opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-28 06:18:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

In podman 1.* regression on --cap-add

Browse Source 
In podman 1.0 if  you executed a command like:

podman run --user dwalsh --cap-add net_bind_service alpine nc -l 80

It would work, and the user dwalsh would get the capability,  in
podman 2.0, only root and the binding set gets the capability.

This change restores us back to the way podman 1.0 worked.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit is contained in:
Daniel J Walsh
2020-08-17 06:28:45 -04:00
parent 516196f096
commit 3848cac860
51 changed files with 630 additions and 332 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
go.mod
View File

@ -11,7 +11,7 @@ require (
github.com/containernetworking/cni v0.7.2-0.20200304161608-4fae32b84921
github.com/containernetworking/plugins v0.8.6
github.com/containers/buildah v1.15.1-0.20200731151214-29f4d01c621c
github.com/containers/common v0.18.0
github.com/containers/common v0.20.3
github.com/containers/conmon v2.0.19+incompatible
github.com/containers/image/v5 v5.5.2
github.com/containers/psgo v1.5.1
@ -61,7 +61,7 @@ require (
golang.org/x/crypto v0.0.0-20200423211502-4bdfaf469ed5
golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7
golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a
golang.org/x/sys v0.0.0-20200519105757-fe76b779f299
golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1
k8s.io/api v0.18.8
k8s.io/apimachinery v0.18.8
k8s.io/client-go v0.0.0-20190620085101-78d2af792bab

8
go.sum
View File

@ -73,8 +73,8 @@ github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHV
github.com/containers/buildah v1.15.1-0.20200731151214-29f4d01c621c h1:+V9RQOhg1LyhyHHU33OVjO+Uan1MoVbkjufH8E/BeLU=
github.com/containers/buildah v1.15.1-0.20200731151214-29f4d01c621c/go.mod h1:XVOKQHd1sP/7tFpCXIaNsUJZdTNCwVZ7YZiLnnEfrVg=
github.com/containers/common v0.15.2/go.mod h1:rhpXuGLTEKsk/xX/x0iKGHjRadMHpBd2ZiNDugwXPEM=
github.com/containers/common v0.18.0 h1:pZB6f17N5QV43TcT06gtx1lb0rxd/4StFdVhP9CtgQg=
github.com/containers/common v0.18.0/go.mod h1:H2Wqvx6wkqdzT4RcTCqIG4W0HSOZwUbbNiUTX1+VohU=
github.com/containers/common v0.20.3 h1:d8vSReNkrySKE3ZPya2vt6Wc/xuQiB30pNXTYHz2iHM=
github.com/containers/common v0.20.3/go.mod h1:+NUHV8V5Kmo260ja9Dxtr8ialrDnK4RNzyeEbSgmLac=
github.com/containers/conmon v2.0.19+incompatible h1:1bDVRvHy2MUNTUT/SW6LlHsJHQBTSwXvnKNdcB/a1vQ=
github.com/containers/conmon v2.0.19+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
github.com/containers/image/v5 v5.5.1 h1:h1FCOXH6Ux9/p/E4rndsQOC4yAdRU0msRTfLVeQ7FDQ=
@ -89,8 +89,6 @@ github.com/containers/ocicrypt v1.0.3/go.mod h1:CUBa+8MRNL/VkpxYIpaMtgn1WgXGyvPQ
github.com/containers/psgo v1.5.1 h1:MQNb7FLbXqBdqz6u4lI2QWizVz4RSTzs1+Nk9XT1iVA=
github.com/containers/psgo v1.5.1/go.mod h1:2ubh0SsreMZjSXW1Hif58JrEcFudQyIy9EzPUWfawVU=
github.com/containers/storage v1.20.2/go.mod h1:oOB9Ie8OVPojvoaKWEGSEtHbXUAs+tSyr7RO7ZGteMc=
github.com/containers/storage v1.21.2 h1:bf9IqA+g6ClBviqVG5lVCp5tTH9lvWwjYws7mVYSti0=
github.com/containers/storage v1.21.2/go.mod h1:I1EIAA7B4OwWRSA0b4yq2AW1wjvvfcY0zLWQuwTa4zw=
github.com/containers/storage v1.23.0 h1:gYyNkBiihC2FvGiHOjOjpnfojYwgxpLVooTUlmD6pxs=
github.com/containers/storage v1.23.0/go.mod h1:I1EIAA7B4OwWRSA0b4yq2AW1wjvvfcY0zLWQuwTa4zw=
github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
@ -566,6 +564,8 @@ golang.org/x/sys v0.0.0-20200327173247-9dae0f8f5775/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20200501145240-bc7a7d42d5c3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200519105757-fe76b779f299 h1:DYfZAGf2WMFjMxbgTjaC+2HC7NkNAQs+6Q8b9WEB/F4=
golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1 h1:sIky/MyNRSHTrdxfsiUSS4WIAMvInbeXljJz+jDjeYE=
golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20181227161524-e6919f6577db/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=

26
pkg/specgen/generate/security.go
View File

@ -112,7 +112,7 @@ func securityConfigureGenerator(s *specgen.SpecGenerator, g *generate.Generator,
// Pass capRequiredRequested in CapAdd field to normalize capabilities names
capsRequired, err := capabilities.MergeCapabilities(nil, capsRequiredRequested, nil)
if err != nil {
logrus.Errorf("capabilities requested by user or image are not valid: %q", strings.Join(capsRequired, ","))
return errors.Wrapf(err, "capabilities requested by user or image are not valid: %q", strings.Join(capsRequired, ","))
} else {
// Verify all capRequiered are in the capList
for _, cap := range capsRequired {
@ -129,12 +129,6 @@ func securityConfigureGenerator(s *specgen.SpecGenerator, g *generate.Generator,
}
}
g.SetProcessNoNewPrivileges(s.NoNewPrivileges)
if err := setupApparmor(s, rtc, g); err != nil {
return err
}
configSpec := g.Config
configSpec.Process.Capabilities.Bounding = caplist
@ -142,13 +136,21 @@ func securityConfigureGenerator(s *specgen.SpecGenerator, g *generate.Generator,
configSpec.Process.Capabilities.Effective = caplist
configSpec.Process.Capabilities.Permitted = caplist
configSpec.Process.Capabilities.Inheritable = caplist
configSpec.Process.Capabilities.Ambient = caplist
} else {
configSpec.Process.Capabilities.Effective = []string{}
configSpec.Process.Capabilities.Permitted = []string{}
configSpec.Process.Capabilities.Inheritable = []string{}
configSpec.Process.Capabilities.Ambient = []string{}
userCaps, err := capabilities.NormalizeCapabilities(s.CapAdd)
if err != nil {
return errors.Wrapf(err, "capabilities requested by user are not valid: %q", strings.Join(s.CapAdd, ","))
}
configSpec.Process.Capabilities.Effective = userCaps
configSpec.Process.Capabilities.Permitted = userCaps
}
g.SetProcessNoNewPrivileges(s.NoNewPrivileges)
if err := setupApparmor(s, rtc, g); err != nil {
return err
}
// HANDLE SECCOMP
if s.SeccompProfilePath != "unconfined" {
seccompConfig, err := getSeccompConfig(s, configSpec, newImage)

1
vendor/github.com/containers/common/pkg/apparmor/apparmor.go generated vendored
View File

@ -15,7 +15,6 @@ const (
)
var (
// ErrApparmorUnsupported indicates that AppArmor support is not supported.
ErrApparmorUnsupported = errors.New("AppArmor is not supported")
// ErrApparmorRootless indicates that AppArmor support is not supported in rootless mode.

54
vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go generated vendored
View File

@ -5,7 +5,6 @@ package apparmor
import (
"bufio"
"bytes"
"fmt"
"io"
"os"
"os/exec"
@ -47,7 +46,7 @@ type profileData struct {
func (p *profileData) generateDefault(out io.Writer) error {
compiled, err := template.New("apparmor_profile").Parse(defaultProfileTemplate)
if err != nil {
return err
return errors.Wrap(err, "create AppArmor profile from template")
}
if macroExists("tunables/global") {
@ -62,11 +61,11 @@ func (p *profileData) generateDefault(out io.Writer) error {
ver, err := getAAParserVersion()
if err != nil {
return err
return errors.Wrap(err, "get AppArmor version")
}
p.Version = ver
return compiled.Execute(out, p)
return errors.Wrap(compiled.Execute(out, p), "execute compiled profile")
}
// macrosExists checks if the passed macro exists.
@ -89,28 +88,29 @@ func InstallDefault(name string) error {
cmd := exec.Command("apparmor_parser", "-Kr")
pipe, err := cmd.StdinPipe()
if err != nil {
return err
return errors.Wrap(err, "execute apparmor_parser")
}
if err := cmd.Start(); err != nil {
if pipeErr := pipe.Close(); pipeErr != nil {
logrus.Errorf("unable to close apparmor pipe: %q", pipeErr)
logrus.Errorf("unable to close AppArmor pipe: %q", pipeErr)
}
return err
return errors.Wrap(err, "start apparmor_parser command")
}
if err := p.generateDefault(pipe); err != nil {
if pipeErr := pipe.Close(); pipeErr != nil {
logrus.Errorf("unable to close apparmor pipe: %q", pipeErr)
logrus.Errorf("unable to close AppArmor pipe: %q", pipeErr)
}
if cmdErr := cmd.Wait(); cmdErr != nil {
logrus.Errorf("unable to wait for apparmor command: %q", cmdErr)
logrus.Errorf("unable to wait for AppArmor command: %q", cmdErr)
}
return err
return errors.Wrap(err, "generate default profile into pipe")
}
if pipeErr := pipe.Close(); pipeErr != nil {
logrus.Errorf("unable to close apparmor pipe: %q", pipeErr)
logrus.Errorf("unable to close AppArmor pipe: %q", pipeErr)
}
return cmd.Wait()
return errors.Wrap(cmd.Wait(), "wait for AppArmor command")
}
// DefaultContent returns the default profile content as byte slice. The
@ -120,7 +120,7 @@ func DefaultContent(name string) ([]byte, error) {
p := profileData{Name: name}
var bytes bytes.Buffer
if err := p.generateDefault(&bytes); err != nil {
return nil, err
return nil, errors.Wrap(err, "generate default AppAmor profile")
}
return bytes.Bytes(), nil
}
@ -137,7 +137,7 @@ func IsLoaded(name string) (bool, error) {
if os.IsNotExist(err) {
return false, nil
}
return false, err
return false, errors.Wrap(err, "open AppArmor profile path")
}
defer file.Close()
@ -148,7 +148,7 @@ func IsLoaded(name string) (bool, error) {
break
}
if err != nil {
return false, err
return false, errors.Wrap(err, "reading AppArmor profile")
}
if strings.HasPrefix(p, name+" ") {
return true, nil
@ -163,9 +163,9 @@ func execAAParser(dir string, args ...string) (string, error) {
c := exec.Command("apparmor_parser", args...)
c.Dir = dir
output, err := c.CombinedOutput()
output, err := c.Output()
if err != nil {
return "", fmt.Errorf("running `%s %s` failed with output: %s\nerror: %v", c.Path, strings.Join(c.Args, " "), output, err)
return "", errors.Errorf("running `%s %s` failed with output: %s\nerror: %v", c.Path, strings.Join(c.Args, " "), output, err)
}
return string(output), nil
@ -175,7 +175,7 @@ func execAAParser(dir string, args ...string) (string, error) {
func getAAParserVersion() (int, error) {
output, err := execAAParser("", "--version")
if err != nil {
return -1, err
return -1, errors.Wrap(err, "execute apparmor_parser")
}
return parseAAParserVersion(output)
}
@ -194,7 +194,7 @@ func parseAAParserVersion(output string) (int, error) {
// split by major minor version
v := strings.Split(version, ".")
if len(v) == 0 || len(v) > 3 {
return -1, fmt.Errorf("parsing version failed for output: `%s`", output)
return -1, errors.Errorf("parsing version failed for output: `%s`", output)
}
// Default the versions to 0.
@ -202,19 +202,19 @@ func parseAAParserVersion(output string) (int, error) {
majorVersion, err := strconv.Atoi(v[0])
if err != nil {
return -1, err
return -1, errors.Wrap(err, "convert AppArmor major version")
}
if len(v) > 1 {
minorVersion, err = strconv.Atoi(v[1])
if err != nil {
return -1, err
return -1, errors.Wrap(err, "convert AppArmor minor version")
}
}
if len(v) > 2 {
patchLevel, err = strconv.Atoi(v[2])
if err != nil {
return -1, err
return -1, errors.Wrap(err, "convert AppArmor patch version")
}
}
@ -251,7 +251,7 @@ func CheckProfileAndLoadDefault(name string) (string, error) {
if name == "" {
return "", nil
} else {
return "", fmt.Errorf("profile %q specified but AppArmor is disabled on the host", name)
return "", errors.Errorf("profile %q specified but AppArmor is disabled on the host", name)
}
}
@ -262,10 +262,10 @@ func CheckProfileAndLoadDefault(name string) (string, error) {
// name.
isLoaded, err := IsLoaded(name)
if err != nil {
return "", err
return "", errors.Wrapf(err, "verify if profile %s is loaded", name)
}
if !isLoaded {
return "", fmt.Errorf("AppArmor profile %q specified but not loaded", name)
return "", errors.Errorf("AppArmor profile %q specified but not loaded", name)
}
return name, nil
}
@ -274,12 +274,12 @@ func CheckProfileAndLoadDefault(name string) (string, error) {
// if it's loaded before installing it.
isLoaded, err := IsLoaded(name)
if err != nil {
return "", err
return "", errors.Wrapf(err, "verify if profile %s is loaded", name)
}
if !isLoaded {
err = InstallDefault(name)
if err != nil {
return "", err
return "", errors.Wrapf(err, "install profile %s", name)
}
logrus.Infof("successfully loaded AppAmor profile %q", name)
} else {

3
vendor/github.com/containers/common/pkg/auth/auth.go generated vendored
View File

@ -150,9 +150,6 @@ func getRegistryName(server string) string {
// gets the registry from the input. If the input is of the form
// quay.io/myuser/myimage, it will parse it and just return quay.io
split := strings.Split(server, "/")
if len(split) > 1 {
return split[0]
}
return split[0]
}

10
vendor/github.com/containers/common/pkg/capabilities/capabilities.go generated vendored
View File

@ -57,9 +57,9 @@ func AllCapabilities() []string {
return capabilityList
}
// normalizeCapabilities normalizes caps by adding a "CAP_" prefix (if not yet
// NormalizeCapabilities normalizes caps by adding a "CAP_" prefix (if not yet
// present).
func normalizeCapabilities(caps []string) ([]string, error) {
func NormalizeCapabilities(caps []string) ([]string, error) {
normalized := make([]string, len(caps))
for i, c := range caps {
c = strings.ToUpper(c)
@ -98,7 +98,7 @@ func MergeCapabilities(base, adds, drops []string) ([]string, error) {
var caps []string
// Normalize the base capabilities
base, err := normalizeCapabilities(base)
base, err := NormalizeCapabilities(base)
if err != nil {
return nil, err
}
@ -106,11 +106,11 @@ func MergeCapabilities(base, adds, drops []string) ([]string, error) {
// Nothing to tweak; we're done
return base, nil
}
capDrop, err := normalizeCapabilities(drops)
capDrop, err := NormalizeCapabilities(drops)
if err != nil {
return nil, err
}
capAdd, err := normalizeCapabilities(adds)
capAdd, err := NormalizeCapabilities(adds)
if err != nil {
return nil, err
}

5
vendor/github.com/containers/common/pkg/config/config.go generated vendored
View File

@ -244,6 +244,11 @@ type EngineConfig struct {
// LockType is the type of locking to use.
LockType string `toml:"lock_type,omitempty"`
// MultiImageArchive - if true, the container engine allows for storing
// archives (e.g., of the docker-archive transport) with multiple
// images. By default, Podman creates single-image archives.
MultiImageArchive bool `toml:"multi_image_archive,omitempty"`
// Namespace is the engine namespace to use. Namespaces are used to create
// scopes to separate containers and pods in the state. When namespace is
// set, engine will only view containers and pods in the same namespace. All

23
vendor/github.com/containers/common/pkg/config/config_local.go generated vendored
View File

@ -7,6 +7,7 @@ import (
"os"
"path/filepath"
"regexp"
"strings"
"syscall"
units "github.com/docker/go-units"
@ -81,12 +82,24 @@ func (c *ContainersConfig) validateTZ() error {
if c.TZ == "local" {
return nil
}
zonePath := filepath.Join("/usr/share/zoneinfo", c.TZ)
_, err := os.Stat(zonePath)
if err != nil {
return fmt.Errorf("Unrecognized timezone %s", zonePath)
lookupPaths := []string{
"/usr/share/zoneinfo",
"/etc/zoneinfo",
}
return nil
for _, paths := range lookupPaths {
zonePath := filepath.Join(paths, c.TZ)
if _, err := os.Stat(zonePath); err == nil {
// found zone information
return nil
}
}
return fmt.Errorf(
"unable to find timezone %s in paths: %s",
c.TZ, strings.Join(lookupPaths, ", "),
)
}
func (c *ContainersConfig) validateUmask() error {

23
vendor/github.com/containers/common/pkg/config/containers.conf generated vendored
View File

@ -116,18 +116,13 @@
#
# env = [
# "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
# "TERM=xterm",
# ]
# Pass all host environment variables into the container.
#
# env_host = false
# Path to OCI hooks directories for automatically executed hooks.
#
# hooks_dir = [
# "/usr/share/containers/oci/hooks.d",
# ]
# Default proxy environment variables passed into the container.
# The environment variables passed in include:
# http_proxy, https_proxy, ftp_proxy, no_proxy, and the upper case versions of
@ -299,6 +294,12 @@
#
# events_logger = "journald"
# Path to OCI hooks directories for automatically executed hooks.
#
# hooks_dir = [
# "/usr/share/containers/oci/hooks.d",
# ]
# Default transport method for pulling and pushing for images
#
# image_default_transport = "docker://"
@ -322,6 +323,12 @@
#
# lock_type** = "shm"
# MultiImageArchive - if true, the container engine allows for storing archives
# (e.g., of the docker-archive transport) with multiple images. By default,
# Podman creates single-image archives.
#
# multi_image_archive = "false"
# Default engine namespace
# If engine is joined to a namespace, it will see only containers and pods
# that were created in the same namespace, and will create new containers and
@ -331,6 +338,10 @@
#
# namespace = ""
# Path to the slirp4netns binary
#
# network_cmd_path=""
# Whether to use chroot instead of pivot_root in the runtime
#
# no_pivot_root = false

30
vendor/github.com/containers/common/pkg/config/default.go generated vendored
View File

@ -12,6 +12,7 @@ import (
"github.com/containers/common/pkg/apparmor"
"github.com/containers/common/pkg/cgroupv2"
"github.com/containers/storage"
"github.com/containers/storage/pkg/homedir"
"github.com/containers/storage/pkg/unshare"
"github.com/opencontainers/selinux/go-selinux"
"github.com/pkg/errors"
@ -94,8 +95,8 @@ const (
_installPrefix = "/usr"
// _cniConfigDir is the directory where cni configuration is found
_cniConfigDir = "/etc/cni/net.d/"
// _cniConfigDirRootless is the directory where cni plugins are found
_cniConfigDirRootless = ".config/cni/net.d/"
// _cniConfigDirRootless is the directory in XDG_CONFIG_HOME for cni plugins
_cniConfigDirRootless = "cni/net.d/"
// CgroupfsCgroupsManager represents cgroupfs native cgroup manager
CgroupfsCgroupsManager = "cgroupfs"
// DefaultApparmorProfile specifies the default apparmor profile for the container.
@ -115,9 +116,9 @@ const (
// DefaultSignaturePolicyPath is the default value for the
// policy.json file.
DefaultSignaturePolicyPath = "/etc/containers/policy.json"
// DefaultRootlessSignaturePolicyPath is the default value for the
// rootless policy.json file.
DefaultRootlessSignaturePolicyPath = ".config/containers/policy.json"
// DefaultRootlessSignaturePolicyPath is the location within
// XDG_CONFIG_HOME of the rootless policy.json file.
DefaultRootlessSignaturePolicyPath = "containers/policy.json"
// DefaultShmSize default value
DefaultShmSize = "65536k"
// DefaultUserNSSize default value
@ -144,11 +145,11 @@ func DefaultConfig() (*Config, error) {
defaultEngineConfig.SignaturePolicyPath = DefaultSignaturePolicyPath
if unshare.IsRootless() {
home, err := unshare.HomeDir()
configHome, err := homedir.GetConfigHome()
if err != nil {
return nil, err
}
sigPath := filepath.Join(home, DefaultRootlessSignaturePolicyPath)
sigPath := filepath.Join(configHome, DefaultRootlessSignaturePolicyPath)
defaultEngineConfig.SignaturePolicyPath = sigPath
if _, err := os.Stat(sigPath); err != nil {
if _, err := os.Stat(DefaultSignaturePolicyPath); err == nil {
@ -156,7 +157,7 @@ func DefaultConfig() (*Config, error) {
}
}
netns = "slirp4netns"
cniConfig = filepath.Join(home, _cniConfigDirRootless)
cniConfig = filepath.Join(configHome, _cniConfigDirRootless)
}
cgroupNS := "host"
@ -181,6 +182,7 @@ func DefaultConfig() (*Config, error) {
EnableLabeling: selinuxEnabled(),
Env: []string{
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"TERM=xterm",
},
EnvHost: false,
HTTPProxy: false,
@ -222,10 +224,16 @@ func defaultConfigFromMemory() (*EngineConfig, error) {
c.EventsLogFilePath = filepath.Join(c.TmpDir, "events", "events.log")
storeOpts, err := storage.DefaultStoreOptions(unshare.IsRootless(), unshare.GetRootlessUID())
if err != nil {
return nil, err
var storeOpts storage.StoreOptions
if path, ok := os.LookupEnv("CONTAINERS_STORAGE_CONF"); ok {
storage.ReloadConfigurationFile(path, &storeOpts)
} else {
storeOpts, err = storage.DefaultStoreOptions(unshare.IsRootless(), unshare.GetRootlessUID())
if err != nil {
return nil, err
}
}
if storeOpts.GraphRoot == "" {
logrus.Warnf("Storage configuration is unset - using hardcoded default graph root %q", _defaultGraphRoot)
storeOpts.GraphRoot = _defaultGraphRoot

18
vendor/github.com/containers/common/pkg/config/libpodConfig.go generated vendored
View File

@ -197,6 +197,10 @@ func newLibpodConfig(c *Config) error {
return errors.Wrapf(err, "error finding config on system")
}
if len(configs) == 0 {
return nil
}
for _, path := range configs {
config, err = readLibpodConfigFromFile(path, config)
if err != nil {
@ -226,7 +230,7 @@ func newLibpodConfig(c *Config) error {
// hard code EventsLogger to "file" to match older podman versions.
if config.EventsLogger != "file" {
logrus.Debugf("Ignoring libpod.conf EventsLogger setting %q. Use %q if you want to change this setting and remove libpod.conf files.", Path(), config.EventsLogger)
logrus.Warnf("Ignoring libpod.conf EventsLogger setting %q. Use %q if you want to change this setting and remove libpod.conf files.", config.EventsLogger, Path())
config.EventsLogger = "file"
}
@ -260,9 +264,7 @@ func systemLibpodConfigs() ([]string, error) {
if err != nil {
containersConfPath = filepath.Join("$HOME", UserOverrideContainersConfig)
}
// TODO: Raise to Warnf, when Podman is updated to
// remove libpod.conf by default
logrus.Debugf("Found deprecated file %s, please remove. Use %s to override defaults.\n", Path(), containersConfPath)
logrus.Warnf("Found deprecated file %s, please remove. Use %s to override defaults.\n", path, containersConfPath)
return []string{path}, nil
}
return nil, err
@ -270,15 +272,11 @@ func systemLibpodConfigs() ([]string, error) {
configs := []string{}
if _, err := os.Stat(_rootConfigPath); err == nil {
// TODO: Raise to Warnf, when Podman is updated to
// remove libpod.conf by default
logrus.Debugf("Found deprecated file %s, please remove. Use %s to override defaults.\n", _rootConfigPath, OverrideContainersConfig)
logrus.Warnf("Found deprecated file %s, please remove. Use %s to override defaults.\n", _rootConfigPath, OverrideContainersConfig)
configs = append(configs, _rootConfigPath)
}
if _, err := os.Stat(_rootOverrideConfigPath); err == nil {
// TODO: Raise to Warnf, when Podman is updated to
// remove libpod.conf by default
logrus.Debugf("Found deprecated file %s, please remove. Use %s to override defaults.\n", _rootOverrideConfigPath, OverrideContainersConfig)
logrus.Warnf("Found deprecated file %s, please remove. Use %s to override defaults.\n", _rootOverrideConfigPath, OverrideContainersConfig)
configs = append(configs, _rootOverrideConfigPath)
}
return configs, nil

2
vendor/github.com/containers/common/version/version.go generated vendored
View File

@ -1,4 +1,4 @@
package version
// Version is the version of the build.
const Version = "0.18.0"
const Version = "0.20.3"

11
vendor/golang.org/x/sys/cpu/byteorder.go generated vendored
View File

@ -39,20 +39,25 @@ func (bigEndian) Uint64(b []byte) uint64 {
uint64(b[3])<<32 | uint64(b[2])<<40 | uint64(b[1])<<48 | uint64(b[0])<<56
}
// hostByteOrder returns binary.LittleEndian on little-endian machines and
// binary.BigEndian on big-endian machines.
// hostByteOrder returns littleEndian on little-endian machines and
// bigEndian on big-endian machines.
func hostByteOrder() byteOrder {
switch runtime.GOARCH {
case "386", "amd64", "amd64p32",
"alpha",
"arm", "arm64",
"mipsle", "mips64le", "mips64p32le",
"nios2",
"ppc64le",
"riscv", "riscv64":
"riscv", "riscv64",
"sh":
return littleEndian{}
case "armbe", "arm64be",
"m68k",
"mips", "mips64", "mips64p32",
"ppc", "ppc64",
"s390", "s390x",
"shbe",
"sparc", "sparc64":
return bigEndian{}
}

8
vendor/golang.org/x/sys/cpu/cpu_arm64.go generated vendored
View File

@ -10,8 +10,14 @@ const cacheLineSize = 64
func init() {
switch runtime.GOOS {
case "android", "darwin":
case "android", "darwin", "netbsd":
// Android and iOS don't seem to allow reading these registers.
//
// NetBSD:
// ID_AA64ISAR0_EL1 is a privileged register and cannot be read from EL0.
// It can be read via sysctl(3). Example for future implementers:
// https://nxr.netbsd.org/xref/src/usr.sbin/cpuctl/arch/aarch64.c
//
// Fake the minimal features expected by
// TestARM64minimalFeatures.
ARM64.HasASIMD = true

7
vendor/golang.org/x/sys/unix/mkerrors.sh generated vendored
View File

@ -107,6 +107,7 @@ includes_FreeBSD='
#include <sys/types.h>
#include <sys/disk.h>
#include <sys/event.h>
#include <sys/sched.h>
#include <sys/select.h>
#include <sys/socket.h>
#include <sys/sockio.h>
@ -297,6 +298,7 @@ includes_NetBSD='
#include <sys/extattr.h>
#include <sys/mman.h>
#include <sys/mount.h>
#include <sys/sched.h>
#include <sys/select.h>
#include <sys/socket.h>
#include <sys/sockio.h>
@ -325,6 +327,7 @@ includes_OpenBSD='
#include <sys/mman.h>
#include <sys/mount.h>
#include <sys/select.h>
#include <sys/sched.h>
#include <sys/socket.h>
#include <sys/sockio.h>
#include <sys/stat.h>
@ -507,9 +510,11 @@ ccflags="$@"
$2 ~ /^(CLOCK|TIMER)_/ ||
$2 ~ /^CAN_/ ||
$2 ~ /^CAP_/ ||
$2 ~ /^CP_/ ||
$2 ~ /^CPUSTATES$/ ||
$2 ~ /^ALG_/ ||
$2 ~ /^FS_(POLICY_FLAGS|KEY_DESC|ENCRYPTION_MODE|[A-Z0-9_]+_KEY_SIZE)/ ||
$2 ~ /^FS_IOC_.*(ENCRYPTION|VERITY|GETFLAGS)/ ||
$2 ~ /^FS_IOC_.*(ENCRYPTION|VERITY|[GS]ETFLAGS)/ ||
$2 ~ /^FS_VERITY_/ ||
$2 ~ /^FSCRYPT_/ ||
$2 ~ /^GRND_/ ||

17
vendor/golang.org/x/sys/unix/syscall_bsd.go generated vendored
View File

@ -527,6 +527,23 @@ func SysctlClockinfo(name string) (*Clockinfo, error) {
return &ci, nil
}
func SysctlTimeval(name string) (*Timeval, error) {
mib, err := sysctlmib(name)
if err != nil {
return nil, err
}
var tv Timeval
n := uintptr(unsafe.Sizeof(tv))
if err := sysctl(mib, (*byte)(unsafe.Pointer(&tv)), &n, nil, 0); err != nil {
return nil, err
}
if n != unsafe.Sizeof(tv) {
return nil, EIO
}
return &tv, nil
}
//sys utimes(path string, timeval *[2]Timeval) (err error)
func Utimes(path string, tv []Timeval) error {

40
vendor/golang.org/x/sys/unix/syscall_linux.go generated vendored
View File

@ -97,6 +97,12 @@ func IoctlSetRTCTime(fd int, value *RTCTime) error {
return err
}
func IoctlSetRTCWkAlrm(fd int, value *RTCWkAlrm) error {
err := ioctl(fd, RTC_WKALM_SET, uintptr(unsafe.Pointer(value)))
runtime.KeepAlive(value)
return err
}
func IoctlGetUint32(fd int, req uint) (uint32, error) {
var value uint32
err := ioctl(fd, req, uintptr(unsafe.Pointer(&value)))
@ -109,6 +115,12 @@ func IoctlGetRTCTime(fd int) (*RTCTime, error) {
return &value, err
}
func IoctlGetRTCWkAlrm(fd int) (*RTCWkAlrm, error) {
var value RTCWkAlrm
err := ioctl(fd, RTC_WKALM_RD, uintptr(unsafe.Pointer(&value)))
return &value, err
}
//sys Linkat(olddirfd int, oldpath string, newdirfd int, newpath string, flags int) (err error)
func Link(oldpath string, newpath string) (err error) {
@ -1938,6 +1950,20 @@ func Vmsplice(fd int, iovs []Iovec, flags int) (int, error) {
return int(n), nil
}
func isGroupMember(gid int) bool {
groups, err := Getgroups()
if err != nil {
return false
}
for _, g := range groups {
if g == gid {
return true
}
}
return false
}
//sys faccessat(dirfd int, path string, mode uint32) (err error)
func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
@ -1995,7 +2021,7 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
gid = Getgid()
}
if uint32(gid) == st.Gid {
if uint32(gid) == st.Gid || isGroupMember(gid) {
fmode = (st.Mode >> 3) & 7
} else {
fmode = st.Mode & 7
@ -2096,6 +2122,18 @@ func Klogset(typ int, arg int) (err error) {
return nil
}
// RemoteIovec is Iovec with the pointer replaced with an integer.
// It is used for ProcessVMReadv and ProcessVMWritev, where the pointer
// refers to a location in a different process' address space, which
// would confuse the Go garbage collector.
type RemoteIovec struct {
Base uintptr
Len int
}
//sys ProcessVMReadv(pid int, localIov []Iovec, remoteIov []RemoteIovec, flags uint) (n int, err error) = SYS_PROCESS_VM_READV
//sys ProcessVMWritev(pid int, localIov []Iovec, remoteIov []RemoteIovec, flags uint) (n int, err error) = SYS_PROCESS_VM_WRITEV
/*
* Unimplemented
*/

6
vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go generated vendored
View File

@ -339,6 +339,12 @@ const (
CLOCK_UPTIME_FAST = 0x8
CLOCK_UPTIME_PRECISE = 0x7
CLOCK_VIRTUAL = 0x1
CPUSTATES = 0x5
CP_IDLE = 0x4
CP_INTR = 0x3
CP_NICE = 0x1
CP_SYS = 0x2
CP_USER = 0x0
CREAD = 0x800
CRTSCTS = 0x30000
CS5 = 0x0

6
vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go generated vendored
View File

@ -339,6 +339,12 @@ const (
CLOCK_UPTIME_FAST = 0x8
CLOCK_UPTIME_PRECISE = 0x7
CLOCK_VIRTUAL = 0x1
CPUSTATES = 0x5
CP_IDLE = 0x4
CP_INTR = 0x3
CP_NICE = 0x1
CP_SYS = 0x2
CP_USER = 0x0
CREAD = 0x800
CRTSCTS = 0x30000
CS5 = 0x0

6
vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go generated vendored
View File

@ -339,6 +339,12 @@ const (
CLOCK_UPTIME_FAST = 0x8
CLOCK_UPTIME_PRECISE = 0x7
CLOCK_VIRTUAL = 0x1
CPUSTATES = 0x5
CP_IDLE = 0x4
CP_INTR = 0x3
CP_NICE = 0x1
CP_SYS = 0x2
CP_USER = 0x0
CREAD = 0x800
CRTSCTS = 0x30000
CS5 = 0x0

6
vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go generated vendored
View File

@ -339,6 +339,12 @@ const (
CLOCK_UPTIME_FAST = 0x8
CLOCK_UPTIME_PRECISE = 0x7
CLOCK_VIRTUAL = 0x1
CPUSTATES = 0x5
CP_IDLE = 0x4
CP_INTR = 0x3
CP_NICE = 0x1
CP_SYS = 0x2
CP_USER = 0x0
CREAD = 0x800
CRTSCTS = 0x30000
CS5 = 0x0

66
vendor/golang.org/x/sys/unix/zerrors_linux.go generated vendored
View File

@ -160,78 +160,28 @@ const (
BPF_A = 0x10
BPF_ABS = 0x20
BPF_ADD = 0x0
BPF_ADJ_ROOM_ENCAP_L2_MASK = 0xff
BPF_ADJ_ROOM_ENCAP_L2_SHIFT = 0x38
BPF_ALU = 0x4
BPF_ALU64 = 0x7
BPF_AND = 0x50
BPF_ANY = 0x0
BPF_ARSH = 0xc0
BPF_B = 0x10
BPF_BUILD_ID_SIZE = 0x14
BPF_CALL = 0x80
BPF_DEVCG_ACC_MKNOD = 0x1
BPF_DEVCG_ACC_READ = 0x2
BPF_DEVCG_ACC_WRITE = 0x4
BPF_DEVCG_DEV_BLOCK = 0x1
BPF_DEVCG_DEV_CHAR = 0x2
BPF_DIV = 0x30
BPF_DW = 0x18
BPF_END = 0xd0
BPF_EXIST = 0x2
BPF_EXIT = 0x90
BPF_FLOW_DISSECTOR_F_PARSE_1ST_FRAG = 0x1
BPF_FLOW_DISSECTOR_F_STOP_AT_ENCAP = 0x4
BPF_FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL = 0x2
BPF_FROM_BE = 0x8
BPF_FROM_LE = 0x0
BPF_FS_MAGIC = 0xcafe4a11
BPF_F_ADJ_ROOM_ENCAP_L3_IPV4 = 0x2
BPF_F_ADJ_ROOM_ENCAP_L3_IPV6 = 0x4
BPF_F_ADJ_ROOM_ENCAP_L4_GRE = 0x8
BPF_F_ADJ_ROOM_ENCAP_L4_UDP = 0x10
BPF_F_ADJ_ROOM_FIXED_GSO = 0x1
BPF_F_ALLOW_MULTI = 0x2
BPF_F_ALLOW_OVERRIDE = 0x1
BPF_F_ANY_ALIGNMENT = 0x2
BPF_F_CLONE = 0x200
BPF_F_CTXLEN_MASK = 0xfffff00000000
BPF_F_CURRENT_CPU = 0xffffffff
BPF_F_CURRENT_NETNS = -0x1
BPF_F_DONT_FRAGMENT = 0x4
BPF_F_FAST_STACK_CMP = 0x200
BPF_F_HDR_FIELD_MASK = 0xf
BPF_F_INDEX_MASK = 0xffffffff
BPF_F_INGRESS = 0x1
BPF_F_INVALIDATE_HASH = 0x2
BPF_F_LOCK = 0x4
BPF_F_MARK_ENFORCE = 0x40
BPF_F_MARK_MANGLED_0 = 0x20
BPF_F_MMAPABLE = 0x400
BPF_F_NO_COMMON_LRU = 0x2
BPF_F_NO_PREALLOC = 0x1
BPF_F_NUMA_NODE = 0x4
BPF_F_PSEUDO_HDR = 0x10
BPF_F_QUERY_EFFECTIVE = 0x1
BPF_F_RDONLY = 0x8
BPF_F_RDONLY_PROG = 0x80
BPF_F_RECOMPUTE_CSUM = 0x1
BPF_F_REPLACE = 0x4
BPF_F_REUSE_STACKID = 0x400
BPF_F_SEQ_NUMBER = 0x8
BPF_F_SKIP_FIELD_MASK = 0xff
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_STRICT_ALIGNMENT = 0x1
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_F_TEST_RND_HI32 = 0x4
BPF_F_TEST_STATE_FREQ = 0x8
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_USER_BUILD_ID = 0x800
BPF_F_USER_STACK = 0x100
BPF_F_WRONLY = 0x10
BPF_F_WRONLY_PROG = 0x100
BPF_F_ZERO_CSUM_TX = 0x2
BPF_F_ZERO_SEED = 0x40
BPF_H = 0x8
BPF_IMM = 0x0
BPF_IND = 0x40
@ -267,7 +217,6 @@ const (
BPF_MUL = 0x20
BPF_NEG = 0x80
BPF_NET_OFF = -0x100000
BPF_NOEXIST = 0x1
BPF_OBJ_NAME_LEN = 0x10
BPF_OR = 0x40
BPF_PSEUDO_CALL = 0x1
@ -275,12 +224,6 @@ const (
BPF_PSEUDO_MAP_VALUE = 0x2
BPF_RET = 0x6
BPF_RSH = 0x70
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_ST = 0x2
BPF_STX = 0x3
BPF_SUB = 0x10
@ -378,12 +321,14 @@ const (
CLOCK_TXINT = 0x3
CLONE_ARGS_SIZE_VER0 = 0x40
CLONE_ARGS_SIZE_VER1 = 0x50
CLONE_ARGS_SIZE_VER2 = 0x58
CLONE_CHILD_CLEARTID = 0x200000
CLONE_CHILD_SETTID = 0x1000000
CLONE_CLEAR_SIGHAND = 0x100000000
CLONE_DETACHED = 0x400000
CLONE_FILES = 0x400
CLONE_FS = 0x200
CLONE_INTO_CGROUP = 0x200000000
CLONE_IO = 0x80000000
CLONE_NEWCGROUP = 0x2000000
CLONE_NEWIPC = 0x8000000
@ -598,7 +543,9 @@ const (
FAN_DELETE = 0x200
FAN_DELETE_SELF = 0x400
FAN_DENY = 0x2
FAN_DIR_MODIFY = 0x80000
FAN_ENABLE_AUDIT = 0x40
FAN_EVENT_INFO_TYPE_DFID_NAME = 0x2
FAN_EVENT_INFO_TYPE_FID = 0x1
FAN_EVENT_METADATA_LEN = 0x18
FAN_EVENT_ON_CHILD = 0x8000000
@ -2108,8 +2055,6 @@ const (
TCOFLUSH = 0x1
TCOOFF = 0x0
TCOON = 0x1
TCP_BPF_IW = 0x3e9
TCP_BPF_SNDCWND_CLAMP = 0x3ea
TCP_CC_INFO = 0x1a
TCP_CM_INQ = 0x24
TCP_CONGESTION = 0xd
@ -2384,8 +2329,9 @@ const (
XDP_COPY = 0x2
XDP_FLAGS_DRV_MODE = 0x4
XDP_FLAGS_HW_MODE = 0x8
XDP_FLAGS_MASK = 0xf
XDP_FLAGS_MASK = 0x1f
XDP_FLAGS_MODES = 0xe
XDP_FLAGS_REPLACE = 0x10
XDP_FLAGS_SKB_MODE = 0x2
XDP_FLAGS_UPDATE_IF_NOEXIST = 0x1
XDP_MMAP_OFFSETS = 0x1

2
vendor/golang.org/x/sys/unix/zerrors_linux_386.go generated vendored
View File

@ -75,8 +75,10 @@ const (
FP_XSTATE_MAGIC2 = 0x46505845
FS_IOC_ENABLE_VERITY = 0x40806685
FS_IOC_GETFLAGS = 0x80046601
FS_IOC_GET_ENCRYPTION_NONCE = 0x8010661b
FS_IOC_GET_ENCRYPTION_POLICY = 0x400c6615
FS_IOC_GET_ENCRYPTION_PWSALT = 0x40106614
FS_IOC_SETFLAGS = 0x40046602
FS_IOC_SET_ENCRYPTION_POLICY = 0x800c6613
F_GETLK = 0xc
F_GETLK64 = 0xc

2
vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go generated vendored
View File

@ -75,8 +75,10 @@ const (
FP_XSTATE_MAGIC2 = 0x46505845
FS_IOC_ENABLE_VERITY = 0x40806685
FS_IOC_GETFLAGS = 0x80086601
FS_IOC_GET_ENCRYPTION_NONCE = 0x8010661b
FS_IOC_GET_ENCRYPTION_POLICY = 0x400c6615
FS_IOC_GET_ENCRYPTION_PWSALT = 0x40106614
FS_IOC_SETFLAGS = 0x40086602
FS_IOC_SET_ENCRYPTION_POLICY = 0x800c6613
F_GETLK = 0x5
F_GETLK64 = 0x5

2
vendor/golang.org/x/sys/unix/zerrors_linux_arm.go generated vendored
View File

@ -74,8 +74,10 @@ const (
FLUSHO = 0x1000
FS_IOC_ENABLE_VERITY = 0x40806685
FS_IOC_GETFLAGS = 0x80046601
FS_IOC_GET_ENCRYPTION_NONCE = 0x8010661b
FS_IOC_GET_ENCRYPTION_POLICY = 0x400c6615
FS_IOC_GET_ENCRYPTION_PWSALT = 0x40106614
FS_IOC_SETFLAGS = 0x40046602
FS_IOC_SET_ENCRYPTION_POLICY = 0x800c6613
F_GETLK = 0xc
F_GETLK64 = 0xc

2
vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go generated vendored
View File

@ -77,8 +77,10 @@ const (
FPSIMD_MAGIC = 0x46508001
FS_IOC_ENABLE_VERITY = 0x40806685
FS_IOC_GETFLAGS = 0x80086601
FS_IOC_GET_ENCRYPTION_NONCE = 0x8010661b
FS_IOC_GET_ENCRYPTION_POLICY = 0x400c6615
FS_IOC_GET_ENCRYPTION_PWSALT = 0x40106614
FS_IOC_SETFLAGS = 0x40086602
FS_IOC_SET_ENCRYPTION_POLICY = 0x800c6613
F_GETLK = 0x5
F_GETLK64 = 0x5

2
vendor/golang.org/x/sys/unix/zerrors_linux_mips.go generated vendored
View File

@ -74,8 +74,10 @@ const (
FLUSHO = 0x2000
FS_IOC_ENABLE_VERITY = 0x80806685
FS_IOC_GETFLAGS = 0x40046601
FS_IOC_GET_ENCRYPTION_NONCE = 0x4010661b
FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615
FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614
FS_IOC_SETFLAGS = 0x80046602
FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613
F_GETLK = 0x21
F_GETLK64 = 0x21

2
vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go generated vendored
View File

@ -74,8 +74,10 @@ const (
FLUSHO = 0x2000
FS_IOC_ENABLE_VERITY = 0x80806685
FS_IOC_GETFLAGS = 0x40086601
FS_IOC_GET_ENCRYPTION_NONCE = 0x4010661b
FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615
FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614
FS_IOC_SETFLAGS = 0x80086602
FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613
F_GETLK = 0xe
F_GETLK64 = 0xe

2
vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go generated vendored
View File

@ -74,8 +74,10 @@ const (
FLUSHO = 0x2000
FS_IOC_ENABLE_VERITY = 0x80806685
FS_IOC_GETFLAGS = 0x40086601
FS_IOC_GET_ENCRYPTION_NONCE = 0x4010661b
FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615
FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614
FS_IOC_SETFLAGS = 0x80086602
FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613
F_GETLK = 0xe
F_GETLK64 = 0xe

2
vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go generated vendored
View File

@ -74,8 +74,10 @@ const (
FLUSHO = 0x2000
FS_IOC_ENABLE_VERITY = 0x80806685
FS_IOC_GETFLAGS = 0x40046601
FS_IOC_GET_ENCRYPTION_NONCE = 0x4010661b
FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615
FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614
FS_IOC_SETFLAGS = 0x80046602
FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613
F_GETLK = 0x21
F_GETLK64 = 0x21

2
vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go generated vendored
View File

@ -74,8 +74,10 @@ const (
FLUSHO = 0x800000
FS_IOC_ENABLE_VERITY = 0x80806685
FS_IOC_GETFLAGS = 0x40086601
FS_IOC_GET_ENCRYPTION_NONCE = 0x4010661b
FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615
FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614
FS_IOC_SETFLAGS = 0x80086602
FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613
F_GETLK = 0x5
F_GETLK64 = 0xc

2
vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go generated vendored
View File

@ -74,8 +74,10 @@ const (
FLUSHO = 0x800000
FS_IOC_ENABLE_VERITY = 0x80806685
FS_IOC_GETFLAGS = 0x40086601
FS_IOC_GET_ENCRYPTION_NONCE = 0x4010661b
FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615
FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614
FS_IOC_SETFLAGS = 0x80086602
FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613
F_GETLK = 0x5
F_GETLK64 = 0xc

2
vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go generated vendored
View File

@ -74,8 +74,10 @@ const (
FLUSHO = 0x1000
FS_IOC_ENABLE_VERITY = 0x40806685
FS_IOC_GETFLAGS = 0x80086601
FS_IOC_GET_ENCRYPTION_NONCE = 0x8010661b
FS_IOC_GET_ENCRYPTION_POLICY = 0x400c6615
FS_IOC_GET_ENCRYPTION_PWSALT = 0x40106614
FS_IOC_SETFLAGS = 0x40086602
FS_IOC_SET_ENCRYPTION_POLICY = 0x800c6613
F_GETLK = 0x5
F_GETLK64 = 0x5

2
vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go generated vendored
View File

@ -74,8 +74,10 @@ const (
FLUSHO = 0x1000
FS_IOC_ENABLE_VERITY = 0x40806685
FS_IOC_GETFLAGS = 0x80086601
FS_IOC_GET_ENCRYPTION_NONCE = 0x8010661b
FS_IOC_GET_ENCRYPTION_POLICY = 0x400c6615
FS_IOC_GET_ENCRYPTION_PWSALT = 0x40106614
FS_IOC_SETFLAGS = 0x40086602
FS_IOC_SET_ENCRYPTION_POLICY = 0x800c6613
F_GETLK = 0x5
F_GETLK64 = 0x5

2
vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go generated vendored
View File

@ -78,8 +78,10 @@ const (
FLUSHO = 0x1000
FS_IOC_ENABLE_VERITY = 0x80806685
FS_IOC_GETFLAGS = 0x40086601
FS_IOC_GET_ENCRYPTION_NONCE = 0x4010661b
FS_IOC_GET_ENCRYPTION_POLICY = 0x800c6615
FS_IOC_GET_ENCRYPTION_PWSALT = 0x80106614
FS_IOC_SETFLAGS = 0x80086602
FS_IOC_SET_ENCRYPTION_POLICY = 0x400c6613
F_GETLK = 0x7
F_GETLK64 = 0x7

6
vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go generated vendored
View File

@ -158,6 +158,12 @@ const (
CLONE_SIGHAND = 0x800
CLONE_VFORK = 0x4000
CLONE_VM = 0x100
CPUSTATES = 0x5
CP_IDLE = 0x4
CP_INTR = 0x3
CP_NICE = 0x1
CP_SYS = 0x2
CP_USER = 0x0
CREAD = 0x800
CRTSCTS = 0x10000
CS5 = 0x0

6
vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go generated vendored
View File

@ -158,6 +158,12 @@ const (
CLONE_SIGHAND = 0x800
CLONE_VFORK = 0x4000
CLONE_VM = 0x100
CPUSTATES = 0x5
CP_IDLE = 0x4
CP_INTR = 0x3
CP_NICE = 0x1
CP_SYS = 0x2
CP_USER = 0x0
CREAD = 0x800
CRTSCTS = 0x10000
CS5 = 0x0

6
vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go generated vendored
View File

@ -150,6 +150,12 @@ const (
BRKINT = 0x2
CFLUSH = 0xf
CLOCAL = 0x8000
CPUSTATES = 0x5
CP_IDLE = 0x4
CP_INTR = 0x3
CP_NICE = 0x1
CP_SYS = 0x2
CP_USER = 0x0
CREAD = 0x800
CRTSCTS = 0x10000
CS5 = 0x0

6
vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go generated vendored
View File

@ -158,6 +158,12 @@ const (
CLONE_SIGHAND = 0x800
CLONE_VFORK = 0x4000
CLONE_VM = 0x100
CPUSTATES = 0x5
CP_IDLE = 0x4
CP_INTR = 0x3
CP_NICE = 0x1
CP_SYS = 0x2
CP_USER = 0x0
CREAD = 0x800
CRTSCTS = 0x10000
CS5 = 0x0

7
vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go generated vendored
View File

@ -146,6 +146,13 @@ const (
BRKINT = 0x2
CFLUSH = 0xf
CLOCAL = 0x8000
CPUSTATES = 0x6
CP_IDLE = 0x5
CP_INTR = 0x4
CP_NICE = 0x1
CP_SPIN = 0x3
CP_SYS = 0x2
CP_USER = 0x0
CREAD = 0x800
CRTSCTS = 0x10000
CS5 = 0x0

7
vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go generated vendored
View File

@ -153,6 +153,13 @@ const (
CLOCK_REALTIME = 0x0
CLOCK_THREAD_CPUTIME_ID = 0x4
CLOCK_UPTIME = 0x5
CPUSTATES = 0x6
CP_IDLE = 0x5
CP_INTR = 0x4
CP_NICE = 0x1
CP_SPIN = 0x3
CP_SYS = 0x2
CP_USER = 0x0
CREAD = 0x800
CRTSCTS = 0x10000
CS5 = 0x0

7
vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go generated vendored
View File

@ -146,6 +146,13 @@ const (
BRKINT = 0x2
CFLUSH = 0xf
CLOCAL = 0x8000
CPUSTATES = 0x6
CP_IDLE = 0x5
CP_INTR = 0x4
CP_NICE = 0x1
CP_SPIN = 0x3
CP_SYS = 0x2
CP_USER = 0x0
CREAD = 0x800
CRTSCTS = 0x10000
CS5 = 0x0

7
vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go generated vendored
View File

@ -156,6 +156,13 @@ const (
CLOCK_REALTIME = 0x0
CLOCK_THREAD_CPUTIME_ID = 0x4
CLOCK_UPTIME = 0x5
CPUSTATES = 0x6
CP_IDLE = 0x5
CP_INTR = 0x4
CP_NICE = 0x1
CP_SPIN = 0x3
CP_SYS = 0x2
CP_USER = 0x0
CREAD = 0x800
CRTSCTS = 0x10000
CS5 = 0x0

46
vendor/golang.org/x/sys/unix/zsyscall_linux.go generated vendored
View File

@ -1847,6 +1847,52 @@ func openByHandleAt(mountFD int, fh *fileHandle, flags int) (fd int, err error)
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func ProcessVMReadv(pid int, localIov []Iovec, remoteIov []RemoteIovec, flags uint) (n int, err error) {
var _p0 unsafe.Pointer
if len(localIov) > 0 {
_p0 = unsafe.Pointer(&localIov[0])
} else {
_p0 = unsafe.Pointer(&_zero)
}
var _p1 unsafe.Pointer
if len(remoteIov) > 0 {
_p1 = unsafe.Pointer(&remoteIov[0])
} else {
_p1 = unsafe.Pointer(&_zero)
}
r0, _, e1 := Syscall6(SYS_PROCESS_VM_READV, uintptr(pid), uintptr(_p0), uintptr(len(localIov)), uintptr(_p1), uintptr(len(remoteIov)), uintptr(flags))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func ProcessVMWritev(pid int, localIov []Iovec, remoteIov []RemoteIovec, flags uint) (n int, err error) {
var _p0 unsafe.Pointer
if len(localIov) > 0 {
_p0 = unsafe.Pointer(&localIov[0])
} else {
_p0 = unsafe.Pointer(&_zero)
}
var _p1 unsafe.Pointer
if len(remoteIov) > 0 {
_p1 = unsafe.Pointer(&remoteIov[0])
} else {
_p1 = unsafe.Pointer(&_zero)
}
r0, _, e1 := Syscall6(SYS_PROCESS_VM_WRITEV, uintptr(pid), uintptr(_p0), uintptr(len(localIov)), uintptr(_p1), uintptr(len(remoteIov)), uintptr(flags))
n = int(r0)
if e1 != 0 {
err = errnoErr(e1)
}
return
}
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
func pipe2(p *[2]_C_int, flags int) (err error) {
_, _, e1 := RawSyscall(SYS_PIPE2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0)
if e1 != 0 {

12
vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go generated vendored
View File

@ -125,9 +125,9 @@ type Statfs_t struct {
Owner uint32
Fsid Fsid
Charspare [80]int8
Fstypename [16]int8
Mntfromname [1024]int8
Mntonname [1024]int8
Fstypename [16]byte
Mntfromname [1024]byte
Mntonname [1024]byte
}
type statfs_freebsd11_t struct {
@ -150,9 +150,9 @@ type statfs_freebsd11_t struct {
Owner uint32
Fsid Fsid
Charspare [80]int8
Fstypename [16]int8
Mntfromname [88]int8
Mntonname [88]int8
Fstypename [16]byte
Mntfromname [88]byte
Mntonname [88]byte
}
type Flock_t struct {

416
vendor/golang.org/x/sys/unix/ztypes_linux.go generated vendored
View File

@ -1871,175 +1871,249 @@ const (
)
const (
BPF_REG_0 = 0x0
BPF_REG_1 = 0x1
BPF_REG_2 = 0x2
BPF_REG_3 = 0x3
BPF_REG_4 = 0x4
BPF_REG_5 = 0x5
BPF_REG_6 = 0x6
BPF_REG_7 = 0x7
BPF_REG_8 = 0x8
BPF_REG_9 = 0x9
BPF_REG_10 = 0xa
BPF_MAP_CREATE = 0x0
BPF_MAP_LOOKUP_ELEM = 0x1
BPF_MAP_UPDATE_ELEM = 0x2
BPF_MAP_DELETE_ELEM = 0x3
BPF_MAP_GET_NEXT_KEY = 0x4
BPF_PROG_LOAD = 0x5
BPF_OBJ_PIN = 0x6
BPF_OBJ_GET = 0x7
BPF_PROG_ATTACH = 0x8
BPF_PROG_DETACH = 0x9
BPF_PROG_TEST_RUN = 0xa
BPF_PROG_GET_NEXT_ID = 0xb
BPF_MAP_GET_NEXT_ID = 0xc
BPF_PROG_GET_FD_BY_ID = 0xd
BPF_MAP_GET_FD_BY_ID = 0xe
BPF_OBJ_GET_INFO_BY_FD = 0xf
BPF_PROG_QUERY = 0x10
BPF_RAW_TRACEPOINT_OPEN = 0x11
BPF_BTF_LOAD = 0x12
BPF_BTF_GET_FD_BY_ID = 0x13
BPF_TASK_FD_QUERY = 0x14
BPF_MAP_LOOKUP_AND_DELETE_ELEM = 0x15
BPF_MAP_FREEZE = 0x16
BPF_BTF_GET_NEXT_ID = 0x17
BPF_MAP_TYPE_UNSPEC = 0x0
BPF_MAP_TYPE_HASH = 0x1
BPF_MAP_TYPE_ARRAY = 0x2
BPF_MAP_TYPE_PROG_ARRAY = 0x3
BPF_MAP_TYPE_PERF_EVENT_ARRAY = 0x4
BPF_MAP_TYPE_PERCPU_HASH = 0x5
BPF_MAP_TYPE_PERCPU_ARRAY = 0x6
BPF_MAP_TYPE_STACK_TRACE = 0x7
BPF_MAP_TYPE_CGROUP_ARRAY = 0x8
BPF_MAP_TYPE_LRU_HASH = 0x9
BPF_MAP_TYPE_LRU_PERCPU_HASH = 0xa
BPF_MAP_TYPE_LPM_TRIE = 0xb
BPF_MAP_TYPE_ARRAY_OF_MAPS = 0xc
BPF_MAP_TYPE_HASH_OF_MAPS = 0xd
BPF_MAP_TYPE_DEVMAP = 0xe
BPF_MAP_TYPE_SOCKMAP = 0xf
BPF_MAP_TYPE_CPUMAP = 0x10
BPF_MAP_TYPE_XSKMAP = 0x11
BPF_MAP_TYPE_SOCKHASH = 0x12
BPF_MAP_TYPE_CGROUP_STORAGE = 0x13
BPF_MAP_TYPE_REUSEPORT_SOCKARRAY = 0x14
BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE = 0x15
BPF_MAP_TYPE_QUEUE = 0x16
BPF_MAP_TYPE_STACK = 0x17
BPF_MAP_TYPE_SK_STORAGE = 0x18
BPF_MAP_TYPE_DEVMAP_HASH = 0x19
BPF_PROG_TYPE_UNSPEC = 0x0
BPF_PROG_TYPE_SOCKET_FILTER = 0x1
BPF_PROG_TYPE_KPROBE = 0x2
BPF_PROG_TYPE_SCHED_CLS = 0x3
BPF_PROG_TYPE_SCHED_ACT = 0x4
BPF_PROG_TYPE_TRACEPOINT = 0x5
BPF_PROG_TYPE_XDP = 0x6
BPF_PROG_TYPE_PERF_EVENT = 0x7
BPF_PROG_TYPE_CGROUP_SKB = 0x8
BPF_PROG_TYPE_CGROUP_SOCK = 0x9
BPF_PROG_TYPE_LWT_IN = 0xa
BPF_PROG_TYPE_LWT_OUT = 0xb
BPF_PROG_TYPE_LWT_XMIT = 0xc
BPF_PROG_TYPE_SOCK_OPS = 0xd
BPF_PROG_TYPE_SK_SKB = 0xe
BPF_PROG_TYPE_CGROUP_DEVICE = 0xf
BPF_PROG_TYPE_SK_MSG = 0x10
BPF_PROG_TYPE_RAW_TRACEPOINT = 0x11
BPF_PROG_TYPE_CGROUP_SOCK_ADDR = 0x12
BPF_PROG_TYPE_LWT_SEG6LOCAL = 0x13
BPF_PROG_TYPE_LIRC_MODE2 = 0x14
BPF_PROG_TYPE_SK_REUSEPORT = 0x15
BPF_PROG_TYPE_FLOW_DISSECTOR = 0x16
BPF_PROG_TYPE_CGROUP_SYSCTL = 0x17
BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE = 0x18
BPF_PROG_TYPE_CGROUP_SOCKOPT = 0x19
BPF_PROG_TYPE_TRACING = 0x1a
BPF_CGROUP_INET_INGRESS = 0x0
BPF_CGROUP_INET_EGRESS = 0x1
BPF_CGROUP_INET_SOCK_CREATE = 0x2
BPF_CGROUP_SOCK_OPS = 0x3
BPF_SK_SKB_STREAM_PARSER = 0x4
BPF_SK_SKB_STREAM_VERDICT = 0x5
BPF_CGROUP_DEVICE = 0x6
BPF_SK_MSG_VERDICT = 0x7
BPF_CGROUP_INET4_BIND = 0x8
BPF_CGROUP_INET6_BIND = 0x9
BPF_CGROUP_INET4_CONNECT = 0xa
BPF_CGROUP_INET6_CONNECT = 0xb
BPF_CGROUP_INET4_POST_BIND = 0xc
BPF_CGROUP_INET6_POST_BIND = 0xd
BPF_CGROUP_UDP4_SENDMSG = 0xe
BPF_CGROUP_UDP6_SENDMSG = 0xf
BPF_LIRC_MODE2 = 0x10
BPF_FLOW_DISSECTOR = 0x11
BPF_CGROUP_SYSCTL = 0x12
BPF_CGROUP_UDP4_RECVMSG = 0x13
BPF_CGROUP_UDP6_RECVMSG = 0x14
BPF_CGROUP_GETSOCKOPT = 0x15
BPF_CGROUP_SETSOCKOPT = 0x16
BPF_TRACE_RAW_TP = 0x17
BPF_TRACE_FENTRY = 0x18
BPF_TRACE_FEXIT = 0x19
BPF_STACK_BUILD_ID_EMPTY = 0x0
BPF_STACK_BUILD_ID_VALID = 0x1
BPF_STACK_BUILD_ID_IP = 0x2
BPF_ADJ_ROOM_NET = 0x0
BPF_ADJ_ROOM_MAC = 0x1
BPF_HDR_START_MAC = 0x0
BPF_HDR_START_NET = 0x1
BPF_LWT_ENCAP_SEG6 = 0x0
BPF_LWT_ENCAP_SEG6_INLINE = 0x1
BPF_LWT_ENCAP_IP = 0x2
BPF_OK = 0x0
BPF_DROP = 0x2
BPF_REDIRECT = 0x7
BPF_LWT_REROUTE = 0x80
BPF_SOCK_OPS_VOID = 0x0
BPF_SOCK_OPS_TIMEOUT_INIT = 0x1
BPF_SOCK_OPS_RWND_INIT = 0x2
BPF_SOCK_OPS_TCP_CONNECT_CB = 0x3
BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB = 0x4
BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB = 0x5
BPF_SOCK_OPS_NEEDS_ECN = 0x6
BPF_SOCK_OPS_BASE_RTT = 0x7
BPF_SOCK_OPS_RTO_CB = 0x8
BPF_SOCK_OPS_RETRANS_CB = 0x9
BPF_SOCK_OPS_STATE_CB = 0xa
BPF_SOCK_OPS_TCP_LISTEN_CB = 0xb
BPF_SOCK_OPS_RTT_CB = 0xc
BPF_TCP_ESTABLISHED = 0x1
BPF_TCP_SYN_SENT = 0x2
BPF_TCP_SYN_RECV = 0x3
BPF_TCP_FIN_WAIT1 = 0x4
BPF_TCP_FIN_WAIT2 = 0x5
BPF_TCP_TIME_WAIT = 0x6
BPF_TCP_CLOSE = 0x7
BPF_TCP_CLOSE_WAIT = 0x8
BPF_TCP_LAST_ACK = 0x9
BPF_TCP_LISTEN = 0xa
BPF_TCP_CLOSING = 0xb
BPF_TCP_NEW_SYN_RECV = 0xc
BPF_TCP_MAX_STATES = 0xd
BPF_FIB_LKUP_RET_SUCCESS = 0x0
BPF_FIB_LKUP_RET_BLACKHOLE = 0x1
BPF_FIB_LKUP_RET_UNREACHABLE = 0x2
BPF_FIB_LKUP_RET_PROHIBIT = 0x3
BPF_FIB_LKUP_RET_NOT_FWDED = 0x4
BPF_FIB_LKUP_RET_FWD_DISABLED = 0x5
BPF_FIB_LKUP_RET_UNSUPP_LWT = 0x6
BPF_FIB_LKUP_RET_NO_NEIGH = 0x7
BPF_FIB_LKUP_RET_FRAG_NEEDED = 0x8
BPF_FD_TYPE_RAW_TRACEPOINT = 0x0
BPF_FD_TYPE_TRACEPOINT = 0x1
BPF_FD_TYPE_KPROBE = 0x2
BPF_FD_TYPE_KRETPROBE = 0x3
BPF_FD_TYPE_UPROBE = 0x4
BPF_FD_TYPE_URETPROBE = 0x5
BPF_REG_0 = 0x0
BPF_REG_1 = 0x1
BPF_REG_2 = 0x2
BPF_REG_3 = 0x3
BPF_REG_4 = 0x4
BPF_REG_5 = 0x5
BPF_REG_6 = 0x6
BPF_REG_7 = 0x7
BPF_REG_8 = 0x8
BPF_REG_9 = 0x9
BPF_REG_10 = 0xa
BPF_MAP_CREATE = 0x0
BPF_MAP_LOOKUP_ELEM = 0x1
BPF_MAP_UPDATE_ELEM = 0x2
BPF_MAP_DELETE_ELEM = 0x3
BPF_MAP_GET_NEXT_KEY = 0x4
BPF_PROG_LOAD = 0x5
BPF_OBJ_PIN = 0x6
BPF_OBJ_GET = 0x7
BPF_PROG_ATTACH = 0x8
BPF_PROG_DETACH = 0x9
BPF_PROG_TEST_RUN = 0xa
BPF_PROG_GET_NEXT_ID = 0xb
BPF_MAP_GET_NEXT_ID = 0xc
BPF_PROG_GET_FD_BY_ID = 0xd
BPF_MAP_GET_FD_BY_ID = 0xe
BPF_OBJ_GET_INFO_BY_FD = 0xf
BPF_PROG_QUERY = 0x10
BPF_RAW_TRACEPOINT_OPEN = 0x11
BPF_BTF_LOAD = 0x12
BPF_BTF_GET_FD_BY_ID = 0x13
BPF_TASK_FD_QUERY = 0x14
BPF_MAP_LOOKUP_AND_DELETE_ELEM = 0x15
BPF_MAP_FREEZE = 0x16
BPF_BTF_GET_NEXT_ID = 0x17
BPF_MAP_LOOKUP_BATCH = 0x18
BPF_MAP_LOOKUP_AND_DELETE_BATCH = 0x19
BPF_MAP_UPDATE_BATCH = 0x1a
BPF_MAP_DELETE_BATCH = 0x1b
BPF_LINK_CREATE = 0x1c
BPF_LINK_UPDATE = 0x1d
BPF_MAP_TYPE_UNSPEC = 0x0
BPF_MAP_TYPE_HASH = 0x1
BPF_MAP_TYPE_ARRAY = 0x2
BPF_MAP_TYPE_PROG_ARRAY = 0x3
BPF_MAP_TYPE_PERF_EVENT_ARRAY = 0x4
BPF_MAP_TYPE_PERCPU_HASH = 0x5
BPF_MAP_TYPE_PERCPU_ARRAY = 0x6
BPF_MAP_TYPE_STACK_TRACE = 0x7
BPF_MAP_TYPE_CGROUP_ARRAY = 0x8
BPF_MAP_TYPE_LRU_HASH = 0x9
BPF_MAP_TYPE_LRU_PERCPU_HASH = 0xa
BPF_MAP_TYPE_LPM_TRIE = 0xb
BPF_MAP_TYPE_ARRAY_OF_MAPS = 0xc
BPF_MAP_TYPE_HASH_OF_MAPS = 0xd
BPF_MAP_TYPE_DEVMAP = 0xe
BPF_MAP_TYPE_SOCKMAP = 0xf
BPF_MAP_TYPE_CPUMAP = 0x10
BPF_MAP_TYPE_XSKMAP = 0x11
BPF_MAP_TYPE_SOCKHASH = 0x12
BPF_MAP_TYPE_CGROUP_STORAGE = 0x13
BPF_MAP_TYPE_REUSEPORT_SOCKARRAY = 0x14
BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE = 0x15
BPF_MAP_TYPE_QUEUE = 0x16
BPF_MAP_TYPE_STACK = 0x17
BPF_MAP_TYPE_SK_STORAGE = 0x18
BPF_MAP_TYPE_DEVMAP_HASH = 0x19
BPF_MAP_TYPE_STRUCT_OPS = 0x1a
BPF_PROG_TYPE_UNSPEC = 0x0
BPF_PROG_TYPE_SOCKET_FILTER = 0x1
BPF_PROG_TYPE_KPROBE = 0x2
BPF_PROG_TYPE_SCHED_CLS = 0x3
BPF_PROG_TYPE_SCHED_ACT = 0x4
BPF_PROG_TYPE_TRACEPOINT = 0x5
BPF_PROG_TYPE_XDP = 0x6
BPF_PROG_TYPE_PERF_EVENT = 0x7
BPF_PROG_TYPE_CGROUP_SKB = 0x8
BPF_PROG_TYPE_CGROUP_SOCK = 0x9
BPF_PROG_TYPE_LWT_IN = 0xa
BPF_PROG_TYPE_LWT_OUT = 0xb
BPF_PROG_TYPE_LWT_XMIT = 0xc
BPF_PROG_TYPE_SOCK_OPS = 0xd
BPF_PROG_TYPE_SK_SKB = 0xe
BPF_PROG_TYPE_CGROUP_DEVICE = 0xf
BPF_PROG_TYPE_SK_MSG = 0x10
BPF_PROG_TYPE_RAW_TRACEPOINT = 0x11
BPF_PROG_TYPE_CGROUP_SOCK_ADDR = 0x12
BPF_PROG_TYPE_LWT_SEG6LOCAL = 0x13
BPF_PROG_TYPE_LIRC_MODE2 = 0x14
BPF_PROG_TYPE_SK_REUSEPORT = 0x15
BPF_PROG_TYPE_FLOW_DISSECTOR = 0x16
BPF_PROG_TYPE_CGROUP_SYSCTL = 0x17
BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE = 0x18
BPF_PROG_TYPE_CGROUP_SOCKOPT = 0x19
BPF_PROG_TYPE_TRACING = 0x1a
BPF_PROG_TYPE_STRUCT_OPS = 0x1b
BPF_PROG_TYPE_EXT = 0x1c
BPF_PROG_TYPE_LSM = 0x1d
BPF_CGROUP_INET_INGRESS = 0x0
BPF_CGROUP_INET_EGRESS = 0x1
BPF_CGROUP_INET_SOCK_CREATE = 0x2
BPF_CGROUP_SOCK_OPS = 0x3
BPF_SK_SKB_STREAM_PARSER = 0x4
BPF_SK_SKB_STREAM_VERDICT = 0x5
BPF_CGROUP_DEVICE = 0x6
BPF_SK_MSG_VERDICT = 0x7
BPF_CGROUP_INET4_BIND = 0x8
BPF_CGROUP_INET6_BIND = 0x9
BPF_CGROUP_INET4_CONNECT = 0xa
BPF_CGROUP_INET6_CONNECT = 0xb
BPF_CGROUP_INET4_POST_BIND = 0xc
BPF_CGROUP_INET6_POST_BIND = 0xd
BPF_CGROUP_UDP4_SENDMSG = 0xe
BPF_CGROUP_UDP6_SENDMSG = 0xf
BPF_LIRC_MODE2 = 0x10
BPF_FLOW_DISSECTOR = 0x11
BPF_CGROUP_SYSCTL = 0x12
BPF_CGROUP_UDP4_RECVMSG = 0x13
BPF_CGROUP_UDP6_RECVMSG = 0x14
BPF_CGROUP_GETSOCKOPT = 0x15
BPF_CGROUP_SETSOCKOPT = 0x16
BPF_TRACE_RAW_TP = 0x17
BPF_TRACE_FENTRY = 0x18
BPF_TRACE_FEXIT = 0x19
BPF_MODIFY_RETURN = 0x1a
BPF_LSM_MAC = 0x1b
BPF_ANY = 0x0
BPF_NOEXIST = 0x1
BPF_EXIST = 0x2
BPF_F_LOCK = 0x4
BPF_F_NO_PREALLOC = 0x1
BPF_F_NO_COMMON_LRU = 0x2
BPF_F_NUMA_NODE = 0x4
BPF_F_RDONLY = 0x8
BPF_F_WRONLY = 0x10
BPF_F_STACK_BUILD_ID = 0x20
BPF_F_ZERO_SEED = 0x40
BPF_F_RDONLY_PROG = 0x80
BPF_F_WRONLY_PROG = 0x100
BPF_F_CLONE = 0x200
BPF_F_MMAPABLE = 0x400
BPF_STACK_BUILD_ID_EMPTY = 0x0
BPF_STACK_BUILD_ID_VALID = 0x1
BPF_STACK_BUILD_ID_IP = 0x2
BPF_F_RECOMPUTE_CSUM = 0x1
BPF_F_INVALIDATE_HASH = 0x2
BPF_F_HDR_FIELD_MASK = 0xf
BPF_F_PSEUDO_HDR = 0x10
BPF_F_MARK_MANGLED_0 = 0x20
BPF_F_MARK_ENFORCE = 0x40
BPF_F_INGRESS = 0x1
BPF_F_TUNINFO_IPV6 = 0x1
BPF_F_SKIP_FIELD_MASK = 0xff
BPF_F_USER_STACK = 0x100
BPF_F_FAST_STACK_CMP = 0x200
BPF_F_REUSE_STACKID = 0x400
BPF_F_USER_BUILD_ID = 0x800
BPF_F_ZERO_CSUM_TX = 0x2
BPF_F_DONT_FRAGMENT = 0x4
BPF_F_SEQ_NUMBER = 0x8
BPF_F_INDEX_MASK = 0xffffffff
BPF_F_CURRENT_CPU = 0xffffffff
BPF_F_CTXLEN_MASK = 0xfffff00000000
BPF_F_CURRENT_NETNS = -0x1
BPF_F_ADJ_ROOM_FIXED_GSO = 0x1
BPF_F_ADJ_ROOM_ENCAP_L3_IPV4 = 0x2
BPF_F_ADJ_ROOM_ENCAP_L3_IPV6 = 0x4
BPF_F_ADJ_ROOM_ENCAP_L4_GRE = 0x8
BPF_F_ADJ_ROOM_ENCAP_L4_UDP = 0x10
BPF_ADJ_ROOM_ENCAP_L2_MASK = 0xff
BPF_ADJ_ROOM_ENCAP_L2_SHIFT = 0x38
BPF_F_SYSCTL_BASE_NAME = 0x1
BPF_SK_STORAGE_GET_F_CREATE = 0x1
BPF_F_GET_BRANCH_RECORDS_SIZE = 0x1
BPF_ADJ_ROOM_NET = 0x0
BPF_ADJ_ROOM_MAC = 0x1
BPF_HDR_START_MAC = 0x0
BPF_HDR_START_NET = 0x1
BPF_LWT_ENCAP_SEG6 = 0x0
BPF_LWT_ENCAP_SEG6_INLINE = 0x1
BPF_LWT_ENCAP_IP = 0x2
BPF_OK = 0x0
BPF_DROP = 0x2
BPF_REDIRECT = 0x7
BPF_LWT_REROUTE = 0x80
BPF_SOCK_OPS_RTO_CB_FLAG = 0x1
BPF_SOCK_OPS_RETRANS_CB_FLAG = 0x2
BPF_SOCK_OPS_STATE_CB_FLAG = 0x4
BPF_SOCK_OPS_RTT_CB_FLAG = 0x8
BPF_SOCK_OPS_ALL_CB_FLAGS = 0xf
BPF_SOCK_OPS_VOID = 0x0
BPF_SOCK_OPS_TIMEOUT_INIT = 0x1
BPF_SOCK_OPS_RWND_INIT = 0x2
BPF_SOCK_OPS_TCP_CONNECT_CB = 0x3
BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB = 0x4
BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB = 0x5
BPF_SOCK_OPS_NEEDS_ECN = 0x6
BPF_SOCK_OPS_BASE_RTT = 0x7
BPF_SOCK_OPS_RTO_CB = 0x8
BPF_SOCK_OPS_RETRANS_CB = 0x9
BPF_SOCK_OPS_STATE_CB = 0xa
BPF_SOCK_OPS_TCP_LISTEN_CB = 0xb
BPF_SOCK_OPS_RTT_CB = 0xc
BPF_TCP_ESTABLISHED = 0x1
BPF_TCP_SYN_SENT = 0x2
BPF_TCP_SYN_RECV = 0x3
BPF_TCP_FIN_WAIT1 = 0x4
BPF_TCP_FIN_WAIT2 = 0x5
BPF_TCP_TIME_WAIT = 0x6
BPF_TCP_CLOSE = 0x7
BPF_TCP_CLOSE_WAIT = 0x8
BPF_TCP_LAST_ACK = 0x9
BPF_TCP_LISTEN = 0xa
BPF_TCP_CLOSING = 0xb
BPF_TCP_NEW_SYN_RECV = 0xc
BPF_TCP_MAX_STATES = 0xd
TCP_BPF_IW = 0x3e9
TCP_BPF_SNDCWND_CLAMP = 0x3ea
BPF_DEVCG_ACC_MKNOD = 0x1
BPF_DEVCG_ACC_READ = 0x2
BPF_DEVCG_ACC_WRITE = 0x4
BPF_DEVCG_DEV_BLOCK = 0x1
BPF_DEVCG_DEV_CHAR = 0x2
BPF_FIB_LOOKUP_DIRECT = 0x1
BPF_FIB_LOOKUP_OUTPUT = 0x2
BPF_FIB_LKUP_RET_SUCCESS = 0x0
BPF_FIB_LKUP_RET_BLACKHOLE = 0x1
BPF_FIB_LKUP_RET_UNREACHABLE = 0x2
BPF_FIB_LKUP_RET_PROHIBIT = 0x3
BPF_FIB_LKUP_RET_NOT_FWDED = 0x4
BPF_FIB_LKUP_RET_FWD_DISABLED = 0x5
BPF_FIB_LKUP_RET_UNSUPP_LWT = 0x6
BPF_FIB_LKUP_RET_NO_NEIGH = 0x7
BPF_FIB_LKUP_RET_FRAG_NEEDED = 0x8
BPF_FD_TYPE_RAW_TRACEPOINT = 0x0
BPF_FD_TYPE_TRACEPOINT = 0x1
BPF_FD_TYPE_KPROBE = 0x2
BPF_FD_TYPE_KRETPROBE = 0x3
BPF_FD_TYPE_UPROBE = 0x4
BPF_FD_TYPE_URETPROBE = 0x5
BPF_FLOW_DISSECTOR_F_PARSE_1ST_FRAG = 0x1
BPF_FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL = 0x2
BPF_FLOW_DISSECTOR_F_STOP_AT_ENCAP = 0x4
)
const (
@ -2205,7 +2279,7 @@ const (
DEVLINK_CMD_DPIPE_ENTRIES_GET = 0x20
DEVLINK_CMD_DPIPE_HEADERS_GET = 0x21
DEVLINK_CMD_DPIPE_TABLE_COUNTERS_SET = 0x22
DEVLINK_CMD_MAX = 0x44
DEVLINK_CMD_MAX = 0x48
DEVLINK_PORT_TYPE_NOTSET = 0x0
DEVLINK_PORT_TYPE_AUTO = 0x1
DEVLINK_PORT_TYPE_ETH = 0x2
@ -2285,7 +2359,7 @@ const (
DEVLINK_ATTR_DPIPE_FIELD_MAPPING_TYPE = 0x3c
DEVLINK_ATTR_PAD = 0x3d
DEVLINK_ATTR_ESWITCH_ENCAP_MODE = 0x3e
DEVLINK_ATTR_MAX = 0x8c
DEVLINK_ATTR_MAX = 0x90
DEVLINK_DPIPE_FIELD_MAPPING_TYPE_NONE = 0x0
DEVLINK_DPIPE_FIELD_MAPPING_TYPE_IFINDEX = 0x1
DEVLINK_DPIPE_MATCH_TYPE_FIELD_EXACT = 0x0

5
vendor/golang.org/x/sys/windows/memory_windows.go generated vendored
View File

@ -23,4 +23,9 @@ const (
PAGE_EXECUTE_READ = 0x20
PAGE_EXECUTE_READWRITE = 0x40
PAGE_EXECUTE_WRITECOPY = 0x80
QUOTA_LIMITS_HARDWS_MIN_DISABLE = 0x00000002
QUOTA_LIMITS_HARDWS_MIN_ENABLE = 0x00000001
QUOTA_LIMITS_HARDWS_MAX_DISABLE = 0x00000008
QUOTA_LIMITS_HARDWS_MAX_ENABLE = 0x00000004
)

2
vendor/golang.org/x/sys/windows/syscall_windows.go generated vendored
View File

@ -308,6 +308,8 @@ func NewCallbackCDecl(fn interface{}) uintptr {
//sys GetProcessId(process Handle) (id uint32, err error)
//sys OpenThread(desiredAccess uint32, inheritHandle bool, threadId uint32) (handle Handle, err error)
//sys SetProcessPriorityBoost(process Handle, disable bool) (err error) = kernel32.SetProcessPriorityBoost
//sys GetProcessWorkingSetSizeEx(hProcess Handle, lpMinimumWorkingSetSize *uintptr, lpMaximumWorkingSetSize *uintptr, flags *uint32)
//sys SetProcessWorkingSetSizeEx(hProcess Handle, dwMinimumWorkingSetSize uintptr, dwMaximumWorkingSetSize uintptr, flags uint32) (err error)
// Volume Management Functions
//sys DefineDosDevice(flags uint32, deviceName *uint16, targetPath *uint16) (err error) = DefineDosDeviceW

19
vendor/golang.org/x/sys/windows/zsyscall_windows.go generated vendored
View File

@ -217,6 +217,8 @@ var (
procGetProcessId = modkernel32.NewProc("GetProcessId")
procOpenThread = modkernel32.NewProc("OpenThread")
procSetProcessPriorityBoost = modkernel32.NewProc("SetProcessPriorityBoost")
procGetProcessWorkingSetSizeEx = modkernel32.NewProc("GetProcessWorkingSetSizeEx")
procSetProcessWorkingSetSizeEx = modkernel32.NewProc("SetProcessWorkingSetSizeEx")
procDefineDosDeviceW = modkernel32.NewProc("DefineDosDeviceW")
procDeleteVolumeMountPointW = modkernel32.NewProc("DeleteVolumeMountPointW")
procFindFirstVolumeW = modkernel32.NewProc("FindFirstVolumeW")
@ -2414,6 +2416,23 @@ func SetProcessPriorityBoost(process Handle, disable bool) (err error) {
return
}
func GetProcessWorkingSetSizeEx(hProcess Handle, lpMinimumWorkingSetSize *uintptr, lpMaximumWorkingSetSize *uintptr, flags *uint32) {
syscall.Syscall6(procGetProcessWorkingSetSizeEx.Addr(), 4, uintptr(hProcess), uintptr(unsafe.Pointer(lpMinimumWorkingSetSize)), uintptr(unsafe.Pointer(lpMaximumWorkingSetSize)), uintptr(unsafe.Pointer(flags)), 0, 0)
return
}
func SetProcessWorkingSetSizeEx(hProcess Handle, dwMinimumWorkingSetSize uintptr, dwMaximumWorkingSetSize uintptr, flags uint32) (err error) {
r1, _, e1 := syscall.Syscall6(procSetProcessWorkingSetSizeEx.Addr(), 4, uintptr(hProcess), uintptr(dwMinimumWorkingSetSize), uintptr(dwMaximumWorkingSetSize), uintptr(flags), 0, 0)
if r1 == 0 {
if e1 != 0 {
err = errnoErr(e1)
} else {
err = syscall.EINVAL
}
}
return
}
func DefineDosDevice(flags uint32, deviceName *uint16, targetPath *uint16) (err error) {
r1, _, e1 := syscall.Syscall(procDefineDosDeviceW.Addr(), 3, uintptr(flags), uintptr(unsafe.Pointer(deviceName)), uintptr(unsafe.Pointer(targetPath)))
if r1 == 0 {

4
vendor/modules.txt vendored
View File

@ -84,7 +84,7 @@ github.com/containers/buildah/pkg/secrets
github.com/containers/buildah/pkg/supplemented
github.com/containers/buildah/pkg/umask
github.com/containers/buildah/util
# github.com/containers/common v0.18.0
# github.com/containers/common v0.20.3
github.com/containers/common/pkg/apparmor
github.com/containers/common/pkg/auth
github.com/containers/common/pkg/capabilities
@ -601,7 +601,7 @@ golang.org/x/oauth2/internal
# golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a
golang.org/x/sync/errgroup
golang.org/x/sync/semaphore
# golang.org/x/sys v0.0.0-20200519105757-fe76b779f299
# golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1
golang.org/x/sys/cpu
golang.org/x/sys/internal/unsafeheader
golang.org/x/sys/unix