github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

build(deps): bump github.com/containerd/cgroups/v3 from 3.0.2 to 3.0.3

Browse Source 
Bumps [github.com/containerd/cgroups/v3](https://github.com/containerd/cgroups) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/containerd/cgroups/releases)
- [Commits](https://github.com/containerd/cgroups/compare/v3.0.2...v3.0.3)

---
updated-dependencies:
- dependency-name: github.com/containerd/cgroups/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
dependabot[bot]
2023-12-29 11:45:53 +00:00
committed by GitHub
parent 1f76ca4081
commit 5387747e92
119 changed files with 8743 additions and 3476 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
vendor/github.com/cilium/ebpf/internal/sys/fd.go generated vendored
View File

@@ -17,11 +17,39 @@ type FD struct {
}
func newFD(value int) *FD {
if onLeakFD != nil {
// Attempt to store the caller's stack for the given fd value.
// Panic if fds contains an existing stack for the fd.
old, exist := fds.LoadOrStore(value, callersFrames())
if exist {
f := old.(*runtime.Frames)
panic(fmt.Sprintf("found existing stack for fd %d:\n%s", value, FormatFrames(f)))
}
}
fd := &FD{value}
runtime.SetFinalizer(fd, (*FD).Close)
runtime.SetFinalizer(fd, (*FD).finalize)
return fd
}
// finalize is set as the FD's runtime finalizer and
// sends a leak trace before calling FD.Close().
func (fd *FD) finalize() {
if fd.raw < 0 {
return
}
// Invoke the fd leak callback. Calls LoadAndDelete to guarantee the callback
// is invoked at most once for one sys.FD allocation, runtime.Frames can only
// be unwound once.
f, ok := fds.LoadAndDelete(fd.Int())
if ok && onLeakFD != nil {
onLeakFD(f.(*runtime.Frames))
}
_ = fd.Close()
}
// NewFD wraps a raw fd with a finalizer.
//
// You must not use the raw fd after calling this function, since the underlying
@@ -64,15 +92,16 @@ func (fd *FD) Close() error {
return nil
}
value := int(fd.raw)
fd.raw = -1
fd.Forget()
return unix.Close(value)
return unix.Close(fd.disown())
}
func (fd *FD) Forget() {
func (fd *FD) disown() int {
value := int(fd.raw)
fds.Delete(int(value))
fd.raw = -1
runtime.SetFinalizer(fd, nil)
return value
}
func (fd *FD) Dup() (*FD, error) {
@@ -90,7 +119,15 @@ func (fd *FD) Dup() (*FD, error) {
return newFD(dup), nil
}
// File takes ownership of FD and turns it into an [*os.File].
//
// You must not use the FD after the call returns.
//
// Returns nil if the FD is not valid.
func (fd *FD) File(name string) *os.File {
fd.Forget()
return os.NewFile(uintptr(fd.raw), name)
if fd.raw < 0 {
return nil
}
return os.NewFile(uintptr(fd.disown()), name)
}

93
vendor/github.com/cilium/ebpf/internal/sys/fd_trace.go generated vendored Normal file
View File

@@ -0,0 +1,93 @@
package sys
import (
"bytes"
"fmt"
"runtime"
"sync"
)
// OnLeakFD controls tracing [FD] lifetime to detect resources that are not
// closed by Close().
//
// If fn is not nil, tracing is enabled for all FDs created going forward. fn is
// invoked for all FDs that are closed by the garbage collector instead of an
// explicit Close() by a caller. Calling OnLeakFD twice with a non-nil fn
// (without disabling tracing in the meantime) will cause a panic.
//
// If fn is nil, tracing will be disabled. Any FDs that have not been closed are
// considered to be leaked, fn will be invoked for them, and the process will be
// terminated.
//
// fn will be invoked at most once for every unique sys.FD allocation since a
// runtime.Frames can only be unwound once.
func OnLeakFD(fn func(*runtime.Frames)) {
// Enable leak tracing if new fn is provided.
if fn != nil {
if onLeakFD != nil {
panic("OnLeakFD called twice with non-nil fn")
}
onLeakFD = fn
return
}
// fn is nil past this point.
if onLeakFD == nil {
return
}
// Call onLeakFD for all open fds.
if fs := flushFrames(); len(fs) != 0 {
for _, f := range fs {
onLeakFD(f)
}
}
onLeakFD = nil
}
var onLeakFD func(*runtime.Frames)
// fds is a registry of all file descriptors wrapped into sys.fds that were
// created while an fd tracer was active.
var fds sync.Map // map[int]*runtime.Frames
// flushFrames removes all elements from fds and returns them as a slice. This
// deals with the fact that a runtime.Frames can only be unwound once using
// Next().
func flushFrames() []*runtime.Frames {
var frames []*runtime.Frames
fds.Range(func(key, value any) bool {
frames = append(frames, value.(*runtime.Frames))
fds.Delete(key)
return true
})
return frames
}
func callersFrames() *runtime.Frames {
c := make([]uintptr, 32)
// Skip runtime.Callers and this function.
i := runtime.Callers(2, c)
if i == 0 {
return nil
}
return runtime.CallersFrames(c)
}
// FormatFrames formats a runtime.Frames as a human-readable string.
func FormatFrames(fs *runtime.Frames) string {
var b bytes.Buffer
for {
f, more := fs.Next()
b.WriteString(fmt.Sprintf("\t%s+%#x\n\t\t%s:%d\n", f.Function, f.PC-f.Entry, f.File, f.Line))
if !more {
break
}
}
return b.String()
}

49
vendor/github.com/cilium/ebpf/internal/sys/mapflags_string.go generated vendored Normal file
View File

@@ -0,0 +1,49 @@
// Code generated by "stringer -type MapFlags"; DO NOT EDIT.
package sys
import "strconv"
func _() {
// An "invalid array index" compiler error signifies that the constant values have changed.
// Re-run the stringer command to generate them again.
var x [1]struct{}
_ = x[BPF_F_NO_PREALLOC-1]
_ = x[BPF_F_NO_COMMON_LRU-2]
_ = x[BPF_F_NUMA_NODE-4]
_ = x[BPF_F_RDONLY-8]
_ = x[BPF_F_WRONLY-16]
_ = x[BPF_F_STACK_BUILD_ID-32]
_ = x[BPF_F_ZERO_SEED-64]
_ = x[BPF_F_RDONLY_PROG-128]
_ = x[BPF_F_WRONLY_PROG-256]
_ = x[BPF_F_CLONE-512]
_ = x[BPF_F_MMAPABLE-1024]
_ = x[BPF_F_PRESERVE_ELEMS-2048]
_ = x[BPF_F_INNER_MAP-4096]
}
const _MapFlags_name = "BPF_F_NO_PREALLOCBPF_F_NO_COMMON_LRUBPF_F_NUMA_NODEBPF_F_RDONLYBPF_F_WRONLYBPF_F_STACK_BUILD_IDBPF_F_ZERO_SEEDBPF_F_RDONLY_PROGBPF_F_WRONLY_PROGBPF_F_CLONEBPF_F_MMAPABLEBPF_F_PRESERVE_ELEMSBPF_F_INNER_MAP"
var _MapFlags_map = map[MapFlags]string{
1: _MapFlags_name[0:17],
2: _MapFlags_name[17:36],
4: _MapFlags_name[36:51],
8: _MapFlags_name[51:63],
16: _MapFlags_name[63:75],
32: _MapFlags_name[75:95],
64: _MapFlags_name[95:110],
128: _MapFlags_name[110:127],
256: _MapFlags_name[127:144],
512: _MapFlags_name[144:155],
1024: _MapFlags_name[155:169],
2048: _MapFlags_name[169:189],
4096: _MapFlags_name[189:204],
}
func (i MapFlags) String() string {
if str, ok := _MapFlags_map[i]; ok {
return str
}
return "MapFlags(" + strconv.FormatInt(int64(i), 10) + ")"
}

16
vendor/github.com/cilium/ebpf/internal/sys/ptr.go generated vendored
View File

@@ -20,7 +20,7 @@ func NewSlicePointer(buf []byte) Pointer {
return Pointer{ptr: unsafe.Pointer(&buf[0])}
}
// NewSlicePointer creates a 64-bit pointer from a byte slice.
// NewSlicePointerLen creates a 64-bit pointer from a byte slice.
//
// Useful to assign both the pointer and the length in one go.
func NewSlicePointerLen(buf []byte) (Pointer, uint32) {
@@ -36,3 +36,17 @@ func NewStringPointer(str string) Pointer {
return Pointer{ptr: unsafe.Pointer(p)}
}
// NewStringSlicePointer allocates an array of Pointers to each string in the
// given slice of strings and returns a 64-bit pointer to the start of the
// resulting array.
//
// Use this function to pass arrays of strings as syscall arguments.
func NewStringSlicePointer(strings []string) Pointer {
sp := make([]Pointer, 0, len(strings))
for _, s := range strings {
sp = append(sp, NewStringPointer(s))
}
return Pointer{ptr: unsafe.Pointer(&sp[0])}
}

1
vendor/github.com/cilium/ebpf/internal/sys/ptr_32_be.go generated vendored
View File

@@ -1,5 +1,4 @@
//go:build armbe || mips || mips64p32
// +build armbe mips mips64p32
package sys

1
vendor/github.com/cilium/ebpf/internal/sys/ptr_32_le.go generated vendored
View File

@@ -1,5 +1,4 @@
//go:build 386 || amd64p32 || arm || mipsle || mips64p32le
// +build 386 amd64p32 arm mipsle mips64p32le
package sys

1
vendor/github.com/cilium/ebpf/internal/sys/ptr_64.go generated vendored
View File

@@ -1,5 +1,4 @@
//go:build !386 && !amd64p32 && !arm && !mipsle && !mips64p32le && !armbe && !mips && !mips64p32
// +build !386,!amd64p32,!arm,!mipsle,!mips64p32le,!armbe,!mips,!mips64p32
package sys

83
vendor/github.com/cilium/ebpf/internal/sys/signals.go generated vendored Normal file
View File

@@ -0,0 +1,83 @@
package sys
import (
"fmt"
"runtime"
"unsafe"
"github.com/cilium/ebpf/internal/unix"
)
// A sigset containing only SIGPROF.
var profSet unix.Sigset_t
func init() {
// See sigsetAdd for details on the implementation. Open coded here so
// that the compiler will check the constant calculations for us.
profSet.Val[sigprofBit/wordBits] |= 1 << (sigprofBit % wordBits)
}
// maskProfilerSignal locks the calling goroutine to its underlying OS thread
// and adds SIGPROF to the thread's signal mask. This prevents pprof from
// interrupting expensive syscalls like e.g. BPF_PROG_LOAD.
//
// The caller must defer unmaskProfilerSignal() to reverse the operation.
func maskProfilerSignal() {
runtime.LockOSThread()
if err := unix.PthreadSigmask(unix.SIG_BLOCK, &profSet, nil); err != nil {
runtime.UnlockOSThread()
panic(fmt.Errorf("masking profiler signal: %w", err))
}
}
// unmaskProfilerSignal removes SIGPROF from the underlying thread's signal
// mask, allowing it to be interrupted for profiling once again.
//
// It also unlocks the current goroutine from its underlying OS thread.
func unmaskProfilerSignal() {
defer runtime.UnlockOSThread()
if err := unix.PthreadSigmask(unix.SIG_UNBLOCK, &profSet, nil); err != nil {
panic(fmt.Errorf("unmasking profiler signal: %w", err))
}
}
const (
// Signal is the nth bit in the bitfield.
sigprofBit = int(unix.SIGPROF - 1)
// The number of bits in one Sigset_t word.
wordBits = int(unsafe.Sizeof(unix.Sigset_t{}.Val[0])) * 8
)
// sigsetAdd adds signal to set.
//
// Note: Sigset_t.Val's value type is uint32 or uint64 depending on the arch.
// This function must be able to deal with both and so must avoid any direct
// references to u32 or u64 types.
func sigsetAdd(set *unix.Sigset_t, signal unix.Signal) error {
if signal < 1 {
return fmt.Errorf("signal %d must be larger than 0", signal)
}
// For amd64, runtime.sigaddset() performs the following operation:
// set[(signal-1)/32] |= 1 << ((uint32(signal) - 1) & 31)
//
// This trick depends on sigset being two u32's, causing a signal in the the
// bottom 31 bits to be written to the low word if bit 32 is low, or the high
// word if bit 32 is high.
// Signal is the nth bit in the bitfield.
bit := int(signal - 1)
// Word within the sigset the bit needs to be written to.
word := bit / wordBits
if word >= len(set.Val) {
return fmt.Errorf("signal %d does not fit within unix.Sigset_t", signal)
}
// Write the signal bit into its corresponding word at the corrected offset.
set.Val[word] |= 1 << (bit % wordBits)
return nil
}

60
vendor/github.com/cilium/ebpf/internal/sys/syscall.go generated vendored
View File

@@ -8,10 +8,22 @@ import (
"github.com/cilium/ebpf/internal/unix"
)
// ENOTSUPP is a Linux internal error code that has leaked into UAPI.
//
// It is not the same as ENOTSUP or EOPNOTSUPP.
var ENOTSUPP = syscall.Errno(524)
// BPF wraps SYS_BPF.
//
// Any pointers contained in attr must use the Pointer type from this package.
func BPF(cmd Cmd, attr unsafe.Pointer, size uintptr) (uintptr, error) {
// Prevent the Go profiler from repeatedly interrupting the verifier,
// which could otherwise lead to a livelock due to receiving EAGAIN.
if cmd == BPF_PROG_LOAD || cmd == BPF_PROG_RUN {
maskProfilerSignal()
defer unmaskProfilerSignal()
}
for {
r1, _, errNo := unix.Syscall(unix.SYS_BPF, uintptr(cmd), uintptr(attr), size)
runtime.KeepAlive(attr)
@@ -33,10 +45,10 @@ func BPF(cmd Cmd, attr unsafe.Pointer, size uintptr) (uintptr, error) {
// Info is implemented by all structs that can be passed to the ObjInfo syscall.
//
// MapInfo
// ProgInfo
// LinkInfo
// BtfInfo
// MapInfo
// ProgInfo
// LinkInfo
// BtfInfo
type Info interface {
info() (unsafe.Pointer, uint32)
}
@@ -90,12 +102,45 @@ func NewObjName(name string) ObjName {
return result
}
// LogLevel controls the verbosity of the kernel's eBPF program verifier.
type LogLevel uint32
const (
BPF_LOG_LEVEL1 LogLevel = 1 << iota
BPF_LOG_LEVEL2
BPF_LOG_STATS
)
// LinkID uniquely identifies a bpf_link.
type LinkID uint32
// BTFID uniquely identifies a BTF blob loaded into the kernel.
type BTFID uint32
// TypeID identifies a type in a BTF blob.
type TypeID uint32
// MapFlags control map behaviour.
type MapFlags uint32
//go:generate stringer -type MapFlags
const (
BPF_F_NO_PREALLOC MapFlags = 1 << iota
BPF_F_NO_COMMON_LRU
BPF_F_NUMA_NODE
BPF_F_RDONLY
BPF_F_WRONLY
BPF_F_STACK_BUILD_ID
BPF_F_ZERO_SEED
BPF_F_RDONLY_PROG
BPF_F_WRONLY_PROG
BPF_F_CLONE
BPF_F_MMAPABLE
BPF_F_PRESERVE_ELEMS
BPF_F_INNER_MAP
)
// wrappedErrno wraps syscall.Errno to prevent direct comparisons with
// syscall.E* or unix.E* constants.
//
@@ -108,6 +153,13 @@ func (we wrappedErrno) Unwrap() error {
return we.Errno
}
func (we wrappedErrno) Error() string {
if we.Errno == ENOTSUPP {
return "operation not supported"
}
return we.Errno.Error()
}
type syscallError struct {
error
errno syscall.Errno

123
vendor/github.com/cilium/ebpf/internal/sys/types.go generated vendored
View File

@@ -6,14 +6,14 @@ import (
"unsafe"
)
type AdjRoomMode int32
type AdjRoomMode uint32
const (
BPF_ADJ_ROOM_NET AdjRoomMode = 0
BPF_ADJ_ROOM_MAC AdjRoomMode = 1
)
type AttachType int32
type AttachType uint32
const (
BPF_CGROUP_INET_INGRESS AttachType = 0
@@ -62,7 +62,7 @@ const (
__MAX_BPF_ATTACH_TYPE AttachType = 43
)
type Cmd int32
type Cmd uint32
const (
BPF_MAP_CREATE Cmd = 0
@@ -104,7 +104,7 @@ const (
BPF_PROG_BIND_MAP Cmd = 35
)
type FunctionId int32
type FunctionId uint32
const (
BPF_FUNC_unspec FunctionId = 0
@@ -301,17 +301,27 @@ const (
BPF_FUNC_copy_from_user_task FunctionId = 191
BPF_FUNC_skb_set_tstamp FunctionId = 192
BPF_FUNC_ima_file_hash FunctionId = 193
__BPF_FUNC_MAX_ID FunctionId = 194
BPF_FUNC_kptr_xchg FunctionId = 194
BPF_FUNC_map_lookup_percpu_elem FunctionId = 195
BPF_FUNC_skc_to_mptcp_sock FunctionId = 196
BPF_FUNC_dynptr_from_mem FunctionId = 197
BPF_FUNC_ringbuf_reserve_dynptr FunctionId = 198
BPF_FUNC_ringbuf_submit_dynptr FunctionId = 199
BPF_FUNC_ringbuf_discard_dynptr FunctionId = 200
BPF_FUNC_dynptr_read FunctionId = 201
BPF_FUNC_dynptr_write FunctionId = 202
BPF_FUNC_dynptr_data FunctionId = 203
__BPF_FUNC_MAX_ID FunctionId = 204
)
type HdrStartOff int32
type HdrStartOff uint32
const (
BPF_HDR_START_MAC HdrStartOff = 0
BPF_HDR_START_NET HdrStartOff = 1
)
type LinkType int32
type LinkType uint32
const (
BPF_LINK_TYPE_UNSPEC LinkType = 0
@@ -323,10 +333,11 @@ const (
BPF_LINK_TYPE_XDP LinkType = 6
BPF_LINK_TYPE_PERF_EVENT LinkType = 7
BPF_LINK_TYPE_KPROBE_MULTI LinkType = 8
MAX_BPF_LINK_TYPE LinkType = 9
BPF_LINK_TYPE_STRUCT_OPS LinkType = 9
MAX_BPF_LINK_TYPE LinkType = 10
)
type MapType int32
type MapType uint32
const (
BPF_MAP_TYPE_UNSPEC MapType = 0
@@ -362,7 +373,7 @@ const (
BPF_MAP_TYPE_BLOOM_FILTER MapType = 30
)
type ProgType int32
type ProgType uint32
const (
BPF_PROG_TYPE_UNSPEC ProgType = 0
@@ -399,7 +410,7 @@ const (
BPF_PROG_TYPE_SYSCALL ProgType = 31
)
type RetCode int32
type RetCode uint32
const (
BPF_OK RetCode = 0
@@ -408,14 +419,14 @@ const (
BPF_LWT_REROUTE RetCode = 128
)
type SkAction int32
type SkAction uint32
const (
SK_DROP SkAction = 0
SK_PASS SkAction = 1
)
type StackBuildIdStatus int32
type StackBuildIdStatus uint32
const (
BPF_STACK_BUILD_ID_EMPTY StackBuildIdStatus = 0
@@ -423,13 +434,13 @@ const (
BPF_STACK_BUILD_ID_IP StackBuildIdStatus = 2
)
type StatsType int32
type StatsType uint32
const (
BPF_STATS_RUN_TIME StatsType = 0
)
type XdpAction int32
type XdpAction uint32
const (
XDP_ABORTED XdpAction = 0
@@ -474,15 +485,15 @@ type MapInfo struct {
KeySize uint32
ValueSize uint32
MaxEntries uint32
MapFlags uint32
MapFlags MapFlags
Name ObjName
Ifindex uint32
BtfVmlinuxValueTypeId uint32
BtfVmlinuxValueTypeId TypeID
NetnsDev uint64
NetnsIno uint64
BtfId uint32
BtfKeyTypeId uint32
BtfValueTypeId uint32
BtfKeyTypeId TypeID
BtfValueTypeId TypeID
_ [4]byte
MapExtra uint64
}
@@ -508,7 +519,7 @@ type ProgInfo struct {
NrJitedFuncLens uint32
JitedKsyms uint64
JitedFuncLens uint64
BtfId uint32
BtfId BTFID
FuncInfoRecSize uint32
FuncInfo uint64
NrFuncInfo uint32
@@ -616,7 +627,7 @@ type LinkCreateAttr struct {
TargetFd uint32
AttachType AttachType
Flags uint32
TargetBtfId uint32
TargetBtfId TypeID
_ [28]byte
}
@@ -646,6 +657,26 @@ func LinkCreateIter(attr *LinkCreateIterAttr) (*FD, error) {
return NewFD(int(fd))
}
type LinkCreateKprobeMultiAttr struct {
ProgFd uint32
TargetFd uint32
AttachType AttachType
Flags uint32
KprobeMultiFlags uint32
Count uint32
Syms Pointer
Addrs Pointer
Cookies Pointer
}
func LinkCreateKprobeMulti(attr *LinkCreateKprobeMultiAttr) (*FD, error) {
fd, err := BPF(BPF_LINK_CREATE, unsafe.Pointer(attr), unsafe.Sizeof(*attr))
if err != nil {
return nil, err
}
return NewFD(int(fd))
}
type LinkCreatePerfEventAttr struct {
ProgFd uint32
TargetFd uint32
@@ -663,6 +694,25 @@ func LinkCreatePerfEvent(attr *LinkCreatePerfEventAttr) (*FD, error) {
return NewFD(int(fd))
}
type LinkCreateTracingAttr struct {
ProgFd uint32
TargetFd uint32
AttachType AttachType
Flags uint32
TargetBtfId BTFID
_ [4]byte
Cookie uint64
_ [16]byte
}
func LinkCreateTracing(attr *LinkCreateTracingAttr) (*FD, error) {
fd, err := BPF(BPF_LINK_CREATE, unsafe.Pointer(attr), unsafe.Sizeof(*attr))
if err != nil {
return nil, err
}
return NewFD(int(fd))
}
type LinkUpdateAttr struct {
LinkFd uint32
NewProgFd uint32
@@ -680,15 +730,15 @@ type MapCreateAttr struct {
KeySize uint32
ValueSize uint32
MaxEntries uint32
MapFlags uint32
MapFlags MapFlags
InnerMapFd uint32
NumaNode uint32
MapName ObjName
MapIfindex uint32
BtfFd uint32
BtfKeyTypeId uint32
BtfValueTypeId uint32
BtfVmlinuxValueTypeId uint32
BtfKeyTypeId TypeID
BtfValueTypeId TypeID
BtfVmlinuxValueTypeId TypeID
MapExtra uint64
}
@@ -951,7 +1001,7 @@ type ProgLoadAttr struct {
InsnCnt uint32
Insns Pointer
License Pointer
LogLevel uint32
LogLevel LogLevel
LogSize uint32
LogBuf Pointer
KernVersion uint32
@@ -966,8 +1016,8 @@ type ProgLoadAttr struct {
LineInfoRecSize uint32
LineInfo Pointer
LineInfoCnt uint32
AttachBtfId uint32
AttachProgFd uint32
AttachBtfId TypeID
AttachBtfObjFd uint32
CoreReloCnt uint32
FdArray Pointer
CoreRelos Pointer
@@ -983,6 +1033,21 @@ func ProgLoad(attr *ProgLoadAttr) (*FD, error) {
return NewFD(int(fd))
}
type ProgQueryAttr struct {
TargetFd uint32
AttachType AttachType
QueryFlags uint32
AttachFlags uint32
ProgIds Pointer
ProgCount uint32
_ [4]byte
}
func ProgQuery(attr *ProgQueryAttr) error {
_, err := BPF(BPF_PROG_QUERY, unsafe.Pointer(attr), unsafe.Sizeof(*attr))
return err
}
type ProgRunAttr struct {
ProgFd uint32
Retval uint32
@@ -1046,7 +1111,7 @@ type RawTracepointLinkInfo struct {
type TracingLinkInfo struct {
AttachType AttachType
TargetObjId uint32
TargetBtfId uint32
TargetBtfId TypeID
}
type XDPLinkInfo struct{ Ifindex uint32 }