Vendor in latests containers/storage and opencontainers/runtime-tools

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2025-10-17 19:24:04 +08:00 · 2022-07-18 13:25:01 -04:00
parent 5e4d729434
commit fdba0d7909
9 changed files with 51 additions and 14 deletions
--- a/vendor/github.com/opencontainers/runtime-tools/generate/generate.go
+++ b/vendor/github.com/opencontainers/runtime-tools/generate/generate.go
@ -42,7 +42,7 @@ type ExportOptions struct {
 // New creates a configuration Generator with the default
 // configuration for the target operating system.
 func New(os string) (generator Generator, err error) {
-	if os != "linux" && os != "solaris" && os != "windows" {
+	if os != "linux" && os != "solaris" && os != "windows" && os != "freebsd" {
 		return generator, fmt.Errorf("no defaults configured for %s", os)
 	}

@ -72,7 +72,7 @@ func New(os string) (generator Generator, err error) {
 		}
 	}

-	if os == "linux" || os == "solaris" {
+	if os == "linux" || os == "solaris" || os == "freebsd" {
 		config.Process.User = rspec.User{}
 		config.Process.Env = []string{
 			"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
@ -237,6 +237,21 @@ func New(os string) (generator Generator, err error) {
 			},
 			Seccomp: seccomp.DefaultProfile(&config),
 		}
+	} else if os == "freebsd" {
+		config.Mounts = []rspec.Mount{
+			{
+				Destination: "/dev",
+				Type:        "devfs",
+				Source:      "devfs",
+				Options:     []string{"ruleset=4"},
+			},
+			{
+				Destination: "/dev/fd",
+				Type:        "fdescfs",
+				Source:      "fdesc",
+				Options:     []string{},
+			},
+		}
 	}

 	envCache := map[string]int{}
--- a/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default.go
+++ b/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default.go
@ -303,6 +303,7 @@ func DefaultProfile(rs *specs.Spec) *rspec.LinuxSeccomp {
 				"stat64",
 				"statfs",
 				"statfs64",
+				"statx",
 				"symlink",
 				"symlinkat",
 				"sync",