Update cri to v1.11.0.

Signed-off-by: Lantao Liu <lantaol@google.com>
2018-06-28 18:29:10 +00:00
parent e51ddf43e9
commit f530a3c267
267 changed files with 23066 additions and 15230 deletions
--- a/vendor/github.com/opencontainers/runtime-tools/generate/config.go
+++ b/vendor/github.com/opencontainers/runtime-tools/generate/config.go
@@ -0,0 +1,172 @@
+package generate
+
+import (
+	rspec "github.com/opencontainers/runtime-spec/specs-go"
+)
+
+func (g *Generator) initConfig() {
+	if g.Config == nil {
+		g.Config = &rspec.Spec{}
+	}
+}
+
+func (g *Generator) initConfigProcess() {
+	g.initConfig()
+	if g.Config.Process == nil {
+		g.Config.Process = &rspec.Process{}
+	}
+}
+
+func (g *Generator) initConfigProcessConsoleSize() {
+	g.initConfigProcess()
+	if g.Config.Process.ConsoleSize == nil {
+		g.Config.Process.ConsoleSize = &rspec.Box{}
+	}
+}
+
+func (g *Generator) initConfigProcessCapabilities() {
+	g.initConfigProcess()
+	if g.Config.Process.Capabilities == nil {
+		g.Config.Process.Capabilities = &rspec.LinuxCapabilities{}
+	}
+}
+
+func (g *Generator) initConfigRoot() {
+	g.initConfig()
+	if g.Config.Root == nil {
+		g.Config.Root = &rspec.Root{}
+	}
+}
+
+func (g *Generator) initConfigAnnotations() {
+	g.initConfig()
+	if g.Config.Annotations == nil {
+		g.Config.Annotations = make(map[string]string)
+	}
+}
+
+func (g *Generator) initConfigHooks() {
+	g.initConfig()
+	if g.Config.Hooks == nil {
+		g.Config.Hooks = &rspec.Hooks{}
+	}
+}
+
+func (g *Generator) initConfigLinux() {
+	g.initConfig()
+	if g.Config.Linux == nil {
+		g.Config.Linux = &rspec.Linux{}
+	}
+}
+
+func (g *Generator) initConfigLinuxIntelRdt() {
+	g.initConfigLinux()
+	if g.Config.Linux.IntelRdt == nil {
+		g.Config.Linux.IntelRdt = &rspec.LinuxIntelRdt{}
+	}
+}
+
+func (g *Generator) initConfigLinuxSysctl() {
+	g.initConfigLinux()
+	if g.Config.Linux.Sysctl == nil {
+		g.Config.Linux.Sysctl = make(map[string]string)
+	}
+}
+
+func (g *Generator) initConfigLinuxSeccomp() {
+	g.initConfigLinux()
+	if g.Config.Linux.Seccomp == nil {
+		g.Config.Linux.Seccomp = &rspec.LinuxSeccomp{}
+	}
+}
+
+func (g *Generator) initConfigLinuxResources() {
+	g.initConfigLinux()
+	if g.Config.Linux.Resources == nil {
+		g.Config.Linux.Resources = &rspec.LinuxResources{}
+	}
+}
+
+func (g *Generator) initConfigLinuxResourcesBlockIO() {
+	g.initConfigLinuxResources()
+	if g.Config.Linux.Resources.BlockIO == nil {
+		g.Config.Linux.Resources.BlockIO = &rspec.LinuxBlockIO{}
+	}
+}
+
+func (g *Generator) initConfigLinuxResourcesCPU() {
+	g.initConfigLinuxResources()
+	if g.Config.Linux.Resources.CPU == nil {
+		g.Config.Linux.Resources.CPU = &rspec.LinuxCPU{}
+	}
+}
+
+func (g *Generator) initConfigLinuxResourcesMemory() {
+	g.initConfigLinuxResources()
+	if g.Config.Linux.Resources.Memory == nil {
+		g.Config.Linux.Resources.Memory = &rspec.LinuxMemory{}
+	}
+}
+
+func (g *Generator) initConfigLinuxResourcesNetwork() {
+	g.initConfigLinuxResources()
+	if g.Config.Linux.Resources.Network == nil {
+		g.Config.Linux.Resources.Network = &rspec.LinuxNetwork{}
+	}
+}
+
+func (g *Generator) initConfigLinuxResourcesPids() {
+	g.initConfigLinuxResources()
+	if g.Config.Linux.Resources.Pids == nil {
+		g.Config.Linux.Resources.Pids = &rspec.LinuxPids{}
+	}
+}
+
+func (g *Generator) initConfigSolaris() {
+	g.initConfig()
+	if g.Config.Solaris == nil {
+		g.Config.Solaris = &rspec.Solaris{}
+	}
+}
+
+func (g *Generator) initConfigSolarisCappedCPU() {
+	g.initConfigSolaris()
+	if g.Config.Solaris.CappedCPU == nil {
+		g.Config.Solaris.CappedCPU = &rspec.SolarisCappedCPU{}
+	}
+}
+
+func (g *Generator) initConfigSolarisCappedMemory() {
+	g.initConfigSolaris()
+	if g.Config.Solaris.CappedMemory == nil {
+		g.Config.Solaris.CappedMemory = &rspec.SolarisCappedMemory{}
+	}
+}
+
+func (g *Generator) initConfigWindows() {
+	g.initConfig()
+	if g.Config.Windows == nil {
+		g.Config.Windows = &rspec.Windows{}
+	}
+}
+
+func (g *Generator) initConfigWindowsHyperV() {
+	g.initConfigWindows()
+	if g.Config.Windows.HyperV == nil {
+		g.Config.Windows.HyperV = &rspec.WindowsHyperV{}
+	}
+}
+
+func (g *Generator) initConfigWindowsResources() {
+	g.initConfigWindows()
+	if g.Config.Windows.Resources == nil {
+		g.Config.Windows.Resources = &rspec.WindowsResources{}
+	}
+}
+
+func (g *Generator) initConfigWindowsResourcesMemory() {
+	g.initConfigWindowsResources()
+	if g.Config.Windows.Resources.Memory == nil {
+		g.Config.Windows.Resources.Memory = &rspec.WindowsMemoryResources{}
+	}
+}
--- a/vendor/github.com/opencontainers/runtime-tools/generate/generate.go
+++ b/vendor/github.com/opencontainers/runtime-tools/generate/generate.go
--- a/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default.go
+++ b/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default.go
@@ -2,7 +2,6 @@ package seccomp

 import (
 	"runtime"
-	"syscall"

 	"github.com/opencontainers/runtime-spec/specs-go"
 	rspec "github.com/opencontainers/runtime-spec/specs-go"
@@ -513,7 +512,7 @@ func DefaultProfile(rs *specs.Spec) *rspec.LinuxSeccomp {
 				Args: []rspec.LinuxSeccompArg{
 					{
 						Index:    sysCloneFlagsIndex,
-						Value:    syscall.CLONE_NEWNS | syscall.CLONE_NEWUTS | syscall.CLONE_NEWIPC | syscall.CLONE_NEWUSER | syscall.CLONE_NEWPID | syscall.CLONE_NEWNET,
+						Value:    CloneNewNS | CloneNewUTS | CloneNewIPC | CloneNewUser | CloneNewPID | CloneNewNet,
 						ValueTwo: 0,
 						Op:       rspec.OpMaskedEqual,
 					},
--- a/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default_linux.go
+++ b/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default_linux.go
@@ -0,0 +1,15 @@
+// +build linux
+
+package seccomp
+
+import "syscall"
+
+// System values passed through on linux
+const (
+	CloneNewIPC  = syscall.CLONE_NEWIPC
+	CloneNewNet  = syscall.CLONE_NEWNET
+	CloneNewNS   = syscall.CLONE_NEWNS
+	CloneNewPID  = syscall.CLONE_NEWPID
+	CloneNewUser = syscall.CLONE_NEWUSER
+	CloneNewUTS  = syscall.CLONE_NEWUTS
+)
--- a/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default_unsupported.go
+++ b/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/seccomp_default_unsupported.go
@@ -0,0 +1,15 @@
+// +build !linux
+
+package seccomp
+
+// These are copied from linux/amd64 syscall values, as a reference for other
+// platforms to have access to
+const (
+	CloneNewIPC    = 0x8000000
+	CloneNewNet    = 0x40000000
+	CloneNewNS     = 0x20000
+	CloneNewPID    = 0x20000000
+	CloneNewUser   = 0x10000000
+	CloneNewUTS    = 0x4000000
+	CloneNewCgroup = 0x02000000
+)
--- a/vendor/github.com/opencontainers/runtime-tools/generate/spec.go
+++ b/vendor/github.com/opencontainers/runtime-tools/generate/spec.go
@@ -1,109 +0,0 @@
-package generate
-
-import (
-	rspec "github.com/opencontainers/runtime-spec/specs-go"
-)
-
-func (g *Generator) initSpec() {
-	if g.spec == nil {
-		g.spec = &rspec.Spec{}
-	}
-}
-
-func (g *Generator) initSpecProcess() {
-	g.initSpec()
-	if g.spec.Process == nil {
-		g.spec.Process = &rspec.Process{}
-	}
-}
-
-func (g *Generator) initSpecProcessConsoleSize() {
-	g.initSpecProcess()
-	if g.spec.Process.ConsoleSize == nil {
-		g.spec.Process.ConsoleSize = &rspec.Box{}
-	}
-}
-
-func (g *Generator) initSpecProcessCapabilities() {
-	g.initSpecProcess()
-	if g.spec.Process.Capabilities == nil {
-		g.spec.Process.Capabilities = &rspec.LinuxCapabilities{}
-	}
-}
-
-func (g *Generator) initSpecRoot() {
-	g.initSpec()
-	if g.spec.Root == nil {
-		g.spec.Root = &rspec.Root{}
-	}
-}
-
-func (g *Generator) initSpecAnnotations() {
-	g.initSpec()
-	if g.spec.Annotations == nil {
-		g.spec.Annotations = make(map[string]string)
-	}
-}
-
-func (g *Generator) initSpecHooks() {
-	g.initSpec()
-	if g.spec.Hooks == nil {
-		g.spec.Hooks = &rspec.Hooks{}
-	}
-}
-
-func (g *Generator) initSpecLinux() {
-	g.initSpec()
-	if g.spec.Linux == nil {
-		g.spec.Linux = &rspec.Linux{}
-	}
-}
-
-func (g *Generator) initSpecLinuxSysctl() {
-	g.initSpecLinux()
-	if g.spec.Linux.Sysctl == nil {
-		g.spec.Linux.Sysctl = make(map[string]string)
-	}
-}
-
-func (g *Generator) initSpecLinuxSeccomp() {
-	g.initSpecLinux()
-	if g.spec.Linux.Seccomp == nil {
-		g.spec.Linux.Seccomp = &rspec.LinuxSeccomp{}
-	}
-}
-
-func (g *Generator) initSpecLinuxResources() {
-	g.initSpecLinux()
-	if g.spec.Linux.Resources == nil {
-		g.spec.Linux.Resources = &rspec.LinuxResources{}
-	}
-}
-
-func (g *Generator) initSpecLinuxResourcesCPU() {
-	g.initSpecLinuxResources()
-	if g.spec.Linux.Resources.CPU == nil {
-		g.spec.Linux.Resources.CPU = &rspec.LinuxCPU{}
-	}
-}
-
-func (g *Generator) initSpecLinuxResourcesMemory() {
-	g.initSpecLinuxResources()
-	if g.spec.Linux.Resources.Memory == nil {
-		g.spec.Linux.Resources.Memory = &rspec.LinuxMemory{}
-	}
-}
-
-func (g *Generator) initSpecLinuxResourcesNetwork() {
-	g.initSpecLinuxResources()
-	if g.spec.Linux.Resources.Network == nil {
-		g.spec.Linux.Resources.Network = &rspec.LinuxNetwork{}
-	}
-}
-
-func (g *Generator) initSpecLinuxResourcesPids() {
-	g.initSpecLinuxResources()
-	if g.spec.Linux.Resources.Pids == nil {
-		g.spec.Linux.Resources.Pids = &rspec.LinuxPids{}
-	}
-}