ func createFileFromZstdStream(dest string, dirfd int, reader io.Reader, missingD
return setFileAttrs(file, mode, metadata, options)
}
-func storeMissingFiles(streams chan io.ReadCloser, errs chan error, dest string, dirfd int, missingChunks []missingChunk, missingDirsMode os.FileMode, options *archive.TarOptions) error {
+func storeMissingFiles(streams chan io.ReadCloser, errs chan error, dest string, dirfd int, missingChunks []missingChunk, options *archive.TarOptions) error {
for mc := 0; ; mc++ {
var part io.ReadCloser
select {
@@ -412,7 +466,7 @@ func storeMissingFiles(streams chan io.ReadCloser, errs chan error, dest string,
limitReader := io.LimitReader(part, mf.Length())
- if err := createFileFromZstdStream(dest, dirfd, limitReader, missingDirsMode, os.FileMode(mf.File.Mode), mf.File, options); err != nil {
+ if err := createFileFromZstdStream(dest, dirfd, limitReader, os.FileMode(mf.File.Mode), mf.File, options); err != nil {
part.Close()
return err
}
@@ -462,7 +516,7 @@ func mergeMissingChunks(missingChunks []missingChunk, target int) []missingChunk
return newMissingChunks
}
-func retrieveMissingFiles(input *chunkedZstdDiffer, dest string, dirfd int, missingChunks []missingChunk, missingDirsMode os.FileMode, options *archive.TarOptions) error {
+func retrieveMissingFiles(input *chunkedZstdDiffer, dest string, dirfd int, missingChunks []missingChunk, options *archive.TarOptions) error {
var chunksToRequest []ImageSourceChunk
for _, c := range missingChunks {
chunksToRequest = append(chunksToRequest, c.RawChunk)
@@ -492,19 +546,19 @@ func retrieveMissingFiles(input *chunkedZstdDiffer, dest string, dirfd int, miss
return err
}
- if err := storeMissingFiles(streams, errs, dest, dirfd, missingChunks, missingDirsMode, options); err != nil {
+ if err := storeMissingFiles(streams, errs, dest, dirfd, missingChunks, options); err != nil {
return err
}
return nil
}
-func safeMkdir(target string, dirfd int, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) error {
+func safeMkdir(dirfd int, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) error {
parent := filepath.Dir(metadata.Name)
base := filepath.Base(metadata.Name)
parentFd := dirfd
if parent != "." {
- parentFile, err := openFileUnderRoot(parent, target, dirfd, unix.O_DIRECTORY|unix.O_PATH|unix.O_RDONLY, 0)
+ parentFile, err := openFileUnderRoot(parent, dirfd, unix.O_DIRECTORY|unix.O_PATH|unix.O_RDONLY, 0)
if err != nil {
return err
}
@@ -518,7 +572,7 @@ func safeMkdir(target string, dirfd int, mode os.FileMode, metadata *internal.Zs
}
}
- file, err := openFileUnderRoot(metadata.Name, target, dirfd, unix.O_RDONLY, 0)
+ file, err := openFileUnderRoot(metadata.Name, dirfd, unix.O_RDONLY, 0)
if err != nil {
return err
}
@@ -527,8 +581,8 @@ func safeMkdir(target string, dirfd int, mode os.FileMode, metadata *internal.Zs
return setFileAttrs(file, mode, metadata, options)
}
-func safeLink(target string, dirfd int, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) error {
- sourceFile, err := openFileUnderRoot(metadata.Linkname, target, dirfd, unix.O_RDONLY, 0)
+func safeLink(dirfd int, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) error {
+ sourceFile, err := openFileUnderRoot(metadata.Linkname, dirfd, unix.O_RDONLY, 0)
if err != nil {
return err
}
@@ -537,7 +591,7 @@ func safeLink(target string, dirfd int, mode os.FileMode, metadata *internal.Zst
destDir, destBase := filepath.Dir(metadata.Name), filepath.Base(metadata.Name)
destDirFd := dirfd
if destDir != "." {
- f, err := openFileUnderRoot(destDir, target, dirfd, unix.O_RDONLY, 0)
+ f, err := openFileUnderRoot(destDir, dirfd, unix.O_RDONLY, 0)
if err != nil {
return err
}
@@ -550,7 +604,7 @@ func safeLink(target string, dirfd int, mode os.FileMode, metadata *internal.Zst
return err
}
- newFile, err := openFileUnderRoot(metadata.Name, target, dirfd, unix.O_WRONLY, 0)
+ newFile, err := openFileUnderRoot(metadata.Name, dirfd, unix.O_WRONLY, 0)
if err != nil {
return err
}
@@ -559,11 +613,11 @@ func safeLink(target string, dirfd int, mode os.FileMode, metadata *internal.Zst
return setFileAttrs(newFile, mode, metadata, options)
}
-func safeSymlink(target string, dirfd int, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) error {
+func safeSymlink(dirfd int, mode os.FileMode, metadata *internal.ZstdFileMetadata, options *archive.TarOptions) error {
destDir, destBase := filepath.Dir(metadata.Name), filepath.Base(metadata.Name)
destDirFd := dirfd
if destDir != "." {
- f, err := openFileUnderRoot(destDir, target, dirfd, unix.O_RDONLY, 0)
+ f, err := openFileUnderRoot(destDir, dirfd, unix.O_RDONLY, 0)
if err != nil {
return err
}
@@ -580,7 +634,7 @@ type whiteoutHandler struct {
}
func (d whiteoutHandler) Setxattr(path, name string, value []byte) error {
- file, err := openFileUnderRoot(path, d.Root, d.Dirfd, unix.O_RDONLY, 0)
+ file, err := openFileUnderRoot(path, d.Dirfd, unix.O_RDONLY, 0)
if err != nil {
return err
}
@@ -595,7 +649,7 @@ func (d whiteoutHandler) Mknod(path string, mode uint32, dev int) error {
dirfd := d.Dirfd
if dir != "" {
- dir, err := openFileUnderRoot(dir, d.Root, d.Dirfd, unix.O_RDONLY, 0)
+ dir, err := openFileUnderRoot(dir, d.Dirfd, unix.O_RDONLY, 0)
if err != nil {
return err
}
@@ -615,7 +669,7 @@ func checkChownErr(err error, name string, uid, gid int) error {
}
func (d whiteoutHandler) Chown(path string, uid, gid int) error {
- file, err := openFileUnderRoot(path, d.Root, d.Dirfd, unix.O_PATH, 0)
+ file, err := openFileUnderRoot(path, d.Dirfd, unix.O_PATH, 0)
if err != nil {
return err
}
@@ -640,6 +694,13 @@ type hardLinkToCreate struct {
metadata *internal.ZstdFileMetadata
}
+func parseBooleanPullOption(storeOpts *storage.StoreOptions, name string, def bool) bool {
+ if value, ok := storeOpts.PullOptions[name]; ok {
+ return strings.ToLower(value) == "true"
+ }
+ return def
+}
+
func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions) (graphdriver.DriverWithDifferOutput, error) {
bigData := map[string][]byte{
bigDataKey: d.manifest,
@@ -654,11 +715,16 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions)
return output, err
}
- enableHostDedup := false
- if value := storeOpts.PullOptions["enable_host_deduplication"]; strings.ToLower(value) == "true" {
- enableHostDedup = true
+ if !parseBooleanPullOption(&storeOpts, "enable_partial_images", false) {
+ return output, errors.New("enable_partial_images not configured")
}
+ enableHostDedup := parseBooleanPullOption(&storeOpts, "enable_host_deduplication", false)
+
+ // When the hard links deduplication is used, file attributes are ignored because setting them
+ // modifies the source file as well.
+ useHardLinks := parseBooleanPullOption(&storeOpts, "use_hard_links", false)
+
// Generate the manifest
var toc internal.ZstdTOC
if err := json.Unmarshal(d.manifest, &toc); err != nil {
@@ -704,11 +770,6 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions)
otherLayersCache := prepareOtherLayersCache(d.layersMetadata)
- missingDirsMode := os.FileMode(0700)
- if options.ForceMask != nil {
- missingDirsMode = *options.ForceMask
- }
-
// hardlinks can point to missing files. So create them after all files
// are retrieved
var hardLinks []hardLinkToCreate
@@ -758,7 +819,7 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions)
if r.Size == 0 {
// Used to have a scope for cleanup.
createEmptyFile := func() error {
- file, err := openFileUnderRoot(r.Name, dest, dirfd, newFileFlags, 0)
+ file, err := openFileUnderRoot(r.Name, dirfd, newFileFlags, 0)
if err != nil {
return err
}
@@ -775,7 +836,7 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions)
}
case tar.TypeDir:
- if err := safeMkdir(dest, dirfd, mode, &r, options); err != nil {
+ if err := safeMkdir(dirfd, mode, &r, options); err != nil {
return output, err
}
continue
@@ -794,7 +855,7 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions)
continue
case tar.TypeSymlink:
- if err := safeSymlink(dest, dirfd, mode, &r, options); err != nil {
+ if err := safeSymlink(dirfd, mode, &r, options); err != nil {
return output, err
}
continue
@@ -809,7 +870,7 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions)
totalChunksSize += r.Size
- dstFile, _, err := findFileInOtherLayers(r, dest, dirfd, otherLayersCache, d.layersTarget, missingDirsMode)
+ found, dstFile, _, err := findFileInOtherLayers(r, dirfd, otherLayersCache, d.layersTarget, useHardLinks)
if err != nil {
return output, err
}
@@ -819,11 +880,13 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions)
return output, err
}
dstFile.Close()
+ }
+ if found {
continue
}
if enableHostDedup {
- dstFile, _, err = findFileOnTheHost(r, dest, dirfd, missingDirsMode)
+ found, dstFile, _, err = findFileOnTheHost(r, dirfd, useHardLinks)
if err != nil {
return output, err
}
@@ -833,6 +896,8 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions)
return output, err
}
dstFile.Close()
+ }
+ if found {
continue
}
}
@@ -857,13 +922,13 @@ func (d *chunkedZstdDiffer) ApplyDiff(dest string, options *archive.TarOptions)
// There are some missing files. Prepare a multirange request for the missing chunks.
if len(missingChunks) > 0 {
missingChunks = mergeMissingChunks(missingChunks, maxNumberMissingChunks)
- if err := retrieveMissingFiles(d, dest, dirfd, missingChunks, missingDirsMode, options); err != nil {
+ if err := retrieveMissingFiles(d, dest, dirfd, missingChunks, options); err != nil {
return output, err
}
}
for _, m := range hardLinks {
- if err := safeLink(m.dest, m.dirfd, m.mode, m.metadata, options); err != nil {
+ if err := safeLink(m.dirfd, m.mode, m.metadata, options); err != nil {
return output, err
}
}
diff --git a/vendor/github.com/containers/storage/pkg/ioutils/readers.go b/vendor/github.com/containers/storage/pkg/ioutils/readers.go
index 63f3c07f4..0e89787d4 100644
--- a/vendor/github.com/containers/storage/pkg/ioutils/readers.go
+++ b/vendor/github.com/containers/storage/pkg/ioutils/readers.go
@@ -17,8 +17,25 @@ func (r *readCloserWrapper) Close() error {
return r.closer()
}
+type readWriteToCloserWrapper struct {
+ io.Reader
+ io.WriterTo
+ closer func() error
+}
+
+func (r *readWriteToCloserWrapper) Close() error {
+ return r.closer()
+}
+
// NewReadCloserWrapper returns a new io.ReadCloser.
func NewReadCloserWrapper(r io.Reader, closer func() error) io.ReadCloser {
+ if wt, ok := r.(io.WriterTo); ok {
+ return &readWriteToCloserWrapper{
+ Reader: r,
+ WriterTo: wt,
+ closer: closer,
+ }
+ }
return &readCloserWrapper{
Reader: r,
closer: closer,
diff --git a/vendor/github.com/containers/storage/store.go b/vendor/github.com/containers/storage/store.go
index dc6eaafa2..5e16b9e37 100644
--- a/vendor/github.com/containers/storage/store.go
+++ b/vendor/github.com/containers/storage/store.go
@@ -547,6 +547,15 @@ type LayerOptions struct {
// initialize this layer. If set, it should be a child of the layer
// which we want to use as the parent of the new layer.
TemplateLayer string
+ // OriginalDigest specifies a digest of the tarstream (diff), if one is
+ // provided along with these LayerOptions, and reliably known by the caller.
+ // Use the default "" if this fields is not applicable or the value is not known.
+ OriginalDigest digest.Digest
+ // UncompressedDigest specifies a digest of the uncompressed version (“DiffID”)
+ // of the tarstream (diff), if one is provided along with these LayerOptions,
+ // and reliably known by the caller.
+ // Use the default "" if this fields is not applicable or the value is not known.
+ UncompressedDigest digest.Digest
}
// ImageOptions is used for passing options to a Store's CreateImage() method.
@@ -1031,20 +1040,21 @@ func (s *store) PutLayer(id, parent string, names []string, mountLabel string, w
gidMap = s.gidMap
}
}
- var layerOptions *LayerOptions
+ layerOptions := LayerOptions{
+ OriginalDigest: options.OriginalDigest,
+ UncompressedDigest: options.UncompressedDigest,
+ }
if s.canUseShifting(uidMap, gidMap) {
- layerOptions = &LayerOptions{IDMappingOptions: types.IDMappingOptions{HostUIDMapping: true, HostGIDMapping: true, UIDMap: nil, GIDMap: nil}}
+ layerOptions.IDMappingOptions = types.IDMappingOptions{HostUIDMapping: true, HostGIDMapping: true, UIDMap: nil, GIDMap: nil}
} else {
- layerOptions = &LayerOptions{
- IDMappingOptions: types.IDMappingOptions{
- HostUIDMapping: options.HostUIDMapping,
- HostGIDMapping: options.HostGIDMapping,
- UIDMap: copyIDMap(uidMap),
- GIDMap: copyIDMap(gidMap),
- },
+ layerOptions.IDMappingOptions = types.IDMappingOptions{
+ HostUIDMapping: options.HostUIDMapping,
+ HostGIDMapping: options.HostGIDMapping,
+ UIDMap: copyIDMap(uidMap),
+ GIDMap: copyIDMap(gidMap),
}
}
- return rlstore.Put(id, parentLayer, names, mountLabel, nil, layerOptions, writeable, nil, diff)
+ return rlstore.Put(id, parentLayer, names, mountLabel, nil, &layerOptions, writeable, nil, diff)
}
func (s *store) CreateLayer(id, parent string, names []string, mountLabel string, writeable bool, options *LayerOptions) (*Layer, error) {
diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/annotations.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/annotations.go
index 35d810895..581cf7cdf 100644
--- a/vendor/github.com/opencontainers/image-spec/specs-go/v1/annotations.go
+++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/annotations.go
@@ -53,4 +53,10 @@ const (
// AnnotationDescription is the annotation key for the human-readable description of the software packaged in the image.
AnnotationDescription = "org.opencontainers.image.description"
+
+ // AnnotationBaseImageDigest is the annotation key for the digest of the image's base image.
+ AnnotationBaseImageDigest = "org.opencontainers.image.base.digest"
+
+ // AnnotationBaseImageName is the annotation key for the image reference of the image's base image.
+ AnnotationBaseImageName = "org.opencontainers.image.base.name"
)
diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/config.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/config.go
index fe799bd69..ffff4b6d1 100644
--- a/vendor/github.com/opencontainers/image-spec/specs-go/v1/config.go
+++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/config.go
@@ -89,9 +89,20 @@ type Image struct {
// Architecture is the CPU architecture which the binaries in this image are built to run on.
Architecture string `json:"architecture"`
+ // Variant is the variant of the specified CPU architecture which image binaries are intended to run on.
+ Variant string `json:"variant,omitempty"`
+
// OS is the name of the operating system which the image is built to run on.
OS string `json:"os"`
+ // OSVersion is an optional field specifying the operating system
+ // version, for example on Windows `10.0.14393.1066`.
+ OSVersion string `json:"os.version,omitempty"`
+
+ // OSFeatures is an optional field specifying an array of strings,
+ // each listing a required OS feature (for example on Windows `win32k`).
+ OSFeatures []string `json:"os.features,omitempty"`
+
// Config defines the execution parameters which should be used as a base when running a container using the image.
Config ImageConfig `json:"config,omitempty"`
diff --git a/vendor/github.com/vbatts/tar-split/tar/storage/getter.go b/vendor/github.com/vbatts/tar-split/tar/storage/getter.go
index ae11f8ffd..9fed24aa8 100644
--- a/vendor/github.com/vbatts/tar-split/tar/storage/getter.go
+++ b/vendor/github.com/vbatts/tar-split/tar/storage/getter.go
@@ -92,11 +92,12 @@ func NewDiscardFilePutter() FilePutter {
}
type bitBucketFilePutter struct {
+ buffer [32 * 1024]byte // 32 kB is the buffer size currently used by io.Copy, as of August 2021.
}
func (bbfp *bitBucketFilePutter) Put(name string, r io.Reader) (int64, []byte, error) {
c := crc64.New(CRCTable)
- i, err := io.Copy(c, r)
+ i, err := io.CopyBuffer(c, r, bbfp.buffer[:])
return i, c.Sum(nil), err
}
diff --git a/vendor/github.com/vbauerster/mpb/v7/README.md b/vendor/github.com/vbauerster/mpb/v7/README.md
index d0560d799..90d4fe639 100644
--- a/vendor/github.com/vbauerster/mpb/v7/README.md
+++ b/vendor/github.com/vbauerster/mpb/v7/README.md
@@ -84,7 +84,7 @@ func main() {
// replace ETA decorator with "done" message, OnComplete event
decor.OnComplete(
// ETA decorator with ewma age of 60
- decor.EwmaETA(decor.ET_STYLE_GO, 60), "done",
+ decor.EwmaETA(decor.ET_STYLE_GO, 60, decor.WCSyncWidth), "done",
),
),
)
diff --git a/vendor/github.com/vbauerster/mpb/v7/bar.go b/vendor/github.com/vbauerster/mpb/v7/bar.go
index ed6c73eda..ca191cf39 100644
--- a/vendor/github.com/vbauerster/mpb/v7/bar.go
+++ b/vendor/github.com/vbauerster/mpb/v7/bar.go
@@ -20,21 +20,18 @@ type Bar struct {
priority int // used by heap
index int // used by heap
- extendedLines int
toShutdown bool
toDrop bool
noPop bool
hasEwmaDecorators bool
operateState chan func(*bState)
- frameCh chan io.Reader
- syncTableCh chan [][]chan int
- completed chan bool
+ frameCh chan *frame
// cancel is called either by user or on complete event
cancel func()
// done is closed after cacheState is assigned
done chan struct{}
- // cacheState is populated, right after close(shutdown)
+ // cacheState is populated, right after close(b.done)
cacheState *bState
container *Progress
@@ -77,6 +74,11 @@ type bState struct {
debugOut io.Writer
}
+type frame struct {
+ reader io.Reader
+ lines int
+}
+
func newBar(container *Progress, bs *bState) *Bar {
logPrefix := fmt.Sprintf("%sbar#%02d ", container.dlogger.Prefix(), bs.id)
ctx, cancel := context.WithCancel(container.ctx)
@@ -87,9 +89,7 @@ func newBar(container *Progress, bs *bState) *Bar {
toDrop: bs.dropOnComplete,
noPop: bs.noPop,
operateState: make(chan func(*bState)),
- frameCh: make(chan io.Reader, 1),
- syncTableCh: make(chan [][]chan int, 1),
- completed: make(chan bool, 1),
+ frameCh: make(chan *frame, 1),
done: make(chan struct{}),
cancel: cancel,
dlogger: log.New(bs.debugOut, logPrefix, log.Lshortfile),
@@ -145,6 +145,7 @@ func (b *Bar) SetRefill(amount int64) {
// TraverseDecorators traverses all available decorators and calls cb func on each.
func (b *Bar) TraverseDecorators(cb func(decor.Decorator)) {
+ done := make(chan struct{})
select {
case b.operateState <- func(s *bState) {
for _, decorators := range [...][]decor.Decorator{
@@ -155,7 +156,9 @@ func (b *Bar) TraverseDecorators(cb func(decor.Decorator)) {
cb(extractBaseDecorator(d))
}
}
+ close(done)
}:
+ <-done
case <-b.done:
}
}
@@ -174,7 +177,7 @@ func (b *Bar) SetTotal(total int64, triggerComplete bool) {
if s.triggerComplete && !s.completed {
s.current = s.total
s.completed = true
- go b.refreshTillShutdown()
+ go b.forceRefreshIfLastUncompleted()
}
}:
case <-b.done:
@@ -192,7 +195,7 @@ func (b *Bar) SetCurrent(current int64) {
if s.triggerComplete && s.current >= s.total {
s.current = s.total
s.completed = true
- go b.refreshTillShutdown()
+ go b.forceRefreshIfLastUncompleted()
}
}:
case <-b.done:
@@ -219,7 +222,7 @@ func (b *Bar) IncrInt64(n int64) {
if s.triggerComplete && s.current >= s.total {
s.current = s.total
s.completed = true
- go b.refreshTillShutdown()
+ go b.forceRefreshIfLastUncompleted()
}
}:
case <-b.done:
@@ -258,32 +261,49 @@ func (b *Bar) DecoratorAverageAdjust(start time.Time) {
// priority, i.e. bar will be on top. If you don't need to set priority
// dynamically, better use BarPriority option.
func (b *Bar) SetPriority(priority int) {
- select {
- case <-b.done:
- default:
- b.container.setBarPriority(b, priority)
- }
+ b.container.UpdateBarPriority(b, priority)
}
-// Abort interrupts bar's running goroutine. Call this, if you'd like
-// to stop/remove bar before completion event. It has no effect after
-// completion event. If drop is true bar will be removed as well.
+// Abort interrupts bar's running goroutine. Abort won't be engaged
+// if bar is already in complete state. If drop is true bar will be
+// removed as well.
func (b *Bar) Abort(drop bool) {
select {
- case <-b.done:
- default:
+ case b.operateState <- func(s *bState) {
+ if s.completed == true {
+ return
+ }
if drop {
b.container.dropBar(b)
+ b.cancel()
+ return
}
- b.cancel()
+ go func() {
+ var uncompleted int
+ b.container.traverseBars(func(bar *Bar) bool {
+ if b != bar && !bar.Completed() {
+ uncompleted++
+ return false
+ }
+ return true
+ })
+ if uncompleted == 0 {
+ b.container.refreshCh <- time.Now()
+ }
+ b.cancel()
+ }()
+ }:
+ <-b.done
+ case <-b.done:
}
}
// Completed reports whether the bar is in completed state.
func (b *Bar) Completed() bool {
+ result := make(chan bool)
select {
- case b.operateState <- func(s *bState) { b.completed <- s.completed }:
- return <-b.completed
+ case b.operateState <- func(s *bState) { result <- s.completed }:
+ return <-result
case <-b.done:
return true
}
@@ -296,12 +316,12 @@ func (b *Bar) serve(ctx context.Context, s *bState) {
case op := <-b.operateState:
op(s)
case <-ctx.Done():
- b.cacheState = s
- close(b.done)
// Notifying decorators about shutdown event
for _, sl := range s.shutdownListeners {
sl.Shutdown()
}
+ b.cacheState = s
+ close(b.done)
return
}
}
@@ -319,17 +339,15 @@ func (b *Bar) render(tw int) {
b.toShutdown = !b.toShutdown
b.recoveredPanic = p
}
- frame, lines := s.extender(nil, s.reqWidth, stat)
- b.extendedLines = lines
- b.frameCh <- frame
+ reader, lines := s.extender(nil, s.reqWidth, stat)
+ b.frameCh <- &frame{reader, lines + 1}
b.dlogger.Println(p)
}
s.completeFlushed = s.completed
}()
- frame, lines := s.extender(s.draw(stat), s.reqWidth, stat)
- b.extendedLines = lines
+ reader, lines := s.extender(s.draw(stat), s.reqWidth, stat)
b.toShutdown = s.completed && !s.completeFlushed
- b.frameCh <- frame
+ b.frameCh <- &frame{reader, lines + 1}
}:
case <-b.done:
s := b.cacheState
@@ -338,9 +356,8 @@ func (b *Bar) render(tw int) {
if b.recoveredPanic == nil {
r = s.draw(stat)
}
- frame, lines := s.extender(r, s.reqWidth, stat)
- b.extendedLines = lines
- b.frameCh <- frame
+ reader, lines := s.extender(r, s.reqWidth, stat)
+ b.frameCh <- &frame{reader, lines + 1}
}
}
@@ -359,31 +376,42 @@ func (b *Bar) subscribeDecorators() {
shutdownListeners = append(shutdownListeners, d)
}
})
+ b.hasEwmaDecorators = len(ewmaDecorators) != 0
select {
case b.operateState <- func(s *bState) {
s.averageDecorators = averageDecorators
s.ewmaDecorators = ewmaDecorators
s.shutdownListeners = shutdownListeners
}:
- b.hasEwmaDecorators = len(ewmaDecorators) != 0
case <-b.done:
}
}
-func (b *Bar) refreshTillShutdown() {
- for {
- select {
- case b.container.refreshCh <- time.Now():
- case <-b.done:
- return
+func (b *Bar) forceRefreshIfLastUncompleted() {
+ var uncompleted int
+ b.container.traverseBars(func(bar *Bar) bool {
+ if b != bar && !bar.Completed() {
+ uncompleted++
+ return false
+ }
+ return true
+ })
+ if uncompleted == 0 {
+ for {
+ select {
+ case b.container.refreshCh <- time.Now():
+ case <-b.done:
+ return
+ }
}
}
}
func (b *Bar) wSyncTable() [][]chan int {
+ result := make(chan [][]chan int)
select {
- case b.operateState <- func(s *bState) { b.syncTableCh <- s.wSyncTable() }:
- return <-b.syncTableCh
+ case b.operateState <- func(s *bState) { result <- s.wSyncTable() }:
+ return <-result
case <-b.done:
return b.cacheState.wSyncTable()
}
diff --git a/vendor/github.com/vbauerster/mpb/v7/bar_filler_bar.go b/vendor/github.com/vbauerster/mpb/v7/bar_filler_bar.go
index e30d4921c..80b210455 100644
--- a/vendor/github.com/vbauerster/mpb/v7/bar_filler_bar.go
+++ b/vendor/github.com/vbauerster/mpb/v7/bar_filler_bar.go
@@ -26,15 +26,17 @@ type BarStyleComposer interface {
Filler(string) BarStyleComposer
Refiller(string) BarStyleComposer
Padding(string) BarStyleComposer
- Tip(...string) BarStyleComposer
+ TipOnComplete(string) BarStyleComposer
+ Tip(frames ...string) BarStyleComposer
Reverse() BarStyleComposer
}
type bFiller struct {
components [components]*component
tip struct {
- count uint
- frames []*component
+ count uint
+ onComplete *component
+ frames []*component
}
flush func(dst io.Writer, filling, padding [][]byte)
}
@@ -45,25 +47,26 @@ type component struct {
}
type barStyle struct {
- lbound string
- rbound string
- filler string
- refiller string
- padding string
- tip []string
- rev bool
+ lbound string
+ rbound string
+ filler string
+ refiller string
+ padding string
+ tipOnComplete string
+ tipFrames []string
+ rev bool
}
// BarStyle constructs default bar style which can be altered via
// BarStyleComposer interface.
func BarStyle() BarStyleComposer {
return &barStyle{
- lbound: "[",
- rbound: "]",
- filler: "=",
- refiller: "+",
- padding: "-",
- tip: []string{">"},
+ lbound: "[",
+ rbound: "]",
+ filler: "=",
+ refiller: "+",
+ padding: "-",
+ tipFrames: []string{">"},
}
}
@@ -92,9 +95,14 @@ func (s *barStyle) Padding(padding string) BarStyleComposer {
return s
}
-func (s *barStyle) Tip(tip ...string) BarStyleComposer {
- if len(tip) != 0 {
- s.tip = append(s.tip[:0], tip...)
+func (s *barStyle) TipOnComplete(tip string) BarStyleComposer {
+ s.tipOnComplete = tip
+ return s
+}
+
+func (s *barStyle) Tip(frames ...string) BarStyleComposer {
+ if len(frames) != 0 {
+ s.tipFrames = append(s.tipFrames[:0], frames...)
}
return s
}
@@ -133,8 +141,12 @@ func (s *barStyle) Build() BarFiller {
width: runewidth.StringWidth(stripansi.Strip(s.padding)),
bytes: []byte(s.padding),
}
- bf.tip.frames = make([]*component, len(s.tip))
- for i, t := range s.tip {
+ bf.tip.onComplete = &component{
+ width: runewidth.StringWidth(stripansi.Strip(s.tipOnComplete)),
+ bytes: []byte(s.tipOnComplete),
+ }
+ bf.tip.frames = make([]*component, len(s.tipFrames))
+ for i, t := range s.tipFrames {
bf.tip.frames[i] = &component{
width: runewidth.StringWidth(stripansi.Strip(t)),
bytes: []byte(t),
@@ -146,64 +158,82 @@ func (s *barStyle) Build() BarFiller {
func (s *bFiller) Fill(w io.Writer, width int, stat decor.Statistics) {
width = internal.CheckRequestedWidth(width, stat.AvailableWidth)
brackets := s.components[iLbound].width + s.components[iRbound].width
- if width < brackets {
- return
- }
// don't count brackets as progress
width -= brackets
+ if width < 0 {
+ return
+ }
w.Write(s.components[iLbound].bytes)
defer w.Write(s.components[iRbound].bytes)
- curWidth := int(internal.PercentageRound(stat.Total, stat.Current, width))
- refWidth, filled := 0, curWidth
- filling := make([][]byte, 0, curWidth)
-
- if curWidth > 0 && curWidth != width {
- tipFrame := s.tip.frames[s.tip.count%uint(len(s.tip.frames))]
- filling = append(filling, tipFrame.bytes)
- curWidth -= tipFrame.width
- s.tip.count++
+ if width == 0 {
+ return
}
- if stat.Refill > 0 && curWidth > 0 {
- refWidth = int(internal.PercentageRound(stat.Total, int64(stat.Refill), width))
- if refWidth > curWidth {
- refWidth = curWidth
- }
- curWidth -= refWidth
+ var filling [][]byte
+ var padding [][]byte
+ var tip *component
+ var filled int
+ var refWidth int
+ curWidth := int(internal.PercentageRound(stat.Total, stat.Current, uint(width)))
+
+ if stat.Current >= stat.Total {
+ tip = s.tip.onComplete
+ } else {
+ tip = s.tip.frames[s.tip.count%uint(len(s.tip.frames))]
}
- for curWidth > 0 && curWidth >= s.components[iFiller].width {
- filling = append(filling, s.components[iFiller].bytes)
- curWidth -= s.components[iFiller].width
- if s.components[iFiller].width == 0 {
- break
- }
+ if curWidth > 0 {
+ filling = append(filling, tip.bytes)
+ filled += tip.width
+ s.tip.count++
}
- for refWidth > 0 && refWidth >= s.components[iRefiller].width {
- filling = append(filling, s.components[iRefiller].bytes)
- refWidth -= s.components[iRefiller].width
- if s.components[iRefiller].width == 0 {
- break
+ if stat.Refill > 0 {
+ refWidth = int(internal.PercentageRound(stat.Total, stat.Refill, uint(width)))
+ curWidth -= refWidth
+ refWidth += curWidth
+ }
+
+ for filled < curWidth {
+ if curWidth-filled >= s.components[iFiller].width {
+ filling = append(filling, s.components[iFiller].bytes)
+ if s.components[iFiller].width == 0 {
+ break
+ }
+ filled += s.components[iFiller].width
+ } else {
+ filling = append(filling, []byte("…"))
+ filled++
}
}
- filled -= curWidth + refWidth
- padWidth := width - filled
- padding := make([][]byte, 0, padWidth)
- for padWidth > 0 && padWidth >= s.components[iPadding].width {
- padding = append(padding, s.components[iPadding].bytes)
- padWidth -= s.components[iPadding].width
- if s.components[iPadding].width == 0 {
- break
+ for filled < refWidth {
+ if refWidth-filled >= s.components[iRefiller].width {
+ filling = append(filling, s.components[iRefiller].bytes)
+ if s.components[iRefiller].width == 0 {
+ break
+ }
+ filled += s.components[iRefiller].width
+ } else {
+ filling = append(filling, []byte("…"))
+ filled++
}
}
+ padWidth := width - filled
for padWidth > 0 {
- padding = append(padding, []byte("…"))
- padWidth--
+ if padWidth >= s.components[iPadding].width {
+ padding = append(padding, s.components[iPadding].bytes)
+ if s.components[iPadding].width == 0 {
+ break
+ }
+ padWidth -= s.components[iPadding].width
+ } else {
+ padding = append(padding, []byte("…"))
+ padWidth--
+ }
}
s.flush(w, filling, padding)
diff --git a/vendor/github.com/vbauerster/mpb/v7/container_option.go b/vendor/github.com/vbauerster/mpb/v7/container_option.go
index e4254f662..a858c3c51 100644
--- a/vendor/github.com/vbauerster/mpb/v7/container_option.go
+++ b/vendor/github.com/vbauerster/mpb/v7/container_option.go
@@ -62,7 +62,11 @@ func WithRenderDelay(ch <-chan struct{}) ContainerOption {
// have been rendered.
func WithShutdownNotifier(ch chan struct{}) ContainerOption {
return func(s *pState) {
- s.shutdownNotifier = ch
+ select {
+ case <-ch:
+ default:
+ s.shutdownNotifier = ch
+ }
}
}
diff --git a/vendor/github.com/vbauerster/mpb/v7/cwriter/writer.go b/vendor/github.com/vbauerster/mpb/v7/cwriter/writer.go
index 1ade54761..925c8b1dc 100644
--- a/vendor/github.com/vbauerster/mpb/v7/cwriter/writer.go
+++ b/vendor/github.com/vbauerster/mpb/v7/cwriter/writer.go
@@ -22,7 +22,7 @@ const (
type Writer struct {
out io.Writer
buf bytes.Buffer
- lineCount int
+ lines int
fd int
isTerminal bool
}
@@ -38,15 +38,15 @@ func New(out io.Writer) *Writer {
}
// Flush flushes the underlying buffer.
-func (w *Writer) Flush(lineCount int) (err error) {
+func (w *Writer) Flush(lines int) (err error) {
// some terminals interpret 'cursor up 0' as 'cursor up 1'
- if w.lineCount > 0 {
+ if w.lines > 0 {
err = w.clearLines()
if err != nil {
return
}
}
- w.lineCount = lineCount
+ w.lines = lines
_, err = w.buf.WriteTo(w.out)
return
}
@@ -78,7 +78,7 @@ func (w *Writer) GetWidth() (int, error) {
func (w *Writer) ansiCuuAndEd() (err error) {
buf := make([]byte, 8)
- buf = strconv.AppendInt(buf[:copy(buf, escOpen)], int64(w.lineCount), 10)
+ buf = strconv.AppendInt(buf[:copy(buf, escOpen)], int64(w.lines), 10)
_, err = w.out.Write(append(buf, cuuAndEd...))
return
}
diff --git a/vendor/github.com/vbauerster/mpb/v7/cwriter/writer_windows.go b/vendor/github.com/vbauerster/mpb/v7/cwriter/writer_windows.go
index 1a69c81ac..8f99dbe32 100644
--- a/vendor/github.com/vbauerster/mpb/v7/cwriter/writer_windows.go
+++ b/vendor/github.com/vbauerster/mpb/v7/cwriter/writer_windows.go
@@ -26,7 +26,7 @@ func (w *Writer) clearLines() error {
return err
}
- info.CursorPosition.Y -= int16(w.lineCount)
+ info.CursorPosition.Y -= int16(w.lines)
if info.CursorPosition.Y < 0 {
info.CursorPosition.Y = 0
}
@@ -40,7 +40,7 @@ func (w *Writer) clearLines() error {
X: info.Window.Left,
Y: info.CursorPosition.Y,
}
- count := uint32(info.Size.X) * uint32(w.lineCount)
+ count := uint32(info.Size.X) * uint32(w.lines)
_, _, _ = procFillConsoleOutputCharacter.Call(
uintptr(w.fd),
uintptr(' '),
diff --git a/vendor/github.com/vbauerster/mpb/v7/go.mod b/vendor/github.com/vbauerster/mpb/v7/go.mod
index 22a2c651c..7b177d0db 100644
--- a/vendor/github.com/vbauerster/mpb/v7/go.mod
+++ b/vendor/github.com/vbauerster/mpb/v7/go.mod
@@ -4,7 +4,7 @@ require (
github.com/VividCortex/ewma v1.2.0
github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d
github.com/mattn/go-runewidth v0.0.13
- golang.org/x/sys v0.0.0-20210616094352-59db8d763f22
+ golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e
)
go 1.14
diff --git a/vendor/github.com/vbauerster/mpb/v7/go.sum b/vendor/github.com/vbauerster/mpb/v7/go.sum
index 59051bd7b..45584e0bf 100644
--- a/vendor/github.com/vbauerster/mpb/v7/go.sum
+++ b/vendor/github.com/vbauerster/mpb/v7/go.sum
@@ -6,5 +6,5 @@ github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4
github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
-golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 h1:RqytpXGR1iVNX7psjB3ff8y7sNFinVFvkx1c8SjBkio=
-golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e h1:WUoyKPm6nCo1BnNUvPGnFG3T5DUVem42yDJZZ4CNxMA=
+golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
diff --git a/vendor/github.com/vbauerster/mpb/v7/internal/percentage.go b/vendor/github.com/vbauerster/mpb/v7/internal/percentage.go
index a8ef8be12..4bc36f5ba 100644
--- a/vendor/github.com/vbauerster/mpb/v7/internal/percentage.go
+++ b/vendor/github.com/vbauerster/mpb/v7/internal/percentage.go
@@ -3,7 +3,7 @@ package internal
import "math"
// Percentage is a helper function, to calculate percentage.
-func Percentage(total, current int64, width int) float64 {
+func Percentage(total, current int64, width uint) float64 {
if total <= 0 {
return 0
}
@@ -14,6 +14,6 @@ func Percentage(total, current int64, width int) float64 {
}
// PercentageRound same as Percentage but with math.Round.
-func PercentageRound(total, current int64, width int) float64 {
+func PercentageRound(total, current int64, width uint) float64 {
return math.Round(Percentage(total, current, width))
}
diff --git a/vendor/github.com/vbauerster/mpb/v7/progress.go b/vendor/github.com/vbauerster/mpb/v7/progress.go
index b2017f3f0..c60c65694 100644
--- a/vendor/github.com/vbauerster/mpb/v7/progress.go
+++ b/vendor/github.com/vbauerster/mpb/v7/progress.go
@@ -19,7 +19,7 @@ import (
const (
// default RefreshRate
- prr = 120 * time.Millisecond
+ prr = 150 * time.Millisecond
)
// Progress represents a container that renders one or more progress
@@ -157,27 +157,40 @@ func (p *Progress) dropBar(b *Bar) {
}
}
-func (p *Progress) setBarPriority(b *Bar, priority int) {
+func (p *Progress) traverseBars(cb func(b *Bar) bool) {
+ done := make(chan struct{})
select {
case p.operateState <- func(s *pState) {
- if b.index < 0 {
- return
+ for i := 0; i < s.bHeap.Len(); i++ {
+ bar := s.bHeap[i]
+ if !cb(bar) {
+ break
+ }
}
- b.priority = priority
- heap.Fix(&s.bHeap, b.index)
+ close(done)
}:
+ <-done
case <-p.done:
}
}
// UpdateBarPriority same as *Bar.SetPriority(int).
func (p *Progress) UpdateBarPriority(b *Bar, priority int) {
- p.setBarPriority(b, priority)
+ select {
+ case p.operateState <- func(s *pState) {
+ if b.index < 0 {
+ return
+ }
+ b.priority = priority
+ heap.Fix(&s.bHeap, b.index)
+ }:
+ case <-p.done:
+ }
}
// BarCount returns bars count.
func (p *Progress) BarCount() int {
- result := make(chan int, 1)
+ result := make(chan int)
select {
case p.operateState <- func(s *pState) { result <- s.bHeap.Len() }:
return <-result
@@ -222,7 +235,7 @@ func (p *Progress) serve(s *pState, cw *cwriter.Writer) {
p.dlogger.Println(err)
}
case <-s.shutdownNotifier:
- if s.heapUpdated {
+ for s.heapUpdated {
if err := s.render(cw); err != nil {
p.dlogger.Println(err)
}
@@ -291,11 +304,12 @@ func (s *pState) render(cw *cwriter.Writer) error {
}
func (s *pState) flush(cw *cwriter.Writer) error {
- var lineCount int
- bm := make(map[*Bar]struct{}, s.bHeap.Len())
+ var totalLines int
+ bm := make(map[*Bar]int, s.bHeap.Len())
for s.bHeap.Len() > 0 {
b := heap.Pop(&s.bHeap).(*Bar)
- cw.ReadFrom(<-b.frameCh)
+ frame := <-b.frameCh
+ cw.ReadFrom(frame.reader)
if b.toShutdown {
if b.recoveredPanic != nil {
s.barShutdownQueue = append(s.barShutdownQueue, b)
@@ -308,8 +322,8 @@ func (s *pState) flush(cw *cwriter.Writer) error {
}()
}
}
- lineCount += b.extendedLines + 1
- bm[b] = struct{}{}
+ bm[b] = frame.lines
+ totalLines += frame.lines
}
for _, b := range s.barShutdownQueue {
@@ -320,7 +334,7 @@ func (s *pState) flush(cw *cwriter.Writer) error {
b.toDrop = true
}
if s.popCompleted && !b.noPop {
- lineCount -= b.extendedLines + 1
+ totalLines -= bm[b]
b.toDrop = true
}
if b.toDrop {
@@ -335,7 +349,7 @@ func (s *pState) flush(cw *cwriter.Writer) error {
heap.Push(&s.bHeap, b)
}
- return cw.Flush(lineCount)
+ return cw.Flush(totalLines)
}
func (s *pState) updateSyncMatrix() {
diff --git a/vendor/golang.org/x/sys/unix/ifreq_linux.go b/vendor/golang.org/x/sys/unix/ifreq_linux.go
new file mode 100644
index 000000000..934af313c
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/ifreq_linux.go
@@ -0,0 +1,149 @@
+// Copyright 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build linux
+// +build linux
+
+package unix
+
+import (
+ "bytes"
+ "unsafe"
+)
+
+// Helpers for dealing with ifreq since it contains a union and thus requires a
+// lot of unsafe.Pointer casts to use properly.
+
+// An Ifreq is a type-safe wrapper around the raw ifreq struct. An Ifreq
+// contains an interface name and a union of arbitrary data which can be
+// accessed using the Ifreq's methods. To create an Ifreq, use the NewIfreq
+// function.
+//
+// Use the Name method to access the stored interface name. The union data
+// fields can be get and set using the following methods:
+// - Uint16/SetUint16: flags
+// - Uint32/SetUint32: ifindex, metric, mtu
+type Ifreq struct{ raw ifreq }
+
+// NewIfreq creates an Ifreq with the input network interface name after
+// validating the name does not exceed IFNAMSIZ-1 (trailing NULL required)
+// bytes.
+func NewIfreq(name string) (*Ifreq, error) {
+ // Leave room for terminating NULL byte.
+ if len(name) >= IFNAMSIZ {
+ return nil, EINVAL
+ }
+
+ var ifr ifreq
+ copy(ifr.Ifrn[:], name)
+
+ return &Ifreq{raw: ifr}, nil
+}
+
+// TODO(mdlayher): get/set methods for hardware address sockaddr, char array, etc.
+
+// Name returns the interface name associated with the Ifreq.
+func (ifr *Ifreq) Name() string {
+ // BytePtrToString requires a NULL terminator or the program may crash. If
+ // one is not present, just return the empty string.
+ if !bytes.Contains(ifr.raw.Ifrn[:], []byte{0x00}) {
+ return ""
+ }
+
+ return BytePtrToString(&ifr.raw.Ifrn[0])
+}
+
+// According to netdevice(7), only AF_INET addresses are returned for numerous
+// sockaddr ioctls. For convenience, we expose these as Inet4Addr since the Port
+// field and other data is always empty.
+
+// Inet4Addr returns the Ifreq union data from an embedded sockaddr as a C
+// in_addr/Go []byte (4-byte IPv4 address) value. If the sockaddr family is not
+// AF_INET, an error is returned.
+func (ifr *Ifreq) Inet4Addr() ([]byte, error) {
+ raw := *(*RawSockaddrInet4)(unsafe.Pointer(&ifr.raw.Ifru[:SizeofSockaddrInet4][0]))
+ if raw.Family != AF_INET {
+ // Cannot safely interpret raw.Addr bytes as an IPv4 address.
+ return nil, EINVAL
+ }
+
+ return raw.Addr[:], nil
+}
+
+// SetInet4Addr sets a C in_addr/Go []byte (4-byte IPv4 address) value in an
+// embedded sockaddr within the Ifreq's union data. v must be 4 bytes in length
+// or an error will be returned.
+func (ifr *Ifreq) SetInet4Addr(v []byte) error {
+ if len(v) != 4 {
+ return EINVAL
+ }
+
+ var addr [4]byte
+ copy(addr[:], v)
+
+ ifr.clear()
+ *(*RawSockaddrInet4)(
+ unsafe.Pointer(&ifr.raw.Ifru[:SizeofSockaddrInet4][0]),
+ ) = RawSockaddrInet4{
+ // Always set IP family as ioctls would require it anyway.
+ Family: AF_INET,
+ Addr: addr,
+ }
+
+ return nil
+}
+
+// Uint16 returns the Ifreq union data as a C short/Go uint16 value.
+func (ifr *Ifreq) Uint16() uint16 {
+ return *(*uint16)(unsafe.Pointer(&ifr.raw.Ifru[:2][0]))
+}
+
+// SetUint16 sets a C short/Go uint16 value as the Ifreq's union data.
+func (ifr *Ifreq) SetUint16(v uint16) {
+ ifr.clear()
+ *(*uint16)(unsafe.Pointer(&ifr.raw.Ifru[:2][0])) = v
+}
+
+// Uint32 returns the Ifreq union data as a C int/Go uint32 value.
+func (ifr *Ifreq) Uint32() uint32 {
+ return *(*uint32)(unsafe.Pointer(&ifr.raw.Ifru[:4][0]))
+}
+
+// SetUint32 sets a C int/Go uint32 value as the Ifreq's union data.
+func (ifr *Ifreq) SetUint32(v uint32) {
+ ifr.clear()
+ *(*uint32)(unsafe.Pointer(&ifr.raw.Ifru[:4][0])) = v
+}
+
+// clear zeroes the ifreq's union field to prevent trailing garbage data from
+// being sent to the kernel if an ifreq is reused.
+func (ifr *Ifreq) clear() {
+ for i := range ifr.raw.Ifru {
+ ifr.raw.Ifru[i] = 0
+ }
+}
+
+// TODO(mdlayher): export as IfreqData? For now we can provide helpers such as
+// IoctlGetEthtoolDrvinfo which use these APIs under the hood.
+
+// An ifreqData is an Ifreq which carries pointer data. To produce an ifreqData,
+// use the Ifreq.withData method.
+type ifreqData struct {
+ name [IFNAMSIZ]byte
+ // A type separate from ifreq is required in order to comply with the
+ // unsafe.Pointer rules since the "pointer-ness" of data would not be
+ // preserved if it were cast into the byte array of a raw ifreq.
+ data unsafe.Pointer
+ // Pad to the same size as ifreq.
+ _ [len(ifreq{}.Ifru) - SizeofPtr]byte
+}
+
+// withData produces an ifreqData with the pointer p set for ioctls which require
+// arbitrary pointer data.
+func (ifr Ifreq) withData(p unsafe.Pointer) ifreqData {
+ return ifreqData{
+ name: ifr.raw.Ifrn,
+ data: p,
+ }
+}
diff --git a/vendor/golang.org/x/sys/unix/ioctl_linux.go b/vendor/golang.org/x/sys/unix/ioctl_linux.go
index 48773f730..1dadead21 100644
--- a/vendor/golang.org/x/sys/unix/ioctl_linux.go
+++ b/vendor/golang.org/x/sys/unix/ioctl_linux.go
@@ -5,7 +5,6 @@
package unix
import (
- "runtime"
"unsafe"
)
@@ -22,56 +21,42 @@ func IoctlRetInt(fd int, req uint) (int, error) {
func IoctlGetUint32(fd int, req uint) (uint32, error) {
var value uint32
- err := ioctl(fd, req, uintptr(unsafe.Pointer(&value)))
+ err := ioctlPtr(fd, req, unsafe.Pointer(&value))
return value, err
}
func IoctlGetRTCTime(fd int) (*RTCTime, error) {
var value RTCTime
- err := ioctl(fd, RTC_RD_TIME, uintptr(unsafe.Pointer(&value)))
+ err := ioctlPtr(fd, RTC_RD_TIME, unsafe.Pointer(&value))
return &value, err
}
func IoctlSetRTCTime(fd int, value *RTCTime) error {
- err := ioctl(fd, RTC_SET_TIME, uintptr(unsafe.Pointer(value)))
- runtime.KeepAlive(value)
- return err
+ return ioctlPtr(fd, RTC_SET_TIME, unsafe.Pointer(value))
}
func IoctlGetRTCWkAlrm(fd int) (*RTCWkAlrm, error) {
var value RTCWkAlrm
- err := ioctl(fd, RTC_WKALM_RD, uintptr(unsafe.Pointer(&value)))
+ err := ioctlPtr(fd, RTC_WKALM_RD, unsafe.Pointer(&value))
return &value, err
}
func IoctlSetRTCWkAlrm(fd int, value *RTCWkAlrm) error {
- err := ioctl(fd, RTC_WKALM_SET, uintptr(unsafe.Pointer(value)))
- runtime.KeepAlive(value)
- return err
-}
-
-type ifreqEthtool struct {
- name [IFNAMSIZ]byte
- data unsafe.Pointer
+ return ioctlPtr(fd, RTC_WKALM_SET, unsafe.Pointer(value))
}
// IoctlGetEthtoolDrvinfo fetches ethtool driver information for the network
// device specified by ifname.
func IoctlGetEthtoolDrvinfo(fd int, ifname string) (*EthtoolDrvinfo, error) {
- // Leave room for terminating NULL byte.
- if len(ifname) >= IFNAMSIZ {
- return nil, EINVAL
+ ifr, err := NewIfreq(ifname)
+ if err != nil {
+ return nil, err
}
- value := EthtoolDrvinfo{
- Cmd: ETHTOOL_GDRVINFO,
- }
- ifreq := ifreqEthtool{
- data: unsafe.Pointer(&value),
- }
- copy(ifreq.name[:], ifname)
- err := ioctl(fd, SIOCETHTOOL, uintptr(unsafe.Pointer(&ifreq)))
- runtime.KeepAlive(ifreq)
+ value := EthtoolDrvinfo{Cmd: ETHTOOL_GDRVINFO}
+ ifrd := ifr.withData(unsafe.Pointer(&value))
+
+ err = ioctlIfreqData(fd, SIOCETHTOOL, &ifrd)
return &value, err
}
@@ -80,7 +65,7 @@ func IoctlGetEthtoolDrvinfo(fd int, ifname string) (*EthtoolDrvinfo, error) {
// https://www.kernel.org/doc/html/latest/watchdog/watchdog-api.html.
func IoctlGetWatchdogInfo(fd int) (*WatchdogInfo, error) {
var value WatchdogInfo
- err := ioctl(fd, WDIOC_GETSUPPORT, uintptr(unsafe.Pointer(&value)))
+ err := ioctlPtr(fd, WDIOC_GETSUPPORT, unsafe.Pointer(&value))
return &value, err
}
@@ -88,6 +73,7 @@ func IoctlGetWatchdogInfo(fd int) (*WatchdogInfo, error) {
// more information, see:
// https://www.kernel.org/doc/html/latest/watchdog/watchdog-api.html.
func IoctlWatchdogKeepalive(fd int) error {
+ // arg is ignored and not a pointer, so ioctl is fine instead of ioctlPtr.
return ioctl(fd, WDIOC_KEEPALIVE, 0)
}
@@ -95,9 +81,7 @@ func IoctlWatchdogKeepalive(fd int) error {
// range of data conveyed in value to the file associated with the file
// descriptor destFd. See the ioctl_ficlonerange(2) man page for details.
func IoctlFileCloneRange(destFd int, value *FileCloneRange) error {
- err := ioctl(destFd, FICLONERANGE, uintptr(unsafe.Pointer(value)))
- runtime.KeepAlive(value)
- return err
+ return ioctlPtr(destFd, FICLONERANGE, unsafe.Pointer(value))
}
// IoctlFileClone performs an FICLONE ioctl operation to clone the entire file
@@ -148,7 +132,7 @@ func IoctlFileDedupeRange(srcFd int, value *FileDedupeRange) error {
rawinfo.Reserved = value.Info[i].Reserved
}
- err := ioctl(srcFd, FIDEDUPERANGE, uintptr(unsafe.Pointer(&buf[0])))
+ err := ioctlPtr(srcFd, FIDEDUPERANGE, unsafe.Pointer(&buf[0]))
// Output
for i := range value.Info {
@@ -166,31 +150,47 @@ func IoctlFileDedupeRange(srcFd int, value *FileDedupeRange) error {
}
func IoctlHIDGetDesc(fd int, value *HIDRawReportDescriptor) error {
- err := ioctl(fd, HIDIOCGRDESC, uintptr(unsafe.Pointer(value)))
- runtime.KeepAlive(value)
- return err
+ return ioctlPtr(fd, HIDIOCGRDESC, unsafe.Pointer(value))
}
func IoctlHIDGetRawInfo(fd int) (*HIDRawDevInfo, error) {
var value HIDRawDevInfo
- err := ioctl(fd, HIDIOCGRAWINFO, uintptr(unsafe.Pointer(&value)))
+ err := ioctlPtr(fd, HIDIOCGRAWINFO, unsafe.Pointer(&value))
return &value, err
}
func IoctlHIDGetRawName(fd int) (string, error) {
var value [_HIDIOCGRAWNAME_LEN]byte
- err := ioctl(fd, _HIDIOCGRAWNAME, uintptr(unsafe.Pointer(&value[0])))
+ err := ioctlPtr(fd, _HIDIOCGRAWNAME, unsafe.Pointer(&value[0]))
return ByteSliceToString(value[:]), err
}
func IoctlHIDGetRawPhys(fd int) (string, error) {
var value [_HIDIOCGRAWPHYS_LEN]byte
- err := ioctl(fd, _HIDIOCGRAWPHYS, uintptr(unsafe.Pointer(&value[0])))
+ err := ioctlPtr(fd, _HIDIOCGRAWPHYS, unsafe.Pointer(&value[0]))
return ByteSliceToString(value[:]), err
}
func IoctlHIDGetRawUniq(fd int) (string, error) {
var value [_HIDIOCGRAWUNIQ_LEN]byte
- err := ioctl(fd, _HIDIOCGRAWUNIQ, uintptr(unsafe.Pointer(&value[0])))
+ err := ioctlPtr(fd, _HIDIOCGRAWUNIQ, unsafe.Pointer(&value[0]))
return ByteSliceToString(value[:]), err
}
+
+// IoctlIfreq performs an ioctl using an Ifreq structure for input and/or
+// output. See the netdevice(7) man page for details.
+func IoctlIfreq(fd int, req uint, value *Ifreq) error {
+ // It is possible we will add more fields to *Ifreq itself later to prevent
+ // misuse, so pass the raw *ifreq directly.
+ return ioctlPtr(fd, req, unsafe.Pointer(&value.raw))
+}
+
+// TODO(mdlayher): export if and when IfreqData is exported.
+
+// ioctlIfreqData performs an ioctl using an ifreqData structure for input
+// and/or output. See the netdevice(7) man page for details.
+func ioctlIfreqData(fd int, req uint, value *ifreqData) error {
+ // The memory layout of IfreqData (type-safe) and ifreq (not type-safe) are
+ // identical so pass *IfreqData directly.
+ return ioctlPtr(fd, req, unsafe.Pointer(value))
+}
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index 6e6afcaa1..0bcb8c322 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -217,8 +217,6 @@ struct ltchars {
#include <linux/genetlink.h>
#include <linux/hdreg.h>
#include <linux/hidraw.h>
-#include <linux/icmp.h>
-#include <linux/icmpv6.h>
#include <linux/if.h>
#include <linux/if_addr.h>
#include <linux/if_alg.h>
@@ -502,7 +500,7 @@ ccflags="$@"
$2 ~ /^LOCK_(SH|EX|NB|UN)$/ ||
$2 ~ /^LO_(KEY|NAME)_SIZE$/ ||
$2 ~ /^LOOP_(CLR|CTL|GET|SET)_/ ||
- $2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL)_/ ||
+ $2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL|TCPOPT)_/ ||
$2 ~ /^NFC_(GENL|PROTO|COMM|RF|SE|DIRECTION|LLCP|SOCKPROTO)_/ ||
$2 ~ /^NFC_.*_(MAX)?SIZE$/ ||
$2 ~ /^RAW_PAYLOAD_/ ||
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index 41b91fdfb..2839435e3 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -66,11 +66,18 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
return fchmodat(dirfd, path, mode)
}
-//sys ioctl(fd int, req uint, arg uintptr) (err error)
+//sys ioctl(fd int, req uint, arg uintptr) (err error) = SYS_IOCTL
+//sys ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) = SYS_IOCTL
-// ioctl itself should not be exposed directly, but additional get/set
-// functions for specific types are permissible.
-// These are defined in ioctl.go and ioctl_linux.go.
+// ioctl itself should not be exposed directly, but additional get/set functions
+// for specific types are permissible. These are defined in ioctl.go and
+// ioctl_linux.go.
+//
+// The third argument to ioctl is often a pointer but sometimes an integer.
+// Callers should use ioctlPtr when the third argument is a pointer and ioctl
+// when the third argument is an integer.
+//
+// TODO: some existing code incorrectly uses ioctl when it should use ioctlPtr.
//sys Linkat(olddirfd int, oldpath string, newdirfd int, newpath string, flags int) (err error)
@@ -1348,6 +1355,13 @@ func SetsockoptTpacketReq3(fd, level, opt int, tp *TpacketReq3) error {
return setsockopt(fd, level, opt, unsafe.Pointer(tp), unsafe.Sizeof(*tp))
}
+func SetsockoptTCPRepairOpt(fd, level, opt int, o []TCPRepairOpt) (err error) {
+ if len(o) == 0 {
+ return EINVAL
+ }
+ return setsockopt(fd, level, opt, unsafe.Pointer(&o[0]), uintptr(SizeofTCPRepairOpt*len(o)))
+}
+
// Keyctl Commands (http://man7.org/linux/man-pages/man2/keyctl.2.html)
// KeyctlInt calls keyctl commands in which each argument is an int.
@@ -1859,7 +1873,7 @@ func Getpgrp() (pid int) {
//sys Nanosleep(time *Timespec, leftover *Timespec) (err error)
//sys PerfEventOpen(attr *PerfEventAttr, pid int, cpu int, groupFd int, flags int) (fd int, err error)
//sys PivotRoot(newroot string, putold string) (err error) = SYS_PIVOT_ROOT
-//sysnb prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) = SYS_PRLIMIT64
+//sysnb Prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) = SYS_PRLIMIT64
//sys Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error)
//sys Pselect(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timespec, sigmask *Sigset_t) (n int, err error) = SYS_PSELECT6
//sys read(fd int, p []byte) (n int, err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_386.go b/vendor/golang.org/x/sys/unix/syscall_linux_386.go
index b430536c8..91317d749 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_386.go
@@ -105,7 +105,7 @@ const rlimInf32 = ^uint32(0)
const rlimInf64 = ^uint64(0)
func Getrlimit(resource int, rlim *Rlimit) (err error) {
- err = prlimit(0, resource, nil, rlim)
+ err = Prlimit(0, resource, nil, rlim)
if err != ENOSYS {
return err
}
@@ -133,7 +133,7 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) {
//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT
func Setrlimit(resource int, rlim *Rlimit) (err error) {
- err = prlimit(0, resource, rlim, nil)
+ err = Prlimit(0, resource, rlim, nil)
if err != ENOSYS {
return err
}
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_arm.go b/vendor/golang.org/x/sys/unix/syscall_linux_arm.go
index 39a864d4e..b961a620e 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_arm.go
@@ -184,7 +184,7 @@ const rlimInf32 = ^uint32(0)
const rlimInf64 = ^uint64(0)
func Getrlimit(resource int, rlim *Rlimit) (err error) {
- err = prlimit(0, resource, nil, rlim)
+ err = Prlimit(0, resource, nil, rlim)
if err != ENOSYS {
return err
}
@@ -212,7 +212,7 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) {
//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT
func Setrlimit(resource int, rlim *Rlimit) (err error) {
- err = prlimit(0, resource, rlim, nil)
+ err = Prlimit(0, resource, rlim, nil)
if err != ENOSYS {
return err
}
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
index 7f27ebf2f..4b977ba44 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
@@ -171,7 +171,7 @@ func Pipe2(p []int, flags int) (err error) {
// Getrlimit prefers the prlimit64 system call. See issue 38604.
func Getrlimit(resource int, rlim *Rlimit) error {
- err := prlimit(0, resource, nil, rlim)
+ err := Prlimit(0, resource, nil, rlim)
if err != ENOSYS {
return err
}
@@ -180,7 +180,7 @@ func Getrlimit(resource int, rlim *Rlimit) error {
// Setrlimit prefers the prlimit64 system call. See issue 38604.
func Setrlimit(resource int, rlim *Rlimit) error {
- err := prlimit(0, resource, rlim, nil)
+ err := Prlimit(0, resource, rlim, nil)
if err != ENOSYS {
return err
}
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go b/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go
index 3a5621e37..21d74e2fb 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go
@@ -157,7 +157,7 @@ type rlimit32 struct {
//sysnb getrlimit(resource int, rlim *rlimit32) (err error) = SYS_GETRLIMIT
func Getrlimit(resource int, rlim *Rlimit) (err error) {
- err = prlimit(0, resource, nil, rlim)
+ err = Prlimit(0, resource, nil, rlim)
if err != ENOSYS {
return err
}
@@ -185,7 +185,7 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) {
//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT
func Setrlimit(resource int, rlim *Rlimit) (err error) {
- err = prlimit(0, resource, rlim, nil)
+ err = Prlimit(0, resource, rlim, nil)
if err != ENOSYS {
return err
}
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go b/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go
index cf0d36f76..6f1fc581e 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go
@@ -3,8 +3,7 @@
// license that can be found in the LICENSE file.
//go:build linux && ppc
-// +build linux
-// +build ppc
+// +build linux,ppc
package unix
@@ -143,7 +142,7 @@ const rlimInf32 = ^uint32(0)
const rlimInf64 = ^uint64(0)
func Getrlimit(resource int, rlim *Rlimit) (err error) {
- err = prlimit(0, resource, nil, rlim)
+ err = Prlimit(0, resource, nil, rlim)
if err != ENOSYS {
return err
}
@@ -171,7 +170,7 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) {
//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT
func Setrlimit(resource int, rlim *Rlimit) (err error) {
- err = prlimit(0, resource, rlim, nil)
+ err = Prlimit(0, resource, rlim, nil)
if err != ENOSYS {
return err
}
diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go
index 77fcde7c1..d2a6495c7 100644
--- a/vendor/golang.org/x/sys/unix/syscall_solaris.go
+++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go
@@ -13,7 +13,10 @@
package unix
import (
+ "fmt"
+ "os"
"runtime"
+ "sync"
"syscall"
"unsafe"
)
@@ -744,3 +747,240 @@ func Mmap(fd int, offset int64, length int, prot int, flags int) (data []byte, e
func Munmap(b []byte) (err error) {
return mapper.Munmap(b)
}
+
+// Event Ports
+
+type fileObjCookie struct {
+ fobj *fileObj
+ cookie interface{}
+}
+
+// EventPort provides a safe abstraction on top of Solaris/illumos Event Ports.
+type EventPort struct {
+ port int
+ mu sync.Mutex
+ fds map[uintptr]interface{}
+ paths map[string]*fileObjCookie
+}
+
+// PortEvent is an abstraction of the port_event C struct.
+// Compare Source against PORT_SOURCE_FILE or PORT_SOURCE_FD
+// to see if Path or Fd was the event source. The other will be
+// uninitialized.
+type PortEvent struct {
+ Cookie interface{}
+ Events int32
+ Fd uintptr
+ Path string
+ Source uint16
+ fobj *fileObj
+}
+
+// NewEventPort creates a new EventPort including the
+// underlying call to port_create(3c).
+func NewEventPort() (*EventPort, error) {
+ port, err := port_create()
+ if err != nil {
+ return nil, err
+ }
+ e := &EventPort{
+ port: port,
+ fds: make(map[uintptr]interface{}),
+ paths: make(map[string]*fileObjCookie),
+ }
+ return e, nil
+}
+
+//sys port_create() (n int, err error)
+//sys port_associate(port int, source int, object uintptr, events int, user *byte) (n int, err error)
+//sys port_dissociate(port int, source int, object uintptr) (n int, err error)
+//sys port_get(port int, pe *portEvent, timeout *Timespec) (n int, err error)
+//sys port_getn(port int, pe *portEvent, max uint32, nget *uint32, timeout *Timespec) (n int, err error)
+
+// Close closes the event port.
+func (e *EventPort) Close() error {
+ e.mu.Lock()
+ defer e.mu.Unlock()
+ e.fds = nil
+ e.paths = nil
+ return Close(e.port)
+}
+
+// PathIsWatched checks to see if path is associated with this EventPort.
+func (e *EventPort) PathIsWatched(path string) bool {
+ e.mu.Lock()
+ defer e.mu.Unlock()
+ _, found := e.paths[path]
+ return found
+}
+
+// FdIsWatched checks to see if fd is associated with this EventPort.
+func (e *EventPort) FdIsWatched(fd uintptr) bool {
+ e.mu.Lock()
+ defer e.mu.Unlock()
+ _, found := e.fds[fd]
+ return found
+}
+
+// AssociatePath wraps port_associate(3c) for a filesystem path including
+// creating the necessary file_obj from the provided stat information.
+func (e *EventPort) AssociatePath(path string, stat os.FileInfo, events int, cookie interface{}) error {
+ e.mu.Lock()
+ defer e.mu.Unlock()
+ if _, found := e.paths[path]; found {
+ return fmt.Errorf("%v is already associated with this Event Port", path)
+ }
+ fobj, err := createFileObj(path, stat)
+ if err != nil {
+ return err
+ }
+ fCookie := &fileObjCookie{fobj, cookie}
+ _, err = port_associate(e.port, PORT_SOURCE_FILE, uintptr(unsafe.Pointer(fobj)), events, (*byte)(unsafe.Pointer(&fCookie.cookie)))
+ if err != nil {
+ return err
+ }
+ e.paths[path] = fCookie
+ return nil
+}
+
+// DissociatePath wraps port_dissociate(3c) for a filesystem path.
+func (e *EventPort) DissociatePath(path string) error {
+ e.mu.Lock()
+ defer e.mu.Unlock()
+ f, ok := e.paths[path]
+ if !ok {
+ return fmt.Errorf("%v is not associated with this Event Port", path)
+ }
+ _, err := port_dissociate(e.port, PORT_SOURCE_FILE, uintptr(unsafe.Pointer(f.fobj)))
+ if err != nil {
+ return err
+ }
+ delete(e.paths, path)
+ return nil
+}
+
+// AssociateFd wraps calls to port_associate(3c) on file descriptors.
+func (e *EventPort) AssociateFd(fd uintptr, events int, cookie interface{}) error {
+ e.mu.Lock()
+ defer e.mu.Unlock()
+ if _, found := e.fds[fd]; found {
+ return fmt.Errorf("%v is already associated with this Event Port", fd)
+ }
+ pcookie := &cookie
+ _, err := port_associate(e.port, PORT_SOURCE_FD, fd, events, (*byte)(unsafe.Pointer(pcookie)))
+ if err != nil {
+ return err
+ }
+ e.fds[fd] = pcookie
+ return nil
+}
+
+// DissociateFd wraps calls to port_dissociate(3c) on file descriptors.
+func (e *EventPort) DissociateFd(fd uintptr) error {
+ e.mu.Lock()
+ defer e.mu.Unlock()
+ _, ok := e.fds[fd]
+ if !ok {
+ return fmt.Errorf("%v is not associated with this Event Port", fd)
+ }
+ _, err := port_dissociate(e.port, PORT_SOURCE_FD, fd)
+ if err != nil {
+ return err
+ }
+ delete(e.fds, fd)
+ return nil
+}
+
+func createFileObj(name string, stat os.FileInfo) (*fileObj, error) {
+ fobj := new(fileObj)
+ bs, err := ByteSliceFromString(name)
+ if err != nil {
+ return nil, err
+ }
+ fobj.Name = (*int8)(unsafe.Pointer(&bs[0]))
+ s := stat.Sys().(*syscall.Stat_t)
+ fobj.Atim.Sec = s.Atim.Sec
+ fobj.Atim.Nsec = s.Atim.Nsec
+ fobj.Mtim.Sec = s.Mtim.Sec
+ fobj.Mtim.Nsec = s.Mtim.Nsec
+ fobj.Ctim.Sec = s.Ctim.Sec
+ fobj.Ctim.Nsec = s.Ctim.Nsec
+ return fobj, nil
+}
+
+// GetOne wraps port_get(3c) and returns a single PortEvent.
+func (e *EventPort) GetOne(t *Timespec) (*PortEvent, error) {
+ pe := new(portEvent)
+ _, err := port_get(e.port, pe, t)
+ if err != nil {
+ return nil, err
+ }
+ p := new(PortEvent)
+ p.Events = pe.Events
+ p.Source = pe.Source
+ e.mu.Lock()
+ defer e.mu.Unlock()
+ switch pe.Source {
+ case PORT_SOURCE_FD:
+ p.Fd = uintptr(pe.Object)
+ cookie := (*interface{})(unsafe.Pointer(pe.User))
+ p.Cookie = *cookie
+ delete(e.fds, p.Fd)
+ case PORT_SOURCE_FILE:
+ p.fobj = (*fileObj)(unsafe.Pointer(uintptr(pe.Object)))
+ p.Path = BytePtrToString((*byte)(unsafe.Pointer(p.fobj.Name)))
+ cookie := (*interface{})(unsafe.Pointer(pe.User))
+ p.Cookie = *cookie
+ delete(e.paths, p.Path)
+ }
+ return p, nil
+}
+
+// Pending wraps port_getn(3c) and returns how many events are pending.
+func (e *EventPort) Pending() (int, error) {
+ var n uint32 = 0
+ _, err := port_getn(e.port, nil, 0, &n, nil)
+ return int(n), err
+}
+
+// Get wraps port_getn(3c) and fills a slice of PortEvent.
+// It will block until either min events have been received
+// or the timeout has been exceeded. It will return how many
+// events were actually received along with any error information.
+func (e *EventPort) Get(s []PortEvent, min int, timeout *Timespec) (int, error) {
+ if min == 0 {
+ return 0, fmt.Errorf("need to request at least one event or use Pending() instead")
+ }
+ if len(s) < min {
+ return 0, fmt.Errorf("len(s) (%d) is less than min events requested (%d)", len(s), min)
+ }
+ got := uint32(min)
+ max := uint32(len(s))
+ var err error
+ ps := make([]portEvent, max, max)
+ _, err = port_getn(e.port, &ps[0], max, &got, timeout)
+ // got will be trustworthy with ETIME, but not any other error.
+ if err != nil && err != ETIME {
+ return 0, err
+ }
+ e.mu.Lock()
+ defer e.mu.Unlock()
+ for i := 0; i < int(got); i++ {
+ s[i].Events = ps[i].Events
+ s[i].Source = ps[i].Source
+ switch ps[i].Source {
+ case PORT_SOURCE_FD:
+ s[i].Fd = uintptr(ps[i].Object)
+ cookie := (*interface{})(unsafe.Pointer(ps[i].User))
+ s[i].Cookie = *cookie
+ delete(e.fds, s[i].Fd)
+ case PORT_SOURCE_FILE:
+ s[i].fobj = (*fileObj)(unsafe.Pointer(uintptr(ps[i].Object)))
+ s[i].Path = BytePtrToString((*byte)(unsafe.Pointer(s[i].fobj.Name)))
+ cookie := (*interface{})(unsafe.Pointer(ps[i].User))
+ s[i].Cookie = *cookie
+ delete(e.paths, s[i].Path)
+ }
+ }
+ return int(got), err
+}
diff --git a/vendor/golang.org/x/sys/unix/syscall_unix.go b/vendor/golang.org/x/sys/unix/syscall_unix.go
index a7618ceb5..cf296a243 100644
--- a/vendor/golang.org/x/sys/unix/syscall_unix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_unix.go
@@ -313,6 +313,10 @@ func Recvfrom(fd int, p []byte, flags int) (n int, from Sockaddr, err error) {
return
}
+func Send(s int, buf []byte, flags int) (err error) {
+ return sendto(s, buf, flags, nil, 0)
+}
+
func Sendto(fd int, p []byte, flags int, to Sockaddr) (err error) {
ptr, n, err := to.sockaddr()
if err != nil {
diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
index 5bb48ef54..a3a45fec5 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
@@ -1206,6 +1206,7 @@ const (
RTF_DONE = 0x40
RTF_DYNAMIC = 0x10
RTF_GATEWAY = 0x2
+ RTF_GLOBAL = 0x40000000
RTF_HOST = 0x4
RTF_IFREF = 0x4000000
RTF_IFSCOPE = 0x1000000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
index 11e570979..31009d7f0 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
@@ -1206,6 +1206,7 @@ const (
RTF_DONE = 0x40
RTF_DYNAMIC = 0x10
RTF_GATEWAY = 0x2
+ RTF_GLOBAL = 0x40000000
RTF_HOST = 0x4
RTF_IFREF = 0x4000000
RTF_IFSCOPE = 0x1000000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index 52f5bbc14..135e3a47a 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -228,6 +228,8 @@ const (
BPF_OR = 0x40
BPF_PSEUDO_BTF_ID = 0x3
BPF_PSEUDO_CALL = 0x1
+ BPF_PSEUDO_FUNC = 0x4
+ BPF_PSEUDO_KFUNC_CALL = 0x2
BPF_PSEUDO_MAP_FD = 0x1
BPF_PSEUDO_MAP_VALUE = 0x2
BPF_RET = 0x6
@@ -475,6 +477,8 @@ const (
DM_LIST_VERSIONS = 0xc138fd0d
DM_MAX_TYPE_NAME = 0x10
DM_NAME_LEN = 0x80
+ DM_NAME_LIST_FLAG_DOESNT_HAVE_UUID = 0x2
+ DM_NAME_LIST_FLAG_HAS_UUID = 0x1
DM_NOFLUSH_FLAG = 0x800
DM_PERSISTENT_DEV_FLAG = 0x8
DM_QUERY_INACTIVE_TABLE_FLAG = 0x1000
@@ -494,9 +498,9 @@ const (
DM_UUID_FLAG = 0x4000
DM_UUID_LEN = 0x81
DM_VERSION = 0xc138fd00
- DM_VERSION_EXTRA = "-ioctl (2021-02-01)"
+ DM_VERSION_EXTRA = "-ioctl (2021-03-22)"
DM_VERSION_MAJOR = 0x4
- DM_VERSION_MINOR = 0x2c
+ DM_VERSION_MINOR = 0x2d
DM_VERSION_PATCHLEVEL = 0x0
DT_BLK = 0x6
DT_CHR = 0x2
@@ -981,12 +985,6 @@ const (
HPFS_SUPER_MAGIC = 0xf995e849
HUGETLBFS_MAGIC = 0x958458f6
IBSHIFT = 0x10
- ICMPV6_FILTER = 0x1
- ICMPV6_FILTER_BLOCK = 0x1
- ICMPV6_FILTER_BLOCKOTHERS = 0x3
- ICMPV6_FILTER_PASS = 0x2
- ICMPV6_FILTER_PASSONLY = 0x4
- ICMP_FILTER = 0x1
ICRNL = 0x100
IFA_F_DADFAILED = 0x8
IFA_F_DEPRECATED = 0x20
@@ -1257,6 +1255,7 @@ const (
KEXEC_ARCH_PARISC = 0xf0000
KEXEC_ARCH_PPC = 0x140000
KEXEC_ARCH_PPC64 = 0x150000
+ KEXEC_ARCH_RISCV = 0xf30000
KEXEC_ARCH_S390 = 0x160000
KEXEC_ARCH_SH = 0x2a0000
KEXEC_ARCH_X86_64 = 0x3e0000
@@ -1756,14 +1755,19 @@ const (
PERF_ATTR_SIZE_VER4 = 0x68
PERF_ATTR_SIZE_VER5 = 0x70
PERF_ATTR_SIZE_VER6 = 0x78
+ PERF_ATTR_SIZE_VER7 = 0x80
PERF_AUX_FLAG_COLLISION = 0x8
+ PERF_AUX_FLAG_CORESIGHT_FORMAT_CORESIGHT = 0x0
+ PERF_AUX_FLAG_CORESIGHT_FORMAT_RAW = 0x100
PERF_AUX_FLAG_OVERWRITE = 0x2
PERF_AUX_FLAG_PARTIAL = 0x4
+ PERF_AUX_FLAG_PMU_FORMAT_TYPE_MASK = 0xff00
PERF_AUX_FLAG_TRUNCATED = 0x1
PERF_FLAG_FD_CLOEXEC = 0x8
PERF_FLAG_FD_NO_GROUP = 0x1
PERF_FLAG_FD_OUTPUT = 0x2
PERF_FLAG_PID_CGROUP = 0x4
+ PERF_HW_EVENT_MASK = 0xffffffff
PERF_MAX_CONTEXTS_PER_STACK = 0x8
PERF_MAX_STACK_DEPTH = 0x7f
PERF_MEM_BLK_ADDR = 0x4
@@ -1822,6 +1826,7 @@ const (
PERF_MEM_TLB_OS = 0x40
PERF_MEM_TLB_SHIFT = 0x1a
PERF_MEM_TLB_WK = 0x20
+ PERF_PMU_TYPE_SHIFT = 0x20
PERF_RECORD_KSYMBOL_FLAGS_UNREGISTER = 0x1
PERF_RECORD_MISC_COMM_EXEC = 0x2000
PERF_RECORD_MISC_CPUMODE_MASK = 0x7
@@ -1921,7 +1926,9 @@ const (
PR_PAC_APGAKEY = 0x10
PR_PAC_APIAKEY = 0x1
PR_PAC_APIBKEY = 0x2
+ PR_PAC_GET_ENABLED_KEYS = 0x3d
PR_PAC_RESET_KEYS = 0x36
+ PR_PAC_SET_ENABLED_KEYS = 0x3c
PR_SET_CHILD_SUBREAPER = 0x24
PR_SET_DUMPABLE = 0x4
PR_SET_ENDIAN = 0x14
@@ -2003,6 +2010,7 @@ const (
PTRACE_GETREGSET = 0x4204
PTRACE_GETSIGINFO = 0x4202
PTRACE_GETSIGMASK = 0x420a
+ PTRACE_GET_RSEQ_CONFIGURATION = 0x420f
PTRACE_GET_SYSCALL_INFO = 0x420e
PTRACE_INTERRUPT = 0x4207
PTRACE_KILL = 0x8
@@ -2163,6 +2171,7 @@ const (
RTM_DELNEIGH = 0x1d
RTM_DELNETCONF = 0x51
RTM_DELNEXTHOP = 0x69
+ RTM_DELNEXTHOPBUCKET = 0x75
RTM_DELNSID = 0x59
RTM_DELQDISC = 0x25
RTM_DELROUTE = 0x19
@@ -2193,6 +2202,7 @@ const (
RTM_GETNEIGHTBL = 0x42
RTM_GETNETCONF = 0x52
RTM_GETNEXTHOP = 0x6a
+ RTM_GETNEXTHOPBUCKET = 0x76
RTM_GETNSID = 0x5a
RTM_GETQDISC = 0x26
RTM_GETROUTE = 0x1a
@@ -2201,7 +2211,7 @@ const (
RTM_GETTCLASS = 0x2a
RTM_GETTFILTER = 0x2e
RTM_GETVLAN = 0x72
- RTM_MAX = 0x73
+ RTM_MAX = 0x77
RTM_NEWACTION = 0x30
RTM_NEWADDR = 0x14
RTM_NEWADDRLABEL = 0x48
@@ -2215,6 +2225,7 @@ const (
RTM_NEWNEIGHTBL = 0x40
RTM_NEWNETCONF = 0x50
RTM_NEWNEXTHOP = 0x68
+ RTM_NEWNEXTHOPBUCKET = 0x74
RTM_NEWNSID = 0x58
RTM_NEWNVLAN = 0x70
RTM_NEWPREFIX = 0x34
@@ -2224,8 +2235,8 @@ const (
RTM_NEWSTATS = 0x5c
RTM_NEWTCLASS = 0x28
RTM_NEWTFILTER = 0x2c
- RTM_NR_FAMILIES = 0x19
- RTM_NR_MSGTYPES = 0x64
+ RTM_NR_FAMILIES = 0x1a
+ RTM_NR_MSGTYPES = 0x68
RTM_SETDCB = 0x4f
RTM_SETLINK = 0x13
RTM_SETNEIGHTBL = 0x43
@@ -2253,6 +2264,7 @@ const (
RTPROT_MROUTED = 0x11
RTPROT_MRT = 0xa
RTPROT_NTK = 0xf
+ RTPROT_OPENR = 0x63
RTPROT_OSPF = 0xbc
RTPROT_RA = 0x9
RTPROT_REDIRECT = 0x1
@@ -2536,6 +2548,14 @@ const (
TCOFLUSH = 0x1
TCOOFF = 0x0
TCOON = 0x1
+ TCPOPT_EOL = 0x0
+ TCPOPT_MAXSEG = 0x2
+ TCPOPT_NOP = 0x1
+ TCPOPT_SACK = 0x5
+ TCPOPT_SACK_PERMITTED = 0x4
+ TCPOPT_TIMESTAMP = 0x8
+ TCPOPT_TSTAMP_HDR = 0x101080a
+ TCPOPT_WINDOW = 0x3
TCP_CC_INFO = 0x1a
TCP_CM_INQ = 0x24
TCP_CONGESTION = 0xd
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
index 09fc559ed..cca248d1d 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
@@ -147,6 +147,7 @@ const (
NS_GET_USERNS = 0xb701
OLCUC = 0x2
ONLCR = 0x4
+ OTPERASE = 0x400c4d19
OTPGETREGIONCOUNT = 0x40044d0e
OTPGETREGIONINFO = 0x400c4d0f
OTPLOCK = 0x800c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
index 75730cc22..9521a4804 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
@@ -147,6 +147,7 @@ const (
NS_GET_USERNS = 0xb701
OLCUC = 0x2
ONLCR = 0x4
+ OTPERASE = 0x400c4d19
OTPGETREGIONCOUNT = 0x40044d0e
OTPGETREGIONINFO = 0x400c4d0f
OTPLOCK = 0x800c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
index 127cf17ad..ddb40a40d 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
@@ -145,6 +145,7 @@ const (
NS_GET_USERNS = 0xb701
OLCUC = 0x2
ONLCR = 0x4
+ OTPERASE = 0x400c4d19
OTPGETREGIONCOUNT = 0x40044d0e
OTPGETREGIONINFO = 0x400c4d0f
OTPLOCK = 0x800c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
index 957ca1ff1..3df31e0d4 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
@@ -148,6 +148,7 @@ const (
NS_GET_USERNS = 0xb701
OLCUC = 0x2
ONLCR = 0x4
+ OTPERASE = 0x400c4d19
OTPGETREGIONCOUNT = 0x40044d0e
OTPGETREGIONINFO = 0x400c4d0f
OTPLOCK = 0x800c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
index 314a2054f..179c7d68d 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
@@ -145,6 +145,7 @@ const (
NS_GET_USERNS = 0x2000b701
OLCUC = 0x2
ONLCR = 0x4
+ OTPERASE = 0x800c4d19
OTPGETREGIONCOUNT = 0x80044d0e
OTPGETREGIONINFO = 0x800c4d0f
OTPLOCK = 0x400c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
index 457e8de97..84ab15a85 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
@@ -145,6 +145,7 @@ const (
NS_GET_USERNS = 0x2000b701
OLCUC = 0x2
ONLCR = 0x4
+ OTPERASE = 0x800c4d19
OTPGETREGIONCOUNT = 0x80044d0e
OTPGETREGIONINFO = 0x800c4d0f
OTPLOCK = 0x400c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
index 33cd28f6b..6aa064da5 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
@@ -145,6 +145,7 @@ const (
NS_GET_USERNS = 0x2000b701
OLCUC = 0x2
ONLCR = 0x4
+ OTPERASE = 0x800c4d19
OTPGETREGIONCOUNT = 0x80044d0e
OTPGETREGIONINFO = 0x800c4d0f
OTPLOCK = 0x400c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
index 0e085ba14..960650f2b 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
@@ -145,6 +145,7 @@ const (
NS_GET_USERNS = 0x2000b701
OLCUC = 0x2
ONLCR = 0x4
+ OTPERASE = 0x800c4d19
OTPGETREGIONCOUNT = 0x80044d0e
OTPGETREGIONINFO = 0x800c4d0f
OTPLOCK = 0x400c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
index 1b5928cff..7365221d0 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
@@ -147,6 +147,7 @@ const (
NS_GET_USERNS = 0x2000b701
OLCUC = 0x4
ONLCR = 0x2
+ OTPERASE = 0x800c4d19
OTPGETREGIONCOUNT = 0x80044d0e
OTPGETREGIONINFO = 0x800c4d0f
OTPLOCK = 0x400c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
index f3a41d6ec..5967db35c 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
@@ -147,6 +147,7 @@ const (
NS_GET_USERNS = 0x2000b701
OLCUC = 0x4
ONLCR = 0x2
+ OTPERASE = 0x800c4d19
OTPGETREGIONCOUNT = 0x80044d0e
OTPGETREGIONINFO = 0x800c4d0f
OTPLOCK = 0x400c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
index 6a5a555d5..f88869849 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
@@ -147,6 +147,7 @@ const (
NS_GET_USERNS = 0x2000b701
OLCUC = 0x4
ONLCR = 0x2
+ OTPERASE = 0x800c4d19
OTPGETREGIONCOUNT = 0x80044d0e
OTPGETREGIONINFO = 0x800c4d0f
OTPLOCK = 0x400c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
index a4da67edb..8048706f3 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
@@ -145,6 +145,7 @@ const (
NS_GET_USERNS = 0xb701
OLCUC = 0x2
ONLCR = 0x4
+ OTPERASE = 0x400c4d19
OTPGETREGIONCOUNT = 0x40044d0e
OTPGETREGIONINFO = 0x400c4d0f
OTPLOCK = 0x800c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
index a7028e0ef..fb7859417 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
@@ -145,6 +145,7 @@ const (
NS_GET_USERNS = 0xb701
OLCUC = 0x2
ONLCR = 0x4
+ OTPERASE = 0x400c4d19
OTPGETREGIONCOUNT = 0x40044d0e
OTPGETREGIONINFO = 0x400c4d0f
OTPLOCK = 0x800c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
index ed3b3286c..81e18d23f 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
@@ -150,6 +150,7 @@ const (
NS_GET_USERNS = 0x2000b701
OLCUC = 0x2
ONLCR = 0x4
+ OTPERASE = 0x800c4d19
OTPGETREGIONCOUNT = 0x80044d0e
OTPGETREGIONINFO = 0x800c4d0f
OTPLOCK = 0x400c4d10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go
index 593cc0fef..6d56edc05 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go
@@ -1020,7 +1020,10 @@ const (
RLIMIT_CPU = 0x0
RLIMIT_DATA = 0x2
RLIMIT_FSIZE = 0x1
+ RLIMIT_MEMLOCK = 0x6
RLIMIT_NOFILE = 0x8
+ RLIMIT_NPROC = 0x7
+ RLIMIT_RSS = 0x5
RLIMIT_STACK = 0x3
RLIM_INFINITY = 0x7fffffffffffffff
RTAX_AUTHOR = 0x6
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go
index a4e4c2231..aef6c0856 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go
@@ -1020,7 +1020,10 @@ const (
RLIMIT_CPU = 0x0
RLIMIT_DATA = 0x2
RLIMIT_FSIZE = 0x1
+ RLIMIT_MEMLOCK = 0x6
RLIMIT_NOFILE = 0x8
+ RLIMIT_NPROC = 0x7
+ RLIMIT_RSS = 0x5
RLIMIT_STACK = 0x3
RLIM_INFINITY = 0x7fffffffffffffff
RTAX_AUTHOR = 0x6
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index 7305cc915..2dbe3da7a 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -48,6 +48,16 @@ func ioctl(fd int, req uint, arg uintptr) (err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
+ _, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg))
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
func Linkat(olddirfd int, oldpath string, newdirfd int, newpath string, flags int) (err error) {
var _p0 *byte
_p0, err = BytePtrFromString(oldpath)
@@ -1201,7 +1211,7 @@ func PivotRoot(newroot string, putold string) (err error) {
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-func prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) {
+func Prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) {
_, _, e1 := RawSyscall6(SYS_PRLIMIT64, uintptr(pid), uintptr(resource), uintptr(unsafe.Pointer(newlimit)), uintptr(unsafe.Pointer(old)), 0, 0)
if e1 != 0 {
err = errnoErr(e1)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go
index 4e18d5c99..b5f926cee 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go
@@ -141,6 +141,11 @@ import (
//go:cgo_import_dynamic libc_getpeername getpeername "libsocket.so"
//go:cgo_import_dynamic libc_setsockopt setsockopt "libsocket.so"
//go:cgo_import_dynamic libc_recvfrom recvfrom "libsocket.so"
+//go:cgo_import_dynamic libc_port_create port_create "libc.so"
+//go:cgo_import_dynamic libc_port_associate port_associate "libc.so"
+//go:cgo_import_dynamic libc_port_dissociate port_dissociate "libc.so"
+//go:cgo_import_dynamic libc_port_get port_get "libc.so"
+//go:cgo_import_dynamic libc_port_getn port_getn "libc.so"
//go:linkname procpipe libc_pipe
//go:linkname procpipe2 libc_pipe2
@@ -272,6 +277,11 @@ import (
//go:linkname procgetpeername libc_getpeername
//go:linkname procsetsockopt libc_setsockopt
//go:linkname procrecvfrom libc_recvfrom
+//go:linkname procport_create libc_port_create
+//go:linkname procport_associate libc_port_associate
+//go:linkname procport_dissociate libc_port_dissociate
+//go:linkname procport_get libc_port_get
+//go:linkname procport_getn libc_port_getn
var (
procpipe,
@@ -403,7 +413,12 @@ var (
proc__xnet_getsockopt,
procgetpeername,
procsetsockopt,
- procrecvfrom syscallFunc
+ procrecvfrom,
+ procport_create,
+ procport_associate,
+ procport_dissociate,
+ procport_get,
+ procport_getn syscallFunc
)
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
@@ -1981,3 +1996,58 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl
}
return
}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func port_create() (n int, err error) {
+ r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procport_create)), 0, 0, 0, 0, 0, 0, 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = e1
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func port_associate(port int, source int, object uintptr, events int, user *byte) (n int, err error) {
+ r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procport_associate)), 5, uintptr(port), uintptr(source), uintptr(object), uintptr(events), uintptr(unsafe.Pointer(user)), 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = e1
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func port_dissociate(port int, source int, object uintptr) (n int, err error) {
+ r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procport_dissociate)), 3, uintptr(port), uintptr(source), uintptr(object), 0, 0, 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = e1
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func port_get(port int, pe *portEvent, timeout *Timespec) (n int, err error) {
+ r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procport_get)), 3, uintptr(port), uintptr(unsafe.Pointer(pe)), uintptr(unsafe.Pointer(timeout)), 0, 0, 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = e1
+ }
+ return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func port_getn(port int, pe *portEvent, max uint32, nget *uint32, timeout *Timespec) (n int, err error) {
+ r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procport_getn)), 5, uintptr(port), uintptr(unsafe.Pointer(pe)), uintptr(max), uintptr(unsafe.Pointer(nget)), uintptr(unsafe.Pointer(timeout)), 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = e1
+ }
+ return
+}
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
index fbc59b7fd..eb3afe678 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
@@ -439,4 +439,7 @@ const (
SYS_PROCESS_MADVISE = 440
SYS_EPOLL_PWAIT2 = 441
SYS_MOUNT_SETATTR = 442
+ SYS_LANDLOCK_CREATE_RULESET = 444
+ SYS_LANDLOCK_ADD_RULE = 445
+ SYS_LANDLOCK_RESTRICT_SELF = 446
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
index 04d16d771..8e7e3aedc 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
@@ -7,358 +7,361 @@
package unix
const (
- SYS_READ = 0
- SYS_WRITE = 1
- SYS_OPEN = 2
- SYS_CLOSE = 3
- SYS_STAT = 4
- SYS_FSTAT = 5
- SYS_LSTAT = 6
- SYS_POLL = 7
- SYS_LSEEK = 8
- SYS_MMAP = 9
- SYS_MPROTECT = 10
- SYS_MUNMAP = 11
- SYS_BRK = 12
- SYS_RT_SIGACTION = 13
- SYS_RT_SIGPROCMASK = 14
- SYS_RT_SIGRETURN = 15
- SYS_IOCTL = 16
- SYS_PREAD64 = 17
- SYS_PWRITE64 = 18
- SYS_READV = 19
- SYS_WRITEV = 20
- SYS_ACCESS = 21
- SYS_PIPE = 22
- SYS_SELECT = 23
- SYS_SCHED_YIELD = 24
- SYS_MREMAP = 25
- SYS_MSYNC = 26
- SYS_MINCORE = 27
- SYS_MADVISE = 28
- SYS_SHMGET = 29
- SYS_SHMAT = 30
- SYS_SHMCTL = 31
- SYS_DUP = 32
- SYS_DUP2 = 33
- SYS_PAUSE = 34
- SYS_NANOSLEEP = 35
- SYS_GETITIMER = 36
- SYS_ALARM = 37
- SYS_SETITIMER = 38
- SYS_GETPID = 39
- SYS_SENDFILE = 40
- SYS_SOCKET = 41
- SYS_CONNECT = 42
- SYS_ACCEPT = 43
- SYS_SENDTO = 44
- SYS_RECVFROM = 45
- SYS_SENDMSG = 46
- SYS_RECVMSG = 47
- SYS_SHUTDOWN = 48
- SYS_BIND = 49
- SYS_LISTEN = 50
- SYS_GETSOCKNAME = 51
- SYS_GETPEERNAME = 52
- SYS_SOCKETPAIR = 53
- SYS_SETSOCKOPT = 54
- SYS_GETSOCKOPT = 55
- SYS_CLONE = 56
- SYS_FORK = 57
- SYS_VFORK = 58
- SYS_EXECVE = 59
- SYS_EXIT = 60
- SYS_WAIT4 = 61
- SYS_KILL = 62
- SYS_UNAME = 63
- SYS_SEMGET = 64
- SYS_SEMOP = 65
- SYS_SEMCTL = 66
- SYS_SHMDT = 67
- SYS_MSGGET = 68
- SYS_MSGSND = 69
- SYS_MSGRCV = 70
- SYS_MSGCTL = 71
- SYS_FCNTL = 72
- SYS_FLOCK = 73
- SYS_FSYNC = 74
- SYS_FDATASYNC = 75
- SYS_TRUNCATE = 76
- SYS_FTRUNCATE = 77
- SYS_GETDENTS = 78
- SYS_GETCWD = 79
- SYS_CHDIR = 80
- SYS_FCHDIR = 81
- SYS_RENAME = 82
- SYS_MKDIR = 83
- SYS_RMDIR = 84
- SYS_CREAT = 85
- SYS_LINK = 86
- SYS_UNLINK = 87
- SYS_SYMLINK = 88
- SYS_READLINK = 89
- SYS_CHMOD = 90
- SYS_FCHMOD = 91
- SYS_CHOWN = 92
- SYS_FCHOWN = 93
- SYS_LCHOWN = 94
- SYS_UMASK = 95
- SYS_GETTIMEOFDAY = 96
- SYS_GETRLIMIT = 97
- SYS_GETRUSAGE = 98
- SYS_SYSINFO = 99
- SYS_TIMES = 100
- SYS_PTRACE = 101
- SYS_GETUID = 102
- SYS_SYSLOG = 103
- SYS_GETGID = 104
- SYS_SETUID = 105
- SYS_SETGID = 106
- SYS_GETEUID = 107
- SYS_GETEGID = 108
- SYS_SETPGID = 109
- SYS_GETPPID = 110
- SYS_GETPGRP = 111
- SYS_SETSID = 112
- SYS_SETREUID = 113
- SYS_SETREGID = 114
- SYS_GETGROUPS = 115
- SYS_SETGROUPS = 116
- SYS_SETRESUID = 117
- SYS_GETRESUID = 118
- SYS_SETRESGID = 119
- SYS_GETRESGID = 120
- SYS_GETPGID = 121
- SYS_SETFSUID = 122
- SYS_SETFSGID = 123
- SYS_GETSID = 124
- SYS_CAPGET = 125
- SYS_CAPSET = 126
- SYS_RT_SIGPENDING = 127
- SYS_RT_SIGTIMEDWAIT = 128
- SYS_RT_SIGQUEUEINFO = 129
- SYS_RT_SIGSUSPEND = 130
- SYS_SIGALTSTACK = 131
- SYS_UTIME = 132
- SYS_MKNOD = 133
- SYS_USELIB = 134
- SYS_PERSONALITY = 135
- SYS_USTAT = 136
- SYS_STATFS = 137
- SYS_FSTATFS = 138
- SYS_SYSFS = 139
- SYS_GETPRIORITY = 140
- SYS_SETPRIORITY = 141
- SYS_SCHED_SETPARAM = 142
- SYS_SCHED_GETPARAM = 143
- SYS_SCHED_SETSCHEDULER = 144
- SYS_SCHED_GETSCHEDULER = 145
- SYS_SCHED_GET_PRIORITY_MAX = 146
- SYS_SCHED_GET_PRIORITY_MIN = 147
- SYS_SCHED_RR_GET_INTERVAL = 148
- SYS_MLOCK = 149
- SYS_MUNLOCK = 150
- SYS_MLOCKALL = 151
- SYS_MUNLOCKALL = 152
- SYS_VHANGUP = 153
- SYS_MODIFY_LDT = 154
- SYS_PIVOT_ROOT = 155
- SYS__SYSCTL = 156
- SYS_PRCTL = 157
- SYS_ARCH_PRCTL = 158
- SYS_ADJTIMEX = 159
- SYS_SETRLIMIT = 160
- SYS_CHROOT = 161
- SYS_SYNC = 162
- SYS_ACCT = 163
- SYS_SETTIMEOFDAY = 164
- SYS_MOUNT = 165
- SYS_UMOUNT2 = 166
- SYS_SWAPON = 167
- SYS_SWAPOFF = 168
- SYS_REBOOT = 169
- SYS_SETHOSTNAME = 170
- SYS_SETDOMAINNAME = 171
- SYS_IOPL = 172
- SYS_IOPERM = 173
- SYS_CREATE_MODULE = 174
- SYS_INIT_MODULE = 175
- SYS_DELETE_MODULE = 176
- SYS_GET_KERNEL_SYMS = 177
- SYS_QUERY_MODULE = 178
- SYS_QUOTACTL = 179
- SYS_NFSSERVCTL = 180
- SYS_GETPMSG = 181
- SYS_PUTPMSG = 182
- SYS_AFS_SYSCALL = 183
- SYS_TUXCALL = 184
- SYS_SECURITY = 185
- SYS_GETTID = 186
- SYS_READAHEAD = 187
- SYS_SETXATTR = 188
- SYS_LSETXATTR = 189
- SYS_FSETXATTR = 190
- SYS_GETXATTR = 191
- SYS_LGETXATTR = 192
- SYS_FGETXATTR = 193
- SYS_LISTXATTR = 194
- SYS_LLISTXATTR = 195
- SYS_FLISTXATTR = 196
- SYS_REMOVEXATTR = 197
- SYS_LREMOVEXATTR = 198
- SYS_FREMOVEXATTR = 199
- SYS_TKILL = 200
- SYS_TIME = 201
- SYS_FUTEX = 202
- SYS_SCHED_SETAFFINITY = 203
- SYS_SCHED_GETAFFINITY = 204
- SYS_SET_THREAD_AREA = 205
- SYS_IO_SETUP = 206
- SYS_IO_DESTROY = 207
- SYS_IO_GETEVENTS = 208
- SYS_IO_SUBMIT = 209
- SYS_IO_CANCEL = 210
- SYS_GET_THREAD_AREA = 211
- SYS_LOOKUP_DCOOKIE = 212
- SYS_EPOLL_CREATE = 213
- SYS_EPOLL_CTL_OLD = 214
- SYS_EPOLL_WAIT_OLD = 215
- SYS_REMAP_FILE_PAGES = 216
- SYS_GETDENTS64 = 217
- SYS_SET_TID_ADDRESS = 218
- SYS_RESTART_SYSCALL = 219
- SYS_SEMTIMEDOP = 220
- SYS_FADVISE64 = 221
- SYS_TIMER_CREATE = 222
- SYS_TIMER_SETTIME = 223
- SYS_TIMER_GETTIME = 224
- SYS_TIMER_GETOVERRUN = 225
- SYS_TIMER_DELETE = 226
- SYS_CLOCK_SETTIME = 227
- SYS_CLOCK_GETTIME = 228
- SYS_CLOCK_GETRES = 229
- SYS_CLOCK_NANOSLEEP = 230
- SYS_EXIT_GROUP = 231
- SYS_EPOLL_WAIT = 232
- SYS_EPOLL_CTL = 233
- SYS_TGKILL = 234
- SYS_UTIMES = 235
- SYS_VSERVER = 236
- SYS_MBIND = 237
- SYS_SET_MEMPOLICY = 238
- SYS_GET_MEMPOLICY = 239
- SYS_MQ_OPEN = 240
- SYS_MQ_UNLINK = 241
- SYS_MQ_TIMEDSEND = 242
- SYS_MQ_TIMEDRECEIVE = 243
- SYS_MQ_NOTIFY = 244
- SYS_MQ_GETSETATTR = 245
- SYS_KEXEC_LOAD = 246
- SYS_WAITID = 247
- SYS_ADD_KEY = 248
- SYS_REQUEST_KEY = 249
- SYS_KEYCTL = 250
- SYS_IOPRIO_SET = 251
- SYS_IOPRIO_GET = 252
- SYS_INOTIFY_INIT = 253
- SYS_INOTIFY_ADD_WATCH = 254
- SYS_INOTIFY_RM_WATCH = 255
- SYS_MIGRATE_PAGES = 256
- SYS_OPENAT = 257
- SYS_MKDIRAT = 258
- SYS_MKNODAT = 259
- SYS_FCHOWNAT = 260
- SYS_FUTIMESAT = 261
- SYS_NEWFSTATAT = 262
- SYS_UNLINKAT = 263
- SYS_RENAMEAT = 264
- SYS_LINKAT = 265
- SYS_SYMLINKAT = 266
- SYS_READLINKAT = 267
- SYS_FCHMODAT = 268
- SYS_FACCESSAT = 269
- SYS_PSELECT6 = 270
- SYS_PPOLL = 271
- SYS_UNSHARE = 272
- SYS_SET_ROBUST_LIST = 273
- SYS_GET_ROBUST_LIST = 274
- SYS_SPLICE = 275
- SYS_TEE = 276
- SYS_SYNC_FILE_RANGE = 277
- SYS_VMSPLICE = 278
- SYS_MOVE_PAGES = 279
- SYS_UTIMENSAT = 280
- SYS_EPOLL_PWAIT = 281
- SYS_SIGNALFD = 282
- SYS_TIMERFD_CREATE = 283
- SYS_EVENTFD = 284
- SYS_FALLOCATE = 285
- SYS_TIMERFD_SETTIME = 286
- SYS_TIMERFD_GETTIME = 287
- SYS_ACCEPT4 = 288
- SYS_SIGNALFD4 = 289
- SYS_EVENTFD2 = 290
- SYS_EPOLL_CREATE1 = 291
- SYS_DUP3 = 292
- SYS_PIPE2 = 293
- SYS_INOTIFY_INIT1 = 294
- SYS_PREADV = 295
- SYS_PWRITEV = 296
- SYS_RT_TGSIGQUEUEINFO = 297
- SYS_PERF_EVENT_OPEN = 298
- SYS_RECVMMSG = 299
- SYS_FANOTIFY_INIT = 300
- SYS_FANOTIFY_MARK = 301
- SYS_PRLIMIT64 = 302
- SYS_NAME_TO_HANDLE_AT = 303
- SYS_OPEN_BY_HANDLE_AT = 304
- SYS_CLOCK_ADJTIME = 305
- SYS_SYNCFS = 306
- SYS_SENDMMSG = 307
- SYS_SETNS = 308
- SYS_GETCPU = 309
- SYS_PROCESS_VM_READV = 310
- SYS_PROCESS_VM_WRITEV = 311
- SYS_KCMP = 312
- SYS_FINIT_MODULE = 313
- SYS_SCHED_SETATTR = 314
- SYS_SCHED_GETATTR = 315
- SYS_RENAMEAT2 = 316
- SYS_SECCOMP = 317
- SYS_GETRANDOM = 318
- SYS_MEMFD_CREATE = 319
- SYS_KEXEC_FILE_LOAD = 320
- SYS_BPF = 321
- SYS_EXECVEAT = 322
- SYS_USERFAULTFD = 323
- SYS_MEMBARRIER = 324
- SYS_MLOCK2 = 325
- SYS_COPY_FILE_RANGE = 326
- SYS_PREADV2 = 327
- SYS_PWRITEV2 = 328
- SYS_PKEY_MPROTECT = 329
- SYS_PKEY_ALLOC = 330
- SYS_PKEY_FREE = 331
- SYS_STATX = 332
- SYS_IO_PGETEVENTS = 333
- SYS_RSEQ = 334
- SYS_PIDFD_SEND_SIGNAL = 424
- SYS_IO_URING_SETUP = 425
- SYS_IO_URING_ENTER = 426
- SYS_IO_URING_REGISTER = 427
- SYS_OPEN_TREE = 428
- SYS_MOVE_MOUNT = 429
- SYS_FSOPEN = 430
- SYS_FSCONFIG = 431
- SYS_FSMOUNT = 432
- SYS_FSPICK = 433
- SYS_PIDFD_OPEN = 434
- SYS_CLONE3 = 435
- SYS_CLOSE_RANGE = 436
- SYS_OPENAT2 = 437
- SYS_PIDFD_GETFD = 438
- SYS_FACCESSAT2 = 439
- SYS_PROCESS_MADVISE = 440
- SYS_EPOLL_PWAIT2 = 441
- SYS_MOUNT_SETATTR = 442
+ SYS_READ = 0
+ SYS_WRITE = 1
+ SYS_OPEN = 2
+ SYS_CLOSE = 3
+ SYS_STAT = 4
+ SYS_FSTAT = 5
+ SYS_LSTAT = 6
+ SYS_POLL = 7
+ SYS_LSEEK = 8
+ SYS_MMAP = 9
+ SYS_MPROTECT = 10
+ SYS_MUNMAP = 11
+ SYS_BRK = 12
+ SYS_RT_SIGACTION = 13
+ SYS_RT_SIGPROCMASK = 14
+ SYS_RT_SIGRETURN = 15
+ SYS_IOCTL = 16
+ SYS_PREAD64 = 17
+ SYS_PWRITE64 = 18
+ SYS_READV = 19
+ SYS_WRITEV = 20
+ SYS_ACCESS = 21
+ SYS_PIPE = 22
+ SYS_SELECT = 23
+ SYS_SCHED_YIELD = 24
+ SYS_MREMAP = 25
+ SYS_MSYNC = 26
+ SYS_MINCORE = 27
+ SYS_MADVISE = 28
+ SYS_SHMGET = 29
+ SYS_SHMAT = 30
+ SYS_SHMCTL = 31
+ SYS_DUP = 32
+ SYS_DUP2 = 33
+ SYS_PAUSE = 34
+ SYS_NANOSLEEP = 35
+ SYS_GETITIMER = 36
+ SYS_ALARM = 37
+ SYS_SETITIMER = 38
+ SYS_GETPID = 39
+ SYS_SENDFILE = 40
+ SYS_SOCKET = 41
+ SYS_CONNECT = 42
+ SYS_ACCEPT = 43
+ SYS_SENDTO = 44
+ SYS_RECVFROM = 45
+ SYS_SENDMSG = 46
+ SYS_RECVMSG = 47
+ SYS_SHUTDOWN = 48
+ SYS_BIND = 49
+ SYS_LISTEN = 50
+ SYS_GETSOCKNAME = 51
+ SYS_GETPEERNAME = 52
+ SYS_SOCKETPAIR = 53
+ SYS_SETSOCKOPT = 54
+ SYS_GETSOCKOPT = 55
+ SYS_CLONE = 56
+ SYS_FORK = 57
+ SYS_VFORK = 58
+ SYS_EXECVE = 59
+ SYS_EXIT = 60
+ SYS_WAIT4 = 61
+ SYS_KILL = 62
+ SYS_UNAME = 63
+ SYS_SEMGET = 64
+ SYS_SEMOP = 65
+ SYS_SEMCTL = 66
+ SYS_SHMDT = 67
+ SYS_MSGGET = 68
+ SYS_MSGSND = 69
+ SYS_MSGRCV = 70
+ SYS_MSGCTL = 71
+ SYS_FCNTL = 72
+ SYS_FLOCK = 73
+ SYS_FSYNC = 74
+ SYS_FDATASYNC = 75
+ SYS_TRUNCATE = 76
+ SYS_FTRUNCATE = 77
+ SYS_GETDENTS = 78
+ SYS_GETCWD = 79
+ SYS_CHDIR = 80
+ SYS_FCHDIR = 81
+ SYS_RENAME = 82
+ SYS_MKDIR = 83
+ SYS_RMDIR = 84
+ SYS_CREAT = 85
+ SYS_LINK = 86
+ SYS_UNLINK = 87
+ SYS_SYMLINK = 88
+ SYS_READLINK = 89
+ SYS_CHMOD = 90
+ SYS_FCHMOD = 91
+ SYS_CHOWN = 92
+ SYS_FCHOWN = 93
+ SYS_LCHOWN = 94
+ SYS_UMASK = 95
+ SYS_GETTIMEOFDAY = 96
+ SYS_GETRLIMIT = 97
+ SYS_GETRUSAGE = 98
+ SYS_SYSINFO = 99
+ SYS_TIMES = 100
+ SYS_PTRACE = 101
+ SYS_GETUID = 102
+ SYS_SYSLOG = 103
+ SYS_GETGID = 104
+ SYS_SETUID = 105
+ SYS_SETGID = 106
+ SYS_GETEUID = 107
+ SYS_GETEGID = 108
+ SYS_SETPGID = 109
+ SYS_GETPPID = 110
+ SYS_GETPGRP = 111
+ SYS_SETSID = 112
+ SYS_SETREUID = 113
+ SYS_SETREGID = 114
+ SYS_GETGROUPS = 115
+ SYS_SETGROUPS = 116
+ SYS_SETRESUID = 117
+ SYS_GETRESUID = 118
+ SYS_SETRESGID = 119
+ SYS_GETRESGID = 120
+ SYS_GETPGID = 121
+ SYS_SETFSUID = 122
+ SYS_SETFSGID = 123
+ SYS_GETSID = 124
+ SYS_CAPGET = 125
+ SYS_CAPSET = 126
+ SYS_RT_SIGPENDING = 127
+ SYS_RT_SIGTIMEDWAIT = 128
+ SYS_RT_SIGQUEUEINFO = 129
+ SYS_RT_SIGSUSPEND = 130
+ SYS_SIGALTSTACK = 131
+ SYS_UTIME = 132
+ SYS_MKNOD = 133
+ SYS_USELIB = 134
+ SYS_PERSONALITY = 135
+ SYS_USTAT = 136
+ SYS_STATFS = 137
+ SYS_FSTATFS = 138
+ SYS_SYSFS = 139
+ SYS_GETPRIORITY = 140
+ SYS_SETPRIORITY = 141
+ SYS_SCHED_SETPARAM = 142
+ SYS_SCHED_GETPARAM = 143
+ SYS_SCHED_SETSCHEDULER = 144
+ SYS_SCHED_GETSCHEDULER = 145
+ SYS_SCHED_GET_PRIORITY_MAX = 146
+ SYS_SCHED_GET_PRIORITY_MIN = 147
+ SYS_SCHED_RR_GET_INTERVAL = 148
+ SYS_MLOCK = 149
+ SYS_MUNLOCK = 150
+ SYS_MLOCKALL = 151
+ SYS_MUNLOCKALL = 152
+ SYS_VHANGUP = 153
+ SYS_MODIFY_LDT = 154
+ SYS_PIVOT_ROOT = 155
+ SYS__SYSCTL = 156
+ SYS_PRCTL = 157
+ SYS_ARCH_PRCTL = 158
+ SYS_ADJTIMEX = 159
+ SYS_SETRLIMIT = 160
+ SYS_CHROOT = 161
+ SYS_SYNC = 162
+ SYS_ACCT = 163
+ SYS_SETTIMEOFDAY = 164
+ SYS_MOUNT = 165
+ SYS_UMOUNT2 = 166
+ SYS_SWAPON = 167
+ SYS_SWAPOFF = 168
+ SYS_REBOOT = 169
+ SYS_SETHOSTNAME = 170
+ SYS_SETDOMAINNAME = 171
+ SYS_IOPL = 172
+ SYS_IOPERM = 173
+ SYS_CREATE_MODULE = 174
+ SYS_INIT_MODULE = 175
+ SYS_DELETE_MODULE = 176
+ SYS_GET_KERNEL_SYMS = 177
+ SYS_QUERY_MODULE = 178
+ SYS_QUOTACTL = 179
+ SYS_NFSSERVCTL = 180
+ SYS_GETPMSG = 181
+ SYS_PUTPMSG = 182
+ SYS_AFS_SYSCALL = 183
+ SYS_TUXCALL = 184
+ SYS_SECURITY = 185
+ SYS_GETTID = 186
+ SYS_READAHEAD = 187
+ SYS_SETXATTR = 188
+ SYS_LSETXATTR = 189
+ SYS_FSETXATTR = 190
+ SYS_GETXATTR = 191
+ SYS_LGETXATTR = 192
+ SYS_FGETXATTR = 193
+ SYS_LISTXATTR = 194
+ SYS_LLISTXATTR = 195
+ SYS_FLISTXATTR = 196
+ SYS_REMOVEXATTR = 197
+ SYS_LREMOVEXATTR = 198
+ SYS_FREMOVEXATTR = 199
+ SYS_TKILL = 200
+ SYS_TIME = 201
+ SYS_FUTEX = 202
+ SYS_SCHED_SETAFFINITY = 203
+ SYS_SCHED_GETAFFINITY = 204
+ SYS_SET_THREAD_AREA = 205
+ SYS_IO_SETUP = 206
+ SYS_IO_DESTROY = 207
+ SYS_IO_GETEVENTS = 208
+ SYS_IO_SUBMIT = 209
+ SYS_IO_CANCEL = 210
+ SYS_GET_THREAD_AREA = 211
+ SYS_LOOKUP_DCOOKIE = 212
+ SYS_EPOLL_CREATE = 213
+ SYS_EPOLL_CTL_OLD = 214
+ SYS_EPOLL_WAIT_OLD = 215
+ SYS_REMAP_FILE_PAGES = 216
+ SYS_GETDENTS64 = 217
+ SYS_SET_TID_ADDRESS = 218
+ SYS_RESTART_SYSCALL = 219
+ SYS_SEMTIMEDOP = 220
+ SYS_FADVISE64 = 221
+ SYS_TIMER_CREATE = 222
+ SYS_TIMER_SETTIME = 223
+ SYS_TIMER_GETTIME = 224
+ SYS_TIMER_GETOVERRUN = 225
+ SYS_TIMER_DELETE = 226
+ SYS_CLOCK_SETTIME = 227
+ SYS_CLOCK_GETTIME = 228
+ SYS_CLOCK_GETRES = 229
+ SYS_CLOCK_NANOSLEEP = 230
+ SYS_EXIT_GROUP = 231
+ SYS_EPOLL_WAIT = 232
+ SYS_EPOLL_CTL = 233
+ SYS_TGKILL = 234
+ SYS_UTIMES = 235
+ SYS_VSERVER = 236
+ SYS_MBIND = 237
+ SYS_SET_MEMPOLICY = 238
+ SYS_GET_MEMPOLICY = 239
+ SYS_MQ_OPEN = 240
+ SYS_MQ_UNLINK = 241
+ SYS_MQ_TIMEDSEND = 242
+ SYS_MQ_TIMEDRECEIVE = 243
+ SYS_MQ_NOTIFY = 244
+ SYS_MQ_GETSETATTR = 245
+ SYS_KEXEC_LOAD = 246
+ SYS_WAITID = 247
+ SYS_ADD_KEY = 248
+ SYS_REQUEST_KEY = 249
+ SYS_KEYCTL = 250
+ SYS_IOPRIO_SET = 251
+ SYS_IOPRIO_GET = 252
+ SYS_INOTIFY_INIT = 253
+ SYS_INOTIFY_ADD_WATCH = 254
+ SYS_INOTIFY_RM_WATCH = 255
+ SYS_MIGRATE_PAGES = 256
+ SYS_OPENAT = 257
+ SYS_MKDIRAT = 258
+ SYS_MKNODAT = 259
+ SYS_FCHOWNAT = 260
+ SYS_FUTIMESAT = 261
+ SYS_NEWFSTATAT = 262
+ SYS_UNLINKAT = 263
+ SYS_RENAMEAT = 264
+ SYS_LINKAT = 265
+ SYS_SYMLINKAT = 266
+ SYS_READLINKAT = 267
+ SYS_FCHMODAT = 268
+ SYS_FACCESSAT = 269
+ SYS_PSELECT6 = 270
+ SYS_PPOLL = 271
+ SYS_UNSHARE = 272
+ SYS_SET_ROBUST_LIST = 273
+ SYS_GET_ROBUST_LIST = 274
+ SYS_SPLICE = 275
+ SYS_TEE = 276
+ SYS_SYNC_FILE_RANGE = 277
+ SYS_VMSPLICE = 278
+ SYS_MOVE_PAGES = 279
+ SYS_UTIMENSAT = 280
+ SYS_EPOLL_PWAIT = 281
+ SYS_SIGNALFD = 282
+ SYS_TIMERFD_CREATE = 283
+ SYS_EVENTFD = 284
+ SYS_FALLOCATE = 285
+ SYS_TIMERFD_SETTIME = 286
+ SYS_TIMERFD_GETTIME = 287
+ SYS_ACCEPT4 = 288
+ SYS_SIGNALFD4 = 289
+ SYS_EVENTFD2 = 290
+ SYS_EPOLL_CREATE1 = 291
+ SYS_DUP3 = 292
+ SYS_PIPE2 = 293
+ SYS_INOTIFY_INIT1 = 294
+ SYS_PREADV = 295
+ SYS_PWRITEV = 296
+ SYS_RT_TGSIGQUEUEINFO = 297
+ SYS_PERF_EVENT_OPEN = 298
+ SYS_RECVMMSG = 299
+ SYS_FANOTIFY_INIT = 300
+ SYS_FANOTIFY_MARK = 301
+ SYS_PRLIMIT64 = 302
+ SYS_NAME_TO_HANDLE_AT = 303
+ SYS_OPEN_BY_HANDLE_AT = 304
+ SYS_CLOCK_ADJTIME = 305
+ SYS_SYNCFS = 306
+ SYS_SENDMMSG = 307
+ SYS_SETNS = 308
+ SYS_GETCPU = 309
+ SYS_PROCESS_VM_READV = 310
+ SYS_PROCESS_VM_WRITEV = 311
+ SYS_KCMP = 312
+ SYS_FINIT_MODULE = 313
+ SYS_SCHED_SETATTR = 314
+ SYS_SCHED_GETATTR = 315
+ SYS_RENAMEAT2 = 316
+ SYS_SECCOMP = 317
+ SYS_GETRANDOM = 318
+ SYS_MEMFD_CREATE = 319
+ SYS_KEXEC_FILE_LOAD = 320
+ SYS_BPF = 321
+ SYS_EXECVEAT = 322
+ SYS_USERFAULTFD = 323
+ SYS_MEMBARRIER = 324
+ SYS_MLOCK2 = 325
+ SYS_COPY_FILE_RANGE = 326
+ SYS_PREADV2 = 327
+ SYS_PWRITEV2 = 328
+ SYS_PKEY_MPROTECT = 329
+ SYS_PKEY_ALLOC = 330
+ SYS_PKEY_FREE = 331
+ SYS_STATX = 332
+ SYS_IO_PGETEVENTS = 333
+ SYS_RSEQ = 334
+ SYS_PIDFD_SEND_SIGNAL = 424
+ SYS_IO_URING_SETUP = 425
+ SYS_IO_URING_ENTER = 426
+ SYS_IO_URING_REGISTER = 427
+ SYS_OPEN_TREE = 428
+ SYS_MOVE_MOUNT = 429
+ SYS_FSOPEN = 430
+ SYS_FSCONFIG = 431
+ SYS_FSMOUNT = 432
+ SYS_FSPICK = 433
+ SYS_PIDFD_OPEN = 434
+ SYS_CLONE3 = 435
+ SYS_CLOSE_RANGE = 436
+ SYS_OPENAT2 = 437
+ SYS_PIDFD_GETFD = 438
+ SYS_FACCESSAT2 = 439
+ SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
+ SYS_LANDLOCK_CREATE_RULESET = 444
+ SYS_LANDLOCK_ADD_RULE = 445
+ SYS_LANDLOCK_RESTRICT_SELF = 446
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
index 3b1c10513..0e6ebfef0 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
@@ -403,4 +403,7 @@ const (
SYS_PROCESS_MADVISE = 440
SYS_EPOLL_PWAIT2 = 441
SYS_MOUNT_SETATTR = 442
+ SYS_LANDLOCK_CREATE_RULESET = 444
+ SYS_LANDLOCK_ADD_RULE = 445
+ SYS_LANDLOCK_RESTRICT_SELF = 446
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
index 3198adcf7..cd2a3ef41 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
@@ -7,303 +7,306 @@
package unix
const (
- SYS_IO_SETUP = 0
- SYS_IO_DESTROY = 1
- SYS_IO_SUBMIT = 2
- SYS_IO_CANCEL = 3
- SYS_IO_GETEVENTS = 4
- SYS_SETXATTR = 5
- SYS_LSETXATTR = 6
- SYS_FSETXATTR = 7
- SYS_GETXATTR = 8
- SYS_LGETXATTR = 9
- SYS_FGETXATTR = 10
- SYS_LISTXATTR = 11
- SYS_LLISTXATTR = 12
- SYS_FLISTXATTR = 13
- SYS_REMOVEXATTR = 14
- SYS_LREMOVEXATTR = 15
- SYS_FREMOVEXATTR = 16
- SYS_GETCWD = 17
- SYS_LOOKUP_DCOOKIE = 18
- SYS_EVENTFD2 = 19
- SYS_EPOLL_CREATE1 = 20
- SYS_EPOLL_CTL = 21
- SYS_EPOLL_PWAIT = 22
- SYS_DUP = 23
- SYS_DUP3 = 24
- SYS_FCNTL = 25
- SYS_INOTIFY_INIT1 = 26
- SYS_INOTIFY_ADD_WATCH = 27
- SYS_INOTIFY_RM_WATCH = 28
- SYS_IOCTL = 29
- SYS_IOPRIO_SET = 30
- SYS_IOPRIO_GET = 31
- SYS_FLOCK = 32
- SYS_MKNODAT = 33
- SYS_MKDIRAT = 34
- SYS_UNLINKAT = 35
- SYS_SYMLINKAT = 36
- SYS_LINKAT = 37
- SYS_RENAMEAT = 38
- SYS_UMOUNT2 = 39
- SYS_MOUNT = 40
- SYS_PIVOT_ROOT = 41
- SYS_NFSSERVCTL = 42
- SYS_STATFS = 43
- SYS_FSTATFS = 44
- SYS_TRUNCATE = 45
- SYS_FTRUNCATE = 46
- SYS_FALLOCATE = 47
- SYS_FACCESSAT = 48
- SYS_CHDIR = 49
- SYS_FCHDIR = 50
- SYS_CHROOT = 51
- SYS_FCHMOD = 52
- SYS_FCHMODAT = 53
- SYS_FCHOWNAT = 54
- SYS_FCHOWN = 55
- SYS_OPENAT = 56
- SYS_CLOSE = 57
- SYS_VHANGUP = 58
- SYS_PIPE2 = 59
- SYS_QUOTACTL = 60
- SYS_GETDENTS64 = 61
- SYS_LSEEK = 62
- SYS_READ = 63
- SYS_WRITE = 64
- SYS_READV = 65
- SYS_WRITEV = 66
- SYS_PREAD64 = 67
- SYS_PWRITE64 = 68
- SYS_PREADV = 69
- SYS_PWRITEV = 70
- SYS_SENDFILE = 71
- SYS_PSELECT6 = 72
- SYS_PPOLL = 73
- SYS_SIGNALFD4 = 74
- SYS_VMSPLICE = 75
- SYS_SPLICE = 76
- SYS_TEE = 77
- SYS_READLINKAT = 78
- SYS_FSTATAT = 79
- SYS_FSTAT = 80
- SYS_SYNC = 81
- SYS_FSYNC = 82
- SYS_FDATASYNC = 83
- SYS_SYNC_FILE_RANGE = 84
- SYS_TIMERFD_CREATE = 85
- SYS_TIMERFD_SETTIME = 86
- SYS_TIMERFD_GETTIME = 87
- SYS_UTIMENSAT = 88
- SYS_ACCT = 89
- SYS_CAPGET = 90
- SYS_CAPSET = 91
- SYS_PERSONALITY = 92
- SYS_EXIT = 93
- SYS_EXIT_GROUP = 94
- SYS_WAITID = 95
- SYS_SET_TID_ADDRESS = 96
- SYS_UNSHARE = 97
- SYS_FUTEX = 98
- SYS_SET_ROBUST_LIST = 99
- SYS_GET_ROBUST_LIST = 100
- SYS_NANOSLEEP = 101
- SYS_GETITIMER = 102
- SYS_SETITIMER = 103
- SYS_KEXEC_LOAD = 104
- SYS_INIT_MODULE = 105
- SYS_DELETE_MODULE = 106
- SYS_TIMER_CREATE = 107
- SYS_TIMER_GETTIME = 108
- SYS_TIMER_GETOVERRUN = 109
- SYS_TIMER_SETTIME = 110
- SYS_TIMER_DELETE = 111
- SYS_CLOCK_SETTIME = 112
- SYS_CLOCK_GETTIME = 113
- SYS_CLOCK_GETRES = 114
- SYS_CLOCK_NANOSLEEP = 115
- SYS_SYSLOG = 116
- SYS_PTRACE = 117
- SYS_SCHED_SETPARAM = 118
- SYS_SCHED_SETSCHEDULER = 119
- SYS_SCHED_GETSCHEDULER = 120
- SYS_SCHED_GETPARAM = 121
- SYS_SCHED_SETAFFINITY = 122
- SYS_SCHED_GETAFFINITY = 123
- SYS_SCHED_YIELD = 124
- SYS_SCHED_GET_PRIORITY_MAX = 125
- SYS_SCHED_GET_PRIORITY_MIN = 126
- SYS_SCHED_RR_GET_INTERVAL = 127
- SYS_RESTART_SYSCALL = 128
- SYS_KILL = 129
- SYS_TKILL = 130
- SYS_TGKILL = 131
- SYS_SIGALTSTACK = 132
- SYS_RT_SIGSUSPEND = 133
- SYS_RT_SIGACTION = 134
- SYS_RT_SIGPROCMASK = 135
- SYS_RT_SIGPENDING = 136
- SYS_RT_SIGTIMEDWAIT = 137
- SYS_RT_SIGQUEUEINFO = 138
- SYS_RT_SIGRETURN = 139
- SYS_SETPRIORITY = 140
- SYS_GETPRIORITY = 141
- SYS_REBOOT = 142
- SYS_SETREGID = 143
- SYS_SETGID = 144
- SYS_SETREUID = 145
- SYS_SETUID = 146
- SYS_SETRESUID = 147
- SYS_GETRESUID = 148
- SYS_SETRESGID = 149
- SYS_GETRESGID = 150
- SYS_SETFSUID = 151
- SYS_SETFSGID = 152
- SYS_TIMES = 153
- SYS_SETPGID = 154
- SYS_GETPGID = 155
- SYS_GETSID = 156
- SYS_SETSID = 157
- SYS_GETGROUPS = 158
- SYS_SETGROUPS = 159
- SYS_UNAME = 160
- SYS_SETHOSTNAME = 161
- SYS_SETDOMAINNAME = 162
- SYS_GETRLIMIT = 163
- SYS_SETRLIMIT = 164
- SYS_GETRUSAGE = 165
- SYS_UMASK = 166
- SYS_PRCTL = 167
- SYS_GETCPU = 168
- SYS_GETTIMEOFDAY = 169
- SYS_SETTIMEOFDAY = 170
- SYS_ADJTIMEX = 171
- SYS_GETPID = 172
- SYS_GETPPID = 173
- SYS_GETUID = 174
- SYS_GETEUID = 175
- SYS_GETGID = 176
- SYS_GETEGID = 177
- SYS_GETTID = 178
- SYS_SYSINFO = 179
- SYS_MQ_OPEN = 180
- SYS_MQ_UNLINK = 181
- SYS_MQ_TIMEDSEND = 182
- SYS_MQ_TIMEDRECEIVE = 183
- SYS_MQ_NOTIFY = 184
- SYS_MQ_GETSETATTR = 185
- SYS_MSGGET = 186
- SYS_MSGCTL = 187
- SYS_MSGRCV = 188
- SYS_MSGSND = 189
- SYS_SEMGET = 190
- SYS_SEMCTL = 191
- SYS_SEMTIMEDOP = 192
- SYS_SEMOP = 193
- SYS_SHMGET = 194
- SYS_SHMCTL = 195
- SYS_SHMAT = 196
- SYS_SHMDT = 197
- SYS_SOCKET = 198
- SYS_SOCKETPAIR = 199
- SYS_BIND = 200
- SYS_LISTEN = 201
- SYS_ACCEPT = 202
- SYS_CONNECT = 203
- SYS_GETSOCKNAME = 204
- SYS_GETPEERNAME = 205
- SYS_SENDTO = 206
- SYS_RECVFROM = 207
- SYS_SETSOCKOPT = 208
- SYS_GETSOCKOPT = 209
- SYS_SHUTDOWN = 210
- SYS_SENDMSG = 211
- SYS_RECVMSG = 212
- SYS_READAHEAD = 213
- SYS_BRK = 214
- SYS_MUNMAP = 215
- SYS_MREMAP = 216
- SYS_ADD_KEY = 217
- SYS_REQUEST_KEY = 218
- SYS_KEYCTL = 219
- SYS_CLONE = 220
- SYS_EXECVE = 221
- SYS_MMAP = 222
- SYS_FADVISE64 = 223
- SYS_SWAPON = 224
- SYS_SWAPOFF = 225
- SYS_MPROTECT = 226
- SYS_MSYNC = 227
- SYS_MLOCK = 228
- SYS_MUNLOCK = 229
- SYS_MLOCKALL = 230
- SYS_MUNLOCKALL = 231
- SYS_MINCORE = 232
- SYS_MADVISE = 233
- SYS_REMAP_FILE_PAGES = 234
- SYS_MBIND = 235
- SYS_GET_MEMPOLICY = 236
- SYS_SET_MEMPOLICY = 237
- SYS_MIGRATE_PAGES = 238
- SYS_MOVE_PAGES = 239
- SYS_RT_TGSIGQUEUEINFO = 240
- SYS_PERF_EVENT_OPEN = 241
- SYS_ACCEPT4 = 242
- SYS_RECVMMSG = 243
- SYS_ARCH_SPECIFIC_SYSCALL = 244
- SYS_WAIT4 = 260
- SYS_PRLIMIT64 = 261
- SYS_FANOTIFY_INIT = 262
- SYS_FANOTIFY_MARK = 263
- SYS_NAME_TO_HANDLE_AT = 264
- SYS_OPEN_BY_HANDLE_AT = 265
- SYS_CLOCK_ADJTIME = 266
- SYS_SYNCFS = 267
- SYS_SETNS = 268
- SYS_SENDMMSG = 269
- SYS_PROCESS_VM_READV = 270
- SYS_PROCESS_VM_WRITEV = 271
- SYS_KCMP = 272
- SYS_FINIT_MODULE = 273
- SYS_SCHED_SETATTR = 274
- SYS_SCHED_GETATTR = 275
- SYS_RENAMEAT2 = 276
- SYS_SECCOMP = 277
- SYS_GETRANDOM = 278
- SYS_MEMFD_CREATE = 279
- SYS_BPF = 280
- SYS_EXECVEAT = 281
- SYS_USERFAULTFD = 282
- SYS_MEMBARRIER = 283
- SYS_MLOCK2 = 284
- SYS_COPY_FILE_RANGE = 285
- SYS_PREADV2 = 286
- SYS_PWRITEV2 = 287
- SYS_PKEY_MPROTECT = 288
- SYS_PKEY_ALLOC = 289
- SYS_PKEY_FREE = 290
- SYS_STATX = 291
- SYS_IO_PGETEVENTS = 292
- SYS_RSEQ = 293
- SYS_KEXEC_FILE_LOAD = 294
- SYS_PIDFD_SEND_SIGNAL = 424
- SYS_IO_URING_SETUP = 425
- SYS_IO_URING_ENTER = 426
- SYS_IO_URING_REGISTER = 427
- SYS_OPEN_TREE = 428
- SYS_MOVE_MOUNT = 429
- SYS_FSOPEN = 430
- SYS_FSCONFIG = 431
- SYS_FSMOUNT = 432
- SYS_FSPICK = 433
- SYS_PIDFD_OPEN = 434
- SYS_CLONE3 = 435
- SYS_CLOSE_RANGE = 436
- SYS_OPENAT2 = 437
- SYS_PIDFD_GETFD = 438
- SYS_FACCESSAT2 = 439
- SYS_PROCESS_MADVISE = 440
- SYS_EPOLL_PWAIT2 = 441
- SYS_MOUNT_SETATTR = 442
+ SYS_IO_SETUP = 0
+ SYS_IO_DESTROY = 1
+ SYS_IO_SUBMIT = 2
+ SYS_IO_CANCEL = 3
+ SYS_IO_GETEVENTS = 4
+ SYS_SETXATTR = 5
+ SYS_LSETXATTR = 6
+ SYS_FSETXATTR = 7
+ SYS_GETXATTR = 8
+ SYS_LGETXATTR = 9
+ SYS_FGETXATTR = 10
+ SYS_LISTXATTR = 11
+ SYS_LLISTXATTR = 12
+ SYS_FLISTXATTR = 13
+ SYS_REMOVEXATTR = 14
+ SYS_LREMOVEXATTR = 15
+ SYS_FREMOVEXATTR = 16
+ SYS_GETCWD = 17
+ SYS_LOOKUP_DCOOKIE = 18
+ SYS_EVENTFD2 = 19
+ SYS_EPOLL_CREATE1 = 20
+ SYS_EPOLL_CTL = 21
+ SYS_EPOLL_PWAIT = 22
+ SYS_DUP = 23
+ SYS_DUP3 = 24
+ SYS_FCNTL = 25
+ SYS_INOTIFY_INIT1 = 26
+ SYS_INOTIFY_ADD_WATCH = 27
+ SYS_INOTIFY_RM_WATCH = 28
+ SYS_IOCTL = 29
+ SYS_IOPRIO_SET = 30
+ SYS_IOPRIO_GET = 31
+ SYS_FLOCK = 32
+ SYS_MKNODAT = 33
+ SYS_MKDIRAT = 34
+ SYS_UNLINKAT = 35
+ SYS_SYMLINKAT = 36
+ SYS_LINKAT = 37
+ SYS_RENAMEAT = 38
+ SYS_UMOUNT2 = 39
+ SYS_MOUNT = 40
+ SYS_PIVOT_ROOT = 41
+ SYS_NFSSERVCTL = 42
+ SYS_STATFS = 43
+ SYS_FSTATFS = 44
+ SYS_TRUNCATE = 45
+ SYS_FTRUNCATE = 46
+ SYS_FALLOCATE = 47
+ SYS_FACCESSAT = 48
+ SYS_CHDIR = 49
+ SYS_FCHDIR = 50
+ SYS_CHROOT = 51
+ SYS_FCHMOD = 52
+ SYS_FCHMODAT = 53
+ SYS_FCHOWNAT = 54
+ SYS_FCHOWN = 55
+ SYS_OPENAT = 56
+ SYS_CLOSE = 57
+ SYS_VHANGUP = 58
+ SYS_PIPE2 = 59
+ SYS_QUOTACTL = 60
+ SYS_GETDENTS64 = 61
+ SYS_LSEEK = 62
+ SYS_READ = 63
+ SYS_WRITE = 64
+ SYS_READV = 65
+ SYS_WRITEV = 66
+ SYS_PREAD64 = 67
+ SYS_PWRITE64 = 68
+ SYS_PREADV = 69
+ SYS_PWRITEV = 70
+ SYS_SENDFILE = 71
+ SYS_PSELECT6 = 72
+ SYS_PPOLL = 73
+ SYS_SIGNALFD4 = 74
+ SYS_VMSPLICE = 75
+ SYS_SPLICE = 76
+ SYS_TEE = 77
+ SYS_READLINKAT = 78
+ SYS_FSTATAT = 79
+ SYS_FSTAT = 80
+ SYS_SYNC = 81
+ SYS_FSYNC = 82
+ SYS_FDATASYNC = 83
+ SYS_SYNC_FILE_RANGE = 84
+ SYS_TIMERFD_CREATE = 85
+ SYS_TIMERFD_SETTIME = 86
+ SYS_TIMERFD_GETTIME = 87
+ SYS_UTIMENSAT = 88
+ SYS_ACCT = 89
+ SYS_CAPGET = 90
+ SYS_CAPSET = 91
+ SYS_PERSONALITY = 92
+ SYS_EXIT = 93
+ SYS_EXIT_GROUP = 94
+ SYS_WAITID = 95
+ SYS_SET_TID_ADDRESS = 96
+ SYS_UNSHARE = 97
+ SYS_FUTEX = 98
+ SYS_SET_ROBUST_LIST = 99
+ SYS_GET_ROBUST_LIST = 100
+ SYS_NANOSLEEP = 101
+ SYS_GETITIMER = 102
+ SYS_SETITIMER = 103
+ SYS_KEXEC_LOAD = 104
+ SYS_INIT_MODULE = 105
+ SYS_DELETE_MODULE = 106
+ SYS_TIMER_CREATE = 107
+ SYS_TIMER_GETTIME = 108
+ SYS_TIMER_GETOVERRUN = 109
+ SYS_TIMER_SETTIME = 110
+ SYS_TIMER_DELETE = 111
+ SYS_CLOCK_SETTIME = 112
+ SYS_CLOCK_GETTIME = 113
+ SYS_CLOCK_GETRES = 114
+ SYS_CLOCK_NANOSLEEP = 115
+ SYS_SYSLOG = 116
+ SYS_PTRACE = 117
+ SYS_SCHED_SETPARAM = 118
+ SYS_SCHED_SETSCHEDULER = 119
+ SYS_SCHED_GETSCHEDULER = 120
+ SYS_SCHED_GETPARAM = 121
+ SYS_SCHED_SETAFFINITY = 122
+ SYS_SCHED_GETAFFINITY = 123
+ SYS_SCHED_YIELD = 124
+ SYS_SCHED_GET_PRIORITY_MAX = 125
+ SYS_SCHED_GET_PRIORITY_MIN = 126
+ SYS_SCHED_RR_GET_INTERVAL = 127
+ SYS_RESTART_SYSCALL = 128
+ SYS_KILL = 129
+ SYS_TKILL = 130
+ SYS_TGKILL = 131
+ SYS_SIGALTSTACK = 132
+ SYS_RT_SIGSUSPEND = 133
+ SYS_RT_SIGACTION = 134
+ SYS_RT_SIGPROCMASK = 135
+ SYS_RT_SIGPENDING = 136
+ SYS_RT_SIGTIMEDWAIT = 137
+ SYS_RT_SIGQUEUEINFO = 138
+ SYS_RT_SIGRETURN = 139
+ SYS_SETPRIORITY = 140
+ SYS_GETPRIORITY = 141
+ SYS_REBOOT = 142
+ SYS_SETREGID = 143
+ SYS_SETGID = 144
+ SYS_SETREUID = 145
+ SYS_SETUID = 146
+ SYS_SETRESUID = 147
+ SYS_GETRESUID = 148
+ SYS_SETRESGID = 149
+ SYS_GETRESGID = 150
+ SYS_SETFSUID = 151
+ SYS_SETFSGID = 152
+ SYS_TIMES = 153
+ SYS_SETPGID = 154
+ SYS_GETPGID = 155
+ SYS_GETSID = 156
+ SYS_SETSID = 157
+ SYS_GETGROUPS = 158
+ SYS_SETGROUPS = 159
+ SYS_UNAME = 160
+ SYS_SETHOSTNAME = 161
+ SYS_SETDOMAINNAME = 162
+ SYS_GETRLIMIT = 163
+ SYS_SETRLIMIT = 164
+ SYS_GETRUSAGE = 165
+ SYS_UMASK = 166
+ SYS_PRCTL = 167
+ SYS_GETCPU = 168
+ SYS_GETTIMEOFDAY = 169
+ SYS_SETTIMEOFDAY = 170
+ SYS_ADJTIMEX = 171
+ SYS_GETPID = 172
+ SYS_GETPPID = 173
+ SYS_GETUID = 174
+ SYS_GETEUID = 175
+ SYS_GETGID = 176
+ SYS_GETEGID = 177
+ SYS_GETTID = 178
+ SYS_SYSINFO = 179
+ SYS_MQ_OPEN = 180
+ SYS_MQ_UNLINK = 181
+ SYS_MQ_TIMEDSEND = 182
+ SYS_MQ_TIMEDRECEIVE = 183
+ SYS_MQ_NOTIFY = 184
+ SYS_MQ_GETSETATTR = 185
+ SYS_MSGGET = 186
+ SYS_MSGCTL = 187
+ SYS_MSGRCV = 188
+ SYS_MSGSND = 189
+ SYS_SEMGET = 190
+ SYS_SEMCTL = 191
+ SYS_SEMTIMEDOP = 192
+ SYS_SEMOP = 193
+ SYS_SHMGET = 194
+ SYS_SHMCTL = 195
+ SYS_SHMAT = 196
+ SYS_SHMDT = 197
+ SYS_SOCKET = 198
+ SYS_SOCKETPAIR = 199
+ SYS_BIND = 200
+ SYS_LISTEN = 201
+ SYS_ACCEPT = 202
+ SYS_CONNECT = 203
+ SYS_GETSOCKNAME = 204
+ SYS_GETPEERNAME = 205
+ SYS_SENDTO = 206
+ SYS_RECVFROM = 207
+ SYS_SETSOCKOPT = 208
+ SYS_GETSOCKOPT = 209
+ SYS_SHUTDOWN = 210
+ SYS_SENDMSG = 211
+ SYS_RECVMSG = 212
+ SYS_READAHEAD = 213
+ SYS_BRK = 214
+ SYS_MUNMAP = 215
+ SYS_MREMAP = 216
+ SYS_ADD_KEY = 217
+ SYS_REQUEST_KEY = 218
+ SYS_KEYCTL = 219
+ SYS_CLONE = 220
+ SYS_EXECVE = 221
+ SYS_MMAP = 222
+ SYS_FADVISE64 = 223
+ SYS_SWAPON = 224
+ SYS_SWAPOFF = 225
+ SYS_MPROTECT = 226
+ SYS_MSYNC = 227
+ SYS_MLOCK = 228
+ SYS_MUNLOCK = 229
+ SYS_MLOCKALL = 230
+ SYS_MUNLOCKALL = 231
+ SYS_MINCORE = 232
+ SYS_MADVISE = 233
+ SYS_REMAP_FILE_PAGES = 234
+ SYS_MBIND = 235
+ SYS_GET_MEMPOLICY = 236
+ SYS_SET_MEMPOLICY = 237
+ SYS_MIGRATE_PAGES = 238
+ SYS_MOVE_PAGES = 239
+ SYS_RT_TGSIGQUEUEINFO = 240
+ SYS_PERF_EVENT_OPEN = 241
+ SYS_ACCEPT4 = 242
+ SYS_RECVMMSG = 243
+ SYS_ARCH_SPECIFIC_SYSCALL = 244
+ SYS_WAIT4 = 260
+ SYS_PRLIMIT64 = 261
+ SYS_FANOTIFY_INIT = 262
+ SYS_FANOTIFY_MARK = 263
+ SYS_NAME_TO_HANDLE_AT = 264
+ SYS_OPEN_BY_HANDLE_AT = 265
+ SYS_CLOCK_ADJTIME = 266
+ SYS_SYNCFS = 267
+ SYS_SETNS = 268
+ SYS_SENDMMSG = 269
+ SYS_PROCESS_VM_READV = 270
+ SYS_PROCESS_VM_WRITEV = 271
+ SYS_KCMP = 272
+ SYS_FINIT_MODULE = 273
+ SYS_SCHED_SETATTR = 274
+ SYS_SCHED_GETATTR = 275
+ SYS_RENAMEAT2 = 276
+ SYS_SECCOMP = 277
+ SYS_GETRANDOM = 278
+ SYS_MEMFD_CREATE = 279
+ SYS_BPF = 280
+ SYS_EXECVEAT = 281
+ SYS_USERFAULTFD = 282
+ SYS_MEMBARRIER = 283
+ SYS_MLOCK2 = 284
+ SYS_COPY_FILE_RANGE = 285
+ SYS_PREADV2 = 286
+ SYS_PWRITEV2 = 287
+ SYS_PKEY_MPROTECT = 288
+ SYS_PKEY_ALLOC = 289
+ SYS_PKEY_FREE = 290
+ SYS_STATX = 291
+ SYS_IO_PGETEVENTS = 292
+ SYS_RSEQ = 293
+ SYS_KEXEC_FILE_LOAD = 294
+ SYS_PIDFD_SEND_SIGNAL = 424
+ SYS_IO_URING_SETUP = 425
+ SYS_IO_URING_ENTER = 426
+ SYS_IO_URING_REGISTER = 427
+ SYS_OPEN_TREE = 428
+ SYS_MOVE_MOUNT = 429
+ SYS_FSOPEN = 430
+ SYS_FSCONFIG = 431
+ SYS_FSMOUNT = 432
+ SYS_FSPICK = 433
+ SYS_PIDFD_OPEN = 434
+ SYS_CLONE3 = 435
+ SYS_CLOSE_RANGE = 436
+ SYS_OPENAT2 = 437
+ SYS_PIDFD_GETFD = 438
+ SYS_FACCESSAT2 = 439
+ SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
+ SYS_LANDLOCK_CREATE_RULESET = 444
+ SYS_LANDLOCK_ADD_RULE = 445
+ SYS_LANDLOCK_RESTRICT_SELF = 446
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
index c877ec6e6..773640b83 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
@@ -424,4 +424,7 @@ const (
SYS_PROCESS_MADVISE = 4440
SYS_EPOLL_PWAIT2 = 4441
SYS_MOUNT_SETATTR = 4442
+ SYS_LANDLOCK_CREATE_RULESET = 4444
+ SYS_LANDLOCK_ADD_RULE = 4445
+ SYS_LANDLOCK_RESTRICT_SELF = 4446
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
index b5f290372..86a41e568 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
@@ -7,351 +7,354 @@
package unix
const (
- SYS_READ = 5000
- SYS_WRITE = 5001
- SYS_OPEN = 5002
- SYS_CLOSE = 5003
- SYS_STAT = 5004
- SYS_FSTAT = 5005
- SYS_LSTAT = 5006
- SYS_POLL = 5007
- SYS_LSEEK = 5008
- SYS_MMAP = 5009
- SYS_MPROTECT = 5010
- SYS_MUNMAP = 5011
- SYS_BRK = 5012
- SYS_RT_SIGACTION = 5013
- SYS_RT_SIGPROCMASK = 5014
- SYS_IOCTL = 5015
- SYS_PREAD64 = 5016
- SYS_PWRITE64 = 5017
- SYS_READV = 5018
- SYS_WRITEV = 5019
- SYS_ACCESS = 5020
- SYS_PIPE = 5021
- SYS__NEWSELECT = 5022
- SYS_SCHED_YIELD = 5023
- SYS_MREMAP = 5024
- SYS_MSYNC = 5025
- SYS_MINCORE = 5026
- SYS_MADVISE = 5027
- SYS_SHMGET = 5028
- SYS_SHMAT = 5029
- SYS_SHMCTL = 5030
- SYS_DUP = 5031
- SYS_DUP2 = 5032
- SYS_PAUSE = 5033
- SYS_NANOSLEEP = 5034
- SYS_GETITIMER = 5035
- SYS_SETITIMER = 5036
- SYS_ALARM = 5037
- SYS_GETPID = 5038
- SYS_SENDFILE = 5039
- SYS_SOCKET = 5040
- SYS_CONNECT = 5041
- SYS_ACCEPT = 5042
- SYS_SENDTO = 5043
- SYS_RECVFROM = 5044
- SYS_SENDMSG = 5045
- SYS_RECVMSG = 5046
- SYS_SHUTDOWN = 5047
- SYS_BIND = 5048
- SYS_LISTEN = 5049
- SYS_GETSOCKNAME = 5050
- SYS_GETPEERNAME = 5051
- SYS_SOCKETPAIR = 5052
- SYS_SETSOCKOPT = 5053
- SYS_GETSOCKOPT = 5054
- SYS_CLONE = 5055
- SYS_FORK = 5056
- SYS_EXECVE = 5057
- SYS_EXIT = 5058
- SYS_WAIT4 = 5059
- SYS_KILL = 5060
- SYS_UNAME = 5061
- SYS_SEMGET = 5062
- SYS_SEMOP = 5063
- SYS_SEMCTL = 5064
- SYS_SHMDT = 5065
- SYS_MSGGET = 5066
- SYS_MSGSND = 5067
- SYS_MSGRCV = 5068
- SYS_MSGCTL = 5069
- SYS_FCNTL = 5070
- SYS_FLOCK = 5071
- SYS_FSYNC = 5072
- SYS_FDATASYNC = 5073
- SYS_TRUNCATE = 5074
- SYS_FTRUNCATE = 5075
- SYS_GETDENTS = 5076
- SYS_GETCWD = 5077
- SYS_CHDIR = 5078
- SYS_FCHDIR = 5079
- SYS_RENAME = 5080
- SYS_MKDIR = 5081
- SYS_RMDIR = 5082
- SYS_CREAT = 5083
- SYS_LINK = 5084
- SYS_UNLINK = 5085
- SYS_SYMLINK = 5086
- SYS_READLINK = 5087
- SYS_CHMOD = 5088
- SYS_FCHMOD = 5089
- SYS_CHOWN = 5090
- SYS_FCHOWN = 5091
- SYS_LCHOWN = 5092
- SYS_UMASK = 5093
- SYS_GETTIMEOFDAY = 5094
- SYS_GETRLIMIT = 5095
- SYS_GETRUSAGE = 5096
- SYS_SYSINFO = 5097
- SYS_TIMES = 5098
- SYS_PTRACE = 5099
- SYS_GETUID = 5100
- SYS_SYSLOG = 5101
- SYS_GETGID = 5102
- SYS_SETUID = 5103
- SYS_SETGID = 5104
- SYS_GETEUID = 5105
- SYS_GETEGID = 5106
- SYS_SETPGID = 5107
- SYS_GETPPID = 5108
- SYS_GETPGRP = 5109
- SYS_SETSID = 5110
- SYS_SETREUID = 5111
- SYS_SETREGID = 5112
- SYS_GETGROUPS = 5113
- SYS_SETGROUPS = 5114
- SYS_SETRESUID = 5115
- SYS_GETRESUID = 5116
- SYS_SETRESGID = 5117
- SYS_GETRESGID = 5118
- SYS_GETPGID = 5119
- SYS_SETFSUID = 5120
- SYS_SETFSGID = 5121
- SYS_GETSID = 5122
- SYS_CAPGET = 5123
- SYS_CAPSET = 5124
- SYS_RT_SIGPENDING = 5125
- SYS_RT_SIGTIMEDWAIT = 5126
- SYS_RT_SIGQUEUEINFO = 5127
- SYS_RT_SIGSUSPEND = 5128
- SYS_SIGALTSTACK = 5129
- SYS_UTIME = 5130
- SYS_MKNOD = 5131
- SYS_PERSONALITY = 5132
- SYS_USTAT = 5133
- SYS_STATFS = 5134
- SYS_FSTATFS = 5135
- SYS_SYSFS = 5136
- SYS_GETPRIORITY = 5137
- SYS_SETPRIORITY = 5138
- SYS_SCHED_SETPARAM = 5139
- SYS_SCHED_GETPARAM = 5140
- SYS_SCHED_SETSCHEDULER = 5141
- SYS_SCHED_GETSCHEDULER = 5142
- SYS_SCHED_GET_PRIORITY_MAX = 5143
- SYS_SCHED_GET_PRIORITY_MIN = 5144
- SYS_SCHED_RR_GET_INTERVAL = 5145
- SYS_MLOCK = 5146
- SYS_MUNLOCK = 5147
- SYS_MLOCKALL = 5148
- SYS_MUNLOCKALL = 5149
- SYS_VHANGUP = 5150
- SYS_PIVOT_ROOT = 5151
- SYS__SYSCTL = 5152
- SYS_PRCTL = 5153
- SYS_ADJTIMEX = 5154
- SYS_SETRLIMIT = 5155
- SYS_CHROOT = 5156
- SYS_SYNC = 5157
- SYS_ACCT = 5158
- SYS_SETTIMEOFDAY = 5159
- SYS_MOUNT = 5160
- SYS_UMOUNT2 = 5161
- SYS_SWAPON = 5162
- SYS_SWAPOFF = 5163
- SYS_REBOOT = 5164
- SYS_SETHOSTNAME = 5165
- SYS_SETDOMAINNAME = 5166
- SYS_CREATE_MODULE = 5167
- SYS_INIT_MODULE = 5168
- SYS_DELETE_MODULE = 5169
- SYS_GET_KERNEL_SYMS = 5170
- SYS_QUERY_MODULE = 5171
- SYS_QUOTACTL = 5172
- SYS_NFSSERVCTL = 5173
- SYS_GETPMSG = 5174
- SYS_PUTPMSG = 5175
- SYS_AFS_SYSCALL = 5176
- SYS_RESERVED177 = 5177
- SYS_GETTID = 5178
- SYS_READAHEAD = 5179
- SYS_SETXATTR = 5180
- SYS_LSETXATTR = 5181
- SYS_FSETXATTR = 5182
- SYS_GETXATTR = 5183
- SYS_LGETXATTR = 5184
- SYS_FGETXATTR = 5185
- SYS_LISTXATTR = 5186
- SYS_LLISTXATTR = 5187
- SYS_FLISTXATTR = 5188
- SYS_REMOVEXATTR = 5189
- SYS_LREMOVEXATTR = 5190
- SYS_FREMOVEXATTR = 5191
- SYS_TKILL = 5192
- SYS_RESERVED193 = 5193
- SYS_FUTEX = 5194
- SYS_SCHED_SETAFFINITY = 5195
- SYS_SCHED_GETAFFINITY = 5196
- SYS_CACHEFLUSH = 5197
- SYS_CACHECTL = 5198
- SYS_SYSMIPS = 5199
- SYS_IO_SETUP = 5200
- SYS_IO_DESTROY = 5201
- SYS_IO_GETEVENTS = 5202
- SYS_IO_SUBMIT = 5203
- SYS_IO_CANCEL = 5204
- SYS_EXIT_GROUP = 5205
- SYS_LOOKUP_DCOOKIE = 5206
- SYS_EPOLL_CREATE = 5207
- SYS_EPOLL_CTL = 5208
- SYS_EPOLL_WAIT = 5209
- SYS_REMAP_FILE_PAGES = 5210
- SYS_RT_SIGRETURN = 5211
- SYS_SET_TID_ADDRESS = 5212
- SYS_RESTART_SYSCALL = 5213
- SYS_SEMTIMEDOP = 5214
- SYS_FADVISE64 = 5215
- SYS_TIMER_CREATE = 5216
- SYS_TIMER_SETTIME = 5217
- SYS_TIMER_GETTIME = 5218
- SYS_TIMER_GETOVERRUN = 5219
- SYS_TIMER_DELETE = 5220
- SYS_CLOCK_SETTIME = 5221
- SYS_CLOCK_GETTIME = 5222
- SYS_CLOCK_GETRES = 5223
- SYS_CLOCK_NANOSLEEP = 5224
- SYS_TGKILL = 5225
- SYS_UTIMES = 5226
- SYS_MBIND = 5227
- SYS_GET_MEMPOLICY = 5228
- SYS_SET_MEMPOLICY = 5229
- SYS_MQ_OPEN = 5230
- SYS_MQ_UNLINK = 5231
- SYS_MQ_TIMEDSEND = 5232
- SYS_MQ_TIMEDRECEIVE = 5233
- SYS_MQ_NOTIFY = 5234
- SYS_MQ_GETSETATTR = 5235
- SYS_VSERVER = 5236
- SYS_WAITID = 5237
- SYS_ADD_KEY = 5239
- SYS_REQUEST_KEY = 5240
- SYS_KEYCTL = 5241
- SYS_SET_THREAD_AREA = 5242
- SYS_INOTIFY_INIT = 5243
- SYS_INOTIFY_ADD_WATCH = 5244
- SYS_INOTIFY_RM_WATCH = 5245
- SYS_MIGRATE_PAGES = 5246
- SYS_OPENAT = 5247
- SYS_MKDIRAT = 5248
- SYS_MKNODAT = 5249
- SYS_FCHOWNAT = 5250
- SYS_FUTIMESAT = 5251
- SYS_NEWFSTATAT = 5252
- SYS_UNLINKAT = 5253
- SYS_RENAMEAT = 5254
- SYS_LINKAT = 5255
- SYS_SYMLINKAT = 5256
- SYS_READLINKAT = 5257
- SYS_FCHMODAT = 5258
- SYS_FACCESSAT = 5259
- SYS_PSELECT6 = 5260
- SYS_PPOLL = 5261
- SYS_UNSHARE = 5262
- SYS_SPLICE = 5263
- SYS_SYNC_FILE_RANGE = 5264
- SYS_TEE = 5265
- SYS_VMSPLICE = 5266
- SYS_MOVE_PAGES = 5267
- SYS_SET_ROBUST_LIST = 5268
- SYS_GET_ROBUST_LIST = 5269
- SYS_KEXEC_LOAD = 5270
- SYS_GETCPU = 5271
- SYS_EPOLL_PWAIT = 5272
- SYS_IOPRIO_SET = 5273
- SYS_IOPRIO_GET = 5274
- SYS_UTIMENSAT = 5275
- SYS_SIGNALFD = 5276
- SYS_TIMERFD = 5277
- SYS_EVENTFD = 5278
- SYS_FALLOCATE = 5279
- SYS_TIMERFD_CREATE = 5280
- SYS_TIMERFD_GETTIME = 5281
- SYS_TIMERFD_SETTIME = 5282
- SYS_SIGNALFD4 = 5283
- SYS_EVENTFD2 = 5284
- SYS_EPOLL_CREATE1 = 5285
- SYS_DUP3 = 5286
- SYS_PIPE2 = 5287
- SYS_INOTIFY_INIT1 = 5288
- SYS_PREADV = 5289
- SYS_PWRITEV = 5290
- SYS_RT_TGSIGQUEUEINFO = 5291
- SYS_PERF_EVENT_OPEN = 5292
- SYS_ACCEPT4 = 5293
- SYS_RECVMMSG = 5294
- SYS_FANOTIFY_INIT = 5295
- SYS_FANOTIFY_MARK = 5296
- SYS_PRLIMIT64 = 5297
- SYS_NAME_TO_HANDLE_AT = 5298
- SYS_OPEN_BY_HANDLE_AT = 5299
- SYS_CLOCK_ADJTIME = 5300
- SYS_SYNCFS = 5301
- SYS_SENDMMSG = 5302
- SYS_SETNS = 5303
- SYS_PROCESS_VM_READV = 5304
- SYS_PROCESS_VM_WRITEV = 5305
- SYS_KCMP = 5306
- SYS_FINIT_MODULE = 5307
- SYS_GETDENTS64 = 5308
- SYS_SCHED_SETATTR = 5309
- SYS_SCHED_GETATTR = 5310
- SYS_RENAMEAT2 = 5311
- SYS_SECCOMP = 5312
- SYS_GETRANDOM = 5313
- SYS_MEMFD_CREATE = 5314
- SYS_BPF = 5315
- SYS_EXECVEAT = 5316
- SYS_USERFAULTFD = 5317
- SYS_MEMBARRIER = 5318
- SYS_MLOCK2 = 5319
- SYS_COPY_FILE_RANGE = 5320
- SYS_PREADV2 = 5321
- SYS_PWRITEV2 = 5322
- SYS_PKEY_MPROTECT = 5323
- SYS_PKEY_ALLOC = 5324
- SYS_PKEY_FREE = 5325
- SYS_STATX = 5326
- SYS_RSEQ = 5327
- SYS_IO_PGETEVENTS = 5328
- SYS_PIDFD_SEND_SIGNAL = 5424
- SYS_IO_URING_SETUP = 5425
- SYS_IO_URING_ENTER = 5426
- SYS_IO_URING_REGISTER = 5427
- SYS_OPEN_TREE = 5428
- SYS_MOVE_MOUNT = 5429
- SYS_FSOPEN = 5430
- SYS_FSCONFIG = 5431
- SYS_FSMOUNT = 5432
- SYS_FSPICK = 5433
- SYS_PIDFD_OPEN = 5434
- SYS_CLONE3 = 5435
- SYS_CLOSE_RANGE = 5436
- SYS_OPENAT2 = 5437
- SYS_PIDFD_GETFD = 5438
- SYS_FACCESSAT2 = 5439
- SYS_PROCESS_MADVISE = 5440
- SYS_EPOLL_PWAIT2 = 5441
- SYS_MOUNT_SETATTR = 5442
+ SYS_READ = 5000
+ SYS_WRITE = 5001
+ SYS_OPEN = 5002
+ SYS_CLOSE = 5003
+ SYS_STAT = 5004
+ SYS_FSTAT = 5005
+ SYS_LSTAT = 5006
+ SYS_POLL = 5007
+ SYS_LSEEK = 5008
+ SYS_MMAP = 5009
+ SYS_MPROTECT = 5010
+ SYS_MUNMAP = 5011
+ SYS_BRK = 5012
+ SYS_RT_SIGACTION = 5013
+ SYS_RT_SIGPROCMASK = 5014
+ SYS_IOCTL = 5015
+ SYS_PREAD64 = 5016
+ SYS_PWRITE64 = 5017
+ SYS_READV = 5018
+ SYS_WRITEV = 5019
+ SYS_ACCESS = 5020
+ SYS_PIPE = 5021
+ SYS__NEWSELECT = 5022
+ SYS_SCHED_YIELD = 5023
+ SYS_MREMAP = 5024
+ SYS_MSYNC = 5025
+ SYS_MINCORE = 5026
+ SYS_MADVISE = 5027
+ SYS_SHMGET = 5028
+ SYS_SHMAT = 5029
+ SYS_SHMCTL = 5030
+ SYS_DUP = 5031
+ SYS_DUP2 = 5032
+ SYS_PAUSE = 5033
+ SYS_NANOSLEEP = 5034
+ SYS_GETITIMER = 5035
+ SYS_SETITIMER = 5036
+ SYS_ALARM = 5037
+ SYS_GETPID = 5038
+ SYS_SENDFILE = 5039
+ SYS_SOCKET = 5040
+ SYS_CONNECT = 5041
+ SYS_ACCEPT = 5042
+ SYS_SENDTO = 5043
+ SYS_RECVFROM = 5044
+ SYS_SENDMSG = 5045
+ SYS_RECVMSG = 5046
+ SYS_SHUTDOWN = 5047
+ SYS_BIND = 5048
+ SYS_LISTEN = 5049
+ SYS_GETSOCKNAME = 5050
+ SYS_GETPEERNAME = 5051
+ SYS_SOCKETPAIR = 5052
+ SYS_SETSOCKOPT = 5053
+ SYS_GETSOCKOPT = 5054
+ SYS_CLONE = 5055
+ SYS_FORK = 5056
+ SYS_EXECVE = 5057
+ SYS_EXIT = 5058
+ SYS_WAIT4 = 5059
+ SYS_KILL = 5060
+ SYS_UNAME = 5061
+ SYS_SEMGET = 5062
+ SYS_SEMOP = 5063
+ SYS_SEMCTL = 5064
+ SYS_SHMDT = 5065
+ SYS_MSGGET = 5066
+ SYS_MSGSND = 5067
+ SYS_MSGRCV = 5068
+ SYS_MSGCTL = 5069
+ SYS_FCNTL = 5070
+ SYS_FLOCK = 5071
+ SYS_FSYNC = 5072
+ SYS_FDATASYNC = 5073
+ SYS_TRUNCATE = 5074
+ SYS_FTRUNCATE = 5075
+ SYS_GETDENTS = 5076
+ SYS_GETCWD = 5077
+ SYS_CHDIR = 5078
+ SYS_FCHDIR = 5079
+ SYS_RENAME = 5080
+ SYS_MKDIR = 5081
+ SYS_RMDIR = 5082
+ SYS_CREAT = 5083
+ SYS_LINK = 5084
+ SYS_UNLINK = 5085
+ SYS_SYMLINK = 5086
+ SYS_READLINK = 5087
+ SYS_CHMOD = 5088
+ SYS_FCHMOD = 5089
+ SYS_CHOWN = 5090
+ SYS_FCHOWN = 5091
+ SYS_LCHOWN = 5092
+ SYS_UMASK = 5093
+ SYS_GETTIMEOFDAY = 5094
+ SYS_GETRLIMIT = 5095
+ SYS_GETRUSAGE = 5096
+ SYS_SYSINFO = 5097
+ SYS_TIMES = 5098
+ SYS_PTRACE = 5099
+ SYS_GETUID = 5100
+ SYS_SYSLOG = 5101
+ SYS_GETGID = 5102
+ SYS_SETUID = 5103
+ SYS_SETGID = 5104
+ SYS_GETEUID = 5105
+ SYS_GETEGID = 5106
+ SYS_SETPGID = 5107
+ SYS_GETPPID = 5108
+ SYS_GETPGRP = 5109
+ SYS_SETSID = 5110
+ SYS_SETREUID = 5111
+ SYS_SETREGID = 5112
+ SYS_GETGROUPS = 5113
+ SYS_SETGROUPS = 5114
+ SYS_SETRESUID = 5115
+ SYS_GETRESUID = 5116
+ SYS_SETRESGID = 5117
+ SYS_GETRESGID = 5118
+ SYS_GETPGID = 5119
+ SYS_SETFSUID = 5120
+ SYS_SETFSGID = 5121
+ SYS_GETSID = 5122
+ SYS_CAPGET = 5123
+ SYS_CAPSET = 5124
+ SYS_RT_SIGPENDING = 5125
+ SYS_RT_SIGTIMEDWAIT = 5126
+ SYS_RT_SIGQUEUEINFO = 5127
+ SYS_RT_SIGSUSPEND = 5128
+ SYS_SIGALTSTACK = 5129
+ SYS_UTIME = 5130
+ SYS_MKNOD = 5131
+ SYS_PERSONALITY = 5132
+ SYS_USTAT = 5133
+ SYS_STATFS = 5134
+ SYS_FSTATFS = 5135
+ SYS_SYSFS = 5136
+ SYS_GETPRIORITY = 5137
+ SYS_SETPRIORITY = 5138
+ SYS_SCHED_SETPARAM = 5139
+ SYS_SCHED_GETPARAM = 5140
+ SYS_SCHED_SETSCHEDULER = 5141
+ SYS_SCHED_GETSCHEDULER = 5142
+ SYS_SCHED_GET_PRIORITY_MAX = 5143
+ SYS_SCHED_GET_PRIORITY_MIN = 5144
+ SYS_SCHED_RR_GET_INTERVAL = 5145
+ SYS_MLOCK = 5146
+ SYS_MUNLOCK = 5147
+ SYS_MLOCKALL = 5148
+ SYS_MUNLOCKALL = 5149
+ SYS_VHANGUP = 5150
+ SYS_PIVOT_ROOT = 5151
+ SYS__SYSCTL = 5152
+ SYS_PRCTL = 5153
+ SYS_ADJTIMEX = 5154
+ SYS_SETRLIMIT = 5155
+ SYS_CHROOT = 5156
+ SYS_SYNC = 5157
+ SYS_ACCT = 5158
+ SYS_SETTIMEOFDAY = 5159
+ SYS_MOUNT = 5160
+ SYS_UMOUNT2 = 5161
+ SYS_SWAPON = 5162
+ SYS_SWAPOFF = 5163
+ SYS_REBOOT = 5164
+ SYS_SETHOSTNAME = 5165
+ SYS_SETDOMAINNAME = 5166
+ SYS_CREATE_MODULE = 5167
+ SYS_INIT_MODULE = 5168
+ SYS_DELETE_MODULE = 5169
+ SYS_GET_KERNEL_SYMS = 5170
+ SYS_QUERY_MODULE = 5171
+ SYS_QUOTACTL = 5172
+ SYS_NFSSERVCTL = 5173
+ SYS_GETPMSG = 5174
+ SYS_PUTPMSG = 5175
+ SYS_AFS_SYSCALL = 5176
+ SYS_RESERVED177 = 5177
+ SYS_GETTID = 5178
+ SYS_READAHEAD = 5179
+ SYS_SETXATTR = 5180
+ SYS_LSETXATTR = 5181
+ SYS_FSETXATTR = 5182
+ SYS_GETXATTR = 5183
+ SYS_LGETXATTR = 5184
+ SYS_FGETXATTR = 5185
+ SYS_LISTXATTR = 5186
+ SYS_LLISTXATTR = 5187
+ SYS_FLISTXATTR = 5188
+ SYS_REMOVEXATTR = 5189
+ SYS_LREMOVEXATTR = 5190
+ SYS_FREMOVEXATTR = 5191
+ SYS_TKILL = 5192
+ SYS_RESERVED193 = 5193
+ SYS_FUTEX = 5194
+ SYS_SCHED_SETAFFINITY = 5195
+ SYS_SCHED_GETAFFINITY = 5196
+ SYS_CACHEFLUSH = 5197
+ SYS_CACHECTL = 5198
+ SYS_SYSMIPS = 5199
+ SYS_IO_SETUP = 5200
+ SYS_IO_DESTROY = 5201
+ SYS_IO_GETEVENTS = 5202
+ SYS_IO_SUBMIT = 5203
+ SYS_IO_CANCEL = 5204
+ SYS_EXIT_GROUP = 5205
+ SYS_LOOKUP_DCOOKIE = 5206
+ SYS_EPOLL_CREATE = 5207
+ SYS_EPOLL_CTL = 5208
+ SYS_EPOLL_WAIT = 5209
+ SYS_REMAP_FILE_PAGES = 5210
+ SYS_RT_SIGRETURN = 5211
+ SYS_SET_TID_ADDRESS = 5212
+ SYS_RESTART_SYSCALL = 5213
+ SYS_SEMTIMEDOP = 5214
+ SYS_FADVISE64 = 5215
+ SYS_TIMER_CREATE = 5216
+ SYS_TIMER_SETTIME = 5217
+ SYS_TIMER_GETTIME = 5218
+ SYS_TIMER_GETOVERRUN = 5219
+ SYS_TIMER_DELETE = 5220
+ SYS_CLOCK_SETTIME = 5221
+ SYS_CLOCK_GETTIME = 5222
+ SYS_CLOCK_GETRES = 5223
+ SYS_CLOCK_NANOSLEEP = 5224
+ SYS_TGKILL = 5225
+ SYS_UTIMES = 5226
+ SYS_MBIND = 5227
+ SYS_GET_MEMPOLICY = 5228
+ SYS_SET_MEMPOLICY = 5229
+ SYS_MQ_OPEN = 5230
+ SYS_MQ_UNLINK = 5231
+ SYS_MQ_TIMEDSEND = 5232
+ SYS_MQ_TIMEDRECEIVE = 5233
+ SYS_MQ_NOTIFY = 5234
+ SYS_MQ_GETSETATTR = 5235
+ SYS_VSERVER = 5236
+ SYS_WAITID = 5237
+ SYS_ADD_KEY = 5239
+ SYS_REQUEST_KEY = 5240
+ SYS_KEYCTL = 5241
+ SYS_SET_THREAD_AREA = 5242
+ SYS_INOTIFY_INIT = 5243
+ SYS_INOTIFY_ADD_WATCH = 5244
+ SYS_INOTIFY_RM_WATCH = 5245
+ SYS_MIGRATE_PAGES = 5246
+ SYS_OPENAT = 5247
+ SYS_MKDIRAT = 5248
+ SYS_MKNODAT = 5249
+ SYS_FCHOWNAT = 5250
+ SYS_FUTIMESAT = 5251
+ SYS_NEWFSTATAT = 5252
+ SYS_UNLINKAT = 5253
+ SYS_RENAMEAT = 5254
+ SYS_LINKAT = 5255
+ SYS_SYMLINKAT = 5256
+ SYS_READLINKAT = 5257
+ SYS_FCHMODAT = 5258
+ SYS_FACCESSAT = 5259
+ SYS_PSELECT6 = 5260
+ SYS_PPOLL = 5261
+ SYS_UNSHARE = 5262
+ SYS_SPLICE = 5263
+ SYS_SYNC_FILE_RANGE = 5264
+ SYS_TEE = 5265
+ SYS_VMSPLICE = 5266
+ SYS_MOVE_PAGES = 5267
+ SYS_SET_ROBUST_LIST = 5268
+ SYS_GET_ROBUST_LIST = 5269
+ SYS_KEXEC_LOAD = 5270
+ SYS_GETCPU = 5271
+ SYS_EPOLL_PWAIT = 5272
+ SYS_IOPRIO_SET = 5273
+ SYS_IOPRIO_GET = 5274
+ SYS_UTIMENSAT = 5275
+ SYS_SIGNALFD = 5276
+ SYS_TIMERFD = 5277
+ SYS_EVENTFD = 5278
+ SYS_FALLOCATE = 5279
+ SYS_TIMERFD_CREATE = 5280
+ SYS_TIMERFD_GETTIME = 5281
+ SYS_TIMERFD_SETTIME = 5282
+ SYS_SIGNALFD4 = 5283
+ SYS_EVENTFD2 = 5284
+ SYS_EPOLL_CREATE1 = 5285
+ SYS_DUP3 = 5286
+ SYS_PIPE2 = 5287
+ SYS_INOTIFY_INIT1 = 5288
+ SYS_PREADV = 5289
+ SYS_PWRITEV = 5290
+ SYS_RT_TGSIGQUEUEINFO = 5291
+ SYS_PERF_EVENT_OPEN = 5292
+ SYS_ACCEPT4 = 5293
+ SYS_RECVMMSG = 5294
+ SYS_FANOTIFY_INIT = 5295
+ SYS_FANOTIFY_MARK = 5296
+ SYS_PRLIMIT64 = 5297
+ SYS_NAME_TO_HANDLE_AT = 5298
+ SYS_OPEN_BY_HANDLE_AT = 5299
+ SYS_CLOCK_ADJTIME = 5300
+ SYS_SYNCFS = 5301
+ SYS_SENDMMSG = 5302
+ SYS_SETNS = 5303
+ SYS_PROCESS_VM_READV = 5304
+ SYS_PROCESS_VM_WRITEV = 5305
+ SYS_KCMP = 5306
+ SYS_FINIT_MODULE = 5307
+ SYS_GETDENTS64 = 5308
+ SYS_SCHED_SETATTR = 5309
+ SYS_SCHED_GETATTR = 5310
+ SYS_RENAMEAT2 = 5311
+ SYS_SECCOMP = 5312
+ SYS_GETRANDOM = 5313
+ SYS_MEMFD_CREATE = 5314
+ SYS_BPF = 5315
+ SYS_EXECVEAT = 5316
+ SYS_USERFAULTFD = 5317
+ SYS_MEMBARRIER = 5318
+ SYS_MLOCK2 = 5319
+ SYS_COPY_FILE_RANGE = 5320
+ SYS_PREADV2 = 5321
+ SYS_PWRITEV2 = 5322
+ SYS_PKEY_MPROTECT = 5323
+ SYS_PKEY_ALLOC = 5324
+ SYS_PKEY_FREE = 5325
+ SYS_STATX = 5326
+ SYS_RSEQ = 5327
+ SYS_IO_PGETEVENTS = 5328
+ SYS_PIDFD_SEND_SIGNAL = 5424
+ SYS_IO_URING_SETUP = 5425
+ SYS_IO_URING_ENTER = 5426
+ SYS_IO_URING_REGISTER = 5427
+ SYS_OPEN_TREE = 5428
+ SYS_MOVE_MOUNT = 5429
+ SYS_FSOPEN = 5430
+ SYS_FSCONFIG = 5431
+ SYS_FSMOUNT = 5432
+ SYS_FSPICK = 5433
+ SYS_PIDFD_OPEN = 5434
+ SYS_CLONE3 = 5435
+ SYS_CLOSE_RANGE = 5436
+ SYS_OPENAT2 = 5437
+ SYS_PIDFD_GETFD = 5438
+ SYS_FACCESSAT2 = 5439
+ SYS_PROCESS_MADVISE = 5440
+ SYS_EPOLL_PWAIT2 = 5441
+ SYS_MOUNT_SETATTR = 5442
+ SYS_LANDLOCK_CREATE_RULESET = 5444
+ SYS_LANDLOCK_ADD_RULE = 5445
+ SYS_LANDLOCK_RESTRICT_SELF = 5446
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
index 46077689a..77f5728da 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
@@ -7,351 +7,354 @@
package unix
const (
- SYS_READ = 5000
- SYS_WRITE = 5001
- SYS_OPEN = 5002
- SYS_CLOSE = 5003
- SYS_STAT = 5004
- SYS_FSTAT = 5005
- SYS_LSTAT = 5006
- SYS_POLL = 5007
- SYS_LSEEK = 5008
- SYS_MMAP = 5009
- SYS_MPROTECT = 5010
- SYS_MUNMAP = 5011
- SYS_BRK = 5012
- SYS_RT_SIGACTION = 5013
- SYS_RT_SIGPROCMASK = 5014
- SYS_IOCTL = 5015
- SYS_PREAD64 = 5016
- SYS_PWRITE64 = 5017
- SYS_READV = 5018
- SYS_WRITEV = 5019
- SYS_ACCESS = 5020
- SYS_PIPE = 5021
- SYS__NEWSELECT = 5022
- SYS_SCHED_YIELD = 5023
- SYS_MREMAP = 5024
- SYS_MSYNC = 5025
- SYS_MINCORE = 5026
- SYS_MADVISE = 5027
- SYS_SHMGET = 5028
- SYS_SHMAT = 5029
- SYS_SHMCTL = 5030
- SYS_DUP = 5031
- SYS_DUP2 = 5032
- SYS_PAUSE = 5033
- SYS_NANOSLEEP = 5034
- SYS_GETITIMER = 5035
- SYS_SETITIMER = 5036
- SYS_ALARM = 5037
- SYS_GETPID = 5038
- SYS_SENDFILE = 5039
- SYS_SOCKET = 5040
- SYS_CONNECT = 5041
- SYS_ACCEPT = 5042
- SYS_SENDTO = 5043
- SYS_RECVFROM = 5044
- SYS_SENDMSG = 5045
- SYS_RECVMSG = 5046
- SYS_SHUTDOWN = 5047
- SYS_BIND = 5048
- SYS_LISTEN = 5049
- SYS_GETSOCKNAME = 5050
- SYS_GETPEERNAME = 5051
- SYS_SOCKETPAIR = 5052
- SYS_SETSOCKOPT = 5053
- SYS_GETSOCKOPT = 5054
- SYS_CLONE = 5055
- SYS_FORK = 5056
- SYS_EXECVE = 5057
- SYS_EXIT = 5058
- SYS_WAIT4 = 5059
- SYS_KILL = 5060
- SYS_UNAME = 5061
- SYS_SEMGET = 5062
- SYS_SEMOP = 5063
- SYS_SEMCTL = 5064
- SYS_SHMDT = 5065
- SYS_MSGGET = 5066
- SYS_MSGSND = 5067
- SYS_MSGRCV = 5068
- SYS_MSGCTL = 5069
- SYS_FCNTL = 5070
- SYS_FLOCK = 5071
- SYS_FSYNC = 5072
- SYS_FDATASYNC = 5073
- SYS_TRUNCATE = 5074
- SYS_FTRUNCATE = 5075
- SYS_GETDENTS = 5076
- SYS_GETCWD = 5077
- SYS_CHDIR = 5078
- SYS_FCHDIR = 5079
- SYS_RENAME = 5080
- SYS_MKDIR = 5081
- SYS_RMDIR = 5082
- SYS_CREAT = 5083
- SYS_LINK = 5084
- SYS_UNLINK = 5085
- SYS_SYMLINK = 5086
- SYS_READLINK = 5087
- SYS_CHMOD = 5088
- SYS_FCHMOD = 5089
- SYS_CHOWN = 5090
- SYS_FCHOWN = 5091
- SYS_LCHOWN = 5092
- SYS_UMASK = 5093
- SYS_GETTIMEOFDAY = 5094
- SYS_GETRLIMIT = 5095
- SYS_GETRUSAGE = 5096
- SYS_SYSINFO = 5097
- SYS_TIMES = 5098
- SYS_PTRACE = 5099
- SYS_GETUID = 5100
- SYS_SYSLOG = 5101
- SYS_GETGID = 5102
- SYS_SETUID = 5103
- SYS_SETGID = 5104
- SYS_GETEUID = 5105
- SYS_GETEGID = 5106
- SYS_SETPGID = 5107
- SYS_GETPPID = 5108
- SYS_GETPGRP = 5109
- SYS_SETSID = 5110
- SYS_SETREUID = 5111
- SYS_SETREGID = 5112
- SYS_GETGROUPS = 5113
- SYS_SETGROUPS = 5114
- SYS_SETRESUID = 5115
- SYS_GETRESUID = 5116
- SYS_SETRESGID = 5117
- SYS_GETRESGID = 5118
- SYS_GETPGID = 5119
- SYS_SETFSUID = 5120
- SYS_SETFSGID = 5121
- SYS_GETSID = 5122
- SYS_CAPGET = 5123
- SYS_CAPSET = 5124
- SYS_RT_SIGPENDING = 5125
- SYS_RT_SIGTIMEDWAIT = 5126
- SYS_RT_SIGQUEUEINFO = 5127
- SYS_RT_SIGSUSPEND = 5128
- SYS_SIGALTSTACK = 5129
- SYS_UTIME = 5130
- SYS_MKNOD = 5131
- SYS_PERSONALITY = 5132
- SYS_USTAT = 5133
- SYS_STATFS = 5134
- SYS_FSTATFS = 5135
- SYS_SYSFS = 5136
- SYS_GETPRIORITY = 5137
- SYS_SETPRIORITY = 5138
- SYS_SCHED_SETPARAM = 5139
- SYS_SCHED_GETPARAM = 5140
- SYS_SCHED_SETSCHEDULER = 5141
- SYS_SCHED_GETSCHEDULER = 5142
- SYS_SCHED_GET_PRIORITY_MAX = 5143
- SYS_SCHED_GET_PRIORITY_MIN = 5144
- SYS_SCHED_RR_GET_INTERVAL = 5145
- SYS_MLOCK = 5146
- SYS_MUNLOCK = 5147
- SYS_MLOCKALL = 5148
- SYS_MUNLOCKALL = 5149
- SYS_VHANGUP = 5150
- SYS_PIVOT_ROOT = 5151
- SYS__SYSCTL = 5152
- SYS_PRCTL = 5153
- SYS_ADJTIMEX = 5154
- SYS_SETRLIMIT = 5155
- SYS_CHROOT = 5156
- SYS_SYNC = 5157
- SYS_ACCT = 5158
- SYS_SETTIMEOFDAY = 5159
- SYS_MOUNT = 5160
- SYS_UMOUNT2 = 5161
- SYS_SWAPON = 5162
- SYS_SWAPOFF = 5163
- SYS_REBOOT = 5164
- SYS_SETHOSTNAME = 5165
- SYS_SETDOMAINNAME = 5166
- SYS_CREATE_MODULE = 5167
- SYS_INIT_MODULE = 5168
- SYS_DELETE_MODULE = 5169
- SYS_GET_KERNEL_SYMS = 5170
- SYS_QUERY_MODULE = 5171
- SYS_QUOTACTL = 5172
- SYS_NFSSERVCTL = 5173
- SYS_GETPMSG = 5174
- SYS_PUTPMSG = 5175
- SYS_AFS_SYSCALL = 5176
- SYS_RESERVED177 = 5177
- SYS_GETTID = 5178
- SYS_READAHEAD = 5179
- SYS_SETXATTR = 5180
- SYS_LSETXATTR = 5181
- SYS_FSETXATTR = 5182
- SYS_GETXATTR = 5183
- SYS_LGETXATTR = 5184
- SYS_FGETXATTR = 5185
- SYS_LISTXATTR = 5186
- SYS_LLISTXATTR = 5187
- SYS_FLISTXATTR = 5188
- SYS_REMOVEXATTR = 5189
- SYS_LREMOVEXATTR = 5190
- SYS_FREMOVEXATTR = 5191
- SYS_TKILL = 5192
- SYS_RESERVED193 = 5193
- SYS_FUTEX = 5194
- SYS_SCHED_SETAFFINITY = 5195
- SYS_SCHED_GETAFFINITY = 5196
- SYS_CACHEFLUSH = 5197
- SYS_CACHECTL = 5198
- SYS_SYSMIPS = 5199
- SYS_IO_SETUP = 5200
- SYS_IO_DESTROY = 5201
- SYS_IO_GETEVENTS = 5202
- SYS_IO_SUBMIT = 5203
- SYS_IO_CANCEL = 5204
- SYS_EXIT_GROUP = 5205
- SYS_LOOKUP_DCOOKIE = 5206
- SYS_EPOLL_CREATE = 5207
- SYS_EPOLL_CTL = 5208
- SYS_EPOLL_WAIT = 5209
- SYS_REMAP_FILE_PAGES = 5210
- SYS_RT_SIGRETURN = 5211
- SYS_SET_TID_ADDRESS = 5212
- SYS_RESTART_SYSCALL = 5213
- SYS_SEMTIMEDOP = 5214
- SYS_FADVISE64 = 5215
- SYS_TIMER_CREATE = 5216
- SYS_TIMER_SETTIME = 5217
- SYS_TIMER_GETTIME = 5218
- SYS_TIMER_GETOVERRUN = 5219
- SYS_TIMER_DELETE = 5220
- SYS_CLOCK_SETTIME = 5221
- SYS_CLOCK_GETTIME = 5222
- SYS_CLOCK_GETRES = 5223
- SYS_CLOCK_NANOSLEEP = 5224
- SYS_TGKILL = 5225
- SYS_UTIMES = 5226
- SYS_MBIND = 5227
- SYS_GET_MEMPOLICY = 5228
- SYS_SET_MEMPOLICY = 5229
- SYS_MQ_OPEN = 5230
- SYS_MQ_UNLINK = 5231
- SYS_MQ_TIMEDSEND = 5232
- SYS_MQ_TIMEDRECEIVE = 5233
- SYS_MQ_NOTIFY = 5234
- SYS_MQ_GETSETATTR = 5235
- SYS_VSERVER = 5236
- SYS_WAITID = 5237
- SYS_ADD_KEY = 5239
- SYS_REQUEST_KEY = 5240
- SYS_KEYCTL = 5241
- SYS_SET_THREAD_AREA = 5242
- SYS_INOTIFY_INIT = 5243
- SYS_INOTIFY_ADD_WATCH = 5244
- SYS_INOTIFY_RM_WATCH = 5245
- SYS_MIGRATE_PAGES = 5246
- SYS_OPENAT = 5247
- SYS_MKDIRAT = 5248
- SYS_MKNODAT = 5249
- SYS_FCHOWNAT = 5250
- SYS_FUTIMESAT = 5251
- SYS_NEWFSTATAT = 5252
- SYS_UNLINKAT = 5253
- SYS_RENAMEAT = 5254
- SYS_LINKAT = 5255
- SYS_SYMLINKAT = 5256
- SYS_READLINKAT = 5257
- SYS_FCHMODAT = 5258
- SYS_FACCESSAT = 5259
- SYS_PSELECT6 = 5260
- SYS_PPOLL = 5261
- SYS_UNSHARE = 5262
- SYS_SPLICE = 5263
- SYS_SYNC_FILE_RANGE = 5264
- SYS_TEE = 5265
- SYS_VMSPLICE = 5266
- SYS_MOVE_PAGES = 5267
- SYS_SET_ROBUST_LIST = 5268
- SYS_GET_ROBUST_LIST = 5269
- SYS_KEXEC_LOAD = 5270
- SYS_GETCPU = 5271
- SYS_EPOLL_PWAIT = 5272
- SYS_IOPRIO_SET = 5273
- SYS_IOPRIO_GET = 5274
- SYS_UTIMENSAT = 5275
- SYS_SIGNALFD = 5276
- SYS_TIMERFD = 5277
- SYS_EVENTFD = 5278
- SYS_FALLOCATE = 5279
- SYS_TIMERFD_CREATE = 5280
- SYS_TIMERFD_GETTIME = 5281
- SYS_TIMERFD_SETTIME = 5282
- SYS_SIGNALFD4 = 5283
- SYS_EVENTFD2 = 5284
- SYS_EPOLL_CREATE1 = 5285
- SYS_DUP3 = 5286
- SYS_PIPE2 = 5287
- SYS_INOTIFY_INIT1 = 5288
- SYS_PREADV = 5289
- SYS_PWRITEV = 5290
- SYS_RT_TGSIGQUEUEINFO = 5291
- SYS_PERF_EVENT_OPEN = 5292
- SYS_ACCEPT4 = 5293
- SYS_RECVMMSG = 5294
- SYS_FANOTIFY_INIT = 5295
- SYS_FANOTIFY_MARK = 5296
- SYS_PRLIMIT64 = 5297
- SYS_NAME_TO_HANDLE_AT = 5298
- SYS_OPEN_BY_HANDLE_AT = 5299
- SYS_CLOCK_ADJTIME = 5300
- SYS_SYNCFS = 5301
- SYS_SENDMMSG = 5302
- SYS_SETNS = 5303
- SYS_PROCESS_VM_READV = 5304
- SYS_PROCESS_VM_WRITEV = 5305
- SYS_KCMP = 5306
- SYS_FINIT_MODULE = 5307
- SYS_GETDENTS64 = 5308
- SYS_SCHED_SETATTR = 5309
- SYS_SCHED_GETATTR = 5310
- SYS_RENAMEAT2 = 5311
- SYS_SECCOMP = 5312
- SYS_GETRANDOM = 5313
- SYS_MEMFD_CREATE = 5314
- SYS_BPF = 5315
- SYS_EXECVEAT = 5316
- SYS_USERFAULTFD = 5317
- SYS_MEMBARRIER = 5318
- SYS_MLOCK2 = 5319
- SYS_COPY_FILE_RANGE = 5320
- SYS_PREADV2 = 5321
- SYS_PWRITEV2 = 5322
- SYS_PKEY_MPROTECT = 5323
- SYS_PKEY_ALLOC = 5324
- SYS_PKEY_FREE = 5325
- SYS_STATX = 5326
- SYS_RSEQ = 5327
- SYS_IO_PGETEVENTS = 5328
- SYS_PIDFD_SEND_SIGNAL = 5424
- SYS_IO_URING_SETUP = 5425
- SYS_IO_URING_ENTER = 5426
- SYS_IO_URING_REGISTER = 5427
- SYS_OPEN_TREE = 5428
- SYS_MOVE_MOUNT = 5429
- SYS_FSOPEN = 5430
- SYS_FSCONFIG = 5431
- SYS_FSMOUNT = 5432
- SYS_FSPICK = 5433
- SYS_PIDFD_OPEN = 5434
- SYS_CLONE3 = 5435
- SYS_CLOSE_RANGE = 5436
- SYS_OPENAT2 = 5437
- SYS_PIDFD_GETFD = 5438
- SYS_FACCESSAT2 = 5439
- SYS_PROCESS_MADVISE = 5440
- SYS_EPOLL_PWAIT2 = 5441
- SYS_MOUNT_SETATTR = 5442
+ SYS_READ = 5000
+ SYS_WRITE = 5001
+ SYS_OPEN = 5002
+ SYS_CLOSE = 5003
+ SYS_STAT = 5004
+ SYS_FSTAT = 5005
+ SYS_LSTAT = 5006
+ SYS_POLL = 5007
+ SYS_LSEEK = 5008
+ SYS_MMAP = 5009
+ SYS_MPROTECT = 5010
+ SYS_MUNMAP = 5011
+ SYS_BRK = 5012
+ SYS_RT_SIGACTION = 5013
+ SYS_RT_SIGPROCMASK = 5014
+ SYS_IOCTL = 5015
+ SYS_PREAD64 = 5016
+ SYS_PWRITE64 = 5017
+ SYS_READV = 5018
+ SYS_WRITEV = 5019
+ SYS_ACCESS = 5020
+ SYS_PIPE = 5021
+ SYS__NEWSELECT = 5022
+ SYS_SCHED_YIELD = 5023
+ SYS_MREMAP = 5024
+ SYS_MSYNC = 5025
+ SYS_MINCORE = 5026
+ SYS_MADVISE = 5027
+ SYS_SHMGET = 5028
+ SYS_SHMAT = 5029
+ SYS_SHMCTL = 5030
+ SYS_DUP = 5031
+ SYS_DUP2 = 5032
+ SYS_PAUSE = 5033
+ SYS_NANOSLEEP = 5034
+ SYS_GETITIMER = 5035
+ SYS_SETITIMER = 5036
+ SYS_ALARM = 5037
+ SYS_GETPID = 5038
+ SYS_SENDFILE = 5039
+ SYS_SOCKET = 5040
+ SYS_CONNECT = 5041
+ SYS_ACCEPT = 5042
+ SYS_SENDTO = 5043
+ SYS_RECVFROM = 5044
+ SYS_SENDMSG = 5045
+ SYS_RECVMSG = 5046
+ SYS_SHUTDOWN = 5047
+ SYS_BIND = 5048
+ SYS_LISTEN = 5049
+ SYS_GETSOCKNAME = 5050
+ SYS_GETPEERNAME = 5051
+ SYS_SOCKETPAIR = 5052
+ SYS_SETSOCKOPT = 5053
+ SYS_GETSOCKOPT = 5054
+ SYS_CLONE = 5055
+ SYS_FORK = 5056
+ SYS_EXECVE = 5057
+ SYS_EXIT = 5058
+ SYS_WAIT4 = 5059
+ SYS_KILL = 5060
+ SYS_UNAME = 5061
+ SYS_SEMGET = 5062
+ SYS_SEMOP = 5063
+ SYS_SEMCTL = 5064
+ SYS_SHMDT = 5065
+ SYS_MSGGET = 5066
+ SYS_MSGSND = 5067
+ SYS_MSGRCV = 5068
+ SYS_MSGCTL = 5069
+ SYS_FCNTL = 5070
+ SYS_FLOCK = 5071
+ SYS_FSYNC = 5072
+ SYS_FDATASYNC = 5073
+ SYS_TRUNCATE = 5074
+ SYS_FTRUNCATE = 5075
+ SYS_GETDENTS = 5076
+ SYS_GETCWD = 5077
+ SYS_CHDIR = 5078
+ SYS_FCHDIR = 5079
+ SYS_RENAME = 5080
+ SYS_MKDIR = 5081
+ SYS_RMDIR = 5082
+ SYS_CREAT = 5083
+ SYS_LINK = 5084
+ SYS_UNLINK = 5085
+ SYS_SYMLINK = 5086
+ SYS_READLINK = 5087
+ SYS_CHMOD = 5088
+ SYS_FCHMOD = 5089
+ SYS_CHOWN = 5090
+ SYS_FCHOWN = 5091
+ SYS_LCHOWN = 5092
+ SYS_UMASK = 5093
+ SYS_GETTIMEOFDAY = 5094
+ SYS_GETRLIMIT = 5095
+ SYS_GETRUSAGE = 5096
+ SYS_SYSINFO = 5097
+ SYS_TIMES = 5098
+ SYS_PTRACE = 5099
+ SYS_GETUID = 5100
+ SYS_SYSLOG = 5101
+ SYS_GETGID = 5102
+ SYS_SETUID = 5103
+ SYS_SETGID = 5104
+ SYS_GETEUID = 5105
+ SYS_GETEGID = 5106
+ SYS_SETPGID = 5107
+ SYS_GETPPID = 5108
+ SYS_GETPGRP = 5109
+ SYS_SETSID = 5110
+ SYS_SETREUID = 5111
+ SYS_SETREGID = 5112
+ SYS_GETGROUPS = 5113
+ SYS_SETGROUPS = 5114
+ SYS_SETRESUID = 5115
+ SYS_GETRESUID = 5116
+ SYS_SETRESGID = 5117
+ SYS_GETRESGID = 5118
+ SYS_GETPGID = 5119
+ SYS_SETFSUID = 5120
+ SYS_SETFSGID = 5121
+ SYS_GETSID = 5122
+ SYS_CAPGET = 5123
+ SYS_CAPSET = 5124
+ SYS_RT_SIGPENDING = 5125
+ SYS_RT_SIGTIMEDWAIT = 5126
+ SYS_RT_SIGQUEUEINFO = 5127
+ SYS_RT_SIGSUSPEND = 5128
+ SYS_SIGALTSTACK = 5129
+ SYS_UTIME = 5130
+ SYS_MKNOD = 5131
+ SYS_PERSONALITY = 5132
+ SYS_USTAT = 5133
+ SYS_STATFS = 5134
+ SYS_FSTATFS = 5135
+ SYS_SYSFS = 5136
+ SYS_GETPRIORITY = 5137
+ SYS_SETPRIORITY = 5138
+ SYS_SCHED_SETPARAM = 5139
+ SYS_SCHED_GETPARAM = 5140
+ SYS_SCHED_SETSCHEDULER = 5141
+ SYS_SCHED_GETSCHEDULER = 5142
+ SYS_SCHED_GET_PRIORITY_MAX = 5143
+ SYS_SCHED_GET_PRIORITY_MIN = 5144
+ SYS_SCHED_RR_GET_INTERVAL = 5145
+ SYS_MLOCK = 5146
+ SYS_MUNLOCK = 5147
+ SYS_MLOCKALL = 5148
+ SYS_MUNLOCKALL = 5149
+ SYS_VHANGUP = 5150
+ SYS_PIVOT_ROOT = 5151
+ SYS__SYSCTL = 5152
+ SYS_PRCTL = 5153
+ SYS_ADJTIMEX = 5154
+ SYS_SETRLIMIT = 5155
+ SYS_CHROOT = 5156
+ SYS_SYNC = 5157
+ SYS_ACCT = 5158
+ SYS_SETTIMEOFDAY = 5159
+ SYS_MOUNT = 5160
+ SYS_UMOUNT2 = 5161
+ SYS_SWAPON = 5162
+ SYS_SWAPOFF = 5163
+ SYS_REBOOT = 5164
+ SYS_SETHOSTNAME = 5165
+ SYS_SETDOMAINNAME = 5166
+ SYS_CREATE_MODULE = 5167
+ SYS_INIT_MODULE = 5168
+ SYS_DELETE_MODULE = 5169
+ SYS_GET_KERNEL_SYMS = 5170
+ SYS_QUERY_MODULE = 5171
+ SYS_QUOTACTL = 5172
+ SYS_NFSSERVCTL = 5173
+ SYS_GETPMSG = 5174
+ SYS_PUTPMSG = 5175
+ SYS_AFS_SYSCALL = 5176
+ SYS_RESERVED177 = 5177
+ SYS_GETTID = 5178
+ SYS_READAHEAD = 5179
+ SYS_SETXATTR = 5180
+ SYS_LSETXATTR = 5181
+ SYS_FSETXATTR = 5182
+ SYS_GETXATTR = 5183
+ SYS_LGETXATTR = 5184
+ SYS_FGETXATTR = 5185
+ SYS_LISTXATTR = 5186
+ SYS_LLISTXATTR = 5187
+ SYS_FLISTXATTR = 5188
+ SYS_REMOVEXATTR = 5189
+ SYS_LREMOVEXATTR = 5190
+ SYS_FREMOVEXATTR = 5191
+ SYS_TKILL = 5192
+ SYS_RESERVED193 = 5193
+ SYS_FUTEX = 5194
+ SYS_SCHED_SETAFFINITY = 5195
+ SYS_SCHED_GETAFFINITY = 5196
+ SYS_CACHEFLUSH = 5197
+ SYS_CACHECTL = 5198
+ SYS_SYSMIPS = 5199
+ SYS_IO_SETUP = 5200
+ SYS_IO_DESTROY = 5201
+ SYS_IO_GETEVENTS = 5202
+ SYS_IO_SUBMIT = 5203
+ SYS_IO_CANCEL = 5204
+ SYS_EXIT_GROUP = 5205
+ SYS_LOOKUP_DCOOKIE = 5206
+ SYS_EPOLL_CREATE = 5207
+ SYS_EPOLL_CTL = 5208
+ SYS_EPOLL_WAIT = 5209
+ SYS_REMAP_FILE_PAGES = 5210
+ SYS_RT_SIGRETURN = 5211
+ SYS_SET_TID_ADDRESS = 5212
+ SYS_RESTART_SYSCALL = 5213
+ SYS_SEMTIMEDOP = 5214
+ SYS_FADVISE64 = 5215
+ SYS_TIMER_CREATE = 5216
+ SYS_TIMER_SETTIME = 5217
+ SYS_TIMER_GETTIME = 5218
+ SYS_TIMER_GETOVERRUN = 5219
+ SYS_TIMER_DELETE = 5220
+ SYS_CLOCK_SETTIME = 5221
+ SYS_CLOCK_GETTIME = 5222
+ SYS_CLOCK_GETRES = 5223
+ SYS_CLOCK_NANOSLEEP = 5224
+ SYS_TGKILL = 5225
+ SYS_UTIMES = 5226
+ SYS_MBIND = 5227
+ SYS_GET_MEMPOLICY = 5228
+ SYS_SET_MEMPOLICY = 5229
+ SYS_MQ_OPEN = 5230
+ SYS_MQ_UNLINK = 5231
+ SYS_MQ_TIMEDSEND = 5232
+ SYS_MQ_TIMEDRECEIVE = 5233
+ SYS_MQ_NOTIFY = 5234
+ SYS_MQ_GETSETATTR = 5235
+ SYS_VSERVER = 5236
+ SYS_WAITID = 5237
+ SYS_ADD_KEY = 5239
+ SYS_REQUEST_KEY = 5240
+ SYS_KEYCTL = 5241
+ SYS_SET_THREAD_AREA = 5242
+ SYS_INOTIFY_INIT = 5243
+ SYS_INOTIFY_ADD_WATCH = 5244
+ SYS_INOTIFY_RM_WATCH = 5245
+ SYS_MIGRATE_PAGES = 5246
+ SYS_OPENAT = 5247
+ SYS_MKDIRAT = 5248
+ SYS_MKNODAT = 5249
+ SYS_FCHOWNAT = 5250
+ SYS_FUTIMESAT = 5251
+ SYS_NEWFSTATAT = 5252
+ SYS_UNLINKAT = 5253
+ SYS_RENAMEAT = 5254
+ SYS_LINKAT = 5255
+ SYS_SYMLINKAT = 5256
+ SYS_READLINKAT = 5257
+ SYS_FCHMODAT = 5258
+ SYS_FACCESSAT = 5259
+ SYS_PSELECT6 = 5260
+ SYS_PPOLL = 5261
+ SYS_UNSHARE = 5262
+ SYS_SPLICE = 5263
+ SYS_SYNC_FILE_RANGE = 5264
+ SYS_TEE = 5265
+ SYS_VMSPLICE = 5266
+ SYS_MOVE_PAGES = 5267
+ SYS_SET_ROBUST_LIST = 5268
+ SYS_GET_ROBUST_LIST = 5269
+ SYS_KEXEC_LOAD = 5270
+ SYS_GETCPU = 5271
+ SYS_EPOLL_PWAIT = 5272
+ SYS_IOPRIO_SET = 5273
+ SYS_IOPRIO_GET = 5274
+ SYS_UTIMENSAT = 5275
+ SYS_SIGNALFD = 5276
+ SYS_TIMERFD = 5277
+ SYS_EVENTFD = 5278
+ SYS_FALLOCATE = 5279
+ SYS_TIMERFD_CREATE = 5280
+ SYS_TIMERFD_GETTIME = 5281
+ SYS_TIMERFD_SETTIME = 5282
+ SYS_SIGNALFD4 = 5283
+ SYS_EVENTFD2 = 5284
+ SYS_EPOLL_CREATE1 = 5285
+ SYS_DUP3 = 5286
+ SYS_PIPE2 = 5287
+ SYS_INOTIFY_INIT1 = 5288
+ SYS_PREADV = 5289
+ SYS_PWRITEV = 5290
+ SYS_RT_TGSIGQUEUEINFO = 5291
+ SYS_PERF_EVENT_OPEN = 5292
+ SYS_ACCEPT4 = 5293
+ SYS_RECVMMSG = 5294
+ SYS_FANOTIFY_INIT = 5295
+ SYS_FANOTIFY_MARK = 5296
+ SYS_PRLIMIT64 = 5297
+ SYS_NAME_TO_HANDLE_AT = 5298
+ SYS_OPEN_BY_HANDLE_AT = 5299
+ SYS_CLOCK_ADJTIME = 5300
+ SYS_SYNCFS = 5301
+ SYS_SENDMMSG = 5302
+ SYS_SETNS = 5303
+ SYS_PROCESS_VM_READV = 5304
+ SYS_PROCESS_VM_WRITEV = 5305
+ SYS_KCMP = 5306
+ SYS_FINIT_MODULE = 5307
+ SYS_GETDENTS64 = 5308
+ SYS_SCHED_SETATTR = 5309
+ SYS_SCHED_GETATTR = 5310
+ SYS_RENAMEAT2 = 5311
+ SYS_SECCOMP = 5312
+ SYS_GETRANDOM = 5313
+ SYS_MEMFD_CREATE = 5314
+ SYS_BPF = 5315
+ SYS_EXECVEAT = 5316
+ SYS_USERFAULTFD = 5317
+ SYS_MEMBARRIER = 5318
+ SYS_MLOCK2 = 5319
+ SYS_COPY_FILE_RANGE = 5320
+ SYS_PREADV2 = 5321
+ SYS_PWRITEV2 = 5322
+ SYS_PKEY_MPROTECT = 5323
+ SYS_PKEY_ALLOC = 5324
+ SYS_PKEY_FREE = 5325
+ SYS_STATX = 5326
+ SYS_RSEQ = 5327
+ SYS_IO_PGETEVENTS = 5328
+ SYS_PIDFD_SEND_SIGNAL = 5424
+ SYS_IO_URING_SETUP = 5425
+ SYS_IO_URING_ENTER = 5426
+ SYS_IO_URING_REGISTER = 5427
+ SYS_OPEN_TREE = 5428
+ SYS_MOVE_MOUNT = 5429
+ SYS_FSOPEN = 5430
+ SYS_FSCONFIG = 5431
+ SYS_FSMOUNT = 5432
+ SYS_FSPICK = 5433
+ SYS_PIDFD_OPEN = 5434
+ SYS_CLONE3 = 5435
+ SYS_CLOSE_RANGE = 5436
+ SYS_OPENAT2 = 5437
+ SYS_PIDFD_GETFD = 5438
+ SYS_FACCESSAT2 = 5439
+ SYS_PROCESS_MADVISE = 5440
+ SYS_EPOLL_PWAIT2 = 5441
+ SYS_MOUNT_SETATTR = 5442
+ SYS_LANDLOCK_CREATE_RULESET = 5444
+ SYS_LANDLOCK_ADD_RULE = 5445
+ SYS_LANDLOCK_RESTRICT_SELF = 5446
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
index 80e6696b3..dcd926513 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
@@ -424,4 +424,7 @@ const (
SYS_PROCESS_MADVISE = 4440
SYS_EPOLL_PWAIT2 = 4441
SYS_MOUNT_SETATTR = 4442
+ SYS_LANDLOCK_CREATE_RULESET = 4444
+ SYS_LANDLOCK_ADD_RULE = 4445
+ SYS_LANDLOCK_RESTRICT_SELF = 4446
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
index b9d697ffb..d5ee2c935 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
@@ -431,4 +431,7 @@ const (
SYS_PROCESS_MADVISE = 440
SYS_EPOLL_PWAIT2 = 441
SYS_MOUNT_SETATTR = 442
+ SYS_LANDLOCK_CREATE_RULESET = 444
+ SYS_LANDLOCK_ADD_RULE = 445
+ SYS_LANDLOCK_RESTRICT_SELF = 446
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
index 08edc54d3..fec32207c 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
@@ -7,400 +7,403 @@
package unix
const (
- SYS_RESTART_SYSCALL = 0
- SYS_EXIT = 1
- SYS_FORK = 2
- SYS_READ = 3
- SYS_WRITE = 4
- SYS_OPEN = 5
- SYS_CLOSE = 6
- SYS_WAITPID = 7
- SYS_CREAT = 8
- SYS_LINK = 9
- SYS_UNLINK = 10
- SYS_EXECVE = 11
- SYS_CHDIR = 12
- SYS_TIME = 13
- SYS_MKNOD = 14
- SYS_CHMOD = 15
- SYS_LCHOWN = 16
- SYS_BREAK = 17
- SYS_OLDSTAT = 18
- SYS_LSEEK = 19
- SYS_GETPID = 20
- SYS_MOUNT = 21
- SYS_UMOUNT = 22
- SYS_SETUID = 23
- SYS_GETUID = 24
- SYS_STIME = 25
- SYS_PTRACE = 26
- SYS_ALARM = 27
- SYS_OLDFSTAT = 28
- SYS_PAUSE = 29
- SYS_UTIME = 30
- SYS_STTY = 31
- SYS_GTTY = 32
- SYS_ACCESS = 33
- SYS_NICE = 34
- SYS_FTIME = 35
- SYS_SYNC = 36
- SYS_KILL = 37
- SYS_RENAME = 38
- SYS_MKDIR = 39
- SYS_RMDIR = 40
- SYS_DUP = 41
- SYS_PIPE = 42
- SYS_TIMES = 43
- SYS_PROF = 44
- SYS_BRK = 45
- SYS_SETGID = 46
- SYS_GETGID = 47
- SYS_SIGNAL = 48
- SYS_GETEUID = 49
- SYS_GETEGID = 50
- SYS_ACCT = 51
- SYS_UMOUNT2 = 52
- SYS_LOCK = 53
- SYS_IOCTL = 54
- SYS_FCNTL = 55
- SYS_MPX = 56
- SYS_SETPGID = 57
- SYS_ULIMIT = 58
- SYS_OLDOLDUNAME = 59
- SYS_UMASK = 60
- SYS_CHROOT = 61
- SYS_USTAT = 62
- SYS_DUP2 = 63
- SYS_GETPPID = 64
- SYS_GETPGRP = 65
- SYS_SETSID = 66
- SYS_SIGACTION = 67
- SYS_SGETMASK = 68
- SYS_SSETMASK = 69
- SYS_SETREUID = 70
- SYS_SETREGID = 71
- SYS_SIGSUSPEND = 72
- SYS_SIGPENDING = 73
- SYS_SETHOSTNAME = 74
- SYS_SETRLIMIT = 75
- SYS_GETRLIMIT = 76
- SYS_GETRUSAGE = 77
- SYS_GETTIMEOFDAY = 78
- SYS_SETTIMEOFDAY = 79
- SYS_GETGROUPS = 80
- SYS_SETGROUPS = 81
- SYS_SELECT = 82
- SYS_SYMLINK = 83
- SYS_OLDLSTAT = 84
- SYS_READLINK = 85
- SYS_USELIB = 86
- SYS_SWAPON = 87
- SYS_REBOOT = 88
- SYS_READDIR = 89
- SYS_MMAP = 90
- SYS_MUNMAP = 91
- SYS_TRUNCATE = 92
- SYS_FTRUNCATE = 93
- SYS_FCHMOD = 94
- SYS_FCHOWN = 95
- SYS_GETPRIORITY = 96
- SYS_SETPRIORITY = 97
- SYS_PROFIL = 98
- SYS_STATFS = 99
- SYS_FSTATFS = 100
- SYS_IOPERM = 101
- SYS_SOCKETCALL = 102
- SYS_SYSLOG = 103
- SYS_SETITIMER = 104
- SYS_GETITIMER = 105
- SYS_STAT = 106
- SYS_LSTAT = 107
- SYS_FSTAT = 108
- SYS_OLDUNAME = 109
- SYS_IOPL = 110
- SYS_VHANGUP = 111
- SYS_IDLE = 112
- SYS_VM86 = 113
- SYS_WAIT4 = 114
- SYS_SWAPOFF = 115
- SYS_SYSINFO = 116
- SYS_IPC = 117
- SYS_FSYNC = 118
- SYS_SIGRETURN = 119
- SYS_CLONE = 120
- SYS_SETDOMAINNAME = 121
- SYS_UNAME = 122
- SYS_MODIFY_LDT = 123
- SYS_ADJTIMEX = 124
- SYS_MPROTECT = 125
- SYS_SIGPROCMASK = 126
- SYS_CREATE_MODULE = 127
- SYS_INIT_MODULE = 128
- SYS_DELETE_MODULE = 129
- SYS_GET_KERNEL_SYMS = 130
- SYS_QUOTACTL = 131
- SYS_GETPGID = 132
- SYS_FCHDIR = 133
- SYS_BDFLUSH = 134
- SYS_SYSFS = 135
- SYS_PERSONALITY = 136
- SYS_AFS_SYSCALL = 137
- SYS_SETFSUID = 138
- SYS_SETFSGID = 139
- SYS__LLSEEK = 140
- SYS_GETDENTS = 141
- SYS__NEWSELECT = 142
- SYS_FLOCK = 143
- SYS_MSYNC = 144
- SYS_READV = 145
- SYS_WRITEV = 146
- SYS_GETSID = 147
- SYS_FDATASYNC = 148
- SYS__SYSCTL = 149
- SYS_MLOCK = 150
- SYS_MUNLOCK = 151
- SYS_MLOCKALL = 152
- SYS_MUNLOCKALL = 153
- SYS_SCHED_SETPARAM = 154
- SYS_SCHED_GETPARAM = 155
- SYS_SCHED_SETSCHEDULER = 156
- SYS_SCHED_GETSCHEDULER = 157
- SYS_SCHED_YIELD = 158
- SYS_SCHED_GET_PRIORITY_MAX = 159
- SYS_SCHED_GET_PRIORITY_MIN = 160
- SYS_SCHED_RR_GET_INTERVAL = 161
- SYS_NANOSLEEP = 162
- SYS_MREMAP = 163
- SYS_SETRESUID = 164
- SYS_GETRESUID = 165
- SYS_QUERY_MODULE = 166
- SYS_POLL = 167
- SYS_NFSSERVCTL = 168
- SYS_SETRESGID = 169
- SYS_GETRESGID = 170
- SYS_PRCTL = 171
- SYS_RT_SIGRETURN = 172
- SYS_RT_SIGACTION = 173
- SYS_RT_SIGPROCMASK = 174
- SYS_RT_SIGPENDING = 175
- SYS_RT_SIGTIMEDWAIT = 176
- SYS_RT_SIGQUEUEINFO = 177
- SYS_RT_SIGSUSPEND = 178
- SYS_PREAD64 = 179
- SYS_PWRITE64 = 180
- SYS_CHOWN = 181
- SYS_GETCWD = 182
- SYS_CAPGET = 183
- SYS_CAPSET = 184
- SYS_SIGALTSTACK = 185
- SYS_SENDFILE = 186
- SYS_GETPMSG = 187
- SYS_PUTPMSG = 188
- SYS_VFORK = 189
- SYS_UGETRLIMIT = 190
- SYS_READAHEAD = 191
- SYS_PCICONFIG_READ = 198
- SYS_PCICONFIG_WRITE = 199
- SYS_PCICONFIG_IOBASE = 200
- SYS_MULTIPLEXER = 201
- SYS_GETDENTS64 = 202
- SYS_PIVOT_ROOT = 203
- SYS_MADVISE = 205
- SYS_MINCORE = 206
- SYS_GETTID = 207
- SYS_TKILL = 208
- SYS_SETXATTR = 209
- SYS_LSETXATTR = 210
- SYS_FSETXATTR = 211
- SYS_GETXATTR = 212
- SYS_LGETXATTR = 213
- SYS_FGETXATTR = 214
- SYS_LISTXATTR = 215
- SYS_LLISTXATTR = 216
- SYS_FLISTXATTR = 217
- SYS_REMOVEXATTR = 218
- SYS_LREMOVEXATTR = 219
- SYS_FREMOVEXATTR = 220
- SYS_FUTEX = 221
- SYS_SCHED_SETAFFINITY = 222
- SYS_SCHED_GETAFFINITY = 223
- SYS_TUXCALL = 225
- SYS_IO_SETUP = 227
- SYS_IO_DESTROY = 228
- SYS_IO_GETEVENTS = 229
- SYS_IO_SUBMIT = 230
- SYS_IO_CANCEL = 231
- SYS_SET_TID_ADDRESS = 232
- SYS_FADVISE64 = 233
- SYS_EXIT_GROUP = 234
- SYS_LOOKUP_DCOOKIE = 235
- SYS_EPOLL_CREATE = 236
- SYS_EPOLL_CTL = 237
- SYS_EPOLL_WAIT = 238
- SYS_REMAP_FILE_PAGES = 239
- SYS_TIMER_CREATE = 240
- SYS_TIMER_SETTIME = 241
- SYS_TIMER_GETTIME = 242
- SYS_TIMER_GETOVERRUN = 243
- SYS_TIMER_DELETE = 244
- SYS_CLOCK_SETTIME = 245
- SYS_CLOCK_GETTIME = 246
- SYS_CLOCK_GETRES = 247
- SYS_CLOCK_NANOSLEEP = 248
- SYS_SWAPCONTEXT = 249
- SYS_TGKILL = 250
- SYS_UTIMES = 251
- SYS_STATFS64 = 252
- SYS_FSTATFS64 = 253
- SYS_RTAS = 255
- SYS_SYS_DEBUG_SETCONTEXT = 256
- SYS_MIGRATE_PAGES = 258
- SYS_MBIND = 259
- SYS_GET_MEMPOLICY = 260
- SYS_SET_MEMPOLICY = 261
- SYS_MQ_OPEN = 262
- SYS_MQ_UNLINK = 263
- SYS_MQ_TIMEDSEND = 264
- SYS_MQ_TIMEDRECEIVE = 265
- SYS_MQ_NOTIFY = 266
- SYS_MQ_GETSETATTR = 267
- SYS_KEXEC_LOAD = 268
- SYS_ADD_KEY = 269
- SYS_REQUEST_KEY = 270
- SYS_KEYCTL = 271
- SYS_WAITID = 272
- SYS_IOPRIO_SET = 273
- SYS_IOPRIO_GET = 274
- SYS_INOTIFY_INIT = 275
- SYS_INOTIFY_ADD_WATCH = 276
- SYS_INOTIFY_RM_WATCH = 277
- SYS_SPU_RUN = 278
- SYS_SPU_CREATE = 279
- SYS_PSELECT6 = 280
- SYS_PPOLL = 281
- SYS_UNSHARE = 282
- SYS_SPLICE = 283
- SYS_TEE = 284
- SYS_VMSPLICE = 285
- SYS_OPENAT = 286
- SYS_MKDIRAT = 287
- SYS_MKNODAT = 288
- SYS_FCHOWNAT = 289
- SYS_FUTIMESAT = 290
- SYS_NEWFSTATAT = 291
- SYS_UNLINKAT = 292
- SYS_RENAMEAT = 293
- SYS_LINKAT = 294
- SYS_SYMLINKAT = 295
- SYS_READLINKAT = 296
- SYS_FCHMODAT = 297
- SYS_FACCESSAT = 298
- SYS_GET_ROBUST_LIST = 299
- SYS_SET_ROBUST_LIST = 300
- SYS_MOVE_PAGES = 301
- SYS_GETCPU = 302
- SYS_EPOLL_PWAIT = 303
- SYS_UTIMENSAT = 304
- SYS_SIGNALFD = 305
- SYS_TIMERFD_CREATE = 306
- SYS_EVENTFD = 307
- SYS_SYNC_FILE_RANGE2 = 308
- SYS_FALLOCATE = 309
- SYS_SUBPAGE_PROT = 310
- SYS_TIMERFD_SETTIME = 311
- SYS_TIMERFD_GETTIME = 312
- SYS_SIGNALFD4 = 313
- SYS_EVENTFD2 = 314
- SYS_EPOLL_CREATE1 = 315
- SYS_DUP3 = 316
- SYS_PIPE2 = 317
- SYS_INOTIFY_INIT1 = 318
- SYS_PERF_EVENT_OPEN = 319
- SYS_PREADV = 320
- SYS_PWRITEV = 321
- SYS_RT_TGSIGQUEUEINFO = 322
- SYS_FANOTIFY_INIT = 323
- SYS_FANOTIFY_MARK = 324
- SYS_PRLIMIT64 = 325
- SYS_SOCKET = 326
- SYS_BIND = 327
- SYS_CONNECT = 328
- SYS_LISTEN = 329
- SYS_ACCEPT = 330
- SYS_GETSOCKNAME = 331
- SYS_GETPEERNAME = 332
- SYS_SOCKETPAIR = 333
- SYS_SEND = 334
- SYS_SENDTO = 335
- SYS_RECV = 336
- SYS_RECVFROM = 337
- SYS_SHUTDOWN = 338
- SYS_SETSOCKOPT = 339
- SYS_GETSOCKOPT = 340
- SYS_SENDMSG = 341
- SYS_RECVMSG = 342
- SYS_RECVMMSG = 343
- SYS_ACCEPT4 = 344
- SYS_NAME_TO_HANDLE_AT = 345
- SYS_OPEN_BY_HANDLE_AT = 346
- SYS_CLOCK_ADJTIME = 347
- SYS_SYNCFS = 348
- SYS_SENDMMSG = 349
- SYS_SETNS = 350
- SYS_PROCESS_VM_READV = 351
- SYS_PROCESS_VM_WRITEV = 352
- SYS_FINIT_MODULE = 353
- SYS_KCMP = 354
- SYS_SCHED_SETATTR = 355
- SYS_SCHED_GETATTR = 356
- SYS_RENAMEAT2 = 357
- SYS_SECCOMP = 358
- SYS_GETRANDOM = 359
- SYS_MEMFD_CREATE = 360
- SYS_BPF = 361
- SYS_EXECVEAT = 362
- SYS_SWITCH_ENDIAN = 363
- SYS_USERFAULTFD = 364
- SYS_MEMBARRIER = 365
- SYS_MLOCK2 = 378
- SYS_COPY_FILE_RANGE = 379
- SYS_PREADV2 = 380
- SYS_PWRITEV2 = 381
- SYS_KEXEC_FILE_LOAD = 382
- SYS_STATX = 383
- SYS_PKEY_ALLOC = 384
- SYS_PKEY_FREE = 385
- SYS_PKEY_MPROTECT = 386
- SYS_RSEQ = 387
- SYS_IO_PGETEVENTS = 388
- SYS_SEMTIMEDOP = 392
- SYS_SEMGET = 393
- SYS_SEMCTL = 394
- SYS_SHMGET = 395
- SYS_SHMCTL = 396
- SYS_SHMAT = 397
- SYS_SHMDT = 398
- SYS_MSGGET = 399
- SYS_MSGSND = 400
- SYS_MSGRCV = 401
- SYS_MSGCTL = 402
- SYS_PIDFD_SEND_SIGNAL = 424
- SYS_IO_URING_SETUP = 425
- SYS_IO_URING_ENTER = 426
- SYS_IO_URING_REGISTER = 427
- SYS_OPEN_TREE = 428
- SYS_MOVE_MOUNT = 429
- SYS_FSOPEN = 430
- SYS_FSCONFIG = 431
- SYS_FSMOUNT = 432
- SYS_FSPICK = 433
- SYS_PIDFD_OPEN = 434
- SYS_CLONE3 = 435
- SYS_CLOSE_RANGE = 436
- SYS_OPENAT2 = 437
- SYS_PIDFD_GETFD = 438
- SYS_FACCESSAT2 = 439
- SYS_PROCESS_MADVISE = 440
- SYS_EPOLL_PWAIT2 = 441
- SYS_MOUNT_SETATTR = 442
+ SYS_RESTART_SYSCALL = 0
+ SYS_EXIT = 1
+ SYS_FORK = 2
+ SYS_READ = 3
+ SYS_WRITE = 4
+ SYS_OPEN = 5
+ SYS_CLOSE = 6
+ SYS_WAITPID = 7
+ SYS_CREAT = 8
+ SYS_LINK = 9
+ SYS_UNLINK = 10
+ SYS_EXECVE = 11
+ SYS_CHDIR = 12
+ SYS_TIME = 13
+ SYS_MKNOD = 14
+ SYS_CHMOD = 15
+ SYS_LCHOWN = 16
+ SYS_BREAK = 17
+ SYS_OLDSTAT = 18
+ SYS_LSEEK = 19
+ SYS_GETPID = 20
+ SYS_MOUNT = 21
+ SYS_UMOUNT = 22
+ SYS_SETUID = 23
+ SYS_GETUID = 24
+ SYS_STIME = 25
+ SYS_PTRACE = 26
+ SYS_ALARM = 27
+ SYS_OLDFSTAT = 28
+ SYS_PAUSE = 29
+ SYS_UTIME = 30
+ SYS_STTY = 31
+ SYS_GTTY = 32
+ SYS_ACCESS = 33
+ SYS_NICE = 34
+ SYS_FTIME = 35
+ SYS_SYNC = 36
+ SYS_KILL = 37
+ SYS_RENAME = 38
+ SYS_MKDIR = 39
+ SYS_RMDIR = 40
+ SYS_DUP = 41
+ SYS_PIPE = 42
+ SYS_TIMES = 43
+ SYS_PROF = 44
+ SYS_BRK = 45
+ SYS_SETGID = 46
+ SYS_GETGID = 47
+ SYS_SIGNAL = 48
+ SYS_GETEUID = 49
+ SYS_GETEGID = 50
+ SYS_ACCT = 51
+ SYS_UMOUNT2 = 52
+ SYS_LOCK = 53
+ SYS_IOCTL = 54
+ SYS_FCNTL = 55
+ SYS_MPX = 56
+ SYS_SETPGID = 57
+ SYS_ULIMIT = 58
+ SYS_OLDOLDUNAME = 59
+ SYS_UMASK = 60
+ SYS_CHROOT = 61
+ SYS_USTAT = 62
+ SYS_DUP2 = 63
+ SYS_GETPPID = 64
+ SYS_GETPGRP = 65
+ SYS_SETSID = 66
+ SYS_SIGACTION = 67
+ SYS_SGETMASK = 68
+ SYS_SSETMASK = 69
+ SYS_SETREUID = 70
+ SYS_SETREGID = 71
+ SYS_SIGSUSPEND = 72
+ SYS_SIGPENDING = 73
+ SYS_SETHOSTNAME = 74
+ SYS_SETRLIMIT = 75
+ SYS_GETRLIMIT = 76
+ SYS_GETRUSAGE = 77
+ SYS_GETTIMEOFDAY = 78
+ SYS_SETTIMEOFDAY = 79
+ SYS_GETGROUPS = 80
+ SYS_SETGROUPS = 81
+ SYS_SELECT = 82
+ SYS_SYMLINK = 83
+ SYS_OLDLSTAT = 84
+ SYS_READLINK = 85
+ SYS_USELIB = 86
+ SYS_SWAPON = 87
+ SYS_REBOOT = 88
+ SYS_READDIR = 89
+ SYS_MMAP = 90
+ SYS_MUNMAP = 91
+ SYS_TRUNCATE = 92
+ SYS_FTRUNCATE = 93
+ SYS_FCHMOD = 94
+ SYS_FCHOWN = 95
+ SYS_GETPRIORITY = 96
+ SYS_SETPRIORITY = 97
+ SYS_PROFIL = 98
+ SYS_STATFS = 99
+ SYS_FSTATFS = 100
+ SYS_IOPERM = 101
+ SYS_SOCKETCALL = 102
+ SYS_SYSLOG = 103
+ SYS_SETITIMER = 104
+ SYS_GETITIMER = 105
+ SYS_STAT = 106
+ SYS_LSTAT = 107
+ SYS_FSTAT = 108
+ SYS_OLDUNAME = 109
+ SYS_IOPL = 110
+ SYS_VHANGUP = 111
+ SYS_IDLE = 112
+ SYS_VM86 = 113
+ SYS_WAIT4 = 114
+ SYS_SWAPOFF = 115
+ SYS_SYSINFO = 116
+ SYS_IPC = 117
+ SYS_FSYNC = 118
+ SYS_SIGRETURN = 119
+ SYS_CLONE = 120
+ SYS_SETDOMAINNAME = 121
+ SYS_UNAME = 122
+ SYS_MODIFY_LDT = 123
+ SYS_ADJTIMEX = 124
+ SYS_MPROTECT = 125
+ SYS_SIGPROCMASK = 126
+ SYS_CREATE_MODULE = 127
+ SYS_INIT_MODULE = 128
+ SYS_DELETE_MODULE = 129
+ SYS_GET_KERNEL_SYMS = 130
+ SYS_QUOTACTL = 131
+ SYS_GETPGID = 132
+ SYS_FCHDIR = 133
+ SYS_BDFLUSH = 134
+ SYS_SYSFS = 135
+ SYS_PERSONALITY = 136
+ SYS_AFS_SYSCALL = 137
+ SYS_SETFSUID = 138
+ SYS_SETFSGID = 139
+ SYS__LLSEEK = 140
+ SYS_GETDENTS = 141
+ SYS__NEWSELECT = 142
+ SYS_FLOCK = 143
+ SYS_MSYNC = 144
+ SYS_READV = 145
+ SYS_WRITEV = 146
+ SYS_GETSID = 147
+ SYS_FDATASYNC = 148
+ SYS__SYSCTL = 149
+ SYS_MLOCK = 150
+ SYS_MUNLOCK = 151
+ SYS_MLOCKALL = 152
+ SYS_MUNLOCKALL = 153
+ SYS_SCHED_SETPARAM = 154
+ SYS_SCHED_GETPARAM = 155
+ SYS_SCHED_SETSCHEDULER = 156
+ SYS_SCHED_GETSCHEDULER = 157
+ SYS_SCHED_YIELD = 158
+ SYS_SCHED_GET_PRIORITY_MAX = 159
+ SYS_SCHED_GET_PRIORITY_MIN = 160
+ SYS_SCHED_RR_GET_INTERVAL = 161
+ SYS_NANOSLEEP = 162
+ SYS_MREMAP = 163
+ SYS_SETRESUID = 164
+ SYS_GETRESUID = 165
+ SYS_QUERY_MODULE = 166
+ SYS_POLL = 167
+ SYS_NFSSERVCTL = 168
+ SYS_SETRESGID = 169
+ SYS_GETRESGID = 170
+ SYS_PRCTL = 171
+ SYS_RT_SIGRETURN = 172
+ SYS_RT_SIGACTION = 173
+ SYS_RT_SIGPROCMASK = 174
+ SYS_RT_SIGPENDING = 175
+ SYS_RT_SIGTIMEDWAIT = 176
+ SYS_RT_SIGQUEUEINFO = 177
+ SYS_RT_SIGSUSPEND = 178
+ SYS_PREAD64 = 179
+ SYS_PWRITE64 = 180
+ SYS_CHOWN = 181
+ SYS_GETCWD = 182
+ SYS_CAPGET = 183
+ SYS_CAPSET = 184
+ SYS_SIGALTSTACK = 185
+ SYS_SENDFILE = 186
+ SYS_GETPMSG = 187
+ SYS_PUTPMSG = 188
+ SYS_VFORK = 189
+ SYS_UGETRLIMIT = 190
+ SYS_READAHEAD = 191
+ SYS_PCICONFIG_READ = 198
+ SYS_PCICONFIG_WRITE = 199
+ SYS_PCICONFIG_IOBASE = 200
+ SYS_MULTIPLEXER = 201
+ SYS_GETDENTS64 = 202
+ SYS_PIVOT_ROOT = 203
+ SYS_MADVISE = 205
+ SYS_MINCORE = 206
+ SYS_GETTID = 207
+ SYS_TKILL = 208
+ SYS_SETXATTR = 209
+ SYS_LSETXATTR = 210
+ SYS_FSETXATTR = 211
+ SYS_GETXATTR = 212
+ SYS_LGETXATTR = 213
+ SYS_FGETXATTR = 214
+ SYS_LISTXATTR = 215
+ SYS_LLISTXATTR = 216
+ SYS_FLISTXATTR = 217
+ SYS_REMOVEXATTR = 218
+ SYS_LREMOVEXATTR = 219
+ SYS_FREMOVEXATTR = 220
+ SYS_FUTEX = 221
+ SYS_SCHED_SETAFFINITY = 222
+ SYS_SCHED_GETAFFINITY = 223
+ SYS_TUXCALL = 225
+ SYS_IO_SETUP = 227
+ SYS_IO_DESTROY = 228
+ SYS_IO_GETEVENTS = 229
+ SYS_IO_SUBMIT = 230
+ SYS_IO_CANCEL = 231
+ SYS_SET_TID_ADDRESS = 232
+ SYS_FADVISE64 = 233
+ SYS_EXIT_GROUP = 234
+ SYS_LOOKUP_DCOOKIE = 235
+ SYS_EPOLL_CREATE = 236
+ SYS_EPOLL_CTL = 237
+ SYS_EPOLL_WAIT = 238
+ SYS_REMAP_FILE_PAGES = 239
+ SYS_TIMER_CREATE = 240
+ SYS_TIMER_SETTIME = 241
+ SYS_TIMER_GETTIME = 242
+ SYS_TIMER_GETOVERRUN = 243
+ SYS_TIMER_DELETE = 244
+ SYS_CLOCK_SETTIME = 245
+ SYS_CLOCK_GETTIME = 246
+ SYS_CLOCK_GETRES = 247
+ SYS_CLOCK_NANOSLEEP = 248
+ SYS_SWAPCONTEXT = 249
+ SYS_TGKILL = 250
+ SYS_UTIMES = 251
+ SYS_STATFS64 = 252
+ SYS_FSTATFS64 = 253
+ SYS_RTAS = 255
+ SYS_SYS_DEBUG_SETCONTEXT = 256
+ SYS_MIGRATE_PAGES = 258
+ SYS_MBIND = 259
+ SYS_GET_MEMPOLICY = 260
+ SYS_SET_MEMPOLICY = 261
+ SYS_MQ_OPEN = 262
+ SYS_MQ_UNLINK = 263
+ SYS_MQ_TIMEDSEND = 264
+ SYS_MQ_TIMEDRECEIVE = 265
+ SYS_MQ_NOTIFY = 266
+ SYS_MQ_GETSETATTR = 267
+ SYS_KEXEC_LOAD = 268
+ SYS_ADD_KEY = 269
+ SYS_REQUEST_KEY = 270
+ SYS_KEYCTL = 271
+ SYS_WAITID = 272
+ SYS_IOPRIO_SET = 273
+ SYS_IOPRIO_GET = 274
+ SYS_INOTIFY_INIT = 275
+ SYS_INOTIFY_ADD_WATCH = 276
+ SYS_INOTIFY_RM_WATCH = 277
+ SYS_SPU_RUN = 278
+ SYS_SPU_CREATE = 279
+ SYS_PSELECT6 = 280
+ SYS_PPOLL = 281
+ SYS_UNSHARE = 282
+ SYS_SPLICE = 283
+ SYS_TEE = 284
+ SYS_VMSPLICE = 285
+ SYS_OPENAT = 286
+ SYS_MKDIRAT = 287
+ SYS_MKNODAT = 288
+ SYS_FCHOWNAT = 289
+ SYS_FUTIMESAT = 290
+ SYS_NEWFSTATAT = 291
+ SYS_UNLINKAT = 292
+ SYS_RENAMEAT = 293
+ SYS_LINKAT = 294
+ SYS_SYMLINKAT = 295
+ SYS_READLINKAT = 296
+ SYS_FCHMODAT = 297
+ SYS_FACCESSAT = 298
+ SYS_GET_ROBUST_LIST = 299
+ SYS_SET_ROBUST_LIST = 300
+ SYS_MOVE_PAGES = 301
+ SYS_GETCPU = 302
+ SYS_EPOLL_PWAIT = 303
+ SYS_UTIMENSAT = 304
+ SYS_SIGNALFD = 305
+ SYS_TIMERFD_CREATE = 306
+ SYS_EVENTFD = 307
+ SYS_SYNC_FILE_RANGE2 = 308
+ SYS_FALLOCATE = 309
+ SYS_SUBPAGE_PROT = 310
+ SYS_TIMERFD_SETTIME = 311
+ SYS_TIMERFD_GETTIME = 312
+ SYS_SIGNALFD4 = 313
+ SYS_EVENTFD2 = 314
+ SYS_EPOLL_CREATE1 = 315
+ SYS_DUP3 = 316
+ SYS_PIPE2 = 317
+ SYS_INOTIFY_INIT1 = 318
+ SYS_PERF_EVENT_OPEN = 319
+ SYS_PREADV = 320
+ SYS_PWRITEV = 321
+ SYS_RT_TGSIGQUEUEINFO = 322
+ SYS_FANOTIFY_INIT = 323
+ SYS_FANOTIFY_MARK = 324
+ SYS_PRLIMIT64 = 325
+ SYS_SOCKET = 326
+ SYS_BIND = 327
+ SYS_CONNECT = 328
+ SYS_LISTEN = 329
+ SYS_ACCEPT = 330
+ SYS_GETSOCKNAME = 331
+ SYS_GETPEERNAME = 332
+ SYS_SOCKETPAIR = 333
+ SYS_SEND = 334
+ SYS_SENDTO = 335
+ SYS_RECV = 336
+ SYS_RECVFROM = 337
+ SYS_SHUTDOWN = 338
+ SYS_SETSOCKOPT = 339
+ SYS_GETSOCKOPT = 340
+ SYS_SENDMSG = 341
+ SYS_RECVMSG = 342
+ SYS_RECVMMSG = 343
+ SYS_ACCEPT4 = 344
+ SYS_NAME_TO_HANDLE_AT = 345
+ SYS_OPEN_BY_HANDLE_AT = 346
+ SYS_CLOCK_ADJTIME = 347
+ SYS_SYNCFS = 348
+ SYS_SENDMMSG = 349
+ SYS_SETNS = 350
+ SYS_PROCESS_VM_READV = 351
+ SYS_PROCESS_VM_WRITEV = 352
+ SYS_FINIT_MODULE = 353
+ SYS_KCMP = 354
+ SYS_SCHED_SETATTR = 355
+ SYS_SCHED_GETATTR = 356
+ SYS_RENAMEAT2 = 357
+ SYS_SECCOMP = 358
+ SYS_GETRANDOM = 359
+ SYS_MEMFD_CREATE = 360
+ SYS_BPF = 361
+ SYS_EXECVEAT = 362
+ SYS_SWITCH_ENDIAN = 363
+ SYS_USERFAULTFD = 364
+ SYS_MEMBARRIER = 365
+ SYS_MLOCK2 = 378
+ SYS_COPY_FILE_RANGE = 379
+ SYS_PREADV2 = 380
+ SYS_PWRITEV2 = 381
+ SYS_KEXEC_FILE_LOAD = 382
+ SYS_STATX = 383
+ SYS_PKEY_ALLOC = 384
+ SYS_PKEY_FREE = 385
+ SYS_PKEY_MPROTECT = 386
+ SYS_RSEQ = 387
+ SYS_IO_PGETEVENTS = 388
+ SYS_SEMTIMEDOP = 392
+ SYS_SEMGET = 393
+ SYS_SEMCTL = 394
+ SYS_SHMGET = 395
+ SYS_SHMCTL = 396
+ SYS_SHMAT = 397
+ SYS_SHMDT = 398
+ SYS_MSGGET = 399
+ SYS_MSGSND = 400
+ SYS_MSGRCV = 401
+ SYS_MSGCTL = 402
+ SYS_PIDFD_SEND_SIGNAL = 424
+ SYS_IO_URING_SETUP = 425
+ SYS_IO_URING_ENTER = 426
+ SYS_IO_URING_REGISTER = 427
+ SYS_OPEN_TREE = 428
+ SYS_MOVE_MOUNT = 429
+ SYS_FSOPEN = 430
+ SYS_FSCONFIG = 431
+ SYS_FSMOUNT = 432
+ SYS_FSPICK = 433
+ SYS_PIDFD_OPEN = 434
+ SYS_CLONE3 = 435
+ SYS_CLOSE_RANGE = 436
+ SYS_OPENAT2 = 437
+ SYS_PIDFD_GETFD = 438
+ SYS_FACCESSAT2 = 439
+ SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
+ SYS_LANDLOCK_CREATE_RULESET = 444
+ SYS_LANDLOCK_ADD_RULE = 445
+ SYS_LANDLOCK_RESTRICT_SELF = 446
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
index 33b33b083..53a89b206 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
@@ -7,400 +7,403 @@
package unix
const (
- SYS_RESTART_SYSCALL = 0
- SYS_EXIT = 1
- SYS_FORK = 2
- SYS_READ = 3
- SYS_WRITE = 4
- SYS_OPEN = 5
- SYS_CLOSE = 6
- SYS_WAITPID = 7
- SYS_CREAT = 8
- SYS_LINK = 9
- SYS_UNLINK = 10
- SYS_EXECVE = 11
- SYS_CHDIR = 12
- SYS_TIME = 13
- SYS_MKNOD = 14
- SYS_CHMOD = 15
- SYS_LCHOWN = 16
- SYS_BREAK = 17
- SYS_OLDSTAT = 18
- SYS_LSEEK = 19
- SYS_GETPID = 20
- SYS_MOUNT = 21
- SYS_UMOUNT = 22
- SYS_SETUID = 23
- SYS_GETUID = 24
- SYS_STIME = 25
- SYS_PTRACE = 26
- SYS_ALARM = 27
- SYS_OLDFSTAT = 28
- SYS_PAUSE = 29
- SYS_UTIME = 30
- SYS_STTY = 31
- SYS_GTTY = 32
- SYS_ACCESS = 33
- SYS_NICE = 34
- SYS_FTIME = 35
- SYS_SYNC = 36
- SYS_KILL = 37
- SYS_RENAME = 38
- SYS_MKDIR = 39
- SYS_RMDIR = 40
- SYS_DUP = 41
- SYS_PIPE = 42
- SYS_TIMES = 43
- SYS_PROF = 44
- SYS_BRK = 45
- SYS_SETGID = 46
- SYS_GETGID = 47
- SYS_SIGNAL = 48
- SYS_GETEUID = 49
- SYS_GETEGID = 50
- SYS_ACCT = 51
- SYS_UMOUNT2 = 52
- SYS_LOCK = 53
- SYS_IOCTL = 54
- SYS_FCNTL = 55
- SYS_MPX = 56
- SYS_SETPGID = 57
- SYS_ULIMIT = 58
- SYS_OLDOLDUNAME = 59
- SYS_UMASK = 60
- SYS_CHROOT = 61
- SYS_USTAT = 62
- SYS_DUP2 = 63
- SYS_GETPPID = 64
- SYS_GETPGRP = 65
- SYS_SETSID = 66
- SYS_SIGACTION = 67
- SYS_SGETMASK = 68
- SYS_SSETMASK = 69
- SYS_SETREUID = 70
- SYS_SETREGID = 71
- SYS_SIGSUSPEND = 72
- SYS_SIGPENDING = 73
- SYS_SETHOSTNAME = 74
- SYS_SETRLIMIT = 75
- SYS_GETRLIMIT = 76
- SYS_GETRUSAGE = 77
- SYS_GETTIMEOFDAY = 78
- SYS_SETTIMEOFDAY = 79
- SYS_GETGROUPS = 80
- SYS_SETGROUPS = 81
- SYS_SELECT = 82
- SYS_SYMLINK = 83
- SYS_OLDLSTAT = 84
- SYS_READLINK = 85
- SYS_USELIB = 86
- SYS_SWAPON = 87
- SYS_REBOOT = 88
- SYS_READDIR = 89
- SYS_MMAP = 90
- SYS_MUNMAP = 91
- SYS_TRUNCATE = 92
- SYS_FTRUNCATE = 93
- SYS_FCHMOD = 94
- SYS_FCHOWN = 95
- SYS_GETPRIORITY = 96
- SYS_SETPRIORITY = 97
- SYS_PROFIL = 98
- SYS_STATFS = 99
- SYS_FSTATFS = 100
- SYS_IOPERM = 101
- SYS_SOCKETCALL = 102
- SYS_SYSLOG = 103
- SYS_SETITIMER = 104
- SYS_GETITIMER = 105
- SYS_STAT = 106
- SYS_LSTAT = 107
- SYS_FSTAT = 108
- SYS_OLDUNAME = 109
- SYS_IOPL = 110
- SYS_VHANGUP = 111
- SYS_IDLE = 112
- SYS_VM86 = 113
- SYS_WAIT4 = 114
- SYS_SWAPOFF = 115
- SYS_SYSINFO = 116
- SYS_IPC = 117
- SYS_FSYNC = 118
- SYS_SIGRETURN = 119
- SYS_CLONE = 120
- SYS_SETDOMAINNAME = 121
- SYS_UNAME = 122
- SYS_MODIFY_LDT = 123
- SYS_ADJTIMEX = 124
- SYS_MPROTECT = 125
- SYS_SIGPROCMASK = 126
- SYS_CREATE_MODULE = 127
- SYS_INIT_MODULE = 128
- SYS_DELETE_MODULE = 129
- SYS_GET_KERNEL_SYMS = 130
- SYS_QUOTACTL = 131
- SYS_GETPGID = 132
- SYS_FCHDIR = 133
- SYS_BDFLUSH = 134
- SYS_SYSFS = 135
- SYS_PERSONALITY = 136
- SYS_AFS_SYSCALL = 137
- SYS_SETFSUID = 138
- SYS_SETFSGID = 139
- SYS__LLSEEK = 140
- SYS_GETDENTS = 141
- SYS__NEWSELECT = 142
- SYS_FLOCK = 143
- SYS_MSYNC = 144
- SYS_READV = 145
- SYS_WRITEV = 146
- SYS_GETSID = 147
- SYS_FDATASYNC = 148
- SYS__SYSCTL = 149
- SYS_MLOCK = 150
- SYS_MUNLOCK = 151
- SYS_MLOCKALL = 152
- SYS_MUNLOCKALL = 153
- SYS_SCHED_SETPARAM = 154
- SYS_SCHED_GETPARAM = 155
- SYS_SCHED_SETSCHEDULER = 156
- SYS_SCHED_GETSCHEDULER = 157
- SYS_SCHED_YIELD = 158
- SYS_SCHED_GET_PRIORITY_MAX = 159
- SYS_SCHED_GET_PRIORITY_MIN = 160
- SYS_SCHED_RR_GET_INTERVAL = 161
- SYS_NANOSLEEP = 162
- SYS_MREMAP = 163
- SYS_SETRESUID = 164
- SYS_GETRESUID = 165
- SYS_QUERY_MODULE = 166
- SYS_POLL = 167
- SYS_NFSSERVCTL = 168
- SYS_SETRESGID = 169
- SYS_GETRESGID = 170
- SYS_PRCTL = 171
- SYS_RT_SIGRETURN = 172
- SYS_RT_SIGACTION = 173
- SYS_RT_SIGPROCMASK = 174
- SYS_RT_SIGPENDING = 175
- SYS_RT_SIGTIMEDWAIT = 176
- SYS_RT_SIGQUEUEINFO = 177
- SYS_RT_SIGSUSPEND = 178
- SYS_PREAD64 = 179
- SYS_PWRITE64 = 180
- SYS_CHOWN = 181
- SYS_GETCWD = 182
- SYS_CAPGET = 183
- SYS_CAPSET = 184
- SYS_SIGALTSTACK = 185
- SYS_SENDFILE = 186
- SYS_GETPMSG = 187
- SYS_PUTPMSG = 188
- SYS_VFORK = 189
- SYS_UGETRLIMIT = 190
- SYS_READAHEAD = 191
- SYS_PCICONFIG_READ = 198
- SYS_PCICONFIG_WRITE = 199
- SYS_PCICONFIG_IOBASE = 200
- SYS_MULTIPLEXER = 201
- SYS_GETDENTS64 = 202
- SYS_PIVOT_ROOT = 203
- SYS_MADVISE = 205
- SYS_MINCORE = 206
- SYS_GETTID = 207
- SYS_TKILL = 208
- SYS_SETXATTR = 209
- SYS_LSETXATTR = 210
- SYS_FSETXATTR = 211
- SYS_GETXATTR = 212
- SYS_LGETXATTR = 213
- SYS_FGETXATTR = 214
- SYS_LISTXATTR = 215
- SYS_LLISTXATTR = 216
- SYS_FLISTXATTR = 217
- SYS_REMOVEXATTR = 218
- SYS_LREMOVEXATTR = 219
- SYS_FREMOVEXATTR = 220
- SYS_FUTEX = 221
- SYS_SCHED_SETAFFINITY = 222
- SYS_SCHED_GETAFFINITY = 223
- SYS_TUXCALL = 225
- SYS_IO_SETUP = 227
- SYS_IO_DESTROY = 228
- SYS_IO_GETEVENTS = 229
- SYS_IO_SUBMIT = 230
- SYS_IO_CANCEL = 231
- SYS_SET_TID_ADDRESS = 232
- SYS_FADVISE64 = 233
- SYS_EXIT_GROUP = 234
- SYS_LOOKUP_DCOOKIE = 235
- SYS_EPOLL_CREATE = 236
- SYS_EPOLL_CTL = 237
- SYS_EPOLL_WAIT = 238
- SYS_REMAP_FILE_PAGES = 239
- SYS_TIMER_CREATE = 240
- SYS_TIMER_SETTIME = 241
- SYS_TIMER_GETTIME = 242
- SYS_TIMER_GETOVERRUN = 243
- SYS_TIMER_DELETE = 244
- SYS_CLOCK_SETTIME = 245
- SYS_CLOCK_GETTIME = 246
- SYS_CLOCK_GETRES = 247
- SYS_CLOCK_NANOSLEEP = 248
- SYS_SWAPCONTEXT = 249
- SYS_TGKILL = 250
- SYS_UTIMES = 251
- SYS_STATFS64 = 252
- SYS_FSTATFS64 = 253
- SYS_RTAS = 255
- SYS_SYS_DEBUG_SETCONTEXT = 256
- SYS_MIGRATE_PAGES = 258
- SYS_MBIND = 259
- SYS_GET_MEMPOLICY = 260
- SYS_SET_MEMPOLICY = 261
- SYS_MQ_OPEN = 262
- SYS_MQ_UNLINK = 263
- SYS_MQ_TIMEDSEND = 264
- SYS_MQ_TIMEDRECEIVE = 265
- SYS_MQ_NOTIFY = 266
- SYS_MQ_GETSETATTR = 267
- SYS_KEXEC_LOAD = 268
- SYS_ADD_KEY = 269
- SYS_REQUEST_KEY = 270
- SYS_KEYCTL = 271
- SYS_WAITID = 272
- SYS_IOPRIO_SET = 273
- SYS_IOPRIO_GET = 274
- SYS_INOTIFY_INIT = 275
- SYS_INOTIFY_ADD_WATCH = 276
- SYS_INOTIFY_RM_WATCH = 277
- SYS_SPU_RUN = 278
- SYS_SPU_CREATE = 279
- SYS_PSELECT6 = 280
- SYS_PPOLL = 281
- SYS_UNSHARE = 282
- SYS_SPLICE = 283
- SYS_TEE = 284
- SYS_VMSPLICE = 285
- SYS_OPENAT = 286
- SYS_MKDIRAT = 287
- SYS_MKNODAT = 288
- SYS_FCHOWNAT = 289
- SYS_FUTIMESAT = 290
- SYS_NEWFSTATAT = 291
- SYS_UNLINKAT = 292
- SYS_RENAMEAT = 293
- SYS_LINKAT = 294
- SYS_SYMLINKAT = 295
- SYS_READLINKAT = 296
- SYS_FCHMODAT = 297
- SYS_FACCESSAT = 298
- SYS_GET_ROBUST_LIST = 299
- SYS_SET_ROBUST_LIST = 300
- SYS_MOVE_PAGES = 301
- SYS_GETCPU = 302
- SYS_EPOLL_PWAIT = 303
- SYS_UTIMENSAT = 304
- SYS_SIGNALFD = 305
- SYS_TIMERFD_CREATE = 306
- SYS_EVENTFD = 307
- SYS_SYNC_FILE_RANGE2 = 308
- SYS_FALLOCATE = 309
- SYS_SUBPAGE_PROT = 310
- SYS_TIMERFD_SETTIME = 311
- SYS_TIMERFD_GETTIME = 312
- SYS_SIGNALFD4 = 313
- SYS_EVENTFD2 = 314
- SYS_EPOLL_CREATE1 = 315
- SYS_DUP3 = 316
- SYS_PIPE2 = 317
- SYS_INOTIFY_INIT1 = 318
- SYS_PERF_EVENT_OPEN = 319
- SYS_PREADV = 320
- SYS_PWRITEV = 321
- SYS_RT_TGSIGQUEUEINFO = 322
- SYS_FANOTIFY_INIT = 323
- SYS_FANOTIFY_MARK = 324
- SYS_PRLIMIT64 = 325
- SYS_SOCKET = 326
- SYS_BIND = 327
- SYS_CONNECT = 328
- SYS_LISTEN = 329
- SYS_ACCEPT = 330
- SYS_GETSOCKNAME = 331
- SYS_GETPEERNAME = 332
- SYS_SOCKETPAIR = 333
- SYS_SEND = 334
- SYS_SENDTO = 335
- SYS_RECV = 336
- SYS_RECVFROM = 337
- SYS_SHUTDOWN = 338
- SYS_SETSOCKOPT = 339
- SYS_GETSOCKOPT = 340
- SYS_SENDMSG = 341
- SYS_RECVMSG = 342
- SYS_RECVMMSG = 343
- SYS_ACCEPT4 = 344
- SYS_NAME_TO_HANDLE_AT = 345
- SYS_OPEN_BY_HANDLE_AT = 346
- SYS_CLOCK_ADJTIME = 347
- SYS_SYNCFS = 348
- SYS_SENDMMSG = 349
- SYS_SETNS = 350
- SYS_PROCESS_VM_READV = 351
- SYS_PROCESS_VM_WRITEV = 352
- SYS_FINIT_MODULE = 353
- SYS_KCMP = 354
- SYS_SCHED_SETATTR = 355
- SYS_SCHED_GETATTR = 356
- SYS_RENAMEAT2 = 357
- SYS_SECCOMP = 358
- SYS_GETRANDOM = 359
- SYS_MEMFD_CREATE = 360
- SYS_BPF = 361
- SYS_EXECVEAT = 362
- SYS_SWITCH_ENDIAN = 363
- SYS_USERFAULTFD = 364
- SYS_MEMBARRIER = 365
- SYS_MLOCK2 = 378
- SYS_COPY_FILE_RANGE = 379
- SYS_PREADV2 = 380
- SYS_PWRITEV2 = 381
- SYS_KEXEC_FILE_LOAD = 382
- SYS_STATX = 383
- SYS_PKEY_ALLOC = 384
- SYS_PKEY_FREE = 385
- SYS_PKEY_MPROTECT = 386
- SYS_RSEQ = 387
- SYS_IO_PGETEVENTS = 388
- SYS_SEMTIMEDOP = 392
- SYS_SEMGET = 393
- SYS_SEMCTL = 394
- SYS_SHMGET = 395
- SYS_SHMCTL = 396
- SYS_SHMAT = 397
- SYS_SHMDT = 398
- SYS_MSGGET = 399
- SYS_MSGSND = 400
- SYS_MSGRCV = 401
- SYS_MSGCTL = 402
- SYS_PIDFD_SEND_SIGNAL = 424
- SYS_IO_URING_SETUP = 425
- SYS_IO_URING_ENTER = 426
- SYS_IO_URING_REGISTER = 427
- SYS_OPEN_TREE = 428
- SYS_MOVE_MOUNT = 429
- SYS_FSOPEN = 430
- SYS_FSCONFIG = 431
- SYS_FSMOUNT = 432
- SYS_FSPICK = 433
- SYS_PIDFD_OPEN = 434
- SYS_CLONE3 = 435
- SYS_CLOSE_RANGE = 436
- SYS_OPENAT2 = 437
- SYS_PIDFD_GETFD = 438
- SYS_FACCESSAT2 = 439
- SYS_PROCESS_MADVISE = 440
- SYS_EPOLL_PWAIT2 = 441
- SYS_MOUNT_SETATTR = 442
+ SYS_RESTART_SYSCALL = 0
+ SYS_EXIT = 1
+ SYS_FORK = 2
+ SYS_READ = 3
+ SYS_WRITE = 4
+ SYS_OPEN = 5
+ SYS_CLOSE = 6
+ SYS_WAITPID = 7
+ SYS_CREAT = 8
+ SYS_LINK = 9
+ SYS_UNLINK = 10
+ SYS_EXECVE = 11
+ SYS_CHDIR = 12
+ SYS_TIME = 13
+ SYS_MKNOD = 14
+ SYS_CHMOD = 15
+ SYS_LCHOWN = 16
+ SYS_BREAK = 17
+ SYS_OLDSTAT = 18
+ SYS_LSEEK = 19
+ SYS_GETPID = 20
+ SYS_MOUNT = 21
+ SYS_UMOUNT = 22
+ SYS_SETUID = 23
+ SYS_GETUID = 24
+ SYS_STIME = 25
+ SYS_PTRACE = 26
+ SYS_ALARM = 27
+ SYS_OLDFSTAT = 28
+ SYS_PAUSE = 29
+ SYS_UTIME = 30
+ SYS_STTY = 31
+ SYS_GTTY = 32
+ SYS_ACCESS = 33
+ SYS_NICE = 34
+ SYS_FTIME = 35
+ SYS_SYNC = 36
+ SYS_KILL = 37
+ SYS_RENAME = 38
+ SYS_MKDIR = 39
+ SYS_RMDIR = 40
+ SYS_DUP = 41
+ SYS_PIPE = 42
+ SYS_TIMES = 43
+ SYS_PROF = 44
+ SYS_BRK = 45
+ SYS_SETGID = 46
+ SYS_GETGID = 47
+ SYS_SIGNAL = 48
+ SYS_GETEUID = 49
+ SYS_GETEGID = 50
+ SYS_ACCT = 51
+ SYS_UMOUNT2 = 52
+ SYS_LOCK = 53
+ SYS_IOCTL = 54
+ SYS_FCNTL = 55
+ SYS_MPX = 56
+ SYS_SETPGID = 57
+ SYS_ULIMIT = 58
+ SYS_OLDOLDUNAME = 59
+ SYS_UMASK = 60
+ SYS_CHROOT = 61
+ SYS_USTAT = 62
+ SYS_DUP2 = 63
+ SYS_GETPPID = 64
+ SYS_GETPGRP = 65
+ SYS_SETSID = 66
+ SYS_SIGACTION = 67
+ SYS_SGETMASK = 68
+ SYS_SSETMASK = 69
+ SYS_SETREUID = 70
+ SYS_SETREGID = 71
+ SYS_SIGSUSPEND = 72
+ SYS_SIGPENDING = 73
+ SYS_SETHOSTNAME = 74
+ SYS_SETRLIMIT = 75
+ SYS_GETRLIMIT = 76
+ SYS_GETRUSAGE = 77
+ SYS_GETTIMEOFDAY = 78
+ SYS_SETTIMEOFDAY = 79
+ SYS_GETGROUPS = 80
+ SYS_SETGROUPS = 81
+ SYS_SELECT = 82
+ SYS_SYMLINK = 83
+ SYS_OLDLSTAT = 84
+ SYS_READLINK = 85
+ SYS_USELIB = 86
+ SYS_SWAPON = 87
+ SYS_REBOOT = 88
+ SYS_READDIR = 89
+ SYS_MMAP = 90
+ SYS_MUNMAP = 91
+ SYS_TRUNCATE = 92
+ SYS_FTRUNCATE = 93
+ SYS_FCHMOD = 94
+ SYS_FCHOWN = 95
+ SYS_GETPRIORITY = 96
+ SYS_SETPRIORITY = 97
+ SYS_PROFIL = 98
+ SYS_STATFS = 99
+ SYS_FSTATFS = 100
+ SYS_IOPERM = 101
+ SYS_SOCKETCALL = 102
+ SYS_SYSLOG = 103
+ SYS_SETITIMER = 104
+ SYS_GETITIMER = 105
+ SYS_STAT = 106
+ SYS_LSTAT = 107
+ SYS_FSTAT = 108
+ SYS_OLDUNAME = 109
+ SYS_IOPL = 110
+ SYS_VHANGUP = 111
+ SYS_IDLE = 112
+ SYS_VM86 = 113
+ SYS_WAIT4 = 114
+ SYS_SWAPOFF = 115
+ SYS_SYSINFO = 116
+ SYS_IPC = 117
+ SYS_FSYNC = 118
+ SYS_SIGRETURN = 119
+ SYS_CLONE = 120
+ SYS_SETDOMAINNAME = 121
+ SYS_UNAME = 122
+ SYS_MODIFY_LDT = 123
+ SYS_ADJTIMEX = 124
+ SYS_MPROTECT = 125
+ SYS_SIGPROCMASK = 126
+ SYS_CREATE_MODULE = 127
+ SYS_INIT_MODULE = 128
+ SYS_DELETE_MODULE = 129
+ SYS_GET_KERNEL_SYMS = 130
+ SYS_QUOTACTL = 131
+ SYS_GETPGID = 132
+ SYS_FCHDIR = 133
+ SYS_BDFLUSH = 134
+ SYS_SYSFS = 135
+ SYS_PERSONALITY = 136
+ SYS_AFS_SYSCALL = 137
+ SYS_SETFSUID = 138
+ SYS_SETFSGID = 139
+ SYS__LLSEEK = 140
+ SYS_GETDENTS = 141
+ SYS__NEWSELECT = 142
+ SYS_FLOCK = 143
+ SYS_MSYNC = 144
+ SYS_READV = 145
+ SYS_WRITEV = 146
+ SYS_GETSID = 147
+ SYS_FDATASYNC = 148
+ SYS__SYSCTL = 149
+ SYS_MLOCK = 150
+ SYS_MUNLOCK = 151
+ SYS_MLOCKALL = 152
+ SYS_MUNLOCKALL = 153
+ SYS_SCHED_SETPARAM = 154
+ SYS_SCHED_GETPARAM = 155
+ SYS_SCHED_SETSCHEDULER = 156
+ SYS_SCHED_GETSCHEDULER = 157
+ SYS_SCHED_YIELD = 158
+ SYS_SCHED_GET_PRIORITY_MAX = 159
+ SYS_SCHED_GET_PRIORITY_MIN = 160
+ SYS_SCHED_RR_GET_INTERVAL = 161
+ SYS_NANOSLEEP = 162
+ SYS_MREMAP = 163
+ SYS_SETRESUID = 164
+ SYS_GETRESUID = 165
+ SYS_QUERY_MODULE = 166
+ SYS_POLL = 167
+ SYS_NFSSERVCTL = 168
+ SYS_SETRESGID = 169
+ SYS_GETRESGID = 170
+ SYS_PRCTL = 171
+ SYS_RT_SIGRETURN = 172
+ SYS_RT_SIGACTION = 173
+ SYS_RT_SIGPROCMASK = 174
+ SYS_RT_SIGPENDING = 175
+ SYS_RT_SIGTIMEDWAIT = 176
+ SYS_RT_SIGQUEUEINFO = 177
+ SYS_RT_SIGSUSPEND = 178
+ SYS_PREAD64 = 179
+ SYS_PWRITE64 = 180
+ SYS_CHOWN = 181
+ SYS_GETCWD = 182
+ SYS_CAPGET = 183
+ SYS_CAPSET = 184
+ SYS_SIGALTSTACK = 185
+ SYS_SENDFILE = 186
+ SYS_GETPMSG = 187
+ SYS_PUTPMSG = 188
+ SYS_VFORK = 189
+ SYS_UGETRLIMIT = 190
+ SYS_READAHEAD = 191
+ SYS_PCICONFIG_READ = 198
+ SYS_PCICONFIG_WRITE = 199
+ SYS_PCICONFIG_IOBASE = 200
+ SYS_MULTIPLEXER = 201
+ SYS_GETDENTS64 = 202
+ SYS_PIVOT_ROOT = 203
+ SYS_MADVISE = 205
+ SYS_MINCORE = 206
+ SYS_GETTID = 207
+ SYS_TKILL = 208
+ SYS_SETXATTR = 209
+ SYS_LSETXATTR = 210
+ SYS_FSETXATTR = 211
+ SYS_GETXATTR = 212
+ SYS_LGETXATTR = 213
+ SYS_FGETXATTR = 214
+ SYS_LISTXATTR = 215
+ SYS_LLISTXATTR = 216
+ SYS_FLISTXATTR = 217
+ SYS_REMOVEXATTR = 218
+ SYS_LREMOVEXATTR = 219
+ SYS_FREMOVEXATTR = 220
+ SYS_FUTEX = 221
+ SYS_SCHED_SETAFFINITY = 222
+ SYS_SCHED_GETAFFINITY = 223
+ SYS_TUXCALL = 225
+ SYS_IO_SETUP = 227
+ SYS_IO_DESTROY = 228
+ SYS_IO_GETEVENTS = 229
+ SYS_IO_SUBMIT = 230
+ SYS_IO_CANCEL = 231
+ SYS_SET_TID_ADDRESS = 232
+ SYS_FADVISE64 = 233
+ SYS_EXIT_GROUP = 234
+ SYS_LOOKUP_DCOOKIE = 235
+ SYS_EPOLL_CREATE = 236
+ SYS_EPOLL_CTL = 237
+ SYS_EPOLL_WAIT = 238
+ SYS_REMAP_FILE_PAGES = 239
+ SYS_TIMER_CREATE = 240
+ SYS_TIMER_SETTIME = 241
+ SYS_TIMER_GETTIME = 242
+ SYS_TIMER_GETOVERRUN = 243
+ SYS_TIMER_DELETE = 244
+ SYS_CLOCK_SETTIME = 245
+ SYS_CLOCK_GETTIME = 246
+ SYS_CLOCK_GETRES = 247
+ SYS_CLOCK_NANOSLEEP = 248
+ SYS_SWAPCONTEXT = 249
+ SYS_TGKILL = 250
+ SYS_UTIMES = 251
+ SYS_STATFS64 = 252
+ SYS_FSTATFS64 = 253
+ SYS_RTAS = 255
+ SYS_SYS_DEBUG_SETCONTEXT = 256
+ SYS_MIGRATE_PAGES = 258
+ SYS_MBIND = 259
+ SYS_GET_MEMPOLICY = 260
+ SYS_SET_MEMPOLICY = 261
+ SYS_MQ_OPEN = 262
+ SYS_MQ_UNLINK = 263
+ SYS_MQ_TIMEDSEND = 264
+ SYS_MQ_TIMEDRECEIVE = 265
+ SYS_MQ_NOTIFY = 266
+ SYS_MQ_GETSETATTR = 267
+ SYS_KEXEC_LOAD = 268
+ SYS_ADD_KEY = 269
+ SYS_REQUEST_KEY = 270
+ SYS_KEYCTL = 271
+ SYS_WAITID = 272
+ SYS_IOPRIO_SET = 273
+ SYS_IOPRIO_GET = 274
+ SYS_INOTIFY_INIT = 275
+ SYS_INOTIFY_ADD_WATCH = 276
+ SYS_INOTIFY_RM_WATCH = 277
+ SYS_SPU_RUN = 278
+ SYS_SPU_CREATE = 279
+ SYS_PSELECT6 = 280
+ SYS_PPOLL = 281
+ SYS_UNSHARE = 282
+ SYS_SPLICE = 283
+ SYS_TEE = 284
+ SYS_VMSPLICE = 285
+ SYS_OPENAT = 286
+ SYS_MKDIRAT = 287
+ SYS_MKNODAT = 288
+ SYS_FCHOWNAT = 289
+ SYS_FUTIMESAT = 290
+ SYS_NEWFSTATAT = 291
+ SYS_UNLINKAT = 292
+ SYS_RENAMEAT = 293
+ SYS_LINKAT = 294
+ SYS_SYMLINKAT = 295
+ SYS_READLINKAT = 296
+ SYS_FCHMODAT = 297
+ SYS_FACCESSAT = 298
+ SYS_GET_ROBUST_LIST = 299
+ SYS_SET_ROBUST_LIST = 300
+ SYS_MOVE_PAGES = 301
+ SYS_GETCPU = 302
+ SYS_EPOLL_PWAIT = 303
+ SYS_UTIMENSAT = 304
+ SYS_SIGNALFD = 305
+ SYS_TIMERFD_CREATE = 306
+ SYS_EVENTFD = 307
+ SYS_SYNC_FILE_RANGE2 = 308
+ SYS_FALLOCATE = 309
+ SYS_SUBPAGE_PROT = 310
+ SYS_TIMERFD_SETTIME = 311
+ SYS_TIMERFD_GETTIME = 312
+ SYS_SIGNALFD4 = 313
+ SYS_EVENTFD2 = 314
+ SYS_EPOLL_CREATE1 = 315
+ SYS_DUP3 = 316
+ SYS_PIPE2 = 317
+ SYS_INOTIFY_INIT1 = 318
+ SYS_PERF_EVENT_OPEN = 319
+ SYS_PREADV = 320
+ SYS_PWRITEV = 321
+ SYS_RT_TGSIGQUEUEINFO = 322
+ SYS_FANOTIFY_INIT = 323
+ SYS_FANOTIFY_MARK = 324
+ SYS_PRLIMIT64 = 325
+ SYS_SOCKET = 326
+ SYS_BIND = 327
+ SYS_CONNECT = 328
+ SYS_LISTEN = 329
+ SYS_ACCEPT = 330
+ SYS_GETSOCKNAME = 331
+ SYS_GETPEERNAME = 332
+ SYS_SOCKETPAIR = 333
+ SYS_SEND = 334
+ SYS_SENDTO = 335
+ SYS_RECV = 336
+ SYS_RECVFROM = 337
+ SYS_SHUTDOWN = 338
+ SYS_SETSOCKOPT = 339
+ SYS_GETSOCKOPT = 340
+ SYS_SENDMSG = 341
+ SYS_RECVMSG = 342
+ SYS_RECVMMSG = 343
+ SYS_ACCEPT4 = 344
+ SYS_NAME_TO_HANDLE_AT = 345
+ SYS_OPEN_BY_HANDLE_AT = 346
+ SYS_CLOCK_ADJTIME = 347
+ SYS_SYNCFS = 348
+ SYS_SENDMMSG = 349
+ SYS_SETNS = 350
+ SYS_PROCESS_VM_READV = 351
+ SYS_PROCESS_VM_WRITEV = 352
+ SYS_FINIT_MODULE = 353
+ SYS_KCMP = 354
+ SYS_SCHED_SETATTR = 355
+ SYS_SCHED_GETATTR = 356
+ SYS_RENAMEAT2 = 357
+ SYS_SECCOMP = 358
+ SYS_GETRANDOM = 359
+ SYS_MEMFD_CREATE = 360
+ SYS_BPF = 361
+ SYS_EXECVEAT = 362
+ SYS_SWITCH_ENDIAN = 363
+ SYS_USERFAULTFD = 364
+ SYS_MEMBARRIER = 365
+ SYS_MLOCK2 = 378
+ SYS_COPY_FILE_RANGE = 379
+ SYS_PREADV2 = 380
+ SYS_PWRITEV2 = 381
+ SYS_KEXEC_FILE_LOAD = 382
+ SYS_STATX = 383
+ SYS_PKEY_ALLOC = 384
+ SYS_PKEY_FREE = 385
+ SYS_PKEY_MPROTECT = 386
+ SYS_RSEQ = 387
+ SYS_IO_PGETEVENTS = 388
+ SYS_SEMTIMEDOP = 392
+ SYS_SEMGET = 393
+ SYS_SEMCTL = 394
+ SYS_SHMGET = 395
+ SYS_SHMCTL = 396
+ SYS_SHMAT = 397
+ SYS_SHMDT = 398
+ SYS_MSGGET = 399
+ SYS_MSGSND = 400
+ SYS_MSGRCV = 401
+ SYS_MSGCTL = 402
+ SYS_PIDFD_SEND_SIGNAL = 424
+ SYS_IO_URING_SETUP = 425
+ SYS_IO_URING_ENTER = 426
+ SYS_IO_URING_REGISTER = 427
+ SYS_OPEN_TREE = 428
+ SYS_MOVE_MOUNT = 429
+ SYS_FSOPEN = 430
+ SYS_FSCONFIG = 431
+ SYS_FSMOUNT = 432
+ SYS_FSPICK = 433
+ SYS_PIDFD_OPEN = 434
+ SYS_CLONE3 = 435
+ SYS_CLOSE_RANGE = 436
+ SYS_OPENAT2 = 437
+ SYS_PIDFD_GETFD = 438
+ SYS_FACCESSAT2 = 439
+ SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
+ SYS_LANDLOCK_CREATE_RULESET = 444
+ SYS_LANDLOCK_ADD_RULE = 445
+ SYS_LANDLOCK_RESTRICT_SELF = 446
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
index 66c8a8e09..0db9fbba5 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
@@ -7,302 +7,305 @@
package unix
const (
- SYS_IO_SETUP = 0
- SYS_IO_DESTROY = 1
- SYS_IO_SUBMIT = 2
- SYS_IO_CANCEL = 3
- SYS_IO_GETEVENTS = 4
- SYS_SETXATTR = 5
- SYS_LSETXATTR = 6
- SYS_FSETXATTR = 7
- SYS_GETXATTR = 8
- SYS_LGETXATTR = 9
- SYS_FGETXATTR = 10
- SYS_LISTXATTR = 11
- SYS_LLISTXATTR = 12
- SYS_FLISTXATTR = 13
- SYS_REMOVEXATTR = 14
- SYS_LREMOVEXATTR = 15
- SYS_FREMOVEXATTR = 16
- SYS_GETCWD = 17
- SYS_LOOKUP_DCOOKIE = 18
- SYS_EVENTFD2 = 19
- SYS_EPOLL_CREATE1 = 20
- SYS_EPOLL_CTL = 21
- SYS_EPOLL_PWAIT = 22
- SYS_DUP = 23
- SYS_DUP3 = 24
- SYS_FCNTL = 25
- SYS_INOTIFY_INIT1 = 26
- SYS_INOTIFY_ADD_WATCH = 27
- SYS_INOTIFY_RM_WATCH = 28
- SYS_IOCTL = 29
- SYS_IOPRIO_SET = 30
- SYS_IOPRIO_GET = 31
- SYS_FLOCK = 32
- SYS_MKNODAT = 33
- SYS_MKDIRAT = 34
- SYS_UNLINKAT = 35
- SYS_SYMLINKAT = 36
- SYS_LINKAT = 37
- SYS_UMOUNT2 = 39
- SYS_MOUNT = 40
- SYS_PIVOT_ROOT = 41
- SYS_NFSSERVCTL = 42
- SYS_STATFS = 43
- SYS_FSTATFS = 44
- SYS_TRUNCATE = 45
- SYS_FTRUNCATE = 46
- SYS_FALLOCATE = 47
- SYS_FACCESSAT = 48
- SYS_CHDIR = 49
- SYS_FCHDIR = 50
- SYS_CHROOT = 51
- SYS_FCHMOD = 52
- SYS_FCHMODAT = 53
- SYS_FCHOWNAT = 54
- SYS_FCHOWN = 55
- SYS_OPENAT = 56
- SYS_CLOSE = 57
- SYS_VHANGUP = 58
- SYS_PIPE2 = 59
- SYS_QUOTACTL = 60
- SYS_GETDENTS64 = 61
- SYS_LSEEK = 62
- SYS_READ = 63
- SYS_WRITE = 64
- SYS_READV = 65
- SYS_WRITEV = 66
- SYS_PREAD64 = 67
- SYS_PWRITE64 = 68
- SYS_PREADV = 69
- SYS_PWRITEV = 70
- SYS_SENDFILE = 71
- SYS_PSELECT6 = 72
- SYS_PPOLL = 73
- SYS_SIGNALFD4 = 74
- SYS_VMSPLICE = 75
- SYS_SPLICE = 76
- SYS_TEE = 77
- SYS_READLINKAT = 78
- SYS_FSTATAT = 79
- SYS_FSTAT = 80
- SYS_SYNC = 81
- SYS_FSYNC = 82
- SYS_FDATASYNC = 83
- SYS_SYNC_FILE_RANGE = 84
- SYS_TIMERFD_CREATE = 85
- SYS_TIMERFD_SETTIME = 86
- SYS_TIMERFD_GETTIME = 87
- SYS_UTIMENSAT = 88
- SYS_ACCT = 89
- SYS_CAPGET = 90
- SYS_CAPSET = 91
- SYS_PERSONALITY = 92
- SYS_EXIT = 93
- SYS_EXIT_GROUP = 94
- SYS_WAITID = 95
- SYS_SET_TID_ADDRESS = 96
- SYS_UNSHARE = 97
- SYS_FUTEX = 98
- SYS_SET_ROBUST_LIST = 99
- SYS_GET_ROBUST_LIST = 100
- SYS_NANOSLEEP = 101
- SYS_GETITIMER = 102
- SYS_SETITIMER = 103
- SYS_KEXEC_LOAD = 104
- SYS_INIT_MODULE = 105
- SYS_DELETE_MODULE = 106
- SYS_TIMER_CREATE = 107
- SYS_TIMER_GETTIME = 108
- SYS_TIMER_GETOVERRUN = 109
- SYS_TIMER_SETTIME = 110
- SYS_TIMER_DELETE = 111
- SYS_CLOCK_SETTIME = 112
- SYS_CLOCK_GETTIME = 113
- SYS_CLOCK_GETRES = 114
- SYS_CLOCK_NANOSLEEP = 115
- SYS_SYSLOG = 116
- SYS_PTRACE = 117
- SYS_SCHED_SETPARAM = 118
- SYS_SCHED_SETSCHEDULER = 119
- SYS_SCHED_GETSCHEDULER = 120
- SYS_SCHED_GETPARAM = 121
- SYS_SCHED_SETAFFINITY = 122
- SYS_SCHED_GETAFFINITY = 123
- SYS_SCHED_YIELD = 124
- SYS_SCHED_GET_PRIORITY_MAX = 125
- SYS_SCHED_GET_PRIORITY_MIN = 126
- SYS_SCHED_RR_GET_INTERVAL = 127
- SYS_RESTART_SYSCALL = 128
- SYS_KILL = 129
- SYS_TKILL = 130
- SYS_TGKILL = 131
- SYS_SIGALTSTACK = 132
- SYS_RT_SIGSUSPEND = 133
- SYS_RT_SIGACTION = 134
- SYS_RT_SIGPROCMASK = 135
- SYS_RT_SIGPENDING = 136
- SYS_RT_SIGTIMEDWAIT = 137
- SYS_RT_SIGQUEUEINFO = 138
- SYS_RT_SIGRETURN = 139
- SYS_SETPRIORITY = 140
- SYS_GETPRIORITY = 141
- SYS_REBOOT = 142
- SYS_SETREGID = 143
- SYS_SETGID = 144
- SYS_SETREUID = 145
- SYS_SETUID = 146
- SYS_SETRESUID = 147
- SYS_GETRESUID = 148
- SYS_SETRESGID = 149
- SYS_GETRESGID = 150
- SYS_SETFSUID = 151
- SYS_SETFSGID = 152
- SYS_TIMES = 153
- SYS_SETPGID = 154
- SYS_GETPGID = 155
- SYS_GETSID = 156
- SYS_SETSID = 157
- SYS_GETGROUPS = 158
- SYS_SETGROUPS = 159
- SYS_UNAME = 160
- SYS_SETHOSTNAME = 161
- SYS_SETDOMAINNAME = 162
- SYS_GETRLIMIT = 163
- SYS_SETRLIMIT = 164
- SYS_GETRUSAGE = 165
- SYS_UMASK = 166
- SYS_PRCTL = 167
- SYS_GETCPU = 168
- SYS_GETTIMEOFDAY = 169
- SYS_SETTIMEOFDAY = 170
- SYS_ADJTIMEX = 171
- SYS_GETPID = 172
- SYS_GETPPID = 173
- SYS_GETUID = 174
- SYS_GETEUID = 175
- SYS_GETGID = 176
- SYS_GETEGID = 177
- SYS_GETTID = 178
- SYS_SYSINFO = 179
- SYS_MQ_OPEN = 180
- SYS_MQ_UNLINK = 181
- SYS_MQ_TIMEDSEND = 182
- SYS_MQ_TIMEDRECEIVE = 183
- SYS_MQ_NOTIFY = 184
- SYS_MQ_GETSETATTR = 185
- SYS_MSGGET = 186
- SYS_MSGCTL = 187
- SYS_MSGRCV = 188
- SYS_MSGSND = 189
- SYS_SEMGET = 190
- SYS_SEMCTL = 191
- SYS_SEMTIMEDOP = 192
- SYS_SEMOP = 193
- SYS_SHMGET = 194
- SYS_SHMCTL = 195
- SYS_SHMAT = 196
- SYS_SHMDT = 197
- SYS_SOCKET = 198
- SYS_SOCKETPAIR = 199
- SYS_BIND = 200
- SYS_LISTEN = 201
- SYS_ACCEPT = 202
- SYS_CONNECT = 203
- SYS_GETSOCKNAME = 204
- SYS_GETPEERNAME = 205
- SYS_SENDTO = 206
- SYS_RECVFROM = 207
- SYS_SETSOCKOPT = 208
- SYS_GETSOCKOPT = 209
- SYS_SHUTDOWN = 210
- SYS_SENDMSG = 211
- SYS_RECVMSG = 212
- SYS_READAHEAD = 213
- SYS_BRK = 214
- SYS_MUNMAP = 215
- SYS_MREMAP = 216
- SYS_ADD_KEY = 217
- SYS_REQUEST_KEY = 218
- SYS_KEYCTL = 219
- SYS_CLONE = 220
- SYS_EXECVE = 221
- SYS_MMAP = 222
- SYS_FADVISE64 = 223
- SYS_SWAPON = 224
- SYS_SWAPOFF = 225
- SYS_MPROTECT = 226
- SYS_MSYNC = 227
- SYS_MLOCK = 228
- SYS_MUNLOCK = 229
- SYS_MLOCKALL = 230
- SYS_MUNLOCKALL = 231
- SYS_MINCORE = 232
- SYS_MADVISE = 233
- SYS_REMAP_FILE_PAGES = 234
- SYS_MBIND = 235
- SYS_GET_MEMPOLICY = 236
- SYS_SET_MEMPOLICY = 237
- SYS_MIGRATE_PAGES = 238
- SYS_MOVE_PAGES = 239
- SYS_RT_TGSIGQUEUEINFO = 240
- SYS_PERF_EVENT_OPEN = 241
- SYS_ACCEPT4 = 242
- SYS_RECVMMSG = 243
- SYS_ARCH_SPECIFIC_SYSCALL = 244
- SYS_WAIT4 = 260
- SYS_PRLIMIT64 = 261
- SYS_FANOTIFY_INIT = 262
- SYS_FANOTIFY_MARK = 263
- SYS_NAME_TO_HANDLE_AT = 264
- SYS_OPEN_BY_HANDLE_AT = 265
- SYS_CLOCK_ADJTIME = 266
- SYS_SYNCFS = 267
- SYS_SETNS = 268
- SYS_SENDMMSG = 269
- SYS_PROCESS_VM_READV = 270
- SYS_PROCESS_VM_WRITEV = 271
- SYS_KCMP = 272
- SYS_FINIT_MODULE = 273
- SYS_SCHED_SETATTR = 274
- SYS_SCHED_GETATTR = 275
- SYS_RENAMEAT2 = 276
- SYS_SECCOMP = 277
- SYS_GETRANDOM = 278
- SYS_MEMFD_CREATE = 279
- SYS_BPF = 280
- SYS_EXECVEAT = 281
- SYS_USERFAULTFD = 282
- SYS_MEMBARRIER = 283
- SYS_MLOCK2 = 284
- SYS_COPY_FILE_RANGE = 285
- SYS_PREADV2 = 286
- SYS_PWRITEV2 = 287
- SYS_PKEY_MPROTECT = 288
- SYS_PKEY_ALLOC = 289
- SYS_PKEY_FREE = 290
- SYS_STATX = 291
- SYS_IO_PGETEVENTS = 292
- SYS_RSEQ = 293
- SYS_KEXEC_FILE_LOAD = 294
- SYS_PIDFD_SEND_SIGNAL = 424
- SYS_IO_URING_SETUP = 425
- SYS_IO_URING_ENTER = 426
- SYS_IO_URING_REGISTER = 427
- SYS_OPEN_TREE = 428
- SYS_MOVE_MOUNT = 429
- SYS_FSOPEN = 430
- SYS_FSCONFIG = 431
- SYS_FSMOUNT = 432
- SYS_FSPICK = 433
- SYS_PIDFD_OPEN = 434
- SYS_CLONE3 = 435
- SYS_CLOSE_RANGE = 436
- SYS_OPENAT2 = 437
- SYS_PIDFD_GETFD = 438
- SYS_FACCESSAT2 = 439
- SYS_PROCESS_MADVISE = 440
- SYS_EPOLL_PWAIT2 = 441
- SYS_MOUNT_SETATTR = 442
+ SYS_IO_SETUP = 0
+ SYS_IO_DESTROY = 1
+ SYS_IO_SUBMIT = 2
+ SYS_IO_CANCEL = 3
+ SYS_IO_GETEVENTS = 4
+ SYS_SETXATTR = 5
+ SYS_LSETXATTR = 6
+ SYS_FSETXATTR = 7
+ SYS_GETXATTR = 8
+ SYS_LGETXATTR = 9
+ SYS_FGETXATTR = 10
+ SYS_LISTXATTR = 11
+ SYS_LLISTXATTR = 12
+ SYS_FLISTXATTR = 13
+ SYS_REMOVEXATTR = 14
+ SYS_LREMOVEXATTR = 15
+ SYS_FREMOVEXATTR = 16
+ SYS_GETCWD = 17
+ SYS_LOOKUP_DCOOKIE = 18
+ SYS_EVENTFD2 = 19
+ SYS_EPOLL_CREATE1 = 20
+ SYS_EPOLL_CTL = 21
+ SYS_EPOLL_PWAIT = 22
+ SYS_DUP = 23
+ SYS_DUP3 = 24
+ SYS_FCNTL = 25
+ SYS_INOTIFY_INIT1 = 26
+ SYS_INOTIFY_ADD_WATCH = 27
+ SYS_INOTIFY_RM_WATCH = 28
+ SYS_IOCTL = 29
+ SYS_IOPRIO_SET = 30
+ SYS_IOPRIO_GET = 31
+ SYS_FLOCK = 32
+ SYS_MKNODAT = 33
+ SYS_MKDIRAT = 34
+ SYS_UNLINKAT = 35
+ SYS_SYMLINKAT = 36
+ SYS_LINKAT = 37
+ SYS_UMOUNT2 = 39
+ SYS_MOUNT = 40
+ SYS_PIVOT_ROOT = 41
+ SYS_NFSSERVCTL = 42
+ SYS_STATFS = 43
+ SYS_FSTATFS = 44
+ SYS_TRUNCATE = 45
+ SYS_FTRUNCATE = 46
+ SYS_FALLOCATE = 47
+ SYS_FACCESSAT = 48
+ SYS_CHDIR = 49
+ SYS_FCHDIR = 50
+ SYS_CHROOT = 51
+ SYS_FCHMOD = 52
+ SYS_FCHMODAT = 53
+ SYS_FCHOWNAT = 54
+ SYS_FCHOWN = 55
+ SYS_OPENAT = 56
+ SYS_CLOSE = 57
+ SYS_VHANGUP = 58
+ SYS_PIPE2 = 59
+ SYS_QUOTACTL = 60
+ SYS_GETDENTS64 = 61
+ SYS_LSEEK = 62
+ SYS_READ = 63
+ SYS_WRITE = 64
+ SYS_READV = 65
+ SYS_WRITEV = 66
+ SYS_PREAD64 = 67
+ SYS_PWRITE64 = 68
+ SYS_PREADV = 69
+ SYS_PWRITEV = 70
+ SYS_SENDFILE = 71
+ SYS_PSELECT6 = 72
+ SYS_PPOLL = 73
+ SYS_SIGNALFD4 = 74
+ SYS_VMSPLICE = 75
+ SYS_SPLICE = 76
+ SYS_TEE = 77
+ SYS_READLINKAT = 78
+ SYS_FSTATAT = 79
+ SYS_FSTAT = 80
+ SYS_SYNC = 81
+ SYS_FSYNC = 82
+ SYS_FDATASYNC = 83
+ SYS_SYNC_FILE_RANGE = 84
+ SYS_TIMERFD_CREATE = 85
+ SYS_TIMERFD_SETTIME = 86
+ SYS_TIMERFD_GETTIME = 87
+ SYS_UTIMENSAT = 88
+ SYS_ACCT = 89
+ SYS_CAPGET = 90
+ SYS_CAPSET = 91
+ SYS_PERSONALITY = 92
+ SYS_EXIT = 93
+ SYS_EXIT_GROUP = 94
+ SYS_WAITID = 95
+ SYS_SET_TID_ADDRESS = 96
+ SYS_UNSHARE = 97
+ SYS_FUTEX = 98
+ SYS_SET_ROBUST_LIST = 99
+ SYS_GET_ROBUST_LIST = 100
+ SYS_NANOSLEEP = 101
+ SYS_GETITIMER = 102
+ SYS_SETITIMER = 103
+ SYS_KEXEC_LOAD = 104
+ SYS_INIT_MODULE = 105
+ SYS_DELETE_MODULE = 106
+ SYS_TIMER_CREATE = 107
+ SYS_TIMER_GETTIME = 108
+ SYS_TIMER_GETOVERRUN = 109
+ SYS_TIMER_SETTIME = 110
+ SYS_TIMER_DELETE = 111
+ SYS_CLOCK_SETTIME = 112
+ SYS_CLOCK_GETTIME = 113
+ SYS_CLOCK_GETRES = 114
+ SYS_CLOCK_NANOSLEEP = 115
+ SYS_SYSLOG = 116
+ SYS_PTRACE = 117
+ SYS_SCHED_SETPARAM = 118
+ SYS_SCHED_SETSCHEDULER = 119
+ SYS_SCHED_GETSCHEDULER = 120
+ SYS_SCHED_GETPARAM = 121
+ SYS_SCHED_SETAFFINITY = 122
+ SYS_SCHED_GETAFFINITY = 123
+ SYS_SCHED_YIELD = 124
+ SYS_SCHED_GET_PRIORITY_MAX = 125
+ SYS_SCHED_GET_PRIORITY_MIN = 126
+ SYS_SCHED_RR_GET_INTERVAL = 127
+ SYS_RESTART_SYSCALL = 128
+ SYS_KILL = 129
+ SYS_TKILL = 130
+ SYS_TGKILL = 131
+ SYS_SIGALTSTACK = 132
+ SYS_RT_SIGSUSPEND = 133
+ SYS_RT_SIGACTION = 134
+ SYS_RT_SIGPROCMASK = 135
+ SYS_RT_SIGPENDING = 136
+ SYS_RT_SIGTIMEDWAIT = 137
+ SYS_RT_SIGQUEUEINFO = 138
+ SYS_RT_SIGRETURN = 139
+ SYS_SETPRIORITY = 140
+ SYS_GETPRIORITY = 141
+ SYS_REBOOT = 142
+ SYS_SETREGID = 143
+ SYS_SETGID = 144
+ SYS_SETREUID = 145
+ SYS_SETUID = 146
+ SYS_SETRESUID = 147
+ SYS_GETRESUID = 148
+ SYS_SETRESGID = 149
+ SYS_GETRESGID = 150
+ SYS_SETFSUID = 151
+ SYS_SETFSGID = 152
+ SYS_TIMES = 153
+ SYS_SETPGID = 154
+ SYS_GETPGID = 155
+ SYS_GETSID = 156
+ SYS_SETSID = 157
+ SYS_GETGROUPS = 158
+ SYS_SETGROUPS = 159
+ SYS_UNAME = 160
+ SYS_SETHOSTNAME = 161
+ SYS_SETDOMAINNAME = 162
+ SYS_GETRLIMIT = 163
+ SYS_SETRLIMIT = 164
+ SYS_GETRUSAGE = 165
+ SYS_UMASK = 166
+ SYS_PRCTL = 167
+ SYS_GETCPU = 168
+ SYS_GETTIMEOFDAY = 169
+ SYS_SETTIMEOFDAY = 170
+ SYS_ADJTIMEX = 171
+ SYS_GETPID = 172
+ SYS_GETPPID = 173
+ SYS_GETUID = 174
+ SYS_GETEUID = 175
+ SYS_GETGID = 176
+ SYS_GETEGID = 177
+ SYS_GETTID = 178
+ SYS_SYSINFO = 179
+ SYS_MQ_OPEN = 180
+ SYS_MQ_UNLINK = 181
+ SYS_MQ_TIMEDSEND = 182
+ SYS_MQ_TIMEDRECEIVE = 183
+ SYS_MQ_NOTIFY = 184
+ SYS_MQ_GETSETATTR = 185
+ SYS_MSGGET = 186
+ SYS_MSGCTL = 187
+ SYS_MSGRCV = 188
+ SYS_MSGSND = 189
+ SYS_SEMGET = 190
+ SYS_SEMCTL = 191
+ SYS_SEMTIMEDOP = 192
+ SYS_SEMOP = 193
+ SYS_SHMGET = 194
+ SYS_SHMCTL = 195
+ SYS_SHMAT = 196
+ SYS_SHMDT = 197
+ SYS_SOCKET = 198
+ SYS_SOCKETPAIR = 199
+ SYS_BIND = 200
+ SYS_LISTEN = 201
+ SYS_ACCEPT = 202
+ SYS_CONNECT = 203
+ SYS_GETSOCKNAME = 204
+ SYS_GETPEERNAME = 205
+ SYS_SENDTO = 206
+ SYS_RECVFROM = 207
+ SYS_SETSOCKOPT = 208
+ SYS_GETSOCKOPT = 209
+ SYS_SHUTDOWN = 210
+ SYS_SENDMSG = 211
+ SYS_RECVMSG = 212
+ SYS_READAHEAD = 213
+ SYS_BRK = 214
+ SYS_MUNMAP = 215
+ SYS_MREMAP = 216
+ SYS_ADD_KEY = 217
+ SYS_REQUEST_KEY = 218
+ SYS_KEYCTL = 219
+ SYS_CLONE = 220
+ SYS_EXECVE = 221
+ SYS_MMAP = 222
+ SYS_FADVISE64 = 223
+ SYS_SWAPON = 224
+ SYS_SWAPOFF = 225
+ SYS_MPROTECT = 226
+ SYS_MSYNC = 227
+ SYS_MLOCK = 228
+ SYS_MUNLOCK = 229
+ SYS_MLOCKALL = 230
+ SYS_MUNLOCKALL = 231
+ SYS_MINCORE = 232
+ SYS_MADVISE = 233
+ SYS_REMAP_FILE_PAGES = 234
+ SYS_MBIND = 235
+ SYS_GET_MEMPOLICY = 236
+ SYS_SET_MEMPOLICY = 237
+ SYS_MIGRATE_PAGES = 238
+ SYS_MOVE_PAGES = 239
+ SYS_RT_TGSIGQUEUEINFO = 240
+ SYS_PERF_EVENT_OPEN = 241
+ SYS_ACCEPT4 = 242
+ SYS_RECVMMSG = 243
+ SYS_ARCH_SPECIFIC_SYSCALL = 244
+ SYS_WAIT4 = 260
+ SYS_PRLIMIT64 = 261
+ SYS_FANOTIFY_INIT = 262
+ SYS_FANOTIFY_MARK = 263
+ SYS_NAME_TO_HANDLE_AT = 264
+ SYS_OPEN_BY_HANDLE_AT = 265
+ SYS_CLOCK_ADJTIME = 266
+ SYS_SYNCFS = 267
+ SYS_SETNS = 268
+ SYS_SENDMMSG = 269
+ SYS_PROCESS_VM_READV = 270
+ SYS_PROCESS_VM_WRITEV = 271
+ SYS_KCMP = 272
+ SYS_FINIT_MODULE = 273
+ SYS_SCHED_SETATTR = 274
+ SYS_SCHED_GETATTR = 275
+ SYS_RENAMEAT2 = 276
+ SYS_SECCOMP = 277
+ SYS_GETRANDOM = 278
+ SYS_MEMFD_CREATE = 279
+ SYS_BPF = 280
+ SYS_EXECVEAT = 281
+ SYS_USERFAULTFD = 282
+ SYS_MEMBARRIER = 283
+ SYS_MLOCK2 = 284
+ SYS_COPY_FILE_RANGE = 285
+ SYS_PREADV2 = 286
+ SYS_PWRITEV2 = 287
+ SYS_PKEY_MPROTECT = 288
+ SYS_PKEY_ALLOC = 289
+ SYS_PKEY_FREE = 290
+ SYS_STATX = 291
+ SYS_IO_PGETEVENTS = 292
+ SYS_RSEQ = 293
+ SYS_KEXEC_FILE_LOAD = 294
+ SYS_PIDFD_SEND_SIGNAL = 424
+ SYS_IO_URING_SETUP = 425
+ SYS_IO_URING_ENTER = 426
+ SYS_IO_URING_REGISTER = 427
+ SYS_OPEN_TREE = 428
+ SYS_MOVE_MOUNT = 429
+ SYS_FSOPEN = 430
+ SYS_FSCONFIG = 431
+ SYS_FSMOUNT = 432
+ SYS_FSPICK = 433
+ SYS_PIDFD_OPEN = 434
+ SYS_CLONE3 = 435
+ SYS_CLOSE_RANGE = 436
+ SYS_OPENAT2 = 437
+ SYS_PIDFD_GETFD = 438
+ SYS_FACCESSAT2 = 439
+ SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
+ SYS_LANDLOCK_CREATE_RULESET = 444
+ SYS_LANDLOCK_ADD_RULE = 445
+ SYS_LANDLOCK_RESTRICT_SELF = 446
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
index aea5760ce..378e6ec8b 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
@@ -7,365 +7,368 @@
package unix
const (
- SYS_EXIT = 1
- SYS_FORK = 2
- SYS_READ = 3
- SYS_WRITE = 4
- SYS_OPEN = 5
- SYS_CLOSE = 6
- SYS_RESTART_SYSCALL = 7
- SYS_CREAT = 8
- SYS_LINK = 9
- SYS_UNLINK = 10
- SYS_EXECVE = 11
- SYS_CHDIR = 12
- SYS_MKNOD = 14
- SYS_CHMOD = 15
- SYS_LSEEK = 19
- SYS_GETPID = 20
- SYS_MOUNT = 21
- SYS_UMOUNT = 22
- SYS_PTRACE = 26
- SYS_ALARM = 27
- SYS_PAUSE = 29
- SYS_UTIME = 30
- SYS_ACCESS = 33
- SYS_NICE = 34
- SYS_SYNC = 36
- SYS_KILL = 37
- SYS_RENAME = 38
- SYS_MKDIR = 39
- SYS_RMDIR = 40
- SYS_DUP = 41
- SYS_PIPE = 42
- SYS_TIMES = 43
- SYS_BRK = 45
- SYS_SIGNAL = 48
- SYS_ACCT = 51
- SYS_UMOUNT2 = 52
- SYS_IOCTL = 54
- SYS_FCNTL = 55
- SYS_SETPGID = 57
- SYS_UMASK = 60
- SYS_CHROOT = 61
- SYS_USTAT = 62
- SYS_DUP2 = 63
- SYS_GETPPID = 64
- SYS_GETPGRP = 65
- SYS_SETSID = 66
- SYS_SIGACTION = 67
- SYS_SIGSUSPEND = 72
- SYS_SIGPENDING = 73
- SYS_SETHOSTNAME = 74
- SYS_SETRLIMIT = 75
- SYS_GETRUSAGE = 77
- SYS_GETTIMEOFDAY = 78
- SYS_SETTIMEOFDAY = 79
- SYS_SYMLINK = 83
- SYS_READLINK = 85
- SYS_USELIB = 86
- SYS_SWAPON = 87
- SYS_REBOOT = 88
- SYS_READDIR = 89
- SYS_MMAP = 90
- SYS_MUNMAP = 91
- SYS_TRUNCATE = 92
- SYS_FTRUNCATE = 93
- SYS_FCHMOD = 94
- SYS_GETPRIORITY = 96
- SYS_SETPRIORITY = 97
- SYS_STATFS = 99
- SYS_FSTATFS = 100
- SYS_SOCKETCALL = 102
- SYS_SYSLOG = 103
- SYS_SETITIMER = 104
- SYS_GETITIMER = 105
- SYS_STAT = 106
- SYS_LSTAT = 107
- SYS_FSTAT = 108
- SYS_LOOKUP_DCOOKIE = 110
- SYS_VHANGUP = 111
- SYS_IDLE = 112
- SYS_WAIT4 = 114
- SYS_SWAPOFF = 115
- SYS_SYSINFO = 116
- SYS_IPC = 117
- SYS_FSYNC = 118
- SYS_SIGRETURN = 119
- SYS_CLONE = 120
- SYS_SETDOMAINNAME = 121
- SYS_UNAME = 122
- SYS_ADJTIMEX = 124
- SYS_MPROTECT = 125
- SYS_SIGPROCMASK = 126
- SYS_CREATE_MODULE = 127
- SYS_INIT_MODULE = 128
- SYS_DELETE_MODULE = 129
- SYS_GET_KERNEL_SYMS = 130
- SYS_QUOTACTL = 131
- SYS_GETPGID = 132
- SYS_FCHDIR = 133
- SYS_BDFLUSH = 134
- SYS_SYSFS = 135
- SYS_PERSONALITY = 136
- SYS_AFS_SYSCALL = 137
- SYS_GETDENTS = 141
- SYS_SELECT = 142
- SYS_FLOCK = 143
- SYS_MSYNC = 144
- SYS_READV = 145
- SYS_WRITEV = 146
- SYS_GETSID = 147
- SYS_FDATASYNC = 148
- SYS__SYSCTL = 149
- SYS_MLOCK = 150
- SYS_MUNLOCK = 151
- SYS_MLOCKALL = 152
- SYS_MUNLOCKALL = 153
- SYS_SCHED_SETPARAM = 154
- SYS_SCHED_GETPARAM = 155
- SYS_SCHED_SETSCHEDULER = 156
- SYS_SCHED_GETSCHEDULER = 157
- SYS_SCHED_YIELD = 158
- SYS_SCHED_GET_PRIORITY_MAX = 159
- SYS_SCHED_GET_PRIORITY_MIN = 160
- SYS_SCHED_RR_GET_INTERVAL = 161
- SYS_NANOSLEEP = 162
- SYS_MREMAP = 163
- SYS_QUERY_MODULE = 167
- SYS_POLL = 168
- SYS_NFSSERVCTL = 169
- SYS_PRCTL = 172
- SYS_RT_SIGRETURN = 173
- SYS_RT_SIGACTION = 174
- SYS_RT_SIGPROCMASK = 175
- SYS_RT_SIGPENDING = 176
- SYS_RT_SIGTIMEDWAIT = 177
- SYS_RT_SIGQUEUEINFO = 178
- SYS_RT_SIGSUSPEND = 179
- SYS_PREAD64 = 180
- SYS_PWRITE64 = 181
- SYS_GETCWD = 183
- SYS_CAPGET = 184
- SYS_CAPSET = 185
- SYS_SIGALTSTACK = 186
- SYS_SENDFILE = 187
- SYS_GETPMSG = 188
- SYS_PUTPMSG = 189
- SYS_VFORK = 190
- SYS_GETRLIMIT = 191
- SYS_LCHOWN = 198
- SYS_GETUID = 199
- SYS_GETGID = 200
- SYS_GETEUID = 201
- SYS_GETEGID = 202
- SYS_SETREUID = 203
- SYS_SETREGID = 204
- SYS_GETGROUPS = 205
- SYS_SETGROUPS = 206
- SYS_FCHOWN = 207
- SYS_SETRESUID = 208
- SYS_GETRESUID = 209
- SYS_SETRESGID = 210
- SYS_GETRESGID = 211
- SYS_CHOWN = 212
- SYS_SETUID = 213
- SYS_SETGID = 214
- SYS_SETFSUID = 215
- SYS_SETFSGID = 216
- SYS_PIVOT_ROOT = 217
- SYS_MINCORE = 218
- SYS_MADVISE = 219
- SYS_GETDENTS64 = 220
- SYS_READAHEAD = 222
- SYS_SETXATTR = 224
- SYS_LSETXATTR = 225
- SYS_FSETXATTR = 226
- SYS_GETXATTR = 227
- SYS_LGETXATTR = 228
- SYS_FGETXATTR = 229
- SYS_LISTXATTR = 230
- SYS_LLISTXATTR = 231
- SYS_FLISTXATTR = 232
- SYS_REMOVEXATTR = 233
- SYS_LREMOVEXATTR = 234
- SYS_FREMOVEXATTR = 235
- SYS_GETTID = 236
- SYS_TKILL = 237
- SYS_FUTEX = 238
- SYS_SCHED_SETAFFINITY = 239
- SYS_SCHED_GETAFFINITY = 240
- SYS_TGKILL = 241
- SYS_IO_SETUP = 243
- SYS_IO_DESTROY = 244
- SYS_IO_GETEVENTS = 245
- SYS_IO_SUBMIT = 246
- SYS_IO_CANCEL = 247
- SYS_EXIT_GROUP = 248
- SYS_EPOLL_CREATE = 249
- SYS_EPOLL_CTL = 250
- SYS_EPOLL_WAIT = 251
- SYS_SET_TID_ADDRESS = 252
- SYS_FADVISE64 = 253
- SYS_TIMER_CREATE = 254
- SYS_TIMER_SETTIME = 255
- SYS_TIMER_GETTIME = 256
- SYS_TIMER_GETOVERRUN = 257
- SYS_TIMER_DELETE = 258
- SYS_CLOCK_SETTIME = 259
- SYS_CLOCK_GETTIME = 260
- SYS_CLOCK_GETRES = 261
- SYS_CLOCK_NANOSLEEP = 262
- SYS_STATFS64 = 265
- SYS_FSTATFS64 = 266
- SYS_REMAP_FILE_PAGES = 267
- SYS_MBIND = 268
- SYS_GET_MEMPOLICY = 269
- SYS_SET_MEMPOLICY = 270
- SYS_MQ_OPEN = 271
- SYS_MQ_UNLINK = 272
- SYS_MQ_TIMEDSEND = 273
- SYS_MQ_TIMEDRECEIVE = 274
- SYS_MQ_NOTIFY = 275
- SYS_MQ_GETSETATTR = 276
- SYS_KEXEC_LOAD = 277
- SYS_ADD_KEY = 278
- SYS_REQUEST_KEY = 279
- SYS_KEYCTL = 280
- SYS_WAITID = 281
- SYS_IOPRIO_SET = 282
- SYS_IOPRIO_GET = 283
- SYS_INOTIFY_INIT = 284
- SYS_INOTIFY_ADD_WATCH = 285
- SYS_INOTIFY_RM_WATCH = 286
- SYS_MIGRATE_PAGES = 287
- SYS_OPENAT = 288
- SYS_MKDIRAT = 289
- SYS_MKNODAT = 290
- SYS_FCHOWNAT = 291
- SYS_FUTIMESAT = 292
- SYS_NEWFSTATAT = 293
- SYS_UNLINKAT = 294
- SYS_RENAMEAT = 295
- SYS_LINKAT = 296
- SYS_SYMLINKAT = 297
- SYS_READLINKAT = 298
- SYS_FCHMODAT = 299
- SYS_FACCESSAT = 300
- SYS_PSELECT6 = 301
- SYS_PPOLL = 302
- SYS_UNSHARE = 303
- SYS_SET_ROBUST_LIST = 304
- SYS_GET_ROBUST_LIST = 305
- SYS_SPLICE = 306
- SYS_SYNC_FILE_RANGE = 307
- SYS_TEE = 308
- SYS_VMSPLICE = 309
- SYS_MOVE_PAGES = 310
- SYS_GETCPU = 311
- SYS_EPOLL_PWAIT = 312
- SYS_UTIMES = 313
- SYS_FALLOCATE = 314
- SYS_UTIMENSAT = 315
- SYS_SIGNALFD = 316
- SYS_TIMERFD = 317
- SYS_EVENTFD = 318
- SYS_TIMERFD_CREATE = 319
- SYS_TIMERFD_SETTIME = 320
- SYS_TIMERFD_GETTIME = 321
- SYS_SIGNALFD4 = 322
- SYS_EVENTFD2 = 323
- SYS_INOTIFY_INIT1 = 324
- SYS_PIPE2 = 325
- SYS_DUP3 = 326
- SYS_EPOLL_CREATE1 = 327
- SYS_PREADV = 328
- SYS_PWRITEV = 329
- SYS_RT_TGSIGQUEUEINFO = 330
- SYS_PERF_EVENT_OPEN = 331
- SYS_FANOTIFY_INIT = 332
- SYS_FANOTIFY_MARK = 333
- SYS_PRLIMIT64 = 334
- SYS_NAME_TO_HANDLE_AT = 335
- SYS_OPEN_BY_HANDLE_AT = 336
- SYS_CLOCK_ADJTIME = 337
- SYS_SYNCFS = 338
- SYS_SETNS = 339
- SYS_PROCESS_VM_READV = 340
- SYS_PROCESS_VM_WRITEV = 341
- SYS_S390_RUNTIME_INSTR = 342
- SYS_KCMP = 343
- SYS_FINIT_MODULE = 344
- SYS_SCHED_SETATTR = 345
- SYS_SCHED_GETATTR = 346
- SYS_RENAMEAT2 = 347
- SYS_SECCOMP = 348
- SYS_GETRANDOM = 349
- SYS_MEMFD_CREATE = 350
- SYS_BPF = 351
- SYS_S390_PCI_MMIO_WRITE = 352
- SYS_S390_PCI_MMIO_READ = 353
- SYS_EXECVEAT = 354
- SYS_USERFAULTFD = 355
- SYS_MEMBARRIER = 356
- SYS_RECVMMSG = 357
- SYS_SENDMMSG = 358
- SYS_SOCKET = 359
- SYS_SOCKETPAIR = 360
- SYS_BIND = 361
- SYS_CONNECT = 362
- SYS_LISTEN = 363
- SYS_ACCEPT4 = 364
- SYS_GETSOCKOPT = 365
- SYS_SETSOCKOPT = 366
- SYS_GETSOCKNAME = 367
- SYS_GETPEERNAME = 368
- SYS_SENDTO = 369
- SYS_SENDMSG = 370
- SYS_RECVFROM = 371
- SYS_RECVMSG = 372
- SYS_SHUTDOWN = 373
- SYS_MLOCK2 = 374
- SYS_COPY_FILE_RANGE = 375
- SYS_PREADV2 = 376
- SYS_PWRITEV2 = 377
- SYS_S390_GUARDED_STORAGE = 378
- SYS_STATX = 379
- SYS_S390_STHYI = 380
- SYS_KEXEC_FILE_LOAD = 381
- SYS_IO_PGETEVENTS = 382
- SYS_RSEQ = 383
- SYS_PKEY_MPROTECT = 384
- SYS_PKEY_ALLOC = 385
- SYS_PKEY_FREE = 386
- SYS_SEMTIMEDOP = 392
- SYS_SEMGET = 393
- SYS_SEMCTL = 394
- SYS_SHMGET = 395
- SYS_SHMCTL = 396
- SYS_SHMAT = 397
- SYS_SHMDT = 398
- SYS_MSGGET = 399
- SYS_MSGSND = 400
- SYS_MSGRCV = 401
- SYS_MSGCTL = 402
- SYS_PIDFD_SEND_SIGNAL = 424
- SYS_IO_URING_SETUP = 425
- SYS_IO_URING_ENTER = 426
- SYS_IO_URING_REGISTER = 427
- SYS_OPEN_TREE = 428
- SYS_MOVE_MOUNT = 429
- SYS_FSOPEN = 430
- SYS_FSCONFIG = 431
- SYS_FSMOUNT = 432
- SYS_FSPICK = 433
- SYS_PIDFD_OPEN = 434
- SYS_CLONE3 = 435
- SYS_CLOSE_RANGE = 436
- SYS_OPENAT2 = 437
- SYS_PIDFD_GETFD = 438
- SYS_FACCESSAT2 = 439
- SYS_PROCESS_MADVISE = 440
- SYS_EPOLL_PWAIT2 = 441
- SYS_MOUNT_SETATTR = 442
+ SYS_EXIT = 1
+ SYS_FORK = 2
+ SYS_READ = 3
+ SYS_WRITE = 4
+ SYS_OPEN = 5
+ SYS_CLOSE = 6
+ SYS_RESTART_SYSCALL = 7
+ SYS_CREAT = 8
+ SYS_LINK = 9
+ SYS_UNLINK = 10
+ SYS_EXECVE = 11
+ SYS_CHDIR = 12
+ SYS_MKNOD = 14
+ SYS_CHMOD = 15
+ SYS_LSEEK = 19
+ SYS_GETPID = 20
+ SYS_MOUNT = 21
+ SYS_UMOUNT = 22
+ SYS_PTRACE = 26
+ SYS_ALARM = 27
+ SYS_PAUSE = 29
+ SYS_UTIME = 30
+ SYS_ACCESS = 33
+ SYS_NICE = 34
+ SYS_SYNC = 36
+ SYS_KILL = 37
+ SYS_RENAME = 38
+ SYS_MKDIR = 39
+ SYS_RMDIR = 40
+ SYS_DUP = 41
+ SYS_PIPE = 42
+ SYS_TIMES = 43
+ SYS_BRK = 45
+ SYS_SIGNAL = 48
+ SYS_ACCT = 51
+ SYS_UMOUNT2 = 52
+ SYS_IOCTL = 54
+ SYS_FCNTL = 55
+ SYS_SETPGID = 57
+ SYS_UMASK = 60
+ SYS_CHROOT = 61
+ SYS_USTAT = 62
+ SYS_DUP2 = 63
+ SYS_GETPPID = 64
+ SYS_GETPGRP = 65
+ SYS_SETSID = 66
+ SYS_SIGACTION = 67
+ SYS_SIGSUSPEND = 72
+ SYS_SIGPENDING = 73
+ SYS_SETHOSTNAME = 74
+ SYS_SETRLIMIT = 75
+ SYS_GETRUSAGE = 77
+ SYS_GETTIMEOFDAY = 78
+ SYS_SETTIMEOFDAY = 79
+ SYS_SYMLINK = 83
+ SYS_READLINK = 85
+ SYS_USELIB = 86
+ SYS_SWAPON = 87
+ SYS_REBOOT = 88
+ SYS_READDIR = 89
+ SYS_MMAP = 90
+ SYS_MUNMAP = 91
+ SYS_TRUNCATE = 92
+ SYS_FTRUNCATE = 93
+ SYS_FCHMOD = 94
+ SYS_GETPRIORITY = 96
+ SYS_SETPRIORITY = 97
+ SYS_STATFS = 99
+ SYS_FSTATFS = 100
+ SYS_SOCKETCALL = 102
+ SYS_SYSLOG = 103
+ SYS_SETITIMER = 104
+ SYS_GETITIMER = 105
+ SYS_STAT = 106
+ SYS_LSTAT = 107
+ SYS_FSTAT = 108
+ SYS_LOOKUP_DCOOKIE = 110
+ SYS_VHANGUP = 111
+ SYS_IDLE = 112
+ SYS_WAIT4 = 114
+ SYS_SWAPOFF = 115
+ SYS_SYSINFO = 116
+ SYS_IPC = 117
+ SYS_FSYNC = 118
+ SYS_SIGRETURN = 119
+ SYS_CLONE = 120
+ SYS_SETDOMAINNAME = 121
+ SYS_UNAME = 122
+ SYS_ADJTIMEX = 124
+ SYS_MPROTECT = 125
+ SYS_SIGPROCMASK = 126
+ SYS_CREATE_MODULE = 127
+ SYS_INIT_MODULE = 128
+ SYS_DELETE_MODULE = 129
+ SYS_GET_KERNEL_SYMS = 130
+ SYS_QUOTACTL = 131
+ SYS_GETPGID = 132
+ SYS_FCHDIR = 133
+ SYS_BDFLUSH = 134
+ SYS_SYSFS = 135
+ SYS_PERSONALITY = 136
+ SYS_AFS_SYSCALL = 137
+ SYS_GETDENTS = 141
+ SYS_SELECT = 142
+ SYS_FLOCK = 143
+ SYS_MSYNC = 144
+ SYS_READV = 145
+ SYS_WRITEV = 146
+ SYS_GETSID = 147
+ SYS_FDATASYNC = 148
+ SYS__SYSCTL = 149
+ SYS_MLOCK = 150
+ SYS_MUNLOCK = 151
+ SYS_MLOCKALL = 152
+ SYS_MUNLOCKALL = 153
+ SYS_SCHED_SETPARAM = 154
+ SYS_SCHED_GETPARAM = 155
+ SYS_SCHED_SETSCHEDULER = 156
+ SYS_SCHED_GETSCHEDULER = 157
+ SYS_SCHED_YIELD = 158
+ SYS_SCHED_GET_PRIORITY_MAX = 159
+ SYS_SCHED_GET_PRIORITY_MIN = 160
+ SYS_SCHED_RR_GET_INTERVAL = 161
+ SYS_NANOSLEEP = 162
+ SYS_MREMAP = 163
+ SYS_QUERY_MODULE = 167
+ SYS_POLL = 168
+ SYS_NFSSERVCTL = 169
+ SYS_PRCTL = 172
+ SYS_RT_SIGRETURN = 173
+ SYS_RT_SIGACTION = 174
+ SYS_RT_SIGPROCMASK = 175
+ SYS_RT_SIGPENDING = 176
+ SYS_RT_SIGTIMEDWAIT = 177
+ SYS_RT_SIGQUEUEINFO = 178
+ SYS_RT_SIGSUSPEND = 179
+ SYS_PREAD64 = 180
+ SYS_PWRITE64 = 181
+ SYS_GETCWD = 183
+ SYS_CAPGET = 184
+ SYS_CAPSET = 185
+ SYS_SIGALTSTACK = 186
+ SYS_SENDFILE = 187
+ SYS_GETPMSG = 188
+ SYS_PUTPMSG = 189
+ SYS_VFORK = 190
+ SYS_GETRLIMIT = 191
+ SYS_LCHOWN = 198
+ SYS_GETUID = 199
+ SYS_GETGID = 200
+ SYS_GETEUID = 201
+ SYS_GETEGID = 202
+ SYS_SETREUID = 203
+ SYS_SETREGID = 204
+ SYS_GETGROUPS = 205
+ SYS_SETGROUPS = 206
+ SYS_FCHOWN = 207
+ SYS_SETRESUID = 208
+ SYS_GETRESUID = 209
+ SYS_SETRESGID = 210
+ SYS_GETRESGID = 211
+ SYS_CHOWN = 212
+ SYS_SETUID = 213
+ SYS_SETGID = 214
+ SYS_SETFSUID = 215
+ SYS_SETFSGID = 216
+ SYS_PIVOT_ROOT = 217
+ SYS_MINCORE = 218
+ SYS_MADVISE = 219
+ SYS_GETDENTS64 = 220
+ SYS_READAHEAD = 222
+ SYS_SETXATTR = 224
+ SYS_LSETXATTR = 225
+ SYS_FSETXATTR = 226
+ SYS_GETXATTR = 227
+ SYS_LGETXATTR = 228
+ SYS_FGETXATTR = 229
+ SYS_LISTXATTR = 230
+ SYS_LLISTXATTR = 231
+ SYS_FLISTXATTR = 232
+ SYS_REMOVEXATTR = 233
+ SYS_LREMOVEXATTR = 234
+ SYS_FREMOVEXATTR = 235
+ SYS_GETTID = 236
+ SYS_TKILL = 237
+ SYS_FUTEX = 238
+ SYS_SCHED_SETAFFINITY = 239
+ SYS_SCHED_GETAFFINITY = 240
+ SYS_TGKILL = 241
+ SYS_IO_SETUP = 243
+ SYS_IO_DESTROY = 244
+ SYS_IO_GETEVENTS = 245
+ SYS_IO_SUBMIT = 246
+ SYS_IO_CANCEL = 247
+ SYS_EXIT_GROUP = 248
+ SYS_EPOLL_CREATE = 249
+ SYS_EPOLL_CTL = 250
+ SYS_EPOLL_WAIT = 251
+ SYS_SET_TID_ADDRESS = 252
+ SYS_FADVISE64 = 253
+ SYS_TIMER_CREATE = 254
+ SYS_TIMER_SETTIME = 255
+ SYS_TIMER_GETTIME = 256
+ SYS_TIMER_GETOVERRUN = 257
+ SYS_TIMER_DELETE = 258
+ SYS_CLOCK_SETTIME = 259
+ SYS_CLOCK_GETTIME = 260
+ SYS_CLOCK_GETRES = 261
+ SYS_CLOCK_NANOSLEEP = 262
+ SYS_STATFS64 = 265
+ SYS_FSTATFS64 = 266
+ SYS_REMAP_FILE_PAGES = 267
+ SYS_MBIND = 268
+ SYS_GET_MEMPOLICY = 269
+ SYS_SET_MEMPOLICY = 270
+ SYS_MQ_OPEN = 271
+ SYS_MQ_UNLINK = 272
+ SYS_MQ_TIMEDSEND = 273
+ SYS_MQ_TIMEDRECEIVE = 274
+ SYS_MQ_NOTIFY = 275
+ SYS_MQ_GETSETATTR = 276
+ SYS_KEXEC_LOAD = 277
+ SYS_ADD_KEY = 278
+ SYS_REQUEST_KEY = 279
+ SYS_KEYCTL = 280
+ SYS_WAITID = 281
+ SYS_IOPRIO_SET = 282
+ SYS_IOPRIO_GET = 283
+ SYS_INOTIFY_INIT = 284
+ SYS_INOTIFY_ADD_WATCH = 285
+ SYS_INOTIFY_RM_WATCH = 286
+ SYS_MIGRATE_PAGES = 287
+ SYS_OPENAT = 288
+ SYS_MKDIRAT = 289
+ SYS_MKNODAT = 290
+ SYS_FCHOWNAT = 291
+ SYS_FUTIMESAT = 292
+ SYS_NEWFSTATAT = 293
+ SYS_UNLINKAT = 294
+ SYS_RENAMEAT = 295
+ SYS_LINKAT = 296
+ SYS_SYMLINKAT = 297
+ SYS_READLINKAT = 298
+ SYS_FCHMODAT = 299
+ SYS_FACCESSAT = 300
+ SYS_PSELECT6 = 301
+ SYS_PPOLL = 302
+ SYS_UNSHARE = 303
+ SYS_SET_ROBUST_LIST = 304
+ SYS_GET_ROBUST_LIST = 305
+ SYS_SPLICE = 306
+ SYS_SYNC_FILE_RANGE = 307
+ SYS_TEE = 308
+ SYS_VMSPLICE = 309
+ SYS_MOVE_PAGES = 310
+ SYS_GETCPU = 311
+ SYS_EPOLL_PWAIT = 312
+ SYS_UTIMES = 313
+ SYS_FALLOCATE = 314
+ SYS_UTIMENSAT = 315
+ SYS_SIGNALFD = 316
+ SYS_TIMERFD = 317
+ SYS_EVENTFD = 318
+ SYS_TIMERFD_CREATE = 319
+ SYS_TIMERFD_SETTIME = 320
+ SYS_TIMERFD_GETTIME = 321
+ SYS_SIGNALFD4 = 322
+ SYS_EVENTFD2 = 323
+ SYS_INOTIFY_INIT1 = 324
+ SYS_PIPE2 = 325
+ SYS_DUP3 = 326
+ SYS_EPOLL_CREATE1 = 327
+ SYS_PREADV = 328
+ SYS_PWRITEV = 329
+ SYS_RT_TGSIGQUEUEINFO = 330
+ SYS_PERF_EVENT_OPEN = 331
+ SYS_FANOTIFY_INIT = 332
+ SYS_FANOTIFY_MARK = 333
+ SYS_PRLIMIT64 = 334
+ SYS_NAME_TO_HANDLE_AT = 335
+ SYS_OPEN_BY_HANDLE_AT = 336
+ SYS_CLOCK_ADJTIME = 337
+ SYS_SYNCFS = 338
+ SYS_SETNS = 339
+ SYS_PROCESS_VM_READV = 340
+ SYS_PROCESS_VM_WRITEV = 341
+ SYS_S390_RUNTIME_INSTR = 342
+ SYS_KCMP = 343
+ SYS_FINIT_MODULE = 344
+ SYS_SCHED_SETATTR = 345
+ SYS_SCHED_GETATTR = 346
+ SYS_RENAMEAT2 = 347
+ SYS_SECCOMP = 348
+ SYS_GETRANDOM = 349
+ SYS_MEMFD_CREATE = 350
+ SYS_BPF = 351
+ SYS_S390_PCI_MMIO_WRITE = 352
+ SYS_S390_PCI_MMIO_READ = 353
+ SYS_EXECVEAT = 354
+ SYS_USERFAULTFD = 355
+ SYS_MEMBARRIER = 356
+ SYS_RECVMMSG = 357
+ SYS_SENDMMSG = 358
+ SYS_SOCKET = 359
+ SYS_SOCKETPAIR = 360
+ SYS_BIND = 361
+ SYS_CONNECT = 362
+ SYS_LISTEN = 363
+ SYS_ACCEPT4 = 364
+ SYS_GETSOCKOPT = 365
+ SYS_SETSOCKOPT = 366
+ SYS_GETSOCKNAME = 367
+ SYS_GETPEERNAME = 368
+ SYS_SENDTO = 369
+ SYS_SENDMSG = 370
+ SYS_RECVFROM = 371
+ SYS_RECVMSG = 372
+ SYS_SHUTDOWN = 373
+ SYS_MLOCK2 = 374
+ SYS_COPY_FILE_RANGE = 375
+ SYS_PREADV2 = 376
+ SYS_PWRITEV2 = 377
+ SYS_S390_GUARDED_STORAGE = 378
+ SYS_STATX = 379
+ SYS_S390_STHYI = 380
+ SYS_KEXEC_FILE_LOAD = 381
+ SYS_IO_PGETEVENTS = 382
+ SYS_RSEQ = 383
+ SYS_PKEY_MPROTECT = 384
+ SYS_PKEY_ALLOC = 385
+ SYS_PKEY_FREE = 386
+ SYS_SEMTIMEDOP = 392
+ SYS_SEMGET = 393
+ SYS_SEMCTL = 394
+ SYS_SHMGET = 395
+ SYS_SHMCTL = 396
+ SYS_SHMAT = 397
+ SYS_SHMDT = 398
+ SYS_MSGGET = 399
+ SYS_MSGSND = 400
+ SYS_MSGRCV = 401
+ SYS_MSGCTL = 402
+ SYS_PIDFD_SEND_SIGNAL = 424
+ SYS_IO_URING_SETUP = 425
+ SYS_IO_URING_ENTER = 426
+ SYS_IO_URING_REGISTER = 427
+ SYS_OPEN_TREE = 428
+ SYS_MOVE_MOUNT = 429
+ SYS_FSOPEN = 430
+ SYS_FSCONFIG = 431
+ SYS_FSMOUNT = 432
+ SYS_FSPICK = 433
+ SYS_PIDFD_OPEN = 434
+ SYS_CLONE3 = 435
+ SYS_CLOSE_RANGE = 436
+ SYS_OPENAT2 = 437
+ SYS_PIDFD_GETFD = 438
+ SYS_FACCESSAT2 = 439
+ SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
+ SYS_LANDLOCK_CREATE_RULESET = 444
+ SYS_LANDLOCK_ADD_RULE = 445
+ SYS_LANDLOCK_RESTRICT_SELF = 446
)
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
index 488ca848d..58e72b0cb 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
@@ -7,379 +7,382 @@
package unix
const (
- SYS_RESTART_SYSCALL = 0
- SYS_EXIT = 1
- SYS_FORK = 2
- SYS_READ = 3
- SYS_WRITE = 4
- SYS_OPEN = 5
- SYS_CLOSE = 6
- SYS_WAIT4 = 7
- SYS_CREAT = 8
- SYS_LINK = 9
- SYS_UNLINK = 10
- SYS_EXECV = 11
- SYS_CHDIR = 12
- SYS_CHOWN = 13
- SYS_MKNOD = 14
- SYS_CHMOD = 15
- SYS_LCHOWN = 16
- SYS_BRK = 17
- SYS_PERFCTR = 18
- SYS_LSEEK = 19
- SYS_GETPID = 20
- SYS_CAPGET = 21
- SYS_CAPSET = 22
- SYS_SETUID = 23
- SYS_GETUID = 24
- SYS_VMSPLICE = 25
- SYS_PTRACE = 26
- SYS_ALARM = 27
- SYS_SIGALTSTACK = 28
- SYS_PAUSE = 29
- SYS_UTIME = 30
- SYS_ACCESS = 33
- SYS_NICE = 34
- SYS_SYNC = 36
- SYS_KILL = 37
- SYS_STAT = 38
- SYS_SENDFILE = 39
- SYS_LSTAT = 40
- SYS_DUP = 41
- SYS_PIPE = 42
- SYS_TIMES = 43
- SYS_UMOUNT2 = 45
- SYS_SETGID = 46
- SYS_GETGID = 47
- SYS_SIGNAL = 48
- SYS_GETEUID = 49
- SYS_GETEGID = 50
- SYS_ACCT = 51
- SYS_MEMORY_ORDERING = 52
- SYS_IOCTL = 54
- SYS_REBOOT = 55
- SYS_SYMLINK = 57
- SYS_READLINK = 58
- SYS_EXECVE = 59
- SYS_UMASK = 60
- SYS_CHROOT = 61
- SYS_FSTAT = 62
- SYS_FSTAT64 = 63
- SYS_GETPAGESIZE = 64
- SYS_MSYNC = 65
- SYS_VFORK = 66
- SYS_PREAD64 = 67
- SYS_PWRITE64 = 68
- SYS_MMAP = 71
- SYS_MUNMAP = 73
- SYS_MPROTECT = 74
- SYS_MADVISE = 75
- SYS_VHANGUP = 76
- SYS_MINCORE = 78
- SYS_GETGROUPS = 79
- SYS_SETGROUPS = 80
- SYS_GETPGRP = 81
- SYS_SETITIMER = 83
- SYS_SWAPON = 85
- SYS_GETITIMER = 86
- SYS_SETHOSTNAME = 88
- SYS_DUP2 = 90
- SYS_FCNTL = 92
- SYS_SELECT = 93
- SYS_FSYNC = 95
- SYS_SETPRIORITY = 96
- SYS_SOCKET = 97
- SYS_CONNECT = 98
- SYS_ACCEPT = 99
- SYS_GETPRIORITY = 100
- SYS_RT_SIGRETURN = 101
- SYS_RT_SIGACTION = 102
- SYS_RT_SIGPROCMASK = 103
- SYS_RT_SIGPENDING = 104
- SYS_RT_SIGTIMEDWAIT = 105
- SYS_RT_SIGQUEUEINFO = 106
- SYS_RT_SIGSUSPEND = 107
- SYS_SETRESUID = 108
- SYS_GETRESUID = 109
- SYS_SETRESGID = 110
- SYS_GETRESGID = 111
- SYS_RECVMSG = 113
- SYS_SENDMSG = 114
- SYS_GETTIMEOFDAY = 116
- SYS_GETRUSAGE = 117
- SYS_GETSOCKOPT = 118
- SYS_GETCWD = 119
- SYS_READV = 120
- SYS_WRITEV = 121
- SYS_SETTIMEOFDAY = 122
- SYS_FCHOWN = 123
- SYS_FCHMOD = 124
- SYS_RECVFROM = 125
- SYS_SETREUID = 126
- SYS_SETREGID = 127
- SYS_RENAME = 128
- SYS_TRUNCATE = 129
- SYS_FTRUNCATE = 130
- SYS_FLOCK = 131
- SYS_LSTAT64 = 132
- SYS_SENDTO = 133
- SYS_SHUTDOWN = 134
- SYS_SOCKETPAIR = 135
- SYS_MKDIR = 136
- SYS_RMDIR = 137
- SYS_UTIMES = 138
- SYS_STAT64 = 139
- SYS_SENDFILE64 = 140
- SYS_GETPEERNAME = 141
- SYS_FUTEX = 142
- SYS_GETTID = 143
- SYS_GETRLIMIT = 144
- SYS_SETRLIMIT = 145
- SYS_PIVOT_ROOT = 146
- SYS_PRCTL = 147
- SYS_PCICONFIG_READ = 148
- SYS_PCICONFIG_WRITE = 149
- SYS_GETSOCKNAME = 150
- SYS_INOTIFY_INIT = 151
- SYS_INOTIFY_ADD_WATCH = 152
- SYS_POLL = 153
- SYS_GETDENTS64 = 154
- SYS_INOTIFY_RM_WATCH = 156
- SYS_STATFS = 157
- SYS_FSTATFS = 158
- SYS_UMOUNT = 159
- SYS_SCHED_SET_AFFINITY = 160
- SYS_SCHED_GET_AFFINITY = 161
- SYS_GETDOMAINNAME = 162
- SYS_SETDOMAINNAME = 163
- SYS_UTRAP_INSTALL = 164
- SYS_QUOTACTL = 165
- SYS_SET_TID_ADDRESS = 166
- SYS_MOUNT = 167
- SYS_USTAT = 168
- SYS_SETXATTR = 169
- SYS_LSETXATTR = 170
- SYS_FSETXATTR = 171
- SYS_GETXATTR = 172
- SYS_LGETXATTR = 173
- SYS_GETDENTS = 174
- SYS_SETSID = 175
- SYS_FCHDIR = 176
- SYS_FGETXATTR = 177
- SYS_LISTXATTR = 178
- SYS_LLISTXATTR = 179
- SYS_FLISTXATTR = 180
- SYS_REMOVEXATTR = 181
- SYS_LREMOVEXATTR = 182
- SYS_SIGPENDING = 183
- SYS_QUERY_MODULE = 184
- SYS_SETPGID = 185
- SYS_FREMOVEXATTR = 186
- SYS_TKILL = 187
- SYS_EXIT_GROUP = 188
- SYS_UNAME = 189
- SYS_INIT_MODULE = 190
- SYS_PERSONALITY = 191
- SYS_REMAP_FILE_PAGES = 192
- SYS_EPOLL_CREATE = 193
- SYS_EPOLL_CTL = 194
- SYS_EPOLL_WAIT = 195
- SYS_IOPRIO_SET = 196
- SYS_GETPPID = 197
- SYS_SIGACTION = 198
- SYS_SGETMASK = 199
- SYS_SSETMASK = 200
- SYS_SIGSUSPEND = 201
- SYS_OLDLSTAT = 202
- SYS_USELIB = 203
- SYS_READDIR = 204
- SYS_READAHEAD = 205
- SYS_SOCKETCALL = 206
- SYS_SYSLOG = 207
- SYS_LOOKUP_DCOOKIE = 208
- SYS_FADVISE64 = 209
- SYS_FADVISE64_64 = 210
- SYS_TGKILL = 211
- SYS_WAITPID = 212
- SYS_SWAPOFF = 213
- SYS_SYSINFO = 214
- SYS_IPC = 215
- SYS_SIGRETURN = 216
- SYS_CLONE = 217
- SYS_IOPRIO_GET = 218
- SYS_ADJTIMEX = 219
- SYS_SIGPROCMASK = 220
- SYS_CREATE_MODULE = 221
- SYS_DELETE_MODULE = 222
- SYS_GET_KERNEL_SYMS = 223
- SYS_GETPGID = 224
- SYS_BDFLUSH = 225
- SYS_SYSFS = 226
- SYS_AFS_SYSCALL = 227
- SYS_SETFSUID = 228
- SYS_SETFSGID = 229
- SYS__NEWSELECT = 230
- SYS_SPLICE = 232
- SYS_STIME = 233
- SYS_STATFS64 = 234
- SYS_FSTATFS64 = 235
- SYS__LLSEEK = 236
- SYS_MLOCK = 237
- SYS_MUNLOCK = 238
- SYS_MLOCKALL = 239
- SYS_MUNLOCKALL = 240
- SYS_SCHED_SETPARAM = 241
- SYS_SCHED_GETPARAM = 242
- SYS_SCHED_SETSCHEDULER = 243
- SYS_SCHED_GETSCHEDULER = 244
- SYS_SCHED_YIELD = 245
- SYS_SCHED_GET_PRIORITY_MAX = 246
- SYS_SCHED_GET_PRIORITY_MIN = 247
- SYS_SCHED_RR_GET_INTERVAL = 248
- SYS_NANOSLEEP = 249
- SYS_MREMAP = 250
- SYS__SYSCTL = 251
- SYS_GETSID = 252
- SYS_FDATASYNC = 253
- SYS_NFSSERVCTL = 254
- SYS_SYNC_FILE_RANGE = 255
- SYS_CLOCK_SETTIME = 256
- SYS_CLOCK_GETTIME = 257
- SYS_CLOCK_GETRES = 258
- SYS_CLOCK_NANOSLEEP = 259
- SYS_SCHED_GETAFFINITY = 260
- SYS_SCHED_SETAFFINITY = 261
- SYS_TIMER_SETTIME = 262
- SYS_TIMER_GETTIME = 263
- SYS_TIMER_GETOVERRUN = 264
- SYS_TIMER_DELETE = 265
- SYS_TIMER_CREATE = 266
- SYS_VSERVER = 267
- SYS_IO_SETUP = 268
- SYS_IO_DESTROY = 269
- SYS_IO_SUBMIT = 270
- SYS_IO_CANCEL = 271
- SYS_IO_GETEVENTS = 272
- SYS_MQ_OPEN = 273
- SYS_MQ_UNLINK = 274
- SYS_MQ_TIMEDSEND = 275
- SYS_MQ_TIMEDRECEIVE = 276
- SYS_MQ_NOTIFY = 277
- SYS_MQ_GETSETATTR = 278
- SYS_WAITID = 279
- SYS_TEE = 280
- SYS_ADD_KEY = 281
- SYS_REQUEST_KEY = 282
- SYS_KEYCTL = 283
- SYS_OPENAT = 284
- SYS_MKDIRAT = 285
- SYS_MKNODAT = 286
- SYS_FCHOWNAT = 287
- SYS_FUTIMESAT = 288
- SYS_FSTATAT64 = 289
- SYS_UNLINKAT = 290
- SYS_RENAMEAT = 291
- SYS_LINKAT = 292
- SYS_SYMLINKAT = 293
- SYS_READLINKAT = 294
- SYS_FCHMODAT = 295
- SYS_FACCESSAT = 296
- SYS_PSELECT6 = 297
- SYS_PPOLL = 298
- SYS_UNSHARE = 299
- SYS_SET_ROBUST_LIST = 300
- SYS_GET_ROBUST_LIST = 301
- SYS_MIGRATE_PAGES = 302
- SYS_MBIND = 303
- SYS_GET_MEMPOLICY = 304
- SYS_SET_MEMPOLICY = 305
- SYS_KEXEC_LOAD = 306
- SYS_MOVE_PAGES = 307
- SYS_GETCPU = 308
- SYS_EPOLL_PWAIT = 309
- SYS_UTIMENSAT = 310
- SYS_SIGNALFD = 311
- SYS_TIMERFD_CREATE = 312
- SYS_EVENTFD = 313
- SYS_FALLOCATE = 314
- SYS_TIMERFD_SETTIME = 315
- SYS_TIMERFD_GETTIME = 316
- SYS_SIGNALFD4 = 317
- SYS_EVENTFD2 = 318
- SYS_EPOLL_CREATE1 = 319
- SYS_DUP3 = 320
- SYS_PIPE2 = 321
- SYS_INOTIFY_INIT1 = 322
- SYS_ACCEPT4 = 323
- SYS_PREADV = 324
- SYS_PWRITEV = 325
- SYS_RT_TGSIGQUEUEINFO = 326
- SYS_PERF_EVENT_OPEN = 327
- SYS_RECVMMSG = 328
- SYS_FANOTIFY_INIT = 329
- SYS_FANOTIFY_MARK = 330
- SYS_PRLIMIT64 = 331
- SYS_NAME_TO_HANDLE_AT = 332
- SYS_OPEN_BY_HANDLE_AT = 333
- SYS_CLOCK_ADJTIME = 334
- SYS_SYNCFS = 335
- SYS_SENDMMSG = 336
- SYS_SETNS = 337
- SYS_PROCESS_VM_READV = 338
- SYS_PROCESS_VM_WRITEV = 339
- SYS_KERN_FEATURES = 340
- SYS_KCMP = 341
- SYS_FINIT_MODULE = 342
- SYS_SCHED_SETATTR = 343
- SYS_SCHED_GETATTR = 344
- SYS_RENAMEAT2 = 345
- SYS_SECCOMP = 346
- SYS_GETRANDOM = 347
- SYS_MEMFD_CREATE = 348
- SYS_BPF = 349
- SYS_EXECVEAT = 350
- SYS_MEMBARRIER = 351
- SYS_USERFAULTFD = 352
- SYS_BIND = 353
- SYS_LISTEN = 354
- SYS_SETSOCKOPT = 355
- SYS_MLOCK2 = 356
- SYS_COPY_FILE_RANGE = 357
- SYS_PREADV2 = 358
- SYS_PWRITEV2 = 359
- SYS_STATX = 360
- SYS_IO_PGETEVENTS = 361
- SYS_PKEY_MPROTECT = 362
- SYS_PKEY_ALLOC = 363
- SYS_PKEY_FREE = 364
- SYS_RSEQ = 365
- SYS_SEMTIMEDOP = 392
- SYS_SEMGET = 393
- SYS_SEMCTL = 394
- SYS_SHMGET = 395
- SYS_SHMCTL = 396
- SYS_SHMAT = 397
- SYS_SHMDT = 398
- SYS_MSGGET = 399
- SYS_MSGSND = 400
- SYS_MSGRCV = 401
- SYS_MSGCTL = 402
- SYS_PIDFD_SEND_SIGNAL = 424
- SYS_IO_URING_SETUP = 425
- SYS_IO_URING_ENTER = 426
- SYS_IO_URING_REGISTER = 427
- SYS_OPEN_TREE = 428
- SYS_MOVE_MOUNT = 429
- SYS_FSOPEN = 430
- SYS_FSCONFIG = 431
- SYS_FSMOUNT = 432
- SYS_FSPICK = 433
- SYS_PIDFD_OPEN = 434
- SYS_CLOSE_RANGE = 436
- SYS_OPENAT2 = 437
- SYS_PIDFD_GETFD = 438
- SYS_FACCESSAT2 = 439
- SYS_PROCESS_MADVISE = 440
- SYS_EPOLL_PWAIT2 = 441
- SYS_MOUNT_SETATTR = 442
+ SYS_RESTART_SYSCALL = 0
+ SYS_EXIT = 1
+ SYS_FORK = 2
+ SYS_READ = 3
+ SYS_WRITE = 4
+ SYS_OPEN = 5
+ SYS_CLOSE = 6
+ SYS_WAIT4 = 7
+ SYS_CREAT = 8
+ SYS_LINK = 9
+ SYS_UNLINK = 10
+ SYS_EXECV = 11
+ SYS_CHDIR = 12
+ SYS_CHOWN = 13
+ SYS_MKNOD = 14
+ SYS_CHMOD = 15
+ SYS_LCHOWN = 16
+ SYS_BRK = 17
+ SYS_PERFCTR = 18
+ SYS_LSEEK = 19
+ SYS_GETPID = 20
+ SYS_CAPGET = 21
+ SYS_CAPSET = 22
+ SYS_SETUID = 23
+ SYS_GETUID = 24
+ SYS_VMSPLICE = 25
+ SYS_PTRACE = 26
+ SYS_ALARM = 27
+ SYS_SIGALTSTACK = 28
+ SYS_PAUSE = 29
+ SYS_UTIME = 30
+ SYS_ACCESS = 33
+ SYS_NICE = 34
+ SYS_SYNC = 36
+ SYS_KILL = 37
+ SYS_STAT = 38
+ SYS_SENDFILE = 39
+ SYS_LSTAT = 40
+ SYS_DUP = 41
+ SYS_PIPE = 42
+ SYS_TIMES = 43
+ SYS_UMOUNT2 = 45
+ SYS_SETGID = 46
+ SYS_GETGID = 47
+ SYS_SIGNAL = 48
+ SYS_GETEUID = 49
+ SYS_GETEGID = 50
+ SYS_ACCT = 51
+ SYS_MEMORY_ORDERING = 52
+ SYS_IOCTL = 54
+ SYS_REBOOT = 55
+ SYS_SYMLINK = 57
+ SYS_READLINK = 58
+ SYS_EXECVE = 59
+ SYS_UMASK = 60
+ SYS_CHROOT = 61
+ SYS_FSTAT = 62
+ SYS_FSTAT64 = 63
+ SYS_GETPAGESIZE = 64
+ SYS_MSYNC = 65
+ SYS_VFORK = 66
+ SYS_PREAD64 = 67
+ SYS_PWRITE64 = 68
+ SYS_MMAP = 71
+ SYS_MUNMAP = 73
+ SYS_MPROTECT = 74
+ SYS_MADVISE = 75
+ SYS_VHANGUP = 76
+ SYS_MINCORE = 78
+ SYS_GETGROUPS = 79
+ SYS_SETGROUPS = 80
+ SYS_GETPGRP = 81
+ SYS_SETITIMER = 83
+ SYS_SWAPON = 85
+ SYS_GETITIMER = 86
+ SYS_SETHOSTNAME = 88
+ SYS_DUP2 = 90
+ SYS_FCNTL = 92
+ SYS_SELECT = 93
+ SYS_FSYNC = 95
+ SYS_SETPRIORITY = 96
+ SYS_SOCKET = 97
+ SYS_CONNECT = 98
+ SYS_ACCEPT = 99
+ SYS_GETPRIORITY = 100
+ SYS_RT_SIGRETURN = 101
+ SYS_RT_SIGACTION = 102
+ SYS_RT_SIGPROCMASK = 103
+ SYS_RT_SIGPENDING = 104
+ SYS_RT_SIGTIMEDWAIT = 105
+ SYS_RT_SIGQUEUEINFO = 106
+ SYS_RT_SIGSUSPEND = 107
+ SYS_SETRESUID = 108
+ SYS_GETRESUID = 109
+ SYS_SETRESGID = 110
+ SYS_GETRESGID = 111
+ SYS_RECVMSG = 113
+ SYS_SENDMSG = 114
+ SYS_GETTIMEOFDAY = 116
+ SYS_GETRUSAGE = 117
+ SYS_GETSOCKOPT = 118
+ SYS_GETCWD = 119
+ SYS_READV = 120
+ SYS_WRITEV = 121
+ SYS_SETTIMEOFDAY = 122
+ SYS_FCHOWN = 123
+ SYS_FCHMOD = 124
+ SYS_RECVFROM = 125
+ SYS_SETREUID = 126
+ SYS_SETREGID = 127
+ SYS_RENAME = 128
+ SYS_TRUNCATE = 129
+ SYS_FTRUNCATE = 130
+ SYS_FLOCK = 131
+ SYS_LSTAT64 = 132
+ SYS_SENDTO = 133
+ SYS_SHUTDOWN = 134
+ SYS_SOCKETPAIR = 135
+ SYS_MKDIR = 136
+ SYS_RMDIR = 137
+ SYS_UTIMES = 138
+ SYS_STAT64 = 139
+ SYS_SENDFILE64 = 140
+ SYS_GETPEERNAME = 141
+ SYS_FUTEX = 142
+ SYS_GETTID = 143
+ SYS_GETRLIMIT = 144
+ SYS_SETRLIMIT = 145
+ SYS_PIVOT_ROOT = 146
+ SYS_PRCTL = 147
+ SYS_PCICONFIG_READ = 148
+ SYS_PCICONFIG_WRITE = 149
+ SYS_GETSOCKNAME = 150
+ SYS_INOTIFY_INIT = 151
+ SYS_INOTIFY_ADD_WATCH = 152
+ SYS_POLL = 153
+ SYS_GETDENTS64 = 154
+ SYS_INOTIFY_RM_WATCH = 156
+ SYS_STATFS = 157
+ SYS_FSTATFS = 158
+ SYS_UMOUNT = 159
+ SYS_SCHED_SET_AFFINITY = 160
+ SYS_SCHED_GET_AFFINITY = 161
+ SYS_GETDOMAINNAME = 162
+ SYS_SETDOMAINNAME = 163
+ SYS_UTRAP_INSTALL = 164
+ SYS_QUOTACTL = 165
+ SYS_SET_TID_ADDRESS = 166
+ SYS_MOUNT = 167
+ SYS_USTAT = 168
+ SYS_SETXATTR = 169
+ SYS_LSETXATTR = 170
+ SYS_FSETXATTR = 171
+ SYS_GETXATTR = 172
+ SYS_LGETXATTR = 173
+ SYS_GETDENTS = 174
+ SYS_SETSID = 175
+ SYS_FCHDIR = 176
+ SYS_FGETXATTR = 177
+ SYS_LISTXATTR = 178
+ SYS_LLISTXATTR = 179
+ SYS_FLISTXATTR = 180
+ SYS_REMOVEXATTR = 181
+ SYS_LREMOVEXATTR = 182
+ SYS_SIGPENDING = 183
+ SYS_QUERY_MODULE = 184
+ SYS_SETPGID = 185
+ SYS_FREMOVEXATTR = 186
+ SYS_TKILL = 187
+ SYS_EXIT_GROUP = 188
+ SYS_UNAME = 189
+ SYS_INIT_MODULE = 190
+ SYS_PERSONALITY = 191
+ SYS_REMAP_FILE_PAGES = 192
+ SYS_EPOLL_CREATE = 193
+ SYS_EPOLL_CTL = 194
+ SYS_EPOLL_WAIT = 195
+ SYS_IOPRIO_SET = 196
+ SYS_GETPPID = 197
+ SYS_SIGACTION = 198
+ SYS_SGETMASK = 199
+ SYS_SSETMASK = 200
+ SYS_SIGSUSPEND = 201
+ SYS_OLDLSTAT = 202
+ SYS_USELIB = 203
+ SYS_READDIR = 204
+ SYS_READAHEAD = 205
+ SYS_SOCKETCALL = 206
+ SYS_SYSLOG = 207
+ SYS_LOOKUP_DCOOKIE = 208
+ SYS_FADVISE64 = 209
+ SYS_FADVISE64_64 = 210
+ SYS_TGKILL = 211
+ SYS_WAITPID = 212
+ SYS_SWAPOFF = 213
+ SYS_SYSINFO = 214
+ SYS_IPC = 215
+ SYS_SIGRETURN = 216
+ SYS_CLONE = 217
+ SYS_IOPRIO_GET = 218
+ SYS_ADJTIMEX = 219
+ SYS_SIGPROCMASK = 220
+ SYS_CREATE_MODULE = 221
+ SYS_DELETE_MODULE = 222
+ SYS_GET_KERNEL_SYMS = 223
+ SYS_GETPGID = 224
+ SYS_BDFLUSH = 225
+ SYS_SYSFS = 226
+ SYS_AFS_SYSCALL = 227
+ SYS_SETFSUID = 228
+ SYS_SETFSGID = 229
+ SYS__NEWSELECT = 230
+ SYS_SPLICE = 232
+ SYS_STIME = 233
+ SYS_STATFS64 = 234
+ SYS_FSTATFS64 = 235
+ SYS__LLSEEK = 236
+ SYS_MLOCK = 237
+ SYS_MUNLOCK = 238
+ SYS_MLOCKALL = 239
+ SYS_MUNLOCKALL = 240
+ SYS_SCHED_SETPARAM = 241
+ SYS_SCHED_GETPARAM = 242
+ SYS_SCHED_SETSCHEDULER = 243
+ SYS_SCHED_GETSCHEDULER = 244
+ SYS_SCHED_YIELD = 245
+ SYS_SCHED_GET_PRIORITY_MAX = 246
+ SYS_SCHED_GET_PRIORITY_MIN = 247
+ SYS_SCHED_RR_GET_INTERVAL = 248
+ SYS_NANOSLEEP = 249
+ SYS_MREMAP = 250
+ SYS__SYSCTL = 251
+ SYS_GETSID = 252
+ SYS_FDATASYNC = 253
+ SYS_NFSSERVCTL = 254
+ SYS_SYNC_FILE_RANGE = 255
+ SYS_CLOCK_SETTIME = 256
+ SYS_CLOCK_GETTIME = 257
+ SYS_CLOCK_GETRES = 258
+ SYS_CLOCK_NANOSLEEP = 259
+ SYS_SCHED_GETAFFINITY = 260
+ SYS_SCHED_SETAFFINITY = 261
+ SYS_TIMER_SETTIME = 262
+ SYS_TIMER_GETTIME = 263
+ SYS_TIMER_GETOVERRUN = 264
+ SYS_TIMER_DELETE = 265
+ SYS_TIMER_CREATE = 266
+ SYS_VSERVER = 267
+ SYS_IO_SETUP = 268
+ SYS_IO_DESTROY = 269
+ SYS_IO_SUBMIT = 270
+ SYS_IO_CANCEL = 271
+ SYS_IO_GETEVENTS = 272
+ SYS_MQ_OPEN = 273
+ SYS_MQ_UNLINK = 274
+ SYS_MQ_TIMEDSEND = 275
+ SYS_MQ_TIMEDRECEIVE = 276
+ SYS_MQ_NOTIFY = 277
+ SYS_MQ_GETSETATTR = 278
+ SYS_WAITID = 279
+ SYS_TEE = 280
+ SYS_ADD_KEY = 281
+ SYS_REQUEST_KEY = 282
+ SYS_KEYCTL = 283
+ SYS_OPENAT = 284
+ SYS_MKDIRAT = 285
+ SYS_MKNODAT = 286
+ SYS_FCHOWNAT = 287
+ SYS_FUTIMESAT = 288
+ SYS_FSTATAT64 = 289
+ SYS_UNLINKAT = 290
+ SYS_RENAMEAT = 291
+ SYS_LINKAT = 292
+ SYS_SYMLINKAT = 293
+ SYS_READLINKAT = 294
+ SYS_FCHMODAT = 295
+ SYS_FACCESSAT = 296
+ SYS_PSELECT6 = 297
+ SYS_PPOLL = 298
+ SYS_UNSHARE = 299
+ SYS_SET_ROBUST_LIST = 300
+ SYS_GET_ROBUST_LIST = 301
+ SYS_MIGRATE_PAGES = 302
+ SYS_MBIND = 303
+ SYS_GET_MEMPOLICY = 304
+ SYS_SET_MEMPOLICY = 305
+ SYS_KEXEC_LOAD = 306
+ SYS_MOVE_PAGES = 307
+ SYS_GETCPU = 308
+ SYS_EPOLL_PWAIT = 309
+ SYS_UTIMENSAT = 310
+ SYS_SIGNALFD = 311
+ SYS_TIMERFD_CREATE = 312
+ SYS_EVENTFD = 313
+ SYS_FALLOCATE = 314
+ SYS_TIMERFD_SETTIME = 315
+ SYS_TIMERFD_GETTIME = 316
+ SYS_SIGNALFD4 = 317
+ SYS_EVENTFD2 = 318
+ SYS_EPOLL_CREATE1 = 319
+ SYS_DUP3 = 320
+ SYS_PIPE2 = 321
+ SYS_INOTIFY_INIT1 = 322
+ SYS_ACCEPT4 = 323
+ SYS_PREADV = 324
+ SYS_PWRITEV = 325
+ SYS_RT_TGSIGQUEUEINFO = 326
+ SYS_PERF_EVENT_OPEN = 327
+ SYS_RECVMMSG = 328
+ SYS_FANOTIFY_INIT = 329
+ SYS_FANOTIFY_MARK = 330
+ SYS_PRLIMIT64 = 331
+ SYS_NAME_TO_HANDLE_AT = 332
+ SYS_OPEN_BY_HANDLE_AT = 333
+ SYS_CLOCK_ADJTIME = 334
+ SYS_SYNCFS = 335
+ SYS_SENDMMSG = 336
+ SYS_SETNS = 337
+ SYS_PROCESS_VM_READV = 338
+ SYS_PROCESS_VM_WRITEV = 339
+ SYS_KERN_FEATURES = 340
+ SYS_KCMP = 341
+ SYS_FINIT_MODULE = 342
+ SYS_SCHED_SETATTR = 343
+ SYS_SCHED_GETATTR = 344
+ SYS_RENAMEAT2 = 345
+ SYS_SECCOMP = 346
+ SYS_GETRANDOM = 347
+ SYS_MEMFD_CREATE = 348
+ SYS_BPF = 349
+ SYS_EXECVEAT = 350
+ SYS_MEMBARRIER = 351
+ SYS_USERFAULTFD = 352
+ SYS_BIND = 353
+ SYS_LISTEN = 354
+ SYS_SETSOCKOPT = 355
+ SYS_MLOCK2 = 356
+ SYS_COPY_FILE_RANGE = 357
+ SYS_PREADV2 = 358
+ SYS_PWRITEV2 = 359
+ SYS_STATX = 360
+ SYS_IO_PGETEVENTS = 361
+ SYS_PKEY_MPROTECT = 362
+ SYS_PKEY_ALLOC = 363
+ SYS_PKEY_FREE = 364
+ SYS_RSEQ = 365
+ SYS_SEMTIMEDOP = 392
+ SYS_SEMGET = 393
+ SYS_SEMCTL = 394
+ SYS_SHMGET = 395
+ SYS_SHMCTL = 396
+ SYS_SHMAT = 397
+ SYS_SHMDT = 398
+ SYS_MSGGET = 399
+ SYS_MSGSND = 400
+ SYS_MSGRCV = 401
+ SYS_MSGCTL = 402
+ SYS_PIDFD_SEND_SIGNAL = 424
+ SYS_IO_URING_SETUP = 425
+ SYS_IO_URING_ENTER = 426
+ SYS_IO_URING_REGISTER = 427
+ SYS_OPEN_TREE = 428
+ SYS_MOVE_MOUNT = 429
+ SYS_FSOPEN = 430
+ SYS_FSCONFIG = 431
+ SYS_FSMOUNT = 432
+ SYS_FSPICK = 433
+ SYS_PIDFD_OPEN = 434
+ SYS_CLOSE_RANGE = 436
+ SYS_OPENAT2 = 437
+ SYS_PIDFD_GETFD = 438
+ SYS_FACCESSAT2 = 439
+ SYS_PROCESS_MADVISE = 440
+ SYS_EPOLL_PWAIT2 = 441
+ SYS_MOUNT_SETATTR = 442
+ SYS_LANDLOCK_CREATE_RULESET = 444
+ SYS_LANDLOCK_ADD_RULE = 445
+ SYS_LANDLOCK_RESTRICT_SELF = 446
)
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index c9d7eb41e..878141d6d 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -452,6 +452,11 @@ type CanFilter struct {
Mask uint32
}
+type TCPRepairOpt struct {
+ Code uint32
+ Val uint32
+}
+
const (
SizeofSockaddrInet4 = 0x10
SizeofSockaddrInet6 = 0x1c
@@ -484,6 +489,7 @@ const (
SizeofUcred = 0xc
SizeofTCPInfo = 0x68
SizeofCanFilter = 0x8
+ SizeofTCPRepairOpt = 0x8
)
const (
@@ -682,6 +688,16 @@ type NdMsg struct {
}
const (
+ ICMP_FILTER = 0x1
+
+ ICMPV6_FILTER = 0x1
+ ICMPV6_FILTER_BLOCK = 0x1
+ ICMPV6_FILTER_BLOCKOTHERS = 0x3
+ ICMPV6_FILTER_PASS = 0x2
+ ICMPV6_FILTER_PASSONLY = 0x4
+)
+
+const (
SizeofSockFilter = 0x8
)
@@ -1001,7 +1017,7 @@ const (
PERF_COUNT_SW_EMULATION_FAULTS = 0x8
PERF_COUNT_SW_DUMMY = 0x9
PERF_COUNT_SW_BPF_OUTPUT = 0xa
- PERF_COUNT_SW_MAX = 0xb
+ PERF_COUNT_SW_MAX = 0xc
PERF_SAMPLE_IP = 0x1
PERF_SAMPLE_TID = 0x2
PERF_SAMPLE_TIME = 0x4
@@ -3436,7 +3452,7 @@ const (
ETHTOOL_MSG_CABLE_TEST_ACT = 0x1a
ETHTOOL_MSG_CABLE_TEST_TDR_ACT = 0x1b
ETHTOOL_MSG_TUNNEL_INFO_GET = 0x1c
- ETHTOOL_MSG_USER_MAX = 0x1c
+ ETHTOOL_MSG_USER_MAX = 0x20
ETHTOOL_MSG_KERNEL_NONE = 0x0
ETHTOOL_MSG_STRSET_GET_REPLY = 0x1
ETHTOOL_MSG_LINKINFO_GET_REPLY = 0x2
@@ -3467,7 +3483,7 @@ const (
ETHTOOL_MSG_CABLE_TEST_NTF = 0x1b
ETHTOOL_MSG_CABLE_TEST_TDR_NTF = 0x1c
ETHTOOL_MSG_TUNNEL_INFO_GET_REPLY = 0x1d
- ETHTOOL_MSG_KERNEL_MAX = 0x1d
+ ETHTOOL_MSG_KERNEL_MAX = 0x21
ETHTOOL_A_HEADER_UNSPEC = 0x0
ETHTOOL_A_HEADER_DEV_INDEX = 0x1
ETHTOOL_A_HEADER_DEV_NAME = 0x2
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
index 235c62e46..72f2e96f3 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
@@ -170,6 +170,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [16]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x58
SizeofIovec = 0x8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
index 99b1e5b6a..d5f018d13 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
@@ -173,6 +173,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [24]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x60
SizeofIovec = 0x10
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
index cc8bba791..675446d93 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
@@ -176,6 +176,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [16]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x58
SizeofIovec = 0x8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
index fa8fe3a75..711d0711c 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
@@ -174,6 +174,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [24]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x60
SizeofIovec = 0x10
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
index e7fb8d9b7..c1131c741 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
@@ -175,6 +175,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [16]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x58
SizeofIovec = 0x8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
index 2fa61d593..91d5574ff 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
@@ -174,6 +174,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [24]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x60
SizeofIovec = 0x10
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
index 7f3639933..5d721497b 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
@@ -174,6 +174,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [24]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x60
SizeofIovec = 0x10
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
index f3c20cb86..a5addd06a 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
@@ -175,6 +175,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [16]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x58
SizeofIovec = 0x8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
index 885d27950..bb6b03dfc 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
@@ -176,6 +176,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [16]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x58
SizeofIovec = 0x8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
index a94eb8e18..7637243b7 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
@@ -175,6 +175,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [24]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x60
SizeofIovec = 0x10
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
index 659e32ebd..a1a28e525 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
@@ -175,6 +175,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [24]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x60
SizeofIovec = 0x10
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
index ab8ec604f..e0a8a1362 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
@@ -174,6 +174,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [24]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x60
SizeofIovec = 0x10
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
index 3ec08237f..21d6e56c7 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
@@ -173,6 +173,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [24]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x60
SizeofIovec = 0x10
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
index 23d474470..0531e98f6 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
@@ -177,6 +177,11 @@ type Cmsghdr struct {
Type int32
}
+type ifreq struct {
+ Ifrn [16]byte
+ Ifru [24]byte
+}
+
const (
SizeofSockaddrNFCLLCP = 0x60
SizeofIovec = 0x10
diff --git a/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go
index 85effef9c..ad4aad279 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go
@@ -440,3 +440,43 @@ const (
POLLWRBAND = 0x100
POLLWRNORM = 0x4
)
+
+type fileObj struct {
+ Atim Timespec
+ Mtim Timespec
+ Ctim Timespec
+ Pad [3]uint64
+ Name *int8
+}
+
+type portEvent struct {
+ Events int32
+ Source uint16
+ Pad uint16
+ Object uint64
+ User *byte
+}
+
+const (
+ PORT_SOURCE_AIO = 0x1
+ PORT_SOURCE_TIMER = 0x2
+ PORT_SOURCE_USER = 0x3
+ PORT_SOURCE_FD = 0x4
+ PORT_SOURCE_ALERT = 0x5
+ PORT_SOURCE_MQ = 0x6
+ PORT_SOURCE_FILE = 0x7
+ PORT_ALERT_SET = 0x1
+ PORT_ALERT_UPDATE = 0x2
+ PORT_ALERT_INVALID = 0x3
+ FILE_ACCESS = 0x1
+ FILE_MODIFIED = 0x2
+ FILE_ATTRIB = 0x4
+ FILE_TRUNC = 0x100000
+ FILE_NOFOLLOW = 0x10000000
+ FILE_DELETE = 0x10
+ FILE_RENAME_TO = 0x20
+ FILE_RENAME_FROM = 0x40
+ UNMOUNTED = 0x20000000
+ MOUNTEDOVER = 0x40000000
+ FILE_EXCEPTION = 0x60000070
+)
diff --git a/vendor/golang.org/x/sys/windows/security_windows.go b/vendor/golang.org/x/sys/windows/security_windows.go
index 111c10d3a..d414ef13b 100644
--- a/vendor/golang.org/x/sys/windows/security_windows.go
+++ b/vendor/golang.org/x/sys/windows/security_windows.go
@@ -889,6 +889,7 @@ type WTS_SESSION_INFO struct {
//sys WTSQueryUserToken(session uint32, token *Token) (err error) = wtsapi32.WTSQueryUserToken
//sys WTSEnumerateSessions(handle Handle, reserved uint32, version uint32, sessions **WTS_SESSION_INFO, count *uint32) (err error) = wtsapi32.WTSEnumerateSessionsW
//sys WTSFreeMemory(ptr uintptr) = wtsapi32.WTSFreeMemory
+//sys WTSGetActiveConsoleSessionId() (sessionID uint32)
type ACL struct {
aclRevision byte
diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
index 148de0ffb..2083ec376 100644
--- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
@@ -346,6 +346,7 @@ var (
procVirtualLock = modkernel32.NewProc("VirtualLock")
procVirtualProtect = modkernel32.NewProc("VirtualProtect")
procVirtualUnlock = modkernel32.NewProc("VirtualUnlock")
+ procWTSGetActiveConsoleSessionId = modkernel32.NewProc("WTSGetActiveConsoleSessionId")
procWaitForMultipleObjects = modkernel32.NewProc("WaitForMultipleObjects")
procWaitForSingleObject = modkernel32.NewProc("WaitForSingleObject")
procWriteConsoleW = modkernel32.NewProc("WriteConsoleW")
@@ -2992,6 +2993,12 @@ func VirtualUnlock(addr uintptr, length uintptr) (err error) {
return
}
+func WTSGetActiveConsoleSessionId() (sessionID uint32) {
+ r0, _, _ := syscall.Syscall(procWTSGetActiveConsoleSessionId.Addr(), 0, 0, 0, 0)
+ sessionID = uint32(r0)
+ return
+}
+
func waitForMultipleObjects(count uint32, handles uintptr, waitAll bool, waitMilliseconds uint32) (event uint32, err error) {
var _p0 uint32
if waitAll {
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 634930d17..5eb059dcd 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -126,7 +126,7 @@ github.com/containers/common/pkg/umask
github.com/containers/common/version
# github.com/containers/conmon v2.0.20+incompatible
github.com/containers/conmon/runner/config
-# github.com/containers/image/v5 v5.15.2
+# github.com/containers/image/v5 v5.16.0
github.com/containers/image/v5/copy
github.com/containers/image/v5/directory
github.com/containers/image/v5/directory/explicitfilepath
@@ -141,6 +141,7 @@ github.com/containers/image/v5/internal/blobinfocache
github.com/containers/image/v5/internal/iolimits
github.com/containers/image/v5/internal/pkg/keyctl
github.com/containers/image/v5/internal/pkg/platform
+github.com/containers/image/v5/internal/putblobdigest
github.com/containers/image/v5/internal/rootless
github.com/containers/image/v5/internal/tmpdir
github.com/containers/image/v5/internal/types
@@ -198,7 +199,7 @@ github.com/containers/psgo/internal/dev
github.com/containers/psgo/internal/host
github.com/containers/psgo/internal/proc
github.com/containers/psgo/internal/process
-# github.com/containers/storage v1.34.1
+# github.com/containers/storage v1.35.0
github.com/containers/storage
github.com/containers/storage/drivers
github.com/containers/storage/drivers/aufs
@@ -503,7 +504,7 @@ github.com/onsi/gomega/matchers/support/goraph/util
github.com/onsi/gomega/types
# github.com/opencontainers/go-digest v1.0.0
github.com/opencontainers/go-digest
-# github.com/opencontainers/image-spec v1.0.2-0.20190823105129-775207bd45b6
+# github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283
github.com/opencontainers/image-spec/specs-go
github.com/opencontainers/image-spec/specs-go/v1
# github.com/opencontainers/runc v1.0.2
@@ -602,7 +603,7 @@ github.com/ulikunitz/xz
github.com/ulikunitz/xz/internal/hash
github.com/ulikunitz/xz/internal/xlog
github.com/ulikunitz/xz/lzma
-# github.com/vbatts/tar-split v0.11.1
+# github.com/vbatts/tar-split v0.11.2
github.com/vbatts/tar-split/archive/tar
github.com/vbatts/tar-split/tar/asm
github.com/vbatts/tar-split/tar/storage
@@ -611,7 +612,7 @@ github.com/vbauerster/mpb/v6
github.com/vbauerster/mpb/v6/cwriter
github.com/vbauerster/mpb/v6/decor
github.com/vbauerster/mpb/v6/internal
-# github.com/vbauerster/mpb/v7 v7.0.3
+# github.com/vbauerster/mpb/v7 v7.1.3
github.com/vbauerster/mpb/v7
github.com/vbauerster/mpb/v7/cwriter
github.com/vbauerster/mpb/v7/decor
@@ -674,7 +675,7 @@ golang.org/x/net/proxy
golang.org/x/net/trace
# golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
golang.org/x/sync/semaphore
-# golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c
+# golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55
golang.org/x/sys/cpu
golang.org/x/sys/execabs
golang.org/x/sys/internal/unsafeheader