[PATCH] podman: update to v4.2.0


Pascal Bach
 

From: Pascal Bach <pascal.bach@...>

The libseccomp patch was a backport and is included in the current release.

The GOBUILDFLAGS patch is replaced by explicitly setting BUILDFLAGS="${GOBUILDFLAGS}"
in the recipe.

Signed-off-by: Pascal Bach <pascal.bach@...>
---
...01-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch | 123 ------------------
...efine-ActKillThread-equal-to-ActKill.patch | 90 -------------
recipes-containers/podman/podman_git.bb | 11 +-
3 files changed, 6 insertions(+), 218 deletions(-)
delete mode 100644 recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch
delete mode 100644 recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch

diff --git a/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch b/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch
deleted file mode 100644
index e27e1fa..0000000
--- a/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch
+++ /dev/null
@@ -1,123 +0,0 @@
-From 3e18f3a4db638a3df48f49aa0a539f8bb048afc9 Mon Sep 17 00:00:00 2001
-From: Andrei Gherzan <andrei.gherzan@...>
-Date: Tue, 5 Jul 2022 11:51:56 +0200
-Subject: [PATCH] Rename BUILDFLAGS to GOBUILDFLAGS
-
-Yocto uses GOBUILDFLAGS to pass the right build flags while the Makefile
-uses BUILDFLAGS. Align them accordingly.
-
-See go.bbclass for more information.
-
-Upstream-Status: Inappropriate [OE specific]
-Signed-off-by: Andrei Gherzan <andrei.gherzan@...>
----
- Makefile | 24 ++++++++++++------------
- 1 file changed, 12 insertions(+), 12 deletions(-)
-
-Index: import/Makefile
-===================================================================
---- import.orig/Makefile
-+++ import/Makefile
-@@ -69,7 +69,7 @@
- # triggered.
- SOURCES = $(shell find . -path './.*' -prune -o \( \( -name '*.go' -o -name '*.c' \) -a ! -name '*_test.go' \) -print)
-
--BUILDFLAGS := -mod=vendor $(BUILDFLAGS)
-+GOBUILDFLAGS := -mod=vendor $(GOBUILDFLAGS)
-
- BUILDTAGS_CROSS ?= containers_image_openpgp exclude_graphdriver_btrfs exclude_graphdriver_devicemapper exclude_graphdriver_overlay
- CONTAINER_RUNTIME := $(shell command -v podman 2> /dev/null || echo docker)
-@@ -264,11 +264,11 @@
-
- .PHONY: test/checkseccomp/checkseccomp
- test/checkseccomp/checkseccomp: .gopathok $(wildcard test/checkseccomp/*.go)
-- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS)" -o $@ ./test/checkseccomp
-+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS)" -o $@ ./test/checkseccomp
-
- .PHONY: test/testvol/testvol
- test/testvol/testvol: .gopathok $(wildcard test/testvol/*.go)
-- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/testvol
-+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/testvol
-
- .PHONY: volume-plugin-test-image
- volume-plugin-test-img:
-@@ -276,7 +276,7 @@
-
- .PHONY: test/goecho/goecho
- test/goecho/goecho: .gopathok $(wildcard test/goecho/*.go)
-- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/goecho
-+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/goecho
-
- test/version/version: .gopathok version/version.go
- $(GO) build -o $@ ./test/version/
-@@ -318,7 +318,7 @@
- distro for journald support."
- endif
- $(GOCMD) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \
- -tags "$(BUILDTAGS)" \
- -o $@ ./cmd/podman
-@@ -329,7 +329,7 @@
-
- $(SRCBINDIR)/podman$(BINSFX): $(SRCBINDIR) .gopathok $(SOURCES) go.mod go.sum
- $(GOCMD) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \
- -tags "${REMOTETAGS}" \
- -o $@ ./cmd/podman
-@@ -339,7 +339,7 @@
- GOOS=$(GOOS) \
- GOARCH=$(GOARCH) \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- $(GO_LDFLAGS) '$(LDFLAGS_PODMAN_STATIC)' \
- -tags "${REMOTETAGS}" \
- -o $@ ./cmd/podman
-@@ -374,7 +374,7 @@
- CGO_ENABLED=0 \
- GOOS=windows \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- -ldflags -H=windowsgui \
- -o bin/windows/winpath.exe \
- ./cmd/winpath
-@@ -393,14 +393,14 @@
- GOOS=darwin \
- GOARCH=$(GOARCH) \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- -o bin/darwin/podman-mac-helper \
- ./cmd/podman-mac-helper
-
- bin/rootlessport: .gopathok $(SOURCES) go.mod go.sum
- CGO_ENABLED=$(CGO_ENABLED) \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- -o $@ ./cmd/rootlessport
-
- .PHONY: rootlessport
-@@ -423,7 +423,7 @@
- GOARCH="$${TARGET##*.}"; \
- CGO_ENABLED=0 \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \
- -tags '$(BUILDTAGS_CROSS)' \
- -o "$@" ./cmd/podman
-@@ -871,7 +871,7 @@
- .PHONY: .install.ginkgo
- .install.ginkgo: .gopathok
- if [ ! -x "$(GOBIN)/ginkgo" ]; then \
-- $(GO) install $(BUILDFLAGS) ./vendor/github.com/onsi/ginkgo/ginkgo ; \
-+ $(GO) install $(GOBUILDFLAGS) ./vendor/github.com/onsi/ginkgo/ginkgo ; \
- fi
-
- .PHONY: .install.gitvalidation
diff --git a/recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch b/recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch
deleted file mode 100644
index ba51d4a..0000000
--- a/recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch
+++ /dev/null
@@ -1,90 +0,0 @@
-From f2aa0359bcc776239bda8a4eb84957b97ef55c35 Mon Sep 17 00:00:00 2001
-From: Tonis Tiigi <tonistiigi@...>
-Date: Fri, 28 Jan 2022 14:44:56 -0800
-Subject: [PATCH] Define ActKillThread equal to ActKill
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-These constants are equal in libseccomp but Go definitions
-were defined separately. This resulted in dead code that
-never executed due to identical case statements in switch.
-Go can usually detect these error cases and refuses to build
-but for some reason this detection doesn’t work with cgo+gcc.
-Clang detects the equal constants correctly and therefore
-libseccomp-golang builds with clang broke after ActKillThread
-was added.
-
-In order to fix the clang build only removal of the
-switch case is needed. But I assumed that the setter/getter
-logic is supposed to work for ActKillThread as well
-and only way to ensure that is to set them equal like they
-are in C.
-
-Signed-off-by: Tonis Tiigi <tonistiigi@...>
-Signed-off-by: Sebastiaan van Stijn <github@...>
-Acked-by: Tom Hromatka <tom.hromatka@...>
-Signed-off-by: Paul Moore <paul@...>
-Signed-off-by: Andrei Gherzan <andrei.gherzan@...>
-Upstream-status: Backport [https://github.com/seccomp/libseccomp-golang/commit/c35397d0ea8f285a0be78693bb2fd37b06952453]
----
- seccomp.go | 8 ++++----
- seccomp_internal.go | 4 ----
- 2 files changed, 4 insertions(+), 8 deletions(-)
-
-diff --git a/seccomp.go b/seccomp.go
-index e9b92e2..32f6ab2 100644
---- a/seccomp.go
-+++ b/seccomp.go
-@@ -214,14 +214,14 @@ const (
- // This action is only usable when libseccomp API level 3 or higher is
- // supported.
- ActLog ScmpAction = iota
-- // ActKillThread kills the thread that violated the rule. It is the same as ActKill.
-- // All other threads from the same thread group will continue to execute.
-- ActKillThread ScmpAction = iota
- // ActKillProcess kills the process that violated the rule.
- // All threads in the thread group are also terminated.
- // This action is only usable when libseccomp API level 3 or higher is
- // supported.
- ActKillProcess ScmpAction = iota
-+ // ActKillThread kills the thread that violated the rule. It is the same as ActKill.
-+ // All other threads from the same thread group will continue to execute.
-+ ActKillThread = ActKill
- )
-
- const (
-@@ -394,7 +394,7 @@ func (a ScmpCompareOp) String() string {
- // String returns a string representation of a seccomp match action
- func (a ScmpAction) String() string {
- switch a & 0xFFFF {
-- case ActKill, ActKillThread:
-+ case ActKillThread:
- return "Action: Kill thread"
- case ActKillProcess:
- return "Action: Kill process"
-diff --git a/seccomp_internal.go b/seccomp_internal.go
-index 8dc7b29..8fc9914 100644
---- a/seccomp_internal.go
-+++ b/seccomp_internal.go
-@@ -612,8 +612,6 @@ func (a ScmpCompareOp) toNative() C.int {
- func actionFromNative(a C.uint32_t) (ScmpAction, error) {
- aTmp := a & 0xFFFF
- switch a & 0xFFFF0000 {
-- case C.C_ACT_KILL:
-- return ActKill, nil
- case C.C_ACT_KILL_PROCESS:
- return ActKillProcess, nil
- case C.C_ACT_KILL_THREAD:
-@@ -638,8 +636,6 @@ func actionFromNative(a C.uint32_t) (ScmpAction, error) {
- // Only use with sanitized actions, no error handling
- func (a ScmpAction) toNative() C.uint32_t {
- switch a & 0xFFFF {
-- case ActKill:
-- return C.C_ACT_KILL
- case ActKillProcess:
- return C.C_ACT_KILL_PROCESS
- case ActKillThread:
---
-2.25.1
-
diff --git a/recipes-containers/podman/podman_git.bb b/recipes-containers/podman/podman_git.bb
index 9b92094..ea10f66 100644
--- a/recipes-containers/podman/podman_git.bb
+++ b/recipes-containers/podman/podman_git.bb
@@ -17,11 +17,9 @@ DEPENDS = " \
${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
"

-SRCREV = "cedbbfa543651a13055a1fe093a4d0a2a28ccdfd"
+SRCREV = "7fe5a419cfd2880df2028ad3d7fd9378a88a04f4"
SRC_URI = " \
- git://github.com/containers/libpod.git;branch=v4.1;protocol=https \
- file://0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch;patchdir=src/import \
- file://0002-Define-ActKillThread-equal-to-ActKill.patch;patchdir=src/import/vendor/github.com/seccomp/libseccomp-golang \
+ git://github.com/containers/libpod.git;branch=v4.2;protocol=https \
${@bb.utils.contains('PACKAGECONFIG', 'rootless', 'file://00-podman-rootless.conf', '', d)} \
"

@@ -32,7 +30,7 @@ GO_IMPORT = "import"

S = "${WORKDIR}/git"

-PV = "4.1.0+git${SRCPV}"
+PV = "4.2.0+git${SRCPV}"

PACKAGES =+ "${PN}-contrib"

@@ -47,6 +45,9 @@ export LDFLAGS=""
# https://github.com/llvm/llvm-project/issues/53999
TOOLCHAIN = "gcc"

+# podmans Makefile expects BUILDFLAGS to be set but go.bbclass defines them in GOBUILDFLAGS
+export BUILDFLAGS="${GOBUILDFLAGS}"
+
inherit go goarch
inherit systemd pkgconfig

--
2.37.2


Bruce Ashfield
 

I had just tested the podman (and related version bumps) last night,
but thanks for the patch!

Bruce

On Wed, Aug 17, 2022 at 5:50 AM Pascal Bach <pascal.bach@...> wrote:

From: Pascal Bach <pascal.bach@...>

The libseccomp patch was a backport and is included in the current release.

The GOBUILDFLAGS patch is replaced by explicitly setting BUILDFLAGS="${GOBUILDFLAGS}"
in the recipe.

Signed-off-by: Pascal Bach <pascal.bach@...>
---
...01-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch | 123 ------------------
...efine-ActKillThread-equal-to-ActKill.patch | 90 -------------
recipes-containers/podman/podman_git.bb | 11 +-
3 files changed, 6 insertions(+), 218 deletions(-)
delete mode 100644 recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch
delete mode 100644 recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch

diff --git a/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch b/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch
deleted file mode 100644
index e27e1fa..0000000
--- a/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch
+++ /dev/null
@@ -1,123 +0,0 @@
-From 3e18f3a4db638a3df48f49aa0a539f8bb048afc9 Mon Sep 17 00:00:00 2001
-From: Andrei Gherzan <andrei.gherzan@...>
-Date: Tue, 5 Jul 2022 11:51:56 +0200
-Subject: [PATCH] Rename BUILDFLAGS to GOBUILDFLAGS
-
-Yocto uses GOBUILDFLAGS to pass the right build flags while the Makefile
-uses BUILDFLAGS. Align them accordingly.
-
-See go.bbclass for more information.
-
-Upstream-Status: Inappropriate [OE specific]
-Signed-off-by: Andrei Gherzan <andrei.gherzan@...>
----
- Makefile | 24 ++++++++++++------------
- 1 file changed, 12 insertions(+), 12 deletions(-)
-
-Index: import/Makefile
-===================================================================
---- import.orig/Makefile
-+++ import/Makefile
-@@ -69,7 +69,7 @@
- # triggered.
- SOURCES = $(shell find . -path './.*' -prune -o \( \( -name '*.go' -o -name '*.c' \) -a ! -name '*_test.go' \) -print)
-
--BUILDFLAGS := -mod=vendor $(BUILDFLAGS)
-+GOBUILDFLAGS := -mod=vendor $(GOBUILDFLAGS)
-
- BUILDTAGS_CROSS ?= containers_image_openpgp exclude_graphdriver_btrfs exclude_graphdriver_devicemapper exclude_graphdriver_overlay
- CONTAINER_RUNTIME := $(shell command -v podman 2> /dev/null || echo docker)
-@@ -264,11 +264,11 @@
-
- .PHONY: test/checkseccomp/checkseccomp
- test/checkseccomp/checkseccomp: .gopathok $(wildcard test/checkseccomp/*.go)
-- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS)" -o $@ ./test/checkseccomp
-+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS)" -o $@ ./test/checkseccomp
-
- .PHONY: test/testvol/testvol
- test/testvol/testvol: .gopathok $(wildcard test/testvol/*.go)
-- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/testvol
-+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/testvol
-
- .PHONY: volume-plugin-test-image
- volume-plugin-test-img:
-@@ -276,7 +276,7 @@
-
- .PHONY: test/goecho/goecho
- test/goecho/goecho: .gopathok $(wildcard test/goecho/*.go)
-- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/goecho
-+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/goecho
-
- test/version/version: .gopathok version/version.go
- $(GO) build -o $@ ./test/version/
-@@ -318,7 +318,7 @@
- distro for journald support."
- endif
- $(GOCMD) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \
- -tags "$(BUILDTAGS)" \
- -o $@ ./cmd/podman
-@@ -329,7 +329,7 @@
-
- $(SRCBINDIR)/podman$(BINSFX): $(SRCBINDIR) .gopathok $(SOURCES) go.mod go.sum
- $(GOCMD) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \
- -tags "${REMOTETAGS}" \
- -o $@ ./cmd/podman
-@@ -339,7 +339,7 @@
- GOOS=$(GOOS) \
- GOARCH=$(GOARCH) \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- $(GO_LDFLAGS) '$(LDFLAGS_PODMAN_STATIC)' \
- -tags "${REMOTETAGS}" \
- -o $@ ./cmd/podman
-@@ -374,7 +374,7 @@
- CGO_ENABLED=0 \
- GOOS=windows \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- -ldflags -H=windowsgui \
- -o bin/windows/winpath.exe \
- ./cmd/winpath
-@@ -393,14 +393,14 @@
- GOOS=darwin \
- GOARCH=$(GOARCH) \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- -o bin/darwin/podman-mac-helper \
- ./cmd/podman-mac-helper
-
- bin/rootlessport: .gopathok $(SOURCES) go.mod go.sum
- CGO_ENABLED=$(CGO_ENABLED) \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- -o $@ ./cmd/rootlessport
-
- .PHONY: rootlessport
-@@ -423,7 +423,7 @@
- GOARCH="$${TARGET##*.}"; \
- CGO_ENABLED=0 \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \
- -tags '$(BUILDTAGS_CROSS)' \
- -o "$@" ./cmd/podman
-@@ -871,7 +871,7 @@
- .PHONY: .install.ginkgo
- .install.ginkgo: .gopathok
- if [ ! -x "$(GOBIN)/ginkgo" ]; then \
-- $(GO) install $(BUILDFLAGS) ./vendor/github.com/onsi/ginkgo/ginkgo ; \
-+ $(GO) install $(GOBUILDFLAGS) ./vendor/github.com/onsi/ginkgo/ginkgo ; \
- fi
-
- .PHONY: .install.gitvalidation
diff --git a/recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch b/recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch
deleted file mode 100644
index ba51d4a..0000000
--- a/recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch
+++ /dev/null
@@ -1,90 +0,0 @@
-From f2aa0359bcc776239bda8a4eb84957b97ef55c35 Mon Sep 17 00:00:00 2001
-From: Tonis Tiigi <tonistiigi@...>
-Date: Fri, 28 Jan 2022 14:44:56 -0800
-Subject: [PATCH] Define ActKillThread equal to ActKill
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-These constants are equal in libseccomp but Go definitions
-were defined separately. This resulted in dead code that
-never executed due to identical case statements in switch.
-Go can usually detect these error cases and refuses to build
-but for some reason this detection doesn’t work with cgo+gcc.
-Clang detects the equal constants correctly and therefore
-libseccomp-golang builds with clang broke after ActKillThread
-was added.
-
-In order to fix the clang build only removal of the
-switch case is needed. But I assumed that the setter/getter
-logic is supposed to work for ActKillThread as well
-and only way to ensure that is to set them equal like they
-are in C.
-
-Signed-off-by: Tonis Tiigi <tonistiigi@...>
-Signed-off-by: Sebastiaan van Stijn <github@...>
-Acked-by: Tom Hromatka <tom.hromatka@...>
-Signed-off-by: Paul Moore <paul@...>
-Signed-off-by: Andrei Gherzan <andrei.gherzan@...>
-Upstream-status: Backport [https://github.com/seccomp/libseccomp-golang/commit/c35397d0ea8f285a0be78693bb2fd37b06952453]
----
- seccomp.go | 8 ++++----
- seccomp_internal.go | 4 ----
- 2 files changed, 4 insertions(+), 8 deletions(-)
-
-diff --git a/seccomp.go b/seccomp.go
-index e9b92e2..32f6ab2 100644
---- a/seccomp.go
-+++ b/seccomp.go
-@@ -214,14 +214,14 @@ const (
- // This action is only usable when libseccomp API level 3 or higher is
- // supported.
- ActLog ScmpAction = iota
-- // ActKillThread kills the thread that violated the rule. It is the same as ActKill.
-- // All other threads from the same thread group will continue to execute.
-- ActKillThread ScmpAction = iota
- // ActKillProcess kills the process that violated the rule.
- // All threads in the thread group are also terminated.
- // This action is only usable when libseccomp API level 3 or higher is
- // supported.
- ActKillProcess ScmpAction = iota
-+ // ActKillThread kills the thread that violated the rule. It is the same as ActKill.
-+ // All other threads from the same thread group will continue to execute.
-+ ActKillThread = ActKill
- )
-
- const (
-@@ -394,7 +394,7 @@ func (a ScmpCompareOp) String() string {
- // String returns a string representation of a seccomp match action
- func (a ScmpAction) String() string {
- switch a & 0xFFFF {
-- case ActKill, ActKillThread:
-+ case ActKillThread:
- return "Action: Kill thread"
- case ActKillProcess:
- return "Action: Kill process"
-diff --git a/seccomp_internal.go b/seccomp_internal.go
-index 8dc7b29..8fc9914 100644
---- a/seccomp_internal.go
-+++ b/seccomp_internal.go
-@@ -612,8 +612,6 @@ func (a ScmpCompareOp) toNative() C.int {
- func actionFromNative(a C.uint32_t) (ScmpAction, error) {
- aTmp := a & 0xFFFF
- switch a & 0xFFFF0000 {
-- case C.C_ACT_KILL:
-- return ActKill, nil
- case C.C_ACT_KILL_PROCESS:
- return ActKillProcess, nil
- case C.C_ACT_KILL_THREAD:
-@@ -638,8 +636,6 @@ func actionFromNative(a C.uint32_t) (ScmpAction, error) {
- // Only use with sanitized actions, no error handling
- func (a ScmpAction) toNative() C.uint32_t {
- switch a & 0xFFFF {
-- case ActKill:
-- return C.C_ACT_KILL
- case ActKillProcess:
- return C.C_ACT_KILL_PROCESS
- case ActKillThread:
---
-2.25.1
-
diff --git a/recipes-containers/podman/podman_git.bb b/recipes-containers/podman/podman_git.bb
index 9b92094..ea10f66 100644
--- a/recipes-containers/podman/podman_git.bb
+++ b/recipes-containers/podman/podman_git.bb
@@ -17,11 +17,9 @@ DEPENDS = " \
${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
"

-SRCREV = "cedbbfa543651a13055a1fe093a4d0a2a28ccdfd"
+SRCREV = "7fe5a419cfd2880df2028ad3d7fd9378a88a04f4"
SRC_URI = " \
- git://github.com/containers/libpod.git;branch=v4.1;protocol=https \
- file://0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch;patchdir=src/import \
- file://0002-Define-ActKillThread-equal-to-ActKill.patch;patchdir=src/import/vendor/github.com/seccomp/libseccomp-golang \
+ git://github.com/containers/libpod.git;branch=v4.2;protocol=https \
${@bb.utils.contains('PACKAGECONFIG', 'rootless', 'file://00-podman-rootless.conf', '', d)} \
"

@@ -32,7 +30,7 @@ GO_IMPORT = "import"

S = "${WORKDIR}/git"

-PV = "4.1.0+git${SRCPV}"
+PV = "4.2.0+git${SRCPV}"

PACKAGES =+ "${PN}-contrib"

@@ -47,6 +45,9 @@ export LDFLAGS=""
# https://github.com/llvm/llvm-project/issues/53999
TOOLCHAIN = "gcc"

+# podmans Makefile expects BUILDFLAGS to be set but go.bbclass defines them in GOBUILDFLAGS
+export BUILDFLAGS="${GOBUILDFLAGS}"
+
inherit go goarch
inherit systemd pkgconfig

--
2.37.2



--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II


Bruce Ashfield
 

On Wed, Aug 17, 2022 at 8:58 AM Bruce Ashfield via
lists.yoctoproject.org
<bruce.ashfield=gmail.com@...> wrote:

I had just tested the podman (and related version bumps) last night,
but thanks for the patch!
I just pushed part of my uprev's to master-next .. that being said, my
podman uprev just refreshes the BUILDFLAGS patch, using the exported
variable is simpler for future uprevs.

Did you want to send just that part of the patch against master-next ?
That way you'll get the credit for the simplification of the build.

Cheers,

Bruce


Bruce

On Wed, Aug 17, 2022 at 5:50 AM Pascal Bach <pascal.bach@...> wrote:

From: Pascal Bach <pascal.bach@...>

The libseccomp patch was a backport and is included in the current release.

The GOBUILDFLAGS patch is replaced by explicitly setting BUILDFLAGS="${GOBUILDFLAGS}"
in the recipe.

Signed-off-by: Pascal Bach <pascal.bach@...>
---
...01-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch | 123 ------------------
...efine-ActKillThread-equal-to-ActKill.patch | 90 -------------
recipes-containers/podman/podman_git.bb | 11 +-
3 files changed, 6 insertions(+), 218 deletions(-)
delete mode 100644 recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch
delete mode 100644 recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch

diff --git a/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch b/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch
deleted file mode 100644
index e27e1fa..0000000
--- a/recipes-containers/podman/podman/0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch
+++ /dev/null
@@ -1,123 +0,0 @@
-From 3e18f3a4db638a3df48f49aa0a539f8bb048afc9 Mon Sep 17 00:00:00 2001
-From: Andrei Gherzan <andrei.gherzan@...>
-Date: Tue, 5 Jul 2022 11:51:56 +0200
-Subject: [PATCH] Rename BUILDFLAGS to GOBUILDFLAGS
-
-Yocto uses GOBUILDFLAGS to pass the right build flags while the Makefile
-uses BUILDFLAGS. Align them accordingly.
-
-See go.bbclass for more information.
-
-Upstream-Status: Inappropriate [OE specific]
-Signed-off-by: Andrei Gherzan <andrei.gherzan@...>
----
- Makefile | 24 ++++++++++++------------
- 1 file changed, 12 insertions(+), 12 deletions(-)
-
-Index: import/Makefile
-===================================================================
---- import.orig/Makefile
-+++ import/Makefile
-@@ -69,7 +69,7 @@
- # triggered.
- SOURCES = $(shell find . -path './.*' -prune -o \( \( -name '*.go' -o -name '*.c' \) -a ! -name '*_test.go' \) -print)
-
--BUILDFLAGS := -mod=vendor $(BUILDFLAGS)
-+GOBUILDFLAGS := -mod=vendor $(GOBUILDFLAGS)
-
- BUILDTAGS_CROSS ?= containers_image_openpgp exclude_graphdriver_btrfs exclude_graphdriver_devicemapper exclude_graphdriver_overlay
- CONTAINER_RUNTIME := $(shell command -v podman 2> /dev/null || echo docker)
-@@ -264,11 +264,11 @@
-
- .PHONY: test/checkseccomp/checkseccomp
- test/checkseccomp/checkseccomp: .gopathok $(wildcard test/checkseccomp/*.go)
-- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS)" -o $@ ./test/checkseccomp
-+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -tags "$(BUILDTAGS)" -o $@ ./test/checkseccomp
-
- .PHONY: test/testvol/testvol
- test/testvol/testvol: .gopathok $(wildcard test/testvol/*.go)
-- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/testvol
-+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/testvol
-
- .PHONY: volume-plugin-test-image
- volume-plugin-test-img:
-@@ -276,7 +276,7 @@
-
- .PHONY: test/goecho/goecho
- test/goecho/goecho: .gopathok $(wildcard test/goecho/*.go)
-- $(GOCMD) build $(BUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/goecho
-+ $(GOCMD) build $(GOBUILDFLAGS) $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' -o $@ ./test/goecho
-
- test/version/version: .gopathok version/version.go
- $(GO) build -o $@ ./test/version/
-@@ -318,7 +318,7 @@
- distro for journald support."
- endif
- $(GOCMD) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \
- -tags "$(BUILDTAGS)" \
- -o $@ ./cmd/podman
-@@ -329,7 +329,7 @@
-
- $(SRCBINDIR)/podman$(BINSFX): $(SRCBINDIR) .gopathok $(SOURCES) go.mod go.sum
- $(GOCMD) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \
- -tags "${REMOTETAGS}" \
- -o $@ ./cmd/podman
-@@ -339,7 +339,7 @@
- GOOS=$(GOOS) \
- GOARCH=$(GOARCH) \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- $(GO_LDFLAGS) '$(LDFLAGS_PODMAN_STATIC)' \
- -tags "${REMOTETAGS}" \
- -o $@ ./cmd/podman
-@@ -374,7 +374,7 @@
- CGO_ENABLED=0 \
- GOOS=windows \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- -ldflags -H=windowsgui \
- -o bin/windows/winpath.exe \
- ./cmd/winpath
-@@ -393,14 +393,14 @@
- GOOS=darwin \
- GOARCH=$(GOARCH) \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- -o bin/darwin/podman-mac-helper \
- ./cmd/podman-mac-helper
-
- bin/rootlessport: .gopathok $(SOURCES) go.mod go.sum
- CGO_ENABLED=$(CGO_ENABLED) \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- -o $@ ./cmd/rootlessport
-
- .PHONY: rootlessport
-@@ -423,7 +423,7 @@
- GOARCH="$${TARGET##*.}"; \
- CGO_ENABLED=0 \
- $(GO) build \
-- $(BUILDFLAGS) \
-+ $(GOBUILDFLAGS) \
- $(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \
- -tags '$(BUILDTAGS_CROSS)' \
- -o "$@" ./cmd/podman
-@@ -871,7 +871,7 @@
- .PHONY: .install.ginkgo
- .install.ginkgo: .gopathok
- if [ ! -x "$(GOBIN)/ginkgo" ]; then \
-- $(GO) install $(BUILDFLAGS) ./vendor/github.com/onsi/ginkgo/ginkgo ; \
-+ $(GO) install $(GOBUILDFLAGS) ./vendor/github.com/onsi/ginkgo/ginkgo ; \
- fi
-
- .PHONY: .install.gitvalidation
diff --git a/recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch b/recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch
deleted file mode 100644
index ba51d4a..0000000
--- a/recipes-containers/podman/podman/0002-Define-ActKillThread-equal-to-ActKill.patch
+++ /dev/null
@@ -1,90 +0,0 @@
-From f2aa0359bcc776239bda8a4eb84957b97ef55c35 Mon Sep 17 00:00:00 2001
-From: Tonis Tiigi <tonistiigi@...>
-Date: Fri, 28 Jan 2022 14:44:56 -0800
-Subject: [PATCH] Define ActKillThread equal to ActKill
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-These constants are equal in libseccomp but Go definitions
-were defined separately. This resulted in dead code that
-never executed due to identical case statements in switch.
-Go can usually detect these error cases and refuses to build
-but for some reason this detection doesn’t work with cgo+gcc.
-Clang detects the equal constants correctly and therefore
-libseccomp-golang builds with clang broke after ActKillThread
-was added.
-
-In order to fix the clang build only removal of the
-switch case is needed. But I assumed that the setter/getter
-logic is supposed to work for ActKillThread as well
-and only way to ensure that is to set them equal like they
-are in C.
-
-Signed-off-by: Tonis Tiigi <tonistiigi@...>
-Signed-off-by: Sebastiaan van Stijn <github@...>
-Acked-by: Tom Hromatka <tom.hromatka@...>
-Signed-off-by: Paul Moore <paul@...>
-Signed-off-by: Andrei Gherzan <andrei.gherzan@...>
-Upstream-status: Backport [https://github.com/seccomp/libseccomp-golang/commit/c35397d0ea8f285a0be78693bb2fd37b06952453]
----
- seccomp.go | 8 ++++----
- seccomp_internal.go | 4 ----
- 2 files changed, 4 insertions(+), 8 deletions(-)
-
-diff --git a/seccomp.go b/seccomp.go
-index e9b92e2..32f6ab2 100644
---- a/seccomp.go
-+++ b/seccomp.go
-@@ -214,14 +214,14 @@ const (
- // This action is only usable when libseccomp API level 3 or higher is
- // supported.
- ActLog ScmpAction = iota
-- // ActKillThread kills the thread that violated the rule. It is the same as ActKill.
-- // All other threads from the same thread group will continue to execute.
-- ActKillThread ScmpAction = iota
- // ActKillProcess kills the process that violated the rule.
- // All threads in the thread group are also terminated.
- // This action is only usable when libseccomp API level 3 or higher is
- // supported.
- ActKillProcess ScmpAction = iota
-+ // ActKillThread kills the thread that violated the rule. It is the same as ActKill.
-+ // All other threads from the same thread group will continue to execute.
-+ ActKillThread = ActKill
- )
-
- const (
-@@ -394,7 +394,7 @@ func (a ScmpCompareOp) String() string {
- // String returns a string representation of a seccomp match action
- func (a ScmpAction) String() string {
- switch a & 0xFFFF {
-- case ActKill, ActKillThread:
-+ case ActKillThread:
- return "Action: Kill thread"
- case ActKillProcess:
- return "Action: Kill process"
-diff --git a/seccomp_internal.go b/seccomp_internal.go
-index 8dc7b29..8fc9914 100644
---- a/seccomp_internal.go
-+++ b/seccomp_internal.go
-@@ -612,8 +612,6 @@ func (a ScmpCompareOp) toNative() C.int {
- func actionFromNative(a C.uint32_t) (ScmpAction, error) {
- aTmp := a & 0xFFFF
- switch a & 0xFFFF0000 {
-- case C.C_ACT_KILL:
-- return ActKill, nil
- case C.C_ACT_KILL_PROCESS:
- return ActKillProcess, nil
- case C.C_ACT_KILL_THREAD:
-@@ -638,8 +636,6 @@ func actionFromNative(a C.uint32_t) (ScmpAction, error) {
- // Only use with sanitized actions, no error handling
- func (a ScmpAction) toNative() C.uint32_t {
- switch a & 0xFFFF {
-- case ActKill:
-- return C.C_ACT_KILL
- case ActKillProcess:
- return C.C_ACT_KILL_PROCESS
- case ActKillThread:
---
-2.25.1
-
diff --git a/recipes-containers/podman/podman_git.bb b/recipes-containers/podman/podman_git.bb
index 9b92094..ea10f66 100644
--- a/recipes-containers/podman/podman_git.bb
+++ b/recipes-containers/podman/podman_git.bb
@@ -17,11 +17,9 @@ DEPENDS = " \
${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
"

-SRCREV = "cedbbfa543651a13055a1fe093a4d0a2a28ccdfd"
+SRCREV = "7fe5a419cfd2880df2028ad3d7fd9378a88a04f4"
SRC_URI = " \
- git://github.com/containers/libpod.git;branch=v4.1;protocol=https \
- file://0001-Rename-BUILDFLAGS-to-GOBUILDFLAGS.patch;patchdir=src/import \
- file://0002-Define-ActKillThread-equal-to-ActKill.patch;patchdir=src/import/vendor/github.com/seccomp/libseccomp-golang \
+ git://github.com/containers/libpod.git;branch=v4.2;protocol=https \
${@bb.utils.contains('PACKAGECONFIG', 'rootless', 'file://00-podman-rootless.conf', '', d)} \
"

@@ -32,7 +30,7 @@ GO_IMPORT = "import"

S = "${WORKDIR}/git"

-PV = "4.1.0+git${SRCPV}"
+PV = "4.2.0+git${SRCPV}"

PACKAGES =+ "${PN}-contrib"

@@ -47,6 +45,9 @@ export LDFLAGS=""
# https://github.com/llvm/llvm-project/issues/53999
TOOLCHAIN = "gcc"

+# podmans Makefile expects BUILDFLAGS to be set but go.bbclass defines them in GOBUILDFLAGS
+export BUILDFLAGS="${GOBUILDFLAGS}"
+
inherit go goarch
inherit systemd pkgconfig

--
2.37.2




--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II



--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II