dependabot[bot]
fbf1a320d8
build(deps): bump github.com/vishvananda/netlink from 1.3.0 to 1.3.1
...
Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink ) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/vishvananda/netlink/releases )
- [Commits](https://github.com/vishvananda/netlink/compare/v1.3.0...v1.3.1 )
---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
dependency-version: 1.3.1
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-05-12 04:47:59 +00:00
dependabot[bot]
d920a72202
build(deps): bump github.com/seccomp/libseccomp-golang
...
Bumps [github.com/seccomp/libseccomp-golang](https://github.com/seccomp/libseccomp-golang ) from 0.10.0 to 0.11.0.
- [Release notes](https://github.com/seccomp/libseccomp-golang/releases )
- [Changelog](https://github.com/seccomp/libseccomp-golang/blob/main/CHANGELOG )
- [Commits](https://github.com/seccomp/libseccomp-golang/compare/v0.10.0...v0.11.0 )
---
updated-dependencies:
- dependency-name: github.com/seccomp/libseccomp-golang
dependency-version: 0.11.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-04-24 04:50:34 +00:00
dependabot[bot]
bb5aa11622
build(deps): bump github.com/moby/sys/user from 0.3.0 to 0.4.0
...
Bumps [github.com/moby/sys/user](https://github.com/moby/sys ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/moby/sys/releases )
- [Commits](https://github.com/moby/sys/compare/user/v0.3.0...user/v0.4.0 )
---
updated-dependencies:
- dependency-name: github.com/moby/sys/user
dependency-version: 0.4.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-04-04 04:34:30 +00:00
dependabot[bot]
bac338256c
build(deps): bump github.com/opencontainers/selinux
...
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux ) from 1.11.1 to 1.12.0.
- [Release notes](https://github.com/opencontainers/selinux/releases )
- [Commits](https://github.com/opencontainers/selinux/compare/v1.11.1...v1.12.0 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-03-24 04:56:16 +00:00
Prajwal S N
05e83fc600
deps: bump go-criu to v7
...
Signed-off-by: Prajwal S N <prajwalnadig21@gmail.com >
2025-03-05 01:02:53 +05:30
Kir Kolyshkin
a75076b4a4
Switch to opencontainers/cgroups
...
This removes libcontainer/cgroups packages and starts
using those from github.com/opencontainers/cgroups repo.
Mostly generated by:
git rm -f libcontainer/cgroups
find . -type f -name "*.go" -exec sed -i \
's|github.com/opencontainers/runc/libcontainer/cgroups|github.com/opencontainers/cgroups|g' \
{} +
go get github.com/opencontainers/cgroups@v0.0.1
make vendor
gofumpt -w .
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2025-02-28 15:20:33 -08:00
dependabot[bot]
537a2276bb
build(deps): bump github.com/opencontainers/runtime-spec
...
Bumps [github.com/opencontainers/runtime-spec](https://github.com/opencontainers/runtime-spec ) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/opencontainers/runtime-spec/releases )
- [Changelog](https://github.com/opencontainers/runtime-spec/blob/main/ChangeLog )
- [Commits](https://github.com/opencontainers/runtime-spec/compare/v1.2.0...v1.2.1 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/runtime-spec
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-28 04:52:38 +00:00
Kir Kolyshkin
79a4ac0553
deps: bump cilium/ebpf to v0.17.3
...
It has a fix for runc issue 4594.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2025-02-13 00:07:01 -08:00
Kir Kolyshkin
8e5bb0d8c4
deps: roll back to cilium/ebpf v0.16.0
...
Also, exclude v0.17.x until there is a fix for runc issue 4594.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2025-01-31 16:59:54 -08:00
Aleksa Sarai
70e500e7d1
deps: update to github.com/cyphar/filepath-securejoin@v0.4.1
...
This release includes a minor breaking API change that requires us to
rework the types of our wrappers, but there is no practical behaviour
change.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2025-01-28 22:33:16 +11:00
dependabot[bot]
5855ba5303
build(deps): bump github.com/cilium/ebpf from 0.17.0 to 0.17.1
...
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf ) from 0.17.0 to 0.17.1.
- [Release notes](https://github.com/cilium/ebpf/releases )
- [Commits](https://github.com/cilium/ebpf/compare/v0.17.0...v0.17.1 )
---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-12-20 04:10:23 +00:00
dependabot[bot]
e809db842f
build(deps): bump github.com/cilium/ebpf from 0.16.0 to 0.17.0
...
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf ) from 0.16.0 to 0.17.0.
- [Release notes](https://github.com/cilium/ebpf/releases )
- [Commits](https://github.com/cilium/ebpf/compare/v0.16.0...v0.17.0 )
---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-12-20 00:07:03 +00:00
dependabot[bot]
71327d7fcd
build(deps): bump github.com/cyphar/filepath-securejoin
...
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin ) from 0.3.5 to 0.3.6.
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases )
- [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md )
- [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.3.5...v0.3.6 )
---
updated-dependencies:
- dependency-name: github.com/cyphar/filepath-securejoin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-12-19 01:42:44 +00:00
Aleksa Sarai
2f1b6626f3
deps: update to github.com/cyphar/filepath-securejoin@v0.3.5
...
This fixes a regression in use of securejoin.MkdirAll, where multiple
runc processes racing to create the same mountpoint in a shared rootfs
would result in spurious EEXIST errors. In particular, this regression
caused issues with BuildKit.
Fixes: dd827f7b71 ("utils: switch to securejoin.MkdirAllHandle")
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2024-12-06 19:38:46 +11:00
Kir Kolyshkin
66969827c0
Switch to github.com/moby/sys/capability v0.4.0
...
This removes the last unversioned package in runc's direct dependencies.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2024-12-02 13:18:10 -08:00
dependabot[bot]
69b3be763a
build(deps): bump github.com/vishvananda/netlink from 1.1.0 to 1.3.0
...
Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink ) from 1.1.0 to 1.3.0.
- [Release notes](https://github.com/vishvananda/netlink/releases )
- [Commits](https://github.com/vishvananda/netlink/compare/v1.1.0...v1.3.0 )
---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-10-23 06:49:47 +00:00
dependabot[bot]
f20f273aff
build(deps): bump github.com/opencontainers/selinux
...
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux ) from 1.11.0 to 1.11.1.
- [Release notes](https://github.com/opencontainers/selinux/releases )
- [Commits](https://github.com/opencontainers/selinux/compare/v1.11.0...v1.11.1 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-10-23 04:20:54 +00:00
Akihiro Suda
e98851de36
Merge pull request #4464 from opencontainers/dependabot/go_modules/github.com/urfave/cli-1.22.16
...
build(deps): bump github.com/urfave/cli from 1.22.14 to 1.22.16
2024-10-23 10:46:42 +09:00
dependabot[bot]
93db63ab52
build(deps): bump github.com/urfave/cli from 1.22.14 to 1.22.16
...
Bumps [github.com/urfave/cli](https://github.com/urfave/cli ) from 1.22.14 to 1.22.16.
- [Release notes](https://github.com/urfave/cli/releases )
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md )
- [Commits](https://github.com/urfave/cli/compare/v1.22.14...v1.22.16 )
---
updated-dependencies:
- dependency-name: github.com/urfave/cli
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-10-22 13:23:32 +00:00
dependabot[bot]
af024b6c2b
build(deps): bump github.com/moby/sys/mountinfo from 0.7.1 to 0.7.2
...
Bumps [github.com/moby/sys/mountinfo](https://github.com/moby/sys ) from 0.7.1 to 0.7.2.
- [Release notes](https://github.com/moby/sys/releases )
- [Commits](https://github.com/moby/sys/compare/signal/v0.7.1...mountinfo/v0.7.2 )
---
updated-dependencies:
- dependency-name: github.com/moby/sys/mountinfo
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-10-22 13:23:25 +00:00
Sebastiaan van Stijn
9b60a93cf3
libcontainer/userns: migrate to github.com/moby/sys/userns
...
The userns package was moved to the moby/sys/userns module
at commit 3778ae603c .
This patch deprecates the old location, and adds it as an alias
for the moby/sys/userns package.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl >
2024-10-09 22:20:25 +08:00
Aleksa Sarai
1623cde125
go: update github.com/cyphar/filepath-securejoin to v0.3.4
...
This includes a fix to avoid doing import "testing" in non-_test.go
code.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2024-10-09 15:13:28 +11:00
Aleksa Sarai
b096459a07
vendor: update github.com/cyphar/filepath-securejoin to v0.3.3
...
This fixes issues we had with spurious MkdirAll failures.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2024-09-30 16:26:42 +02:00
Kir Kolyshkin
15904913c2
Merge pull request #4397 from rafaelroquetto/main
...
Upgrade Cilium's eBPF library version to 0.16
2024-09-13 18:22:49 -07:00
Aleksa Sarai
066b109e99
vendor: update to github.com/cyphar/filepath-securejoin@v0.3.2
...
This includes a fix for the handling of S_ISGID directories.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2024-09-13 23:34:33 +10:00
Rafael Roquetto
216175a9ca
Upgrade Cilium's eBPF library version to 0.16
...
Signed-off-by: Rafael Roquetto <rafael.roquetto@grafana.com >
2024-09-12 11:13:21 -06:00
Aleksa Sarai
1d308c7da4
vendor: update to github.com/cyphar/filepath-securejoin@v0.3.1
...
This includes the MkdirAll and OpenInRoot implementations which are
actually secure against races.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2024-09-03 23:05:59 +10:00
dependabot[bot]
606251ab33
build(deps): bump github.com/opencontainers/runtime-spec
...
Bumps [github.com/opencontainers/runtime-spec](https://github.com/opencontainers/runtime-spec ) from 1.1.1-0.20230823135140-4fec88fd00a4 to 1.2.0.
- [Release notes](https://github.com/opencontainers/runtime-spec/releases )
- [Changelog](https://github.com/opencontainers/runtime-spec/blob/main/ChangeLog )
- [Commits](https://github.com/opencontainers/runtime-spec/commits/v1.2.0 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/runtime-spec
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp >
2024-03-07 14:43:33 +09:00
dependabot[bot]
97632a6d1b
build(deps): bump github.com/containerd/console from 1.0.3 to 1.0.4
...
Bumps [github.com/containerd/console](https://github.com/containerd/console ) from 1.0.3 to 1.0.4.
- [Release notes](https://github.com/containerd/console/releases )
- [Commits](https://github.com/containerd/console/compare/v1.0.3...v1.0.4 )
---
updated-dependencies:
- dependency-name: github.com/containerd/console
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-02-09 15:20:19 +00:00
Aleksa Sarai
a04d88ec73
vendor: update to github.com/moby/sys/mountinfo@v0.7.1
...
The primary change is a switch to using /proc/thread-self, which is
needed for when we add a CLONE_FS thread to runc.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com >
2023-12-14 11:36:41 +11:00
lfbzhm
b2f7614afc
bump github.com/cilium/ebpf from 0.12.2 to 0.12.3
...
Signed-off-by: lfbzhm <lifubang@acmcoder.com >
2023-11-10 13:48:36 +00:00
dependabot[bot]
d60d17a6ec
build(deps): bump github.com/cilium/ebpf from 0.12.1 to 0.12.2
...
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf ) from 0.12.1 to 0.12.2.
- [Release notes](https://github.com/cilium/ebpf/releases )
- [Commits](https://github.com/cilium/ebpf/compare/v0.12.1...v0.12.2 )
---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-10-23 04:08:30 +00:00
dependabot[bot]
54d38c6143
build(deps): bump github.com/cilium/ebpf from 0.12.0 to 0.12.1
...
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf ) from 0.12.0 to 0.12.1.
- [Release notes](https://github.com/cilium/ebpf/releases )
- [Commits](https://github.com/cilium/ebpf/compare/v0.12.0...v0.12.1 )
---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-10-20 15:03:40 +08:00
dependabot[bot]
aec0dc7dcd
build(deps): bump github.com/cilium/ebpf from 0.11.0 to 0.12.0
...
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf ) from 0.11.0 to 0.12.0.
- [Release notes](https://github.com/cilium/ebpf/releases )
- [Commits](https://github.com/cilium/ebpf/compare/v0.11.0...v0.12.0 )
---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-10-12 04:42:12 +00:00
Kir Kolyshkin
730bc84418
Fix directory perms vs umask for tmpcopyup
...
Bump fileutils to v0.5.1, which fixes permissions of newly created directories
to not depend on the value of umask.
Add a test case which fails like this before the fix:
mounts.bats
✗ runc run [tmpcopyup]
(in test file tests/integration/mounts.bats, line 28)
`[[ "${lines[0]}" == *'drwxrwxrwx'* ]]' failed
runc spec (status=0):
runc run test_busybox (status=0):
drwxr-xr-x 2 root root 40 Oct 4 22:35 /dir1/dir2
Fixes 3991.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2023-10-04 15:35:44 -07:00
Sebastiaan van Stijn
ca32014adb
migrate libcontainer/user to github.com/moby/sys/user
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl >
2023-09-19 10:22:23 +02:00
dependabot[bot]
c7ad2749fd
build(deps): bump github.com/cyphar/filepath-securejoin
...
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin ) from 0.2.3 to 0.2.4.
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases )
- [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.2.3...v0.2.4 )
---
updated-dependencies:
- dependency-name: github.com/cyphar/filepath-securejoin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-09-07 04:30:28 +00:00
Rodrigo Campos
671e211ef8
vendor: Update runtime-spec to expose mountExtensions
...
Future commits will expose this info in the features sub-command.
Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com >
2023-08-23 16:17:02 +02:00
dependabot[bot]
11b6c9b638
build(deps): bump github.com/opencontainers/runtime-spec
...
Bumps [github.com/opencontainers/runtime-spec](https://github.com/opencontainers/runtime-spec ) from 1.1.0-rc.3 to 1.1.0.
- [Release notes](https://github.com/opencontainers/runtime-spec/releases )
- [Changelog](https://github.com/opencontainers/runtime-spec/blob/main/ChangeLog )
- [Commits](https://github.com/opencontainers/runtime-spec/compare/v1.1.0-rc.3...v1.1.0 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/runtime-spec
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp >
2023-07-22 13:03:35 +09:00
dependabot[bot]
83418f8878
build(deps): bump github.com/cilium/ebpf from 0.10.0 to 0.11.0
...
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf ) from 0.10.0 to 0.11.0.
- [Release notes](https://github.com/cilium/ebpf/releases )
- [Commits](https://github.com/cilium/ebpf/compare/v0.10.0...v0.11.0 )
---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-07-11 01:40:04 +00:00
Akihiro Suda
0ac3376c20
go.mod: runtime-spec v1.1.0-rc.3
...
https://github.com/opencontainers/runtime-spec/releases/tag/v1.1.0-rc.3
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp >
2023-06-10 17:19:11 +09:00
dependabot[bot]
31e3c229ac
build(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3
...
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus ) from 1.9.2 to 1.9.3.
- [Release notes](https://github.com/sirupsen/logrus/releases )
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.2...v1.9.3 )
---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-06-08 17:23:42 +00:00
dependabot[bot]
b9d2d8d8a6
build(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2
...
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus ) from 1.9.0 to 1.9.2.
- [Release notes](https://github.com/sirupsen/logrus/releases )
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md )
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.0...v1.9.2 )
---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-05-18 05:00:24 +00:00
Akihiro Suda
6beb3c6a3e
go.mod: runtime-spec v1.1.0-rc.2
...
See https://github.com/opencontainers/runtime-spec/releases/tag/v1.1.0-rc.2
for the spec changes.
The `runc features` json is now defined in
https://github.com/opencontainers/runtime-spec/blob/v1.1.0-rc.2/specs-go/features/features.go
Replaces PR 3829
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp >
2023-05-10 22:23:29 +09:00
Kir Kolyshkin
5a17746302
deps: bump urfave/cli
...
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2023-04-28 12:43:08 -07:00
Akihiro Suda
787fcf09e7
go.mod: github.com/opencontainers/runtime-spec v1.1.0-rc.1
...
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp >
2023-02-10 12:10:14 +09:00
dependabot[bot]
bc8d6e3b1f
build(deps): bump github.com/opencontainers/selinux
...
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux ) from 1.10.2 to 1.11.0.
- [Release notes](https://github.com/opencontainers/selinux/releases )
- [Commits](https://github.com/opencontainers/selinux/compare/v1.10.2...v1.11.0 )
---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-02-10 00:34:56 +00:00
dependabot[bot]
cc63d074e6
build(deps): bump github.com/cilium/ebpf from 0.9.3 to 0.10.0
...
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf ) from 0.9.3 to 0.10.0.
- [Release notes](https://github.com/cilium/ebpf/releases )
- [Commits](https://github.com/cilium/ebpf/compare/v0.9.3...v0.10.0 )
---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-01-17 23:24:59 +00:00
Kir Kolyshkin
6462e9de67
runc update: implement memory.checkBeforeUpdate
...
This is aimed at solving the problem of cgroup v2 memory controller
behavior which is not compatible with that of cgroup v1.
In cgroup v1, if the new memory limit being set is lower than the
current usage, setting the new limit fails.
In cgroup v2, same operation succeeds, and the container is OOM killed.
Introduce a new setting, memory.checkBeforeUpdate, and use it to mimic
cgroup v1 behavior.
Note that this is not 100% reliable because of TOCTOU, but this is the
best we can do.
Add some test cases.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com >
2022-11-02 17:15:26 -07:00
Radostin Stoyanov
fbce47a6b6
deps: bump github.com/checkpoint-restore/go-criu to 6.3.0
...
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org >
2022-11-01 10:08:14 +00:00