From 298a8e8c78c97fa20817c47e62b0fdb1ee40fb66 Mon Sep 17 00:00:00 2001 From: Sukru Senli Date: Thu, 11 Feb 2021 19:58:47 +0100 Subject: [PATCH] crun: initial port: v0.17 This is a crude port of crun tailored towards Linux kernel 4.19 and disabling 5.4 Linux kernel features A proper integration should create selectable sub config options --- crun/Makefile | 50 ++++ .../01-fix-for-openwrt-and-kernel-4-19.patch | 217 ++++++++++++++++++ 2 files changed, 267 insertions(+) create mode 100644 crun/Makefile create mode 100644 crun/patches/01-fix-for-openwrt-and-kernel-4-19.patch diff --git a/crun/Makefile b/crun/Makefile new file mode 100644 index 000000000..961a627b7 --- /dev/null +++ b/crun/Makefile @@ -0,0 +1,50 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=crun +PKG_VERSION:=0.17 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_PROTO:=git +PKG_SOURCE_URL:=https://github.com/containers/crun.git +PKG_SOURCE_VERSION:=0e9229ae34caaebcb86f1fde18de3acaf18c6d9a + +PKG_LICENSE:=GPL-2.0 +PKG_LICENSE_FILES:=COPYING + +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION) + +PKG_INSTALL:=1 +PKG_BUILD_PARALLEL:=1 + +include $(INCLUDE_DIR)/package.mk + +define Package/crun + SECTION:=utils + CATEGORY:=Utilities + DEPENDS:=+yajl +argp-standalone +libcap +libseccomp + TITLE:=A fast and low-memory footprint OCI Container Runtime fully written in C +endef + +define Package/crun/description + crun conforms to the OCI Container Runtime specifications +endef + +TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include +TARGET_LDFLAGS += -largp + +MAKE_FLAGS := \ + $(TARGET_CONFIGURE_OPTS) \ + CFLAGS="$(TARGET_CFLAGS) $(TARGET_CPPFLAGS)" \ + LDFLAGS="$(TARGET_LDFLAGS)" + +define Build/Configure + cd $(PKG_BUILD_DIR)/ && sh autogen.sh && ./configure +endef + +define Package/crun/install + $(INSTALL_DIR) $(1)/usr/bin/ + $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/local/bin/crun $(1)/usr/bin/ +endef + +$(eval $(call BuildPackage,crun)) diff --git a/crun/patches/01-fix-for-openwrt-and-kernel-4-19.patch b/crun/patches/01-fix-for-openwrt-and-kernel-4-19.patch new file mode 100644 index 000000000..229f4085f --- /dev/null +++ b/crun/patches/01-fix-for-openwrt-and-kernel-4-19.patch @@ -0,0 +1,217 @@ +diff --git a/configure.ac b/configure.ac +index 5e9f2f9..5ed99bd 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -52,16 +52,6 @@ AS_IF([test "x$enable_seccomp" != "xno"], [ + ]) + ]) + +-dnl libsystemd +-AC_ARG_ENABLE([systemd], +- AS_HELP_STRING([--disable-systemd], [Ignore systemd and disable support])) +-AS_IF([test "x$enable_systemd" != "xno"], [ +- AC_CHECK_HEADERS([systemd/sd-bus.h], [], [AC_MSG_ERROR([*** Missing libsystemd headers])]) +- AS_IF([test "$ac_cv_header_systemd_sd_bus_h" = "yes"], [ +- AC_SEARCH_LIBS(sd_bus_match_signal_async, [systemd], [AC_DEFINE([HAVE_SYSTEMD], 1, [Define if libsystemd is available])], [AC_MSG_ERROR([*** Failed to find libsystemd])]) +- ]) +-]) +- + dnl ebpf + AC_ARG_ENABLE([bpf], + AS_HELP_STRING([--disable-bpf], [Ignore eBPF and disable support])) +@@ -114,26 +104,6 @@ AS_IF([test "x$enable_criu" != "xno"], [ + FOUND_LIBS=$LIBS + LIBS="" + +-AC_MSG_CHECKING([for new mount API (fsconfig)]) +-AC_COMPILE_IFELSE( +- [AC_LANG_SOURCE([[ +- #include +- int cmd = FSCONFIG_CMD_CREATE; +- ]])], +- [AC_MSG_RESULT(yes) +- AC_DEFINE([HAVE_FSCONFIG_CMD_CREATE], 1, [Define if FSCONFIG_CMD_CREATE is available])], +- [AC_MSG_RESULT(no)]) +- +-AC_MSG_CHECKING([for seccomp notify API]) +-AC_COMPILE_IFELSE( +- [AC_LANG_SOURCE([[ +- #include +- int cmd = SECCOMP_GET_NOTIF_SIZES; +- ]])], +- [AC_MSG_RESULT(yes) +- AC_DEFINE([HAVE_SECCOMP_GET_NOTIF_SIZES], 1, [Define if SECCOMP_GET_NOTIF_SIZES is available])], +- [AC_MSG_RESULT(no)]) +- + AC_DEFINE([LIBCRUN_PUBLIC], [__attribute__((visibility("default"))) extern], [LIBCRUN_PUBLIC]) + AC_SUBST([FOUND_LIBS]) + AC_SUBST([CRUN_LDFLAGS]) +diff --git a/src/libcrun/cgroup.c b/src/libcrun/cgroup.c +index 29c1f7a..77dc441 100644 +--- a/src/libcrun/cgroup.c ++++ b/src/libcrun/cgroup.c +@@ -575,23 +575,6 @@ get_file_owner (const char *path, uid_t *uid, gid_t *gid) + struct stat st; + int ret; + +-#ifdef HAVE_STATX +- struct statx stx; +- +- ret = statx (AT_FDCWD, path, AT_STATX_DONT_SYNC, STATX_UID | STATX_GID, &stx); +- if (UNLIKELY (ret < 0)) +- { +- if (errno == ENOSYS || errno == EINVAL) +- goto fallback; +- +- return ret; +- } +- *uid = stx.stx_uid; +- *gid = stx.stx_gid; +- return ret; +- +-fallback: +-#endif + ret = stat (path, &st); + if (UNLIKELY (ret < 0)) + return ret; +diff --git a/src/libcrun/error.h b/src/libcrun/error.h +index aa3f3aa..477a2fe 100644 +--- a/src/libcrun/error.h ++++ b/src/libcrun/error.h +@@ -18,9 +18,6 @@ + #ifndef ERROR_H + #define ERROR_H + #include +-#ifdef HAVE_ERROR_H +-# include +-#else + # define error(status, errno, fmt, ...) \ + do \ + { \ +@@ -35,7 +32,6 @@ + exit (status); \ + } \ + while (0) +-#endif + #include + #include + #include +diff --git a/src/libcrun/utils.c b/src/libcrun/utils.c +index cbde9b6..5ef7f5f 100644 +--- a/src/libcrun/utils.c ++++ b/src/libcrun/utils.c +@@ -164,22 +164,6 @@ get_file_type_fd (int fd, mode_t *mode) + struct stat st; + int ret; + +-#ifdef HAVE_STATX +- struct statx stx; +- +- ret = statx (fd, "", AT_EMPTY_PATH | AT_STATX_DONT_SYNC, STATX_TYPE, &stx); +- if (UNLIKELY (ret < 0)) +- { +- if (errno == ENOSYS || errno == EINVAL) +- goto fallback; +- +- return ret; +- } +- *mode = stx.stx_mode; +- return ret; +- +-fallback: +-#endif + ret = fstat (fd, &st); + *mode = st.st_mode; + return ret; +@@ -191,22 +175,6 @@ get_file_type_at (int dirfd, mode_t *mode, bool nofollow, const char *path) + struct stat st; + int ret; + +-#ifdef HAVE_STATX +- struct statx stx; +- +- ret = statx (dirfd, path, (nofollow ? AT_SYMLINK_NOFOLLOW : 0) | AT_STATX_DONT_SYNC, STATX_TYPE, &stx); +- if (UNLIKELY (ret < 0)) +- { +- if (errno == ENOSYS || errno == EINVAL) +- goto fallback; +- +- return ret; +- } +- *mode = stx.stx_mode; +- return ret; +- +-fallback: +-#endif + ret = fstatat (dirfd, path, &st, nofollow ? AT_SYMLINK_NOFOLLOW : 0); + *mode = st.st_mode; + return ret; +@@ -550,22 +518,7 @@ get_file_size (int fd, off_t *size) + { + struct stat st; + int ret; +-#ifdef HAVE_STATX +- struct statx stx; +- +- ret = statx (fd, "", AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW | AT_STATX_DONT_SYNC, STATX_SIZE, &stx); +- if (UNLIKELY (ret < 0)) +- { +- if (errno == ENOSYS || errno == EINVAL) +- goto fallback; +- return ret; +- } +- *size = stx.stx_size; +- +- return ret; + +-fallback: +-#endif + ret = fstat (fd, &st); + *size = st.st_size; + return ret; +@@ -1060,7 +1013,6 @@ run_process (char **args, libcrun_error_t *err) + _exit (EXIT_FAILURE); + } + +-#ifndef HAVE_FGETPWENT_R + static unsigned + atou (char **s) + { +@@ -1126,7 +1078,6 @@ fgetpwent_r (FILE *f, struct passwd *pw, char *line, size_t size, struct passwd + errno = rv; + return rv; + } +-#endif + + int + set_home_env (uid_t id) +@@ -1690,29 +1641,6 @@ copy_rec_stat_file_at (int dfd, const char *path, mode_t *mode, off_t *size, dev + struct stat st; + int ret; + +-#ifdef HAVE_STATX +- struct statx stx; +- +- ret = statx (dfd, path, AT_SYMLINK_NOFOLLOW | AT_STATX_DONT_SYNC, +- STATX_TYPE | STATX_MODE | STATX_SIZE | STATX_UID | STATX_GID, &stx); +- if (UNLIKELY (ret < 0)) +- { +- if (errno == ENOSYS || errno == EINVAL) +- goto fallback; +- +- return ret; +- } +- +- *mode = stx.stx_mode; +- *size = stx.stx_size; +- *rdev = makedev (stx.stx_rdev_major, stx.stx_rdev_minor); +- *uid = stx.stx_uid; +- *gid = stx.stx_gid; +- +- return ret; +- +-fallback: +-#endif + ret = fstatat (dfd, path, &st, AT_SYMLINK_NOFOLLOW); + + *mode = st.st_mode;