Upgrade containerd/cgroups to remove github.com/cilium/ebpf's fuzzer

The fuzzer is broken and it breaks OSS-Fuzz according to #7288.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>

vendor/github.com/containerd/cgroups/README.md

@@ -9,7 +9,7 @@ Go package for creating, managing, inspecting, and destroying cgroups.
 The resources format for settings on the cgroup uses the OCI runtime-spec found
 [here](https://github.com/opencontainers/runtime-spec).
 
-## Examples
+## Examples (v1)
 
 ### Create a new cgroup
 
@@ -58,7 +58,7 @@ if err := control.Add(cgroups.Process{Pid:1234}); err != nil {
 }
 ```
 
-###  Update the cgroup 
+###  Update the cgroup
 
 To update the resources applied in the cgroup
 
@@ -133,6 +133,61 @@ event := cgroups.OOMEvent()
 efd, err := control.RegisterMemoryEvent(event)
 ```
 
+## Examples (v2/unified)
+
+### Check that the current system is running cgroups v2
+
+```go
+var cgroupV2 bool
+if cgroups.Mode() == cgroups.Unified {
+	cgroupV2 = true
+}
+```
+
+### Create a new cgroup
+
+This creates a new systemd v2 cgroup slice. Systemd slices consider ["-" a special character](https://www.freedesktop.org/software/systemd/man/systemd.slice.html),
+so the resulting slice would be located here on disk:
+
+* /sys/fs/cgroup/my.slice/my-cgroup.slice/my-cgroup-abc.slice
+
+```go
+import (
+    cgroupsv2 "github.com/containerd/cgroups/v2"
+    specs "github.com/opencontainers/runtime-spec/specs-go"
+)
+
+res := cgroupsv2.Resources{}
+// dummy PID of -1 is used for creating a "general slice" to be used as a parent cgroup.
+// see https://github.com/containerd/cgroups/blob/1df78138f1e1e6ee593db155c6b369466f577651/v2/manager.go#L732-L735
+m, err := cgroupsv2.NewSystemd("/", "my-cgroup-abc.slice", -1, &res)
+if err != nil {
+	return err
+}
+```
+
+### Load an existing cgroup
+
+```go
+m, err := cgroupsv2.LoadSystemd("/", "my-cgroup-abc.slice")
+if err != nil {
+	return err
+}
+```
+
+### Delete a cgroup
+
+```go
+m, err := cgroupsv2.LoadSystemd("/", "my-cgroup-abc.slice")
+if err != nil {
+	return err
+}
+err = m.DeleteSystemd()
+if err != nil {
+	return err
+}
+```
+
 ### Attention
 
 All static path should not include `/sys/fs/cgroup/` prefix, it should start with your own cgroups name

vendor/github.com/containerd/cgroups/Vagrantfile

@@ -1,46 +0,0 @@
-# -*- mode: ruby -*-
-# vi: set ft=ruby :
-
-Vagrant.configure("2") do |config|
-# Fedora box is used for testing cgroup v2 support
-  config.vm.box = "fedora/35-cloud-base"
-  config.vm.provider :virtualbox do |v|
-    v.memory = 4096
-    v.cpus = 2
-  end
-  config.vm.provider :libvirt do |v|
-    v.memory = 4096
-    v.cpus = 2
-  end
-  config.vm.provision "shell", inline: <<-SHELL
-    set -eux -o pipefail
-    # configuration
-    GO_VERSION="1.17.7"
-
-    # install gcc and Golang
-    dnf -y install gcc
-    curl -fsSL "https://dl.google.com/go/go${GO_VERSION}.linux-amd64.tar.gz" | tar Cxz /usr/local
-
-    # setup env vars
-    cat >> /etc/profile.d/sh.local <<EOF
-PATH=/usr/local/go/bin:$PATH
-GO111MODULE=on
-export PATH GO111MODULE
-EOF
-    source /etc/profile.d/sh.local
-
-    # enter /root/go/src/github.com/containerd/cgroups
-    mkdir -p /root/go/src/github.com/containerd
-    ln -s /vagrant /root/go/src/github.com/containerd/cgroups
-    cd /root/go/src/github.com/containerd/cgroups
-
-    # create /test.sh
-    cat > /test.sh <<EOF
-#!/bin/bash
-set -eux -o pipefail
-cd /root/go/src/github.com/containerd/cgroups
-go test -v ./...
-EOF
-    chmod +x /test.sh
-  SHELL
-end

vendor/github.com/containerd/cgroups/v2/manager.go

@@ -366,6 +366,22 @@ func (c *Manager) Procs(recursive bool) ([]uint64, error) {
 	return processes, err
 }
 
+func (c *Manager) MoveTo(destination *Manager) error {
+	processes, err := c.Procs(true)
+	if err != nil {
+		return err
+	}
+	for _, p := range processes {
+		if err := destination.AddProc(p); err != nil {
+			if strings.Contains(err.Error(), "no such process") {
+				continue
+			}
+			return err
+		}
+	}
+	return nil
+}
+
 var singleValueFiles = []string{
 	"pids.current",
 	"pids.max",